last executing test programs: 2m57.460467499s ago: executing program 1 (id=2): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200) 2m57.358865155s ago: executing program 1 (id=7): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) fcntl$lock(r0, 0x25, &(0x7f0000000000)={0x1, 0x2, 0x8, 0x3}) fcntl$lock(r0, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9}) fcntl$lock(r0, 0x7, &(0x7f00000000c0)={0x0, 0x2, 0xc, 0x401}) 2m56.314848746s ago: executing program 1 (id=25): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x4000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, 0x0, 0x0) 2m56.280762258s ago: executing program 32 (id=25): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x4000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, 0x0, 0x0) 2m52.840569479s ago: executing program 3 (id=83): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x91}, 0x4000) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x18c, 0x203, 0x320, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x6}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz0\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a090400000000000000000200fffe0900020073797a32000000000900010073797a30000000004c00048024000180090001006d65746100000000140002800800014000000001080002400000001724000180090001006d61737100000000140002800800024000000008080003"], 0xa0}, 0x1, 0x0, 0x0, 0x24040800}, 0x0) 2m52.48123249s ago: executing program 3 (id=86): sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x48, 0x0, 0x10, 0x70bd26, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x100}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x9}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3ff}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x1d58078d8c26741e}, 0x44000) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e640000000018000280140008"], 0x48}}, 0x0) sendmmsg$inet(r0, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0) 2m52.297181111s ago: executing program 3 (id=89): r0 = syz_clone(0x20042400, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x4206, r0) tkill(r0, 0x12) ptrace$PTRACE_SETSIGMASK(0x420b, r0, 0x0, 0x0) 2m52.249815693s ago: executing program 3 (id=91): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) 2m51.937199172s ago: executing program 3 (id=100): mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) mount$bpf(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x2010871, 0x0) 2m51.570987243s ago: executing program 3 (id=111): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0, 0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x8, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffd}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}]}, &(0x7f0000000000)='syzkaller\x00', 0x4, 0xfee, &(0x7f0000002500)=""/4078, 0x41100, 0x64}, 0x94) 2m36.816117015s ago: executing program 4 (id=494): r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan1\x00', 0x0}) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x2, 0x4) sendmsg$can_raw(r0, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000480)={&(0x7f0000000140)=@can={{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "0010008000"}, 0x10}}, 0x2004c891) 2m36.790803056s ago: executing program 4 (id=495): r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) close(r0) r1 = eventfd(0xc2) mount$9p_fd(0x0, &(0x7f00000006c0)='./bus\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 2m36.701558281s ago: executing program 4 (id=496): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)={0x38, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xfffff800}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4044851}, 0x0) 2m36.701319351s ago: executing program 4 (id=497): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000180)='ramfs\x00', 0x2014050, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) umount2(&(0x7f00000000c0)='./file0\x00', 0x4) 2m36.667774313s ago: executing program 4 (id=498): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3f, 0x4) sendto$packet(r0, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 2m36.523084422s ago: executing program 33 (id=111): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0, 0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x8, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffd}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}]}, &(0x7f0000000000)='syzkaller\x00', 0x4, 0xfee, &(0x7f0000002500)=""/4078, 0x41100, 0x64}, 0x94) 2m36.38138531s ago: executing program 4 (id=506): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r2, @ANYBLOB="0000000003120100500012800b00010062726964676500004000028008000500010000000600270000000000080001001500"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40) 2m36.3713493s ago: executing program 34 (id=506): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r2, @ANYBLOB="0000000003120100500012800b00010062726964676500004000028008000500010000000600270000000000080001001500"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40) 2m2.755792663s ago: executing program 7 (id=1488): creat(&(0x7f00000002c0)='./file0\x00', 0x0) truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x1], 0x0, 0x0, 0x20000000000000b2, 0x1}}, 0x40) 2m2.665674678s ago: executing program 7 (id=1492): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00'}, 0x94) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000040)='./file7\x00', 0x200000, &(0x7f0000000140)=ANY=[], 0xfc, 0x2b0, &(0x7f0000000280)="$eJzs3E1rE10UwPHTtOlLSpssHh5QEA+60c3Qxk8QpAUxoNRGtAvh1k40ZExKJkYiYrtz6+coLt0J1i9QEHfuxU0RBDddSEc6L3Zaom1j22mb/w/C3My9Z+6dyUw4MzB3/d7rJ9Wya5VNU1LDKimRZdkQyW2VQn3hMuWXByVuWa6O/vh84c79uZuFYnFqRnW6MHstr6rjF98/e/Hm0ofm6N234++GZC33YP17/sva/2vn1jdno63Xm2p0vl5vmnnH1oWKW7VUbzu2cW2t1Fy7saO+7NQXF9tqagtjmcWG7bpqam2t2m1t1rXZaKt5ZCo1tSxLxzLSa/oPHFFamZkxhSMZDJIw0mllo1Ew/R0rSyvHMSgAAHCydJv/z30M1nWb/z+uuFpxtbZX/p+SA+X/ffKH/H/4+A7pKeLn/5sdk0acDemtG4CCyYTX707k/wAAAAAAAAAAAAAAAAAAAAAAnAYbnpf1PC8bLaPPUPjOTPQ96XHiaHTx+/clOFwcstiLe8MizqtWqVUKlkF9oSwVccSWibTIT/98CAXl6RvFqQn15WTVWQrj/ZcEh6L4SK5z/GQQr7H4pVYpLZl4/3nJyn+d4/O74tMi0ioNypXLsXhLsvLpodTFkQX/vN6Ofzmpev1WcVf/I347AAAAAADOAkt/y+28/w1mk7QsjaYN2VUfrFyW6PmAZPd4PqCyOijb8QNyfiC5/QYAAAAAoJe47edV4zh2g8LBCr146KxwFuW/NvY8b2mr0b93mhKRhPb0m4icgAMeK6QP44L9+jTYyH4aJ/WPBAAAAOCobCf9SY8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDetd/Jw6L23cw9FuuuP5m9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE6GXwEAAP//2MgYNQ==") mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) clock_adjtime(0x0, &(0x7f0000000040)={0xd4e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff02}) 2m2.606906812s ago: executing program 7 (id=1495): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x970, 0x1f480, 0x3, 0x79b}) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) 2m2.379808085s ago: executing program 7 (id=1504): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000180)='ramfs\x00', 0x2014050, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) umount2(&(0x7f00000000c0)='./file0\x00', 0x4) 2m2.327046868s ago: executing program 7 (id=1506): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x51}, 0xc048) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94) sendmsg$NFT_BATCH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200000038000480340001800b00010074617267657400002400028010000100434f4e4e5345434d41524b0005000300ef00000008000240000000000900010073797a30000000000900020073797a3200000000140005800800024000000000080001"], 0xa0}, 0x1, 0x0, 0x0, 0x40000}, 0x4044194) 2m2.201176406s ago: executing program 7 (id=1507): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000500)=@hci={0x1f, 0x0, 0x3}, 0x80, &(0x7f0000002680)=[{&(0x7f0000000580)="e0032700ea0e0000002000001eafbcf7fce15a08914730cee800"/40, 0x7a}], 0x1}, 0x44881) 2m2.183391157s ago: executing program 35 (id=1507): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000500)=@hci={0x1f, 0x0, 0x3}, 0x80, &(0x7f0000002680)=[{&(0x7f0000000580)="e0032700ea0e0000002000001eafbcf7fce15a08914730cee800"/40, 0x7a}], 0x1}, 0x44881) 1m12.371357045s ago: executing program 8 (id=3061): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000200)=ANY=[@ANYBLOB='b ', @ANYRESDEC], 0x8) 1m12.297985919s ago: executing program 8 (id=3064): syz_open_dev$loop(0x0, 0x8, 0x80001) creat(&(0x7f00000002c0)='./file0\x00', 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0xffffffffffffffff], 0x0, 0x0, 0x20000000000002fe, 0x1}}, 0x40) 1m12.235576052s ago: executing program 8 (id=3069): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001f40)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r1, &(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e) recvmsg$unix(r0, &(0x7f0000000700)={0x0, 0x0, 0x0}, 0x0) sendmsg$unix(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)='=', 0x1}], 0x1, 0x0, 0x0, 0x20000805}, 0x20000880) 1m12.11504447s ago: executing program 8 (id=3076): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f0000000040)='sysfs\x00', 0x10, 0x0) 1m12.071806062s ago: executing program 8 (id=3080): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004001000ffff00000b"], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000200), 0x2, r0}, 0x38) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000080)={0x0, &(0x7f00000001c0)=""/40, &(0x7f00000001c0), &(0x7f0000000200), 0x1, r0}, 0x38) 1m11.916558561s ago: executing program 8 (id=3086): pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) splice(r0, 0x0, r1, 0x0, 0x6, 0xa) 1m11.847360815s ago: executing program 36 (id=3086): pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) splice(r0, 0x0, r1, 0x0, 0x6, 0xa) 1.924425888s ago: executing program 9 (id=5458): r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) exit(0x2616) fchdir(r0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_service_bytes\x00', 0x26e1, 0x0) 1.475504954s ago: executing program 2 (id=5482): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1018, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x8, 0x6}, 0x2021, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100000000000400048008000c8004000b800800020001000000a00008801c000780080077144ebb00000800060000000000080005"], 0xd0}}, 0x0) 1.453918265s ago: executing program 2 (id=5484): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x6, 0x200) readv(r0, &(0x7f0000000040), 0x2000000000000213) syz_open_dev$usbfs(&(0x7f0000000240), 0x10, 0x80100) 1.397952588s ago: executing program 2 (id=5485): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000feffffff0000000000040000851000000200000085000000230000009500000000000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.397027438s ago: executing program 2 (id=5487): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x4000010, 0xffffffffffffffff, 0x94173000) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000b80), r0) sendmsg$NFC_CMD_DISABLE_SE(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7000fbdbdf2512000000080015000000000008000100", @ANYRES64=r1, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x8040}, 0x20000080) 1.36519541s ago: executing program 2 (id=5490): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000240)={0x8, 0x8f, 0x206, 0xfffffffd, 0x200003, 0xb37, 0xfffffe2f, 0x8}, 0x20) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x9, 0x6, 0x807, 0x2097}, 0x8) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a000}], 0x1, 0x0, 0x0, 0x804c040}, 0x0) 1.272942986s ago: executing program 6 (id=5494): r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00'], 0x34}}, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40e8662e, &(0x7f0000000000)={0x9, 0x4000009, 0x7fffffffffffffff, 0x3, 0xffffffff, 0xa}) 1.181470921s ago: executing program 6 (id=5498): r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp6\x00') r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x0) preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000740)=""/4100, 0x1004}], 0x1, 0x7fffffff, 0x80000000) 1.151710363s ago: executing program 6 (id=5500): r0 = syz_io_uring_setup(0x1e10, &(0x7f0000000380)={0x0, 0x0, 0x13090}, &(0x7f0000000100), &(0x7f0000000080)) r1 = epoll_create1(0x0) exit(0xffff) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x4}) 1.086216347s ago: executing program 9 (id=5504): syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x32, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "d57e190d001e6e1d16c1711bbd8adbf65bd846957b378a02340c68117aa1b390", "b0b4170e157cddfb9792c8e37bafb99e319950347e93f4d34870ee24c0ea06d56270e45c8d3e7d708161ba81dd33c54b", "01acae6f69ea1443db8d53af54944d4894a87f20c65bfb8e0c8cfb67", {"38f5e54b3dc7c070b4d66f0f9565df74", "d2653a13d554fee0e7be27c873db314d"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}, 0x94) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42}, 0xe0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 824.548482ms ago: executing program 9 (id=5510): r0 = socket$packet(0x11, 0x2, 0x300) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001c40)=ANY=[@ANYBLOB="bf16000000000000b7070000ff030000487000000000000050000000000000009500000000000000e83d24a394a293b3bd23212fb56fa54f0b71d0e6adfefc41d86b60717142fa9ea4318123741c0a0f168c1886bf0fccf8d56ccb659427cf8593dbe3a2a3ad358061011fbc5ba1f07318988e6e01a41cc0990d0dc840a23f72eca0b2d89fc474c2a10000000077beee1cebf45fab73962fa8f6296b32a8343881dcc7b1b85f3c3da4cd36414e90a61965c3de4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d0054ce21fa41181a9580cfca031e5388ee5c9a7ddd04201f5200001fcadf95e5a4725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f588cb211624f40401691721715f46e0500000000000000a663739a190a4e825c908c0abc85d457ec5a57cb706eef32a3ed12d63c9c4c508530e173650a8a8f2a9c81bcffe437bccbe158024d8d4939e6fd9adc43f0f4b049218db92bf466e934330ed79bc9f626d68b0000600057d14854eef851bc8c30f5d0df6b94ea0b852d495085ff4eabaac9606f0497958c2c357a7124a69f6770ea6702bc53896a15fad5e55c64efd217450a975221b20d78e445e3da74a3c1e59bae44546bde4ac6de55a480f3ad5dc0f2d1818b696492285f60d914283f8d687b0bdb46261277671bba2c550bfef679bddf38ab35eaaf0268c4efa45b56a188a9195044a222ec06bb49784d5608d87c4832e4305bf8889e5db2a70f6a83d4b3cdc12546d2e9f6720dec489b6276856de6d895704ba3e8ee12c8121ffc4f5d2ae03f0227dcc4f38699d3db16f69ed45e918b07ce58bf576e253364fe0000000084f897400d4f5503a6e9ea4a480e3221f3c247ee8c55e487eaa25a7689689c9c305da4b0181f0f653fec399fcc0cc800e82bde039cc29c19b538c76e65642875bddbef61e5985751d9ebd37d2f32375357b5d2b4dc24baa6a7010038380f7029a292f1ad05000000e4e801a819aef69d081e2cacaa8ad1b4ca6df5dc37962ebc5337379e00645b6d2bec249c0612510000000000a7060d8d9b9ad109b62d1dab0eec6beabc76d765b9caf70900000399772ddfe89be4338e70d0ecfed537780a31fcaf4acaf9bd3711a4359d68ec71b0693ede07e7d18e797697901fbae4a9d9966b68eadae75ef1b8931b0818a57e5136fb8c61d73b17d8fd55c2b8d321a6cba8743114fcff01e5c10200c512000800009a021d377e477ea807cc00919ee8bfbd090034f67609cfde8877b5bb072572b421d6b1fdae83e5e250190628d02d01f978323fe36685e652ceb218a9cc9e125a4880faccaf5ac2345f20b1ee403885790500d0bc75c7e95d23904dc446e0201aafea0d3f4cc0cf285ccd000000000100005aee4199a34686905441c1fa62ed20328a10690432f59a4d3e05bd00997ea2b6f5213cb883d05b620f31869f6cce80f1ae09009ed7e3c5f3aa61bfd240cb9726bc512ba0eb1f68579c76144feb0100809f12bcf79c4d57f66703c2aee08e52de3eff160623e1af555dc7481128ed0bab22dcb6e5b6ac5e4010eaf2510fa440aabfdc80c77108c769ed2d666c555c6c38b30899a688d96a6c6dc0dd4309f6548765d3f53261b4890aa004e7f667a230b22bc6e248bf56b219d9a547b6e1c5077c9ba463329323b53910e7358b4d0c6882c590cf25e4d044a6afb10a070f285e3c94ed405aa8dc41718dd3f4bf474868538aad9a23f85a707e325c10a9f22e37c4213d0ca2910726de8e62d2e3ae7f64e40c7af3dc00bab70cf607869c5a11a03bce8aa43fa010348bc2fb420ba5e344fcdcb302548e571157d323f5fd535800284d32ffff000088ccd685f07309101a3196b705479897f4c9d97c4c7b77db7b15bfb4305d5e954a34385418e665af882a7d505323070929b228bc94b70300000066dab8c4e63debff174621a0ac7dd85b14cb7616ca23f044bd0ccd1c79292c3aa8f6e4a1c27315ef8d55781edbe368f72aeb2f48256131aaab707451c14747dfa3bb5f8725a98f6d3c797573f18810bf378e38107ece5cb7cf3b98975e9254248af60de2f04e2429d9b6eba525fd1b1b665f77710fa494e2b619c975acd535fc78696fc980573c35e9916f0000000000002c8ee5ec55faffffffffffffffcd59cc0600000053d0a1f4ea4477022c9f376b3191efeb46be3c174fb24009379bbc949fd2923715540556450f12d1645177ce3eca0d65d17deff51a024f0180000000006100499e829bda469048c70e5968375feb39e6918e591a384851ba3079ad9c376bdaf0650e212eb4185cbbb6c0dc0e699afc34ca3b9a307cd2519cd9b192d678492ea2228ff0817d68f97b18402d271036067c141b911c4e0207e2c9d37ac203f440e1a065a2d227c6ec860c0104000000000000fe7144ec680c0dac7b5906a6197c8173080c9ab3ecb72820f04a42e4a43ee3f325f93edb3a204b9c9dc8953375e37c83876f248d91f166676b54781c6855c5e067ab2c2c6d22b20a703d68d77312333deff80883cb5a25c738f4e7cbb075e10f5c36396156abb221adebb9303342bfa2b745a5e045d5db847e4810270ed1c5bbb1548ec3184ff9b8ed1687333d0e0412d452ba6b390199bd684ff458d6c8114833efde87215e5f9569d92d24579f3ef473bce24e61eb21336ad441eea93cbcb69d2156b9b6e3000000000000000000fc411d2eadcadc7c0a2c12410e4b9d634807f2a6f1c3a13508e274ecef5cfccb707a1640973973fd2d1d60138d9b7a778827fd07fbd093a0ba779dcd32556613e1fac161825da91acde7fa964c689b1f0ea96047a98260270c3a3ccb2142b074db79aa88614663ff33f9966502a2361e49aabe58eb086c5827dd9d92fa4ff0c0e8b949d585f2cbc111de478905cb37f3cbfb019c6daace508b926718506a577234468f9279a52360d1a80b88b4eb1cda949ca77b6ec43bdf5f5a400989705746b86b400947891b33d591ec5ea9ae45983273f62027998d72f83625021a72e27e0449fa154ade55071546d4000000000000000000000000000000002f907c5db9c967a1f86c57bb5062fed7c37ec16a7e62b6e370c3c5a32adee9032367814394a7a7fd12c44b81fb5ac2ad92220a72aa3355e894cbefe344a6b5eb4c25128d5427a640faae401eccf3aca4294410461e946010c50f9ee556b38eae0b252ef288397672bbbd17e5306589f93dc130b6be5b19dfb2462348355ef24762509cf29becacf8515abe299b8a7dfd585f5dbf7578bfdbfa37deeb872c3291b59349238add315cd18e6f4196b404e48955657d680511c7ba7f5e0f9d97d649583190c78015aaf4db05aa2a6cc9d00084ce958406e09fe508a0ee5feb2d34f48d87000000000000001108780004ec696f618c20771a7ae436d733f603f20c9189567b63d47fae002e616969d888a418d139a25b11c0da7aecb8c14f1a879f7b985ab634b0f5cdb2090ad2c336e9a28289247ef4f3cfcafa393927d27711ed0543a5e8ec6c1c62082549791f75fccd54582f990234496954e6e54bcbb90f2756912ab7e511a55a9e0512e5c1c10bcd76ee4799af611179a39bd0c0323cae1aaaaaa8dafb55bca104ada3252c5d9de5b9cdb6217c35ca3d28b1d8b9d2fa79376c13167a9ef1b1f4b7509debbeacc153ca8bea4a0a65ee1d1d20a9106499f0bf7f416b051e835d790ac978b90143d9125224f74b6167f7a967c7e33eb5f43570b9f3c91371968a30e528968b233d0396db424e5fd73d380318e9676d074dd5ce552a222e250f9f6d0bdd9e46e7f22d9abfd4573b57e3b52d407b464b0146ea15560a2ce034b1623fecc84842928223d17ce4ab31ef4c2a9f9caebf65341fa3da1bbae7972097e24603b9db8edc25a152bd39af179eab23ed555040c2bbb89ea22c08b97264b3616a41abfad0ab12a79574c60cf1841ea45f10e9438e55e1e0eb645200993b08833bb14517b0d0e5ba72bdacd92d57b6029129c95ab0a93857c7205e8450b27aee5e684ece77f53112873f40247a998cc896ab4d55573c7a7ef2936a29425cab46cd4fdd1452ea8429c63c74d5673f5e4d47d1b001d0d3a9e1d5c840ab37a69cb30d17ff7591f01549e552dc43b672e0feff94408171d682565dc2d84476297c6901040000cb9f7f2eb690d7a032c09f0a3d48663fe5ece30f592d71755dd6cbfac96016a2ecd4e499ce9adce6e59db0494fa25117a2bc13275c9a94a3532c1b8417e9ed5e6cd5f51f8ccc878ba73305ad19b0cf05625439cdf688d33c8fd6cf52c5c5685444b65eb918884727d3a780bdac17d447745e4accd85d3aca4d63127bb3a58095cffa08a6cecae329dd5f47552c40b560b05e962363e99300d61931ddd97444c2bae02edb26383cb96ee7d2742d24dc7e9b6dac831674ae09b7d180ebb30b9221480ad78706dadf7ca3540eb6c6c43dc7e31b2c8d188f28d6ab10d3c0c97b9f6b5feb9abeb6a801975c0bbab0b1fed7485f2fca1730906a6dc1914386118646dab2618582c4ce0a8ce7a1a3ca7d56f6ca8c7d43cad0116c70751a0db051d9adc4ab34dafbca31fecd9191d38fa011a4c1fc19df0b9aac3a0de17dc01b413c4d4eccf9eb1cd90569508fc6479111544807f11dad193a170ac290f28d3e7f702c5bced7ed90c3251897446fdbb1195136d9092168e2deedb3e0afdf0f543363fbf8759df07270981c0bd7260998963e45a2c84e8b82ddfa98dab68a23cfb2ffa4fcc4ebcd38f273e9bdb240f77eb51e259bb88dc383b19107af39ffcc708a1278b3e53c2130a9c7150593794f8f22ae9b2ff0d46c8d175bf9ff227870f1dcecd5b564d20230ac32a10982cf1bbe5ca15ed6d85b2c447f3fb0872ea6170352fd4c76c75941d1c3684a466c81a5892e9f56c0b512be586381c2390aaf93347d318aa5de4322b11088435730c69bc1cfd96d869803a3113b2a33dbf7973434ba9e4ec15c0423bb384975498ff56bf8b51237dadf6264532fdca7c44e485e4c9b695cd000"/3569], &(0x7f0000000140)='GPL\x00'}, 0x48) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) 804.589733ms ago: executing program 0 (id=5512): r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000000), 0x10) setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x2, &(0x7f0000000180)=0x7ff, 0x4) setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x2, &(0x7f0000000080), 0x4) 785.283824ms ago: executing program 9 (id=5513): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x10001, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_GET_BYNAME(0xffffffffffffffff, 0x0, 0x80) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x8000, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x50) 784.828294ms ago: executing program 0 (id=5514): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c6, &(0x7f0000000b00)="$eJzs3T+LI2UYAPBnkuxk1CJbWIlwA15hdXjXiU0WuQNxK48UaqGrdweyCcIdLPgH41W2NhYWfgJB8INc4zcQbIXrPGFhZCYzm0mMIVnMiru/X7PPvvM+8z7vZMjOFnny4cuT43t5PHj85a+RZUl0hjGMZ0nsRycaX8eC4bcBAPyfPSuKeFrMbJOXRES2u7IAgB3a7O9/bx7+fCFlAQA7dPfd994+ODy8/U4WWdyZfHMyKv+zL3/Ojh88iE9iHPfjtRjEaUT1oLAX1dNCGd4pimLay0v7cX0yPRmVmZMPntTnP/g9IsYfPW0tefa0UeW/dXj7Zj7Typ+WdTxfrz8s178Vg3jxLHkh/9aK/Bil8eorrfpvxCB++Tg+jXHcq4qY5391M8/fLL7744v3y/LK/GR6MupX81pldy/sRQEAAAAAAAAAAAAAAAAAAAAA4NK7UffO6Ud+La5PyqG6/073NNLy17yxv9ifZ5afNCdq9wcqimJaxA+tloJ5UU+c5/fipV67sSAAAAAAAAAAAAAAAAAAAABcXY8++/z4aDy+//BfCZpuAL2I+PNuxHnPM2yNXIv1k/v1mkfjcacOF+Y8Sdsj0W3mJBFryyg3cb6r0d0267nlmpvgx5/KDW6zetYaeX31BvfOu6/Ng+buOj5KVq/Vj2Ykq2+S79OI+Zw0Nlwr/adDRWxz+6UrDw223nv6QhVM18yJpF3Y8vV547fZlatHkuVdpNVVXXnmvTpopS/dGxu97pHN0v/+XpFU3Tr6u3szAgAAAAAAAAAAAAAAAACAK27+6d8VBx+vTe0UPgoMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwCUx//7/LYJpnbzB5DQePvqPtwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAV8FcAAAD//xzqWB8=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000880)={'#! ', '', [], 0xa, "06b3e6e4f1"}, 0x9) fadvise64(r0, 0x2, 0x7, 0x4) 721.503618ms ago: executing program 0 (id=5515): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x10000000}) 713.194198ms ago: executing program 0 (id=5516): unshare(0x28020480) timer_create(0x3, 0x0, 0x0) r0 = socket$qrtr(0x2a, 0x2, 0x0) bind$qrtr(r0, &(0x7f00000000c0)={0x64, 0x1, 0x4000}, 0xc) 696.634699ms ago: executing program 9 (id=5517): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1208002, &(0x7f0000000100)={[{@grpquota}, {@delalloc}, {@resuid}, {@debug}, {@dioread_nolock}, {}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x2, 0x0, 0xca, 0x7, 0x1000009, 0x2, 0x0, 0x0, 0x9f}) r0 = openat(0xffffffffffffff9c, &(0x7f00000005c0)='./bus\x00', 0x101042, 0x0) pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) 633.341683ms ago: executing program 0 (id=5518): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb8000) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="160000000000000008000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x3, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b01010000000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x64}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xa0, &(0x7f0000001a80)=""/160, 0x41000}, 0x94) 602.280595ms ago: executing program 0 (id=5520): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x281, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x1}, 0x4, 0x0, 0x11000, 0x1, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xb) r0 = socket(0x10, 0x3, 0x9) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) sendfile(r0, r1, 0x0, 0x7fffffffffffffff) 493.481321ms ago: executing program 5 (id=5522): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) io_setup(0x2, &(0x7f0000000000)=0x0) r1 = eventfd(0x0) io_submit(r0, 0x2, &(0x7f0000000280)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0xc2, r1, 0x0, 0x0, 0x36, 0x0, 0x0, r1}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0, 0x0, 0x2, 0x0, 0x2, r1}]) 493.276141ms ago: executing program 2 (id=5523): r0 = open(&(0x7f0000000140)='./bus\x00', 0x143bc2, 0x1c0) fcntl$setlease(r0, 0x400, 0x1) open(&(0x7f0000000000)='./bus\x00', 0x22103, 0x6) fcntl$setlease(r0, 0x400, 0x1) 423.104275ms ago: executing program 5 (id=5524): writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f6400947e570028925a01000000000000008000f0", 0x3a}], 0x1) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$setsig(0x4203, r0, 0x80000000, &(0x7f0000000000)={0x1e, 0xa, 0x7}) 416.145046ms ago: executing program 9 (id=5525): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0x2) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x38, r1, 0x7, 0x2, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_VALUE={0x4}]}]}, 0x38}}, 0x8010) 332.672681ms ago: executing program 5 (id=5526): perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1) perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0x80, 0x1, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x550, 0xfffffffffffffc75}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r0, 0x400, 0x2) 316.695891ms ago: executing program 5 (id=5527): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) clock_gettime(0x0, &(0x7f0000000880)) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x10, &(0x7f0000000040)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r1, 0xfffff000, 0xe, 0x0, &(0x7f0000000000)="619ff1e3c70400d5721ff59fe864", 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 279.302503ms ago: executing program 6 (id=5528): socket(0x40000000015, 0x5, 0x0) unshare(0x22020400) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth1\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0xa, 0x1, 0x7fff, 0xfffffffd, 0x4, 0x9, 0xa4, 0xffb, 0x7, 0x6, 0xc1, 0x4, 0x1, 0x3, 0x5, 0x101, 0x1000, 0x9, 0x3, 0x3, 0x1, 0xfffffffa, 0x0, 0x6, 0x9, 0x4, 0x7, 0x5, 0x100000, 0x763, 0xd, 0xd, 0xe, 0x2b12, 0x100, 0x6, 0x1c00, 0xd, 0x7, 0xbed4, 0x8, 0x8000100, 0x3, 0x0, 0x211000, 0x8, 0x5, 0x79b, 0x1, 0x1, 0x7f, 0x6, 0xa, 0x7, 0xf, 0x101, 0xd7, 0x1fa0860a, 0x7, 0xaa, 0x81, 0x8, 0x180000, 0x4007, 0xfd, 0x9, 0x2af, 0xf7, 0x5, 0x2, 0x6, 0x9, 0x4, 0x7, 0x4009, 0xe, 0x4, 0x100002, 0x6, 0x80000752, 0x0, 0x3, 0x0, 0x10001, 0x1, 0xffffffff, 0x6, 0x6, 0x9, 0x4, 0xfdffffff, 0x2, 0x40, 0x1084, 0x101, 0x5, 0x10000, 0x81, 0xb, 0x5, 0x20006, 0x5, 0x2, 0xb, 0x2, 0xd9a, 0xd, 0x2e2, 0xffffdffc, 0x3, 0x2, 0x5, 0x8, 0x0, 0x101, 0x3, 0x40, 0x8, 0x9, 0x4, 0x401, 0x66d1, 0x8, 0x7, 0x1, 0x7, 0xc5c, 0xffffffff]}}) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) 278.780823ms ago: executing program 5 (id=5529): mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) vmsplice(r0, &(0x7f0000000140)=[{&(0x7f0000000100)="eb", 0x20000101}], 0x1, 0x0) 53.646647ms ago: executing program 6 (id=5530): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0xfffffffffffffffd, &(0x7f0000000140)={0xffffffffffffffff}, 0x2, 0x5}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000000)={0x15, 0x110, 0xfa08, {r1, 0x0, 0x10, 0x10, 0x0, @in={0x2, 0x0, @empty}, @in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x118) write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000180)={0x13, 0x10, 0xfa00, {&(0x7f0000000300), r1}}, 0x18) 3.37814ms ago: executing program 5 (id=5531): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x11000, 0x0, 0x2, 0x80000011, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xb) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x2800088, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x95, 0x2b8, &(0x7f00000010c0)="$eJzs3T9ra2UYAPDnpGkSdEgEJxE8oIPT5d67uqRIL1zMpGRQB714W5AmCC0U/INpJ1cXR1cXQXDzS7j4DQRXwc1CC0dOzjn508aY1Kbi7e83tG/ePM/7Pu/JaUOHPP3w5eHB0zT2T7/4NVqtJGrd6MZZEp2oReUk5nS/DgDg/+wsy+KPrLBOXhIRrc2VBQBs0Pj9/3yN9/8fN14SALBh77z73ls7vd7u22naikfDr477+V/2+ffi+Z39+DgGsRf3ox0XEdlEMX6UZdmonuY68dpwdNzPM4cf/Fyuv/N7RNTLB53x1/n8x73dB2lhJn+U1/FcuX833/9htOPFBfs/7u0+XJAf/Ua8/upM/feiHb98FJ/EIJ6Oiyjyoxbx5YM0fTP75s/P38/Ly/OT0XG/OY6byrZu8WUBAAAAAAAAAAAAAAAAAAAAAOAZd6/sndOMcf+efKrsv7N1kT/YjrTSme/PU+Qn1UKX+gONsvi26s9zP03TrAyc5tfjpfqkMxAAAAAAAAAAAAAAAAAAAADcaUeffnbwZDDYO7yRQdUNoPpY/3XX6c7MvBLLg5vTvWrlcMnKsVXFJBFLy8gPsXLN52Xbg+tduhf+rubvf1h5ne/++ezlYHuFmH85qO6ugyfJ4mvYjGqmVd0kP83GNGLFvRrzM63Ja5qtdfs1Fj7VXv3IyUlx4ufHM6MlwZEsK+yN34p1ypnk8ika46s6n1XObJczM+nzW7RWv5/zn5Qrkkm3juQGfwMBAAAAAAAAAAAAAAAAAACV2U8RX3G6NLWWNTdWFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcqun//19jMCqTVwhuxOHRf3xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7oC/AgAA//+rJl27") r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) write$cgroup_int(r0, &(0x7f0000000540), 0xfffffdd8) 0s ago: executing program 6 (id=5532): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x42680, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000001440)={'\x00', 0x4212}) ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x9) ioctl$TUNSETLINK(r0, 0x400454cd, 0x1) kernel console output (not intermixed with test programs): e bond_slave_1): Enslaving as an active interface with an up link [ 146.416108][T11056] veth0_vlan: entered promiscuous mode [ 146.451003][T11119] team0: Port device team_slave_0 added [ 146.459321][T11119] team0: Port device team_slave_1 added [ 146.466202][T11056] veth1_vlan: entered promiscuous mode [ 146.500511][T11119] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 146.507586][T11119] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 146.533655][T11119] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 146.550181][T11119] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 146.557216][T11119] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 146.583218][T11119] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 146.618476][T11119] hsr_slave_0: entered promiscuous mode [ 146.625160][T11119] hsr_slave_1: entered promiscuous mode [ 146.639945][T11230] __nla_validate_parse: 4 callbacks suppressed [ 146.639964][T11230] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3146'. [ 146.670313][T11056] veth0_macvtap: entered promiscuous mode [ 146.699925][T11233] loop2: detected capacity change from 0 to 512 [ 146.707860][T11233] EXT4-fs: Ignoring removed oldalloc option [ 146.714442][T11056] veth1_macvtap: entered promiscuous mode [ 146.728141][T11233] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.3148: Parent and EA inode have the same ino 15 [ 146.747037][T11233] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.3148: Parent and EA inode have the same ino 15 [ 146.759804][T11233] EXT4-fs (loop2): 1 orphan inode deleted [ 146.766976][T11233] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.784906][T11056] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 146.800901][T11056] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 146.814144][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.860938][T11239] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3150'. [ 146.905789][T11241] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3149'. [ 147.001102][T11119] 8021q: adding VLAN 0 to HW filter on device bond0 [ 147.039065][T11119] 8021q: adding VLAN 0 to HW filter on device team0 [ 147.064579][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.071824][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 147.099730][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.106870][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 147.211288][T11119] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.221554][T11282] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3163'. [ 147.425228][T11294] loop5: detected capacity change from 0 to 1024 [ 147.486781][T11294] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 147.518255][T11294] ext4 filesystem being mounted at /627/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 147.540611][T11119] veth0_vlan: entered promiscuous mode [ 147.553820][T11119] veth1_vlan: entered promiscuous mode [ 147.567233][T11119] veth0_macvtap: entered promiscuous mode [ 147.575037][T11119] veth1_macvtap: entered promiscuous mode [ 147.594778][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 147.600186][T11119] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 147.618569][T11306] loop0: detected capacity change from 0 to 128 [ 147.626676][T11119] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 147.650830][T11306] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 147.675854][T11306] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 147.795212][T11304] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 147.815446][T11304] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 147.838616][T11329] loop6: detected capacity change from 0 to 1024 [ 147.848750][T11329] EXT4-fs: Ignoring removed orlov option [ 147.884445][T11329] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 147.922606][T11343] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 147.941290][T11343] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 147.967464][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.011337][ T29] kauditd_printk_skb: 43 callbacks suppressed [ 148.011357][ T29] audit: type=1400 audit(1769736982.431:996): avc: denied { accept } for pid=11348 comm="syz.6.3183" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 148.089091][T11353] EXT4-fs error (device loop2): ext4_iget_extra_inode:5073: inode #15: comm syz.2.3187: corrupted in-inode xattr: invalid ea_ino [ 148.113968][T11353] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.3187: couldn't read orphan inode 15 (err -117) [ 148.151192][T11353] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 148.165296][T11361] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3190'. [ 148.183254][ T29] audit: type=1400 audit(1769736982.601:997): avc: denied { create } for pid=11352 comm="syz.2.3187" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 148.245497][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.254925][T11366] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3194'. [ 148.264095][T11366] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3194'. [ 148.334749][T11378] random: crng reseeded on system resumption [ 148.376114][ T29] audit: type=1400 audit(1769736982.801:998): avc: denied { write } for pid=11383 comm="syz.0.3203" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 148.431468][T11386] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.438722][T11386] bridge0: port 1(bridge_slave_0) entered forwarding state [ 148.614725][T11395] EXT4-fs error (device loop6): ext4_iget_extra_inode:5073: inode #15: comm syz.6.3206: corrupted in-inode xattr: invalid ea_ino [ 148.628312][T11395] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.3206: couldn't read orphan inode 15 (err -117) [ 148.640901][T11395] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 148.681849][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.898721][T11418] random: crng reseeded on system resumption [ 148.916654][T11420] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.923796][T11420] bridge0: port 1(bridge_slave_0) entered forwarding state [ 148.962856][T11422] set_capacity_and_notify: 3 callbacks suppressed [ 148.962875][T11422] loop9: detected capacity change from 0 to 1024 [ 148.988159][T11424] loop2: detected capacity change from 0 to 256 [ 149.015348][T11422] EXT4-fs: Ignoring removed orlov option [ 149.047962][T11422] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 149.053267][T11424] syz.2.3220: attempt to access beyond end of device [ 149.053267][T11424] loop2: rw=2049, sector=256, nr_sectors = 4 limit=256 [ 149.112121][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.265328][ T29] audit: type=1400 audit(1769736983.661:999): avc: denied { read } for pid=11442 comm="syz.2.3229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 149.342101][T11449] IPVS: sed: FWM 3 0x00000003 - no destination available [ 149.343940][ T3421] IPVS: starting estimator thread 0... [ 149.393821][T11451] loop2: detected capacity change from 0 to 2048 [ 149.403495][T11451] EXT4-fs: Ignoring removed nomblk_io_submit option [ 149.443298][T11452] IPVS: using max 2208 ests per chain, 110400 per kthread [ 149.452547][T11451] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 149.469816][T11451] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.3232: bg 0: block 2: invalid block bitmap [ 149.482650][T11451] EXT4-fs (loop2): Remounting filesystem read-only [ 149.513463][T11466] loop6: detected capacity change from 0 to 256 [ 149.523892][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.546846][T11466] syz.6.3238: attempt to access beyond end of device [ 149.546846][T11466] loop6: rw=2049, sector=256, nr_sectors = 4 limit=256 [ 149.605452][T11457] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 149.614433][T11457] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 149.817756][T11491] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3250'. [ 150.293542][T11518] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3262'. [ 150.344892][T11524] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3264'. [ 150.426021][T11534] program syz.2.3269 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 150.657657][T11548] team0: Device gtp0 is of different type [ 150.889394][T11560] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 151.250107][T11583] unsupported nla_type 24929 [ 151.367459][T11596] pimreg: tun_chr_ioctl cmd 1074812118 [ 151.444393][T11602] program syz.6.3299 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 151.448761][T11603] loop0: detected capacity change from 0 to 764 [ 151.534399][T11613] loop0: detected capacity change from 0 to 512 [ 151.540893][ T29] audit: type=1400 audit(1769736985.961:1000): avc: denied { setopt } for pid=11612 comm="syz.2.3305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 151.561089][ T29] audit: type=1400 audit(1769736985.961:1001): avc: denied { getopt } for pid=11612 comm="syz.2.3305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 151.582188][T11613] msdos: Unknown parameter '7' [ 151.626077][ T29] audit: type=1400 audit(1769736986.021:1002): avc: denied { connect } for pid=11611 comm="syz.0.3306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 151.669929][T11626] loop0: detected capacity change from 0 to 128 [ 151.804796][T11644] team0: Device gtp0 is of different type [ 151.862826][T11647] loop2: detected capacity change from 0 to 512 [ 151.897809][T11647] msdos: Unknown parameter '7' [ 152.035527][T11666] pimreg0: tun_chr_ioctl cmd 1074025678 [ 152.041175][T11666] pimreg0: group set to 1 [ 152.116892][T11674] loop0: detected capacity change from 0 to 128 [ 152.138065][T11674] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 152.153932][T11674] ext4 filesystem being mounted at /731/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 152.179251][T11684] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:375: inode #2: comm syz.0.3334: No space for directory leaf checksum. Please run e2fsck -D. [ 152.194856][T11684] EXT4-fs error (device loop0): __ext4_find_entry:1626: inode #2: comm syz.0.3334: checksumming directory block 0 [ 152.209409][T11684] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:375: inode #2: comm syz.0.3334: No space for directory leaf checksum. Please run e2fsck -D. [ 152.224819][T11684] EXT4-fs error (device loop0): __ext4_find_entry:1626: inode #2: comm syz.0.3334: checksumming directory block 0 [ 152.253231][T11674] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:375: inode #2: comm syz.0.3334: No space for directory leaf checksum. Please run e2fsck -D. [ 152.268653][T11674] EXT4-fs error (device loop0): htree_dirblock_to_tree:1051: inode #2: comm syz.0.3334: Directory block failed checksum [ 152.303199][T11680] loop5: detected capacity change from 0 to 8192 [ 152.355855][T11692] EXT4-fs (loop6): orphan cleanup on readonly fs [ 152.368956][T11692] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3341: bg 0: block 248: padding at end of block bitmap is not set [ 152.390042][ T3314] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 152.400013][T11692] Quota error (device loop6): write_blk: dquota write failed [ 152.407553][T11692] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 152.418048][T11692] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.3341: Failed to acquire dquot type 1 [ 152.430665][T11692] EXT4-fs (loop6): 1 truncate cleaned up [ 152.440286][T11692] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 152.457721][ T29] audit: type=1400 audit(2000000000.680:1003): avc: denied { watch } for pid=11697 comm="syz.9.3343" path="/29/file2" dev="loop9" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=dir permissive=1 [ 152.481972][T11698] rock: directory entry would overflow storage [ 152.488256][T11698] rock: sig=0x4f50, size=4, remaining=3 [ 152.493864][T11698] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 152.501741][T11692] EXT4-fs (loop6): shut down requested (0) [ 152.530309][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.648717][T11716] program syz.9.3350 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 153.844980][T11784] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 153.867931][T11784] ext4 filesystem being mounted at /47/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 153.899843][T11788] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:375: inode #2: comm syz.9.3382: No space for directory leaf checksum. Please run e2fsck -D. [ 153.915268][T11788] EXT4-fs error (device loop9): __ext4_find_entry:1626: inode #2: comm syz.9.3382: checksumming directory block 0 [ 153.975019][T11784] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:375: inode #2: comm syz.9.3382: No space for directory leaf checksum. Please run e2fsck -D. [ 153.990577][T11784] EXT4-fs error (device loop9): htree_dirblock_to_tree:1051: inode #2: comm syz.9.3382: Directory block failed checksum [ 154.003975][T11788] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:375: inode #2: comm syz.9.3382: No space for directory leaf checksum. Please run e2fsck -D. [ 154.019474][T11788] EXT4-fs error (device loop9): __ext4_find_entry:1626: inode #2: comm syz.9.3382: checksumming directory block 0 [ 154.077421][T11056] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 154.348776][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 154.348792][ T29] audit: type=1326 audit(2000000002.570:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11801 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 154.378382][ T29] audit: type=1326 audit(2000000002.570:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11801 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 154.401912][ T29] audit: type=1326 audit(2000000002.570:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11801 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 154.425353][ T29] audit: type=1326 audit(2000000002.570:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11801 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 154.448922][ T29] audit: type=1326 audit(2000000002.570:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11801 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 154.482727][ T29] audit: type=1326 audit(2000000002.580:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11801 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 154.506409][ T29] audit: type=1326 audit(2000000002.580:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11801 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 154.530059][ T29] audit: type=1326 audit(2000000002.580:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11801 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 154.554370][ T29] audit: type=1326 audit(2000000002.670:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11801 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 154.577739][ T29] audit: type=1326 audit(2000000002.670:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11801 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 154.685838][T11816] set_capacity_and_notify: 5 callbacks suppressed [ 154.685855][T11816] loop0: detected capacity change from 0 to 128 [ 154.704479][T11816] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 154.725241][T11816] ext4 filesystem being mounted at /746/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 154.751116][ T3314] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 154.844210][T11825] program syz.0.3399 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 155.463676][T11868] loop6: detected capacity change from 0 to 256 [ 155.474906][T11868] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 155.535970][T11876] program syz.9.3423 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 155.720489][T11898] loop9: detected capacity change from 0 to 256 [ 155.729661][T11898] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 155.928855][T11900] loop6: detected capacity change from 0 to 1024 [ 155.936449][T11900] EXT4-fs: Ignoring removed bh option [ 155.955094][T11900] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 155.975537][T11900] EXT4-fs error (device loop6): ext4_find_dest_de:2050: inode #2: block 16: comm syz.6.3435: bad entry in directory: directory entry overrun - offset=24, inode=267, rec_len=1024, size=1024 fake=0 [ 156.000935][T11900] EXT4-fs (loop6): Remounting filesystem read-only [ 156.019529][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.051654][T11910] loop0: detected capacity change from 0 to 1024 [ 156.072454][T11910] EXT4-fs: Ignoring removed bh option [ 156.110706][T11910] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.126204][T11924] netlink: 'syz.9.3444': attribute type 2 has an invalid length. [ 156.139544][T11910] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4215: comm syz.0.3439: Allocating blocks 497-513 which overlap fs metadata [ 156.155330][T11910] EXT4-fs (loop0): Remounting filesystem read-only [ 156.179404][T11926] loop6: detected capacity change from 0 to 1024 [ 156.187984][T11926] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 156.202942][T11926] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8801e019, mo2=0000] [ 156.218515][T11926] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 2: comm syz.6.3445: lblock 2 mapped to illegal pblock 2 (length 1) [ 156.233574][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.233693][T11926] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 48: comm syz.6.3445: lblock 0 mapped to illegal pblock 48 (length 1) [ 156.257063][T11926] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.3445: Failed to acquire dquot type 0 [ 156.268790][T11926] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 156.279285][T11926] EXT4-fs error (device loop6): ext4_evict_inode:253: inode #11: comm syz.6.3445: mark_inode_dirty error [ 156.291014][T11926] EXT4-fs warning (device loop6): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 156.302383][T11926] EXT4-fs (loop6): 1 orphan inode deleted [ 156.308700][T11926] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 156.325192][ T1457] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1) [ 156.368782][ T1457] EXT4-fs error (device loop6): ext4_release_dquot:7022: comm kworker/u8:4: Failed to release dquot type 0 [ 156.417739][T11940] loop0: detected capacity change from 0 to 1024 [ 156.430969][T11940] EXT4-fs: Ignoring removed bh option [ 156.445102][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.468573][T11119] EXT4-fs error (device loop6): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 156.488326][T11119] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 156.498553][T11940] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 156.513410][T11119] EXT4-fs error (device loop6): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error [ 156.524861][T11948] loop9: detected capacity change from 0 to 128 [ 156.537466][T11940] EXT4-fs error (device loop0): ext4_find_dest_de:2050: inode #2: block 16: comm syz.0.3451: bad entry in directory: directory entry overrun - offset=24, inode=267, rec_len=1024, size=1024 fake=0 [ 156.561036][T11940] EXT4-fs (loop0): Remounting filesystem read-only [ 156.583864][T11948] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 156.651660][T11961] loop9: detected capacity change from 0 to 164 [ 156.685664][T11961] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 156.714720][T11967] sg_write: data in/out 62844/1 bytes for SCSI command 0x1c-- guessing data in; [ 156.714720][T11967] program syz.0.3463 not setting count and/or reply_len properly [ 156.804018][T11969] loop5: detected capacity change from 0 to 1024 [ 156.819666][T11969] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 156.851678][T11969] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8801e019, mo2=0000] [ 156.864023][T11980] EXT4-fs: Ignoring removed bh option [ 156.891319][T11980] EXT4-fs error (device loop9): ext4_find_dest_de:2050: inode #2: block 16: comm syz.9.3468: bad entry in directory: directory entry overrun - offset=24, inode=267, rec_len=1024, size=1024 fake=0 [ 156.906151][T11969] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 2: comm syz.5.3464: lblock 2 mapped to illegal pblock 2 (length 1) [ 156.934767][T11969] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 48: comm syz.5.3464: lblock 0 mapped to illegal pblock 48 (length 1) [ 156.956274][T11980] EXT4-fs (loop9): Remounting filesystem read-only [ 156.973854][T11969] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.3464: Failed to acquire dquot type 0 [ 157.007213][T11969] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 157.017602][T11969] EXT4-fs error (device loop5): ext4_evict_inode:253: inode #11: comm syz.5.3464: mark_inode_dirty error [ 157.046669][T11969] EXT4-fs warning (device loop5): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 157.078718][T11969] EXT4-fs (loop5): 1 orphan inode deleted [ 157.094217][ T12] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 157.113190][ T12] EXT4-fs error (device loop5): ext4_release_dquot:7022: comm kworker/u8:0: Failed to release dquot type 0 [ 157.175922][ T3544] EXT4-fs error (device loop5): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 157.197481][ T3544] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 157.217901][ T3544] EXT4-fs error (device loop5): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error [ 157.378141][T12022] netlink: 'syz.2.3487': attribute type 14 has an invalid length. [ 157.633463][T12043] program syz.5.3496 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 157.650664][T12045] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 157.659853][T12045] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 157.692868][T12045] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 157.701102][T12045] System zones: 0-2, 18-18, 34-35 [ 157.708596][T12045] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended [ 157.719747][T12045] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 157.728293][T12045] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 157.738243][T12045] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3498: bg 0: block 353: padding at end of block bitmap is not set [ 157.784349][T12053] __nla_validate_parse: 3 callbacks suppressed [ 157.784368][T12053] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3501'. [ 157.826751][T12058] EXT4-fs (loop6): 1 truncate cleaned up [ 158.017260][T12084] ext4 filesystem being mounted at /684/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 158.030685][T12083] geneve2: entered promiscuous mode [ 158.036111][T12083] geneve2: entered allmulticast mode [ 158.139734][T12095] netlink: 260 bytes leftover after parsing attributes in process `syz.0.3520'. [ 158.149199][T12093] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 158.184677][T12098] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 158.219583][T12098] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 158.570885][T12117] EXT4-fs: Ignoring removed bh option [ 158.606244][T12117] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4215: comm syz.5.3529: Allocating blocks 497-513 which overlap fs metadata [ 158.620528][T12117] EXT4-fs (loop5): Remounting filesystem read-only [ 158.672940][T12126] vhci_hcd vhci_hcd.3: default hub control req: 8013 v0000 i0000 l31125 [ 158.709253][T12130] EXT4-fs (loop2): orphan cleanup on readonly fs [ 158.721000][T12130] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3534: bg 0: block 248: padding at end of block bitmap is not set [ 158.736316][T12130] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.3534: Failed to acquire dquot type 1 [ 158.748368][T12130] EXT4-fs (loop2): 1 truncate cleaned up [ 158.757792][T12130] EXT4-fs (loop2): shut down requested (0) [ 158.806386][T12140] program syz.5.3539 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 158.979704][T12156] ext4 filesystem being mounted at /704/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 159.095404][T12166] program syz.2.3549 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 159.239894][T12183] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 159.249123][T12183] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 159.285697][T12183] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 159.293877][T12183] System zones: 0-2, 18-18, 34-35 [ 159.307991][T12183] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 159.312714][T12192] EXT4-fs (loop9): 1 truncate cleaned up [ 159.329029][T12183] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 159.361356][T12183] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 159.378329][T12198] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3560'. [ 159.398549][T12202] batman_adv: batadv0: Adding interface: dummy0 [ 159.404947][T12202] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1532. [ 159.424716][T12202] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active [ 159.444567][T12183] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3557: bg 0: block 353: padding at end of block bitmap is not set [ 159.546312][ T29] kauditd_printk_skb: 44 callbacks suppressed [ 159.546328][ T29] audit: type=1400 audit(2000000008.778:1059): avc: denied { create } for pid=12215 comm="syz.2.3571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 159.572356][ T29] audit: type=1400 audit(2000000008.798:1060): avc: denied { listen } for pid=12215 comm="syz.2.3571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 159.592163][ T29] audit: type=1400 audit(2000000008.818:1061): avc: denied { ioctl } for pid=12215 comm="syz.2.3571" path="socket:[34180]" dev="sockfs" ino=34180 ioctlcmd=0x89eb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 159.729391][T12229] set_capacity_and_notify: 13 callbacks suppressed [ 159.729409][T12229] loop6: detected capacity change from 0 to 256 [ 159.749201][T12229] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 159.777015][T12229] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 159.835317][T12234] loop6: detected capacity change from 0 to 1024 [ 159.849541][T12234] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 159.878131][T12234] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 159.886468][T12234] EXT4-fs (loop6): orphan cleanup on readonly fs [ 159.895400][T12234] Quota error (device loop6): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 159.928217][T12234] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 159.949628][T12234] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.3580: Failed to acquire dquot type 0 [ 159.971285][T12234] Quota error (device loop6): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 159.990148][T12234] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 160.006865][T12234] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.3580: Failed to acquire dquot type 0 [ 160.020017][T12234] EXT4-fs error (device loop6): ext4_free_blocks:6728: comm syz.6.3580: Freeing blocks not in datazone - block = 0, count = 4096 [ 160.038295][T12234] Quota error (device loop6): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 160.053429][T12234] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 160.066428][T12234] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.3580: Failed to acquire dquot type 0 [ 160.078248][T12234] EXT4-fs (loop6): 1 orphan inode deleted [ 160.087734][T12240] geneve3: entered promiscuous mode [ 160.093209][T12240] geneve3: entered allmulticast mode [ 160.104489][T12234] EXT4-fs error (device loop6): ext4_search_dir:1474: inode #2: block 16: comm syz.6.3580: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 160.183238][T12247] program syz.2.3587 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 160.252476][T12257] vhci_hcd vhci_hcd.3: default hub control req: 8013 v0000 i0000 l31125 [ 160.275492][T12261] loop6: detected capacity change from 0 to 1024 [ 160.674991][T12290] loop5: detected capacity change from 0 to 512 [ 160.719932][T12290] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2 [ 160.737248][T12290] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #13: comm syz.5.3605: iget: bad i_size value: 12154757448730 [ 160.764365][T12290] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.3605: couldn't read orphan inode 13 (err -117) [ 160.812561][T12298] netlink: 'syz.2.3608': attribute type 1 has an invalid length. [ 160.873577][T12305] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3610'. [ 160.883408][T12305] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3610'. [ 160.944930][T12310] batman_adv: batadv0: Adding interface: dummy0 [ 160.951285][T12310] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 160.990151][T12310] batman_adv: batadv0: Interface activated: dummy0 [ 161.065789][T12323] loop9: detected capacity change from 0 to 512 [ 161.077413][T12323] EXT4-fs: Ignoring removed i_version option [ 161.083813][T12323] EXT4-fs: Ignoring removed bh option [ 161.114199][T12323] ext4 filesystem being mounted at /111/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 161.183693][T12333] xt_CT: You must specify a L4 protocol and not use inversions on it [ 161.385298][T12355] loop0: detected capacity change from 0 to 1024 [ 161.412828][T12355] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 161.441040][T12355] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 161.456001][T12355] EXT4-fs (loop0): orphan cleanup on readonly fs [ 161.465076][T12355] Quota error (device loop0): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 161.493191][T12355] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.3641: Failed to acquire dquot type 0 [ 161.562810][T12355] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.3641: Failed to acquire dquot type 0 [ 161.613252][T12355] EXT4-fs error (device loop0): ext4_free_blocks:6728: comm syz.0.3641: Freeing blocks not in datazone - block = 0, count = 4096 [ 161.737789][T12355] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.3641: Failed to acquire dquot type 0 [ 161.750908][T12355] EXT4-fs (loop0): 1 orphan inode deleted [ 161.782133][T12355] EXT4-fs error (device loop0): ext4_search_dir:1474: inode #2: block 16: comm syz.0.3641: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 161.856461][T12372] netlink: 200 bytes leftover after parsing attributes in process `syz.2.3639'. [ 161.973358][T12383] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20002 - 0 [ 162.074206][T12383] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20002 - 0 [ 162.129564][T12397] loop9: detected capacity change from 0 to 512 [ 162.169159][T12397] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 162.184182][T12383] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20002 - 0 [ 162.254478][T12383] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20002 - 0 [ 162.317003][T12403] loop5: detected capacity change from 0 to 512 [ 162.342829][ T3449] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 20002 - 0 [ 162.385081][T12405] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3653'. [ 162.385413][ T3449] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 20002 - 0 [ 162.394269][T12405] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3653'. [ 162.420109][T12403] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 162.435594][T12403] EXT4-fs (loop5): invalid journal inode [ 162.443939][ T12] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 20002 - 0 [ 162.459997][T12403] EXT4-fs (loop5): can't get journal size [ 162.474272][ T12] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 20002 - 0 [ 162.512776][T12403] EXT4-fs (loop5): 1 truncate cleaned up [ 162.846688][T12437] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3666'. [ 163.108500][T12449] netlink: 564 bytes leftover after parsing attributes in process `syz.9.3673'. [ 163.117696][T12449] netlink: 564 bytes leftover after parsing attributes in process `syz.9.3673'. [ 163.181783][T12458] loop6: detected capacity change from 0 to 128 [ 163.262128][T12462] program syz.6.3679 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 163.422737][T12474] program syz.5.3685 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 163.425878][T12476] netlink: 88 bytes leftover after parsing attributes in process `syz.6.3686'. [ 163.513077][T12484] loop5: detected capacity change from 0 to 128 [ 163.744607][T12491] EXT4-fs mount: 39 callbacks suppressed [ 163.744625][T12491] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 163.846389][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.133767][T12532] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3709'. [ 164.142731][T12532] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3709'. [ 164.503910][T12551] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002] [ 164.517819][T12551] System zones: 1-12 [ 164.522315][T12551] EXT4-fs error (device loop6): ext4_iget_extra_inode:5073: inode #15: comm syz.6.3718: corrupted in-inode xattr: e_value size too large [ 164.539915][T12551] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.3718: couldn't read orphan inode 15 (err -117) [ 164.553258][T12551] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 164.579103][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.617346][T12559] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 164.626766][T12559] EXT4-fs (loop6): invalid journal inode [ 164.632773][T12559] EXT4-fs (loop6): can't get journal size [ 164.640244][T12559] EXT4-fs (loop6): 1 truncate cleaned up [ 164.653819][T12559] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 164.676889][T12562] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3722'. [ 164.685896][T12562] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3722'. [ 164.865567][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.951116][T12572] set_capacity_and_notify: 3 callbacks suppressed [ 164.951155][T12572] loop5: detected capacity change from 0 to 512 [ 165.000314][T12572] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 165.252483][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 165.252502][ T29] audit: type=1400 audit(165.227:1071): avc: denied { write } for pid=12595 comm="syz.6.3737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 165.342696][T12600] loop2: detected capacity change from 0 to 512 [ 165.363147][T12600] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 165.451103][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.485364][ T29] audit: type=1400 audit(165.467:1072): avc: denied { setattr } for pid=12604 comm="syz.6.3741" name="vcsa" dev="devtmpfs" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1 [ 165.602541][T12618] loop5: detected capacity change from 0 to 512 [ 165.676281][T12618] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 165.738796][T12635] loop2: detected capacity change from 0 to 128 [ 165.904056][T12652] loop0: detected capacity change from 0 to 128 [ 165.918863][T12654] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 166.090641][T12666] loop6: detected capacity change from 0 to 512 [ 166.113832][T12666] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.287329][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.142897][T12713] loop9: detected capacity change from 0 to 128 [ 167.261621][ T29] audit: type=1400 audit(167.237:1073): avc: denied { mount } for pid=12726 comm="syz.2.3797" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 167.372384][ T29] audit: type=1400 audit(167.347:1074): avc: denied { read } for pid=12742 comm="syz.2.3804" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 167.396177][ T29] audit: type=1400 audit(167.347:1075): avc: denied { open } for pid=12742 comm="syz.2.3804" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 167.420316][ T29] audit: type=1400 audit(167.347:1076): avc: denied { ioctl } for pid=12742 comm="syz.2.3804" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 167.449483][T12748] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 167.475252][T12748] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 167.583583][ T29] audit: type=1326 audit(167.557:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12757 comm="syz.9.3811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b0ec0aeb9 code=0x7ffc0000 [ 167.606619][ T29] audit: type=1326 audit(167.557:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12757 comm="syz.9.3811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b0ec0aeb9 code=0x7ffc0000 [ 167.629680][ T29] audit: type=1326 audit(167.557:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12757 comm="syz.9.3811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7b0ec0aeb9 code=0x7ffc0000 [ 167.652700][ T29] audit: type=1326 audit(167.557:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12757 comm="syz.9.3811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b0ec0aeb9 code=0x7ffc0000 [ 167.785448][T12775] loop2: detected capacity change from 0 to 1024 [ 167.814543][T12775] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 167.843900][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.193450][T12831] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3843'. [ 168.260755][T12838] SELinux: failed to load policy [ 168.285249][T12844] netlink: 'syz.0.3849': attribute type 66 has an invalid length. [ 168.370304][T12855] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3854'. [ 168.395276][T12855] vlan3: entered allmulticast mode [ 168.473551][T12871] loop6: detected capacity change from 0 to 1024 [ 168.485588][T12871] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 168.512278][T12876] netlink: 'syz.0.3863': attribute type 1 has an invalid length. [ 168.522583][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.640988][T12892] loop9: detected capacity change from 0 to 1024 [ 168.648284][T12892] EXT4-fs: Ignoring removed orlov option [ 168.664101][T12892] EXT4-fs (loop9): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 168.686320][T12892] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 168.722371][T12892] EXT4-fs error (device loop9): ext4_check_all_de:659: inode #12: block 7: comm syz.9.3870: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 168.776730][T12897] EXT4-fs error (device loop9): ext4_check_all_de:659: inode #12: block 7: comm syz.9.3870: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 168.810354][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.912672][T12907] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -2 [ 168.921610][T12907] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.3874: invalid indirect mapped block 256 (level 1) [ 168.943237][T12907] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.3874: invalid indirect mapped block 2683928664 (level 1) [ 168.983242][T12907] EXT4-fs (loop9): 1 truncate cleaned up [ 169.000514][T12907] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.033938][T12907] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.3874: invalid indirect mapped block 65536 (level 1) [ 169.064116][T12907] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.3874: invalid indirect mapped block 1536 (level 1) [ 169.120915][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.234950][T12927] SELinux: failed to load policy [ 169.246924][T12937] netlink: 'syz.0.3889': attribute type 83 has an invalid length. [ 169.305930][T12942] EXT4-fs: Ignoring removed nomblk_io_submit option [ 169.345964][T12942] EXT4-fs: Ignoring removed orlov option [ 169.361142][T12951] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 169.371667][T12952] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2 [ 169.380677][T12952] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.3895: invalid indirect mapped block 256 (level 1) [ 169.395677][T12942] EXT4-fs error (device loop5): ext4_iget_extra_inode:5073: inode #15: comm syz.5.3891: corrupted in-inode xattr: bad e_name length [ 169.411885][T12951] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.424694][T12952] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.3895: invalid indirect mapped block 2683928664 (level 1) [ 169.443118][T12942] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.3891: couldn't read orphan inode 15 (err -117) [ 169.475110][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.485399][T12942] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 169.489315][T12952] EXT4-fs (loop6): 1 truncate cleaned up [ 169.503835][T12952] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.549740][T12952] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.3895: invalid indirect mapped block 65536 (level 1) [ 169.572363][T12952] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.3895: invalid indirect mapped block 1536 (level 1) [ 169.591107][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.615651][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.650101][T12970] netlink: 'syz.5.3901': attribute type 66 has an invalid length. [ 169.666930][T12971] EXT4-fs: Ignoring removed bh option [ 169.672427][T12971] EXT4-fs: Ignoring removed nomblk_io_submit option [ 169.685828][T12971] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e841c01c, mo2=0003] [ 169.694085][T12971] System zones: 0-1, 3-36 [ 169.709129][T12971] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.728819][T12973] SELinux: failed to load policy [ 169.764954][T12983] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 169.801149][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.827679][T12983] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.843626][T12989] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 169.865581][T12989] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3913'. [ 169.886276][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 169.896738][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.972340][T13003] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 169.989540][T13003] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 170.021625][T13008] netlink: 'syz.5.3918': attribute type 83 has an invalid length. [ 170.107390][T13012] SELinux: failed to load policy [ 170.168150][T13016] set_capacity_and_notify: 8 callbacks suppressed [ 170.168168][T13016] loop5: detected capacity change from 0 to 1024 [ 170.182281][T13016] EXT4-fs: Ignoring removed bh option [ 170.187830][T13016] EXT4-fs: Ignoring removed nomblk_io_submit option [ 170.198051][T13016] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e841c01c, mo2=0003] [ 170.206536][T13016] System zones: 0-1, 3-36 [ 170.212205][T13016] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.249378][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.310885][T13030] loop6: detected capacity change from 0 to 256 [ 170.340892][T13030] FAT-fs (loop6): codepage cp949 not found [ 170.391892][ T29] kauditd_printk_skb: 96 callbacks suppressed [ 170.391911][ T29] audit: type=1326 audit(170.367:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13040 comm="syz.5.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 170.421084][ T29] audit: type=1326 audit(170.367:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13040 comm="syz.5.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 170.444252][ T29] audit: type=1326 audit(170.377:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13040 comm="syz.5.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 170.490350][ T29] audit: type=1326 audit(170.427:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13040 comm="syz.5.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 170.513417][ T29] audit: type=1326 audit(170.427:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13040 comm="syz.5.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 170.536387][ T29] audit: type=1326 audit(170.457:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13040 comm="syz.5.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 170.559330][ T29] audit: type=1326 audit(170.467:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13042 comm="syz.5.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4637cfb78e code=0x7ffc0000 [ 170.582339][ T29] audit: type=1326 audit(170.467:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13040 comm="syz.5.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 170.605297][ T29] audit: type=1326 audit(170.467:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13040 comm="syz.5.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 170.647378][T13049] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3937'. [ 170.657016][ T29] audit: type=1326 audit(170.467:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13040 comm="syz.5.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=200 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 170.687633][T13051] loop9: detected capacity change from 0 to 512 [ 170.736769][T13051] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.777111][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.829093][T13068] loop9: detected capacity change from 0 to 256 [ 170.879560][T13068] FAT-fs (loop9): codepage cp949 not found [ 170.937071][T13084] netlink: 182 bytes leftover after parsing attributes in process `syz.6.3950'. [ 171.001735][T13094] loop6: detected capacity change from 0 to 512 [ 171.034368][T13094] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 171.096475][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.194072][T13121] batadv_slave_1: entered promiscuous mode [ 171.200336][T13120] batadv_slave_1: left promiscuous mode [ 171.391618][T13145] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 171.420545][T13145] SELinux: failed to load policy [ 172.374296][T13209] program syz.0.4004 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 172.384376][T13207] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4006'. [ 172.417048][T13211] loop6: detected capacity change from 0 to 512 [ 172.433497][T13211] EXT4-fs: inline encryption not supported [ 172.454262][T13214] sd 0:0:1:0: device reset [ 172.501187][T13211] EXT4-fs (loop6): 1 orphan inode deleted [ 172.507591][T13211] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.520250][ T31] EXT4-fs error (device loop6): ext4_release_dquot:7022: comm kworker/u8:1: Failed to release dquot type 1 [ 172.582584][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.726299][T13228] loop9: detected capacity change from 0 to 8192 [ 172.751776][T13238] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT [ 172.792098][T13228] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 172.867322][ T31] Bluetooth: hci0: Frame reassembly failed (-84) [ 172.913053][T13241] SELinux: failed to load policy [ 172.964002][T13252] netlink: 220 bytes leftover after parsing attributes in process `syz.6.4025'. [ 173.177611][T13261] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4029'. [ 173.266472][T13271] loop6: detected capacity change from 0 to 8192 [ 173.301885][T13271] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 173.359849][T13279] loop5: detected capacity change from 0 to 1024 [ 173.391033][T13279] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 173.447935][T13287] program syz.6.4040 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 173.468431][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.609697][T13304] dvmrp6: entered allmulticast mode [ 173.706648][T13310] sd 0:0:1:0: device reset [ 174.149853][T13349] sd 0:0:1:0: device reset [ 174.236057][T13353] netlink: 52 bytes leftover after parsing attributes in process `syz.6.4064'. [ 174.245082][T13353] netlink: 48 bytes leftover after parsing attributes in process `syz.6.4064'. [ 174.742840][T13389] loop5: detected capacity change from 0 to 1024 [ 174.781526][T13389] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 174.802044][T13389] EXT4-fs error (device loop5): ext4_map_blocks:825: inode #15: block 3: comm syz.5.4077: lblock 3 mapped to illegal pblock 3 (length 2) [ 174.824009][T13389] EXT4-fs error (device loop5): ext4_map_blocks:825: inode #15: comm syz.5.4077: lblock 0 mapped to illegal pblock 0 (length 3) [ 174.837710][T13389] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 117 [ 174.850339][T13389] EXT4-fs (loop5): This should not happen!! Data will be lost [ 174.850339][T13389] [ 174.888184][ T3449] EXT4-fs error (device loop5): ext4_map_blocks:825: inode #15: block 4: comm kworker/u8:7: lblock 4 mapped to illegal pblock 4 (length 1) [ 174.917142][T13402] ieee802154 phy0 wpan0: encryption failed: -22 [ 174.923880][ T3500] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 174.933250][ T3449] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 1 with error 117 [ 174.945760][ T3449] EXT4-fs (loop5): This should not happen!! Data will be lost [ 174.945760][ T3449] [ 174.974041][T13407] netlink: 220 bytes leftover after parsing attributes in process `syz.0.4088'. [ 174.989153][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 175.024765][T13409] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 175.034504][T13409] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 175.160874][T13428] EXT4-fs: Ignoring removed nobh option [ 175.203443][T13428] ------------[ cut here ]------------ [ 175.209125][T13428] EA inode 11 i_nlink=1026 [ 175.209156][T13428] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x313/0x350, CPU#1: syz.6.4098/13428 [ 175.224656][T13428] Modules linked in: [ 175.228645][T13428] CPU: 1 UID: 0 PID: 13428 Comm: syz.6.4098 Not tainted syzkaller #0 PREEMPT(voluntary) [ 175.238625][T13428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 175.248792][T13428] RIP: 0010:ext4_xattr_inode_update_ref+0x332/0x350 [ 175.255507][T13428] Code: 74 e6 9a ff 4c 8d 2d cd 21 3e 05 49 8d 7e 40 e8 84 d0 b6 ff 49 8b 6e 40 4c 89 e7 e8 b8 cb b6 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 02 ff ff ff e8 ef e1 d0 03 66 66 66 66 66 66 2e [ 175.275211][T13428] RSP: 0018:ffffc90001a2f5a8 EFLAGS: 00010246 [ 175.281397][T13428] RAX: ffff88811b1fbc10 RBX: ffff88812f7b1c18 RCX: ffffffff81be1958 [ 175.289468][T13428] RDX: 0000000000000402 RSI: 000000000000000b RDI: ffffffff86fc3b10 [ 175.297520][T13428] RBP: 000000000000000b R08: 000188812f7b1bcb R09: 0000000000000000 [ 175.305612][T13428] R10: ffffc90001a2f4d8 R11: 0001c90001a2f4d8 R12: ffff88812f7b1bc8 [ 175.313631][T13428] R13: ffffffff86fc3b10 R14: ffff88812f7b1b80 R15: 0000000000000001 [ 175.321642][T13428] FS: 00007f3315c276c0(0000) GS:ffff8882aec57000(0000) knlGS:0000000000000000 [ 175.330716][T13428] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.337368][T13428] CR2: 00007fba01ae6000 CR3: 000000016bf90000 CR4: 00000000003506f0 [ 175.345440][T13428] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 175.353473][T13428] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 175.361490][T13428] Call Trace: [ 175.364833][T13428] [ 175.367800][T13428] ext4_xattr_set_entry+0x77c/0x1010 [ 175.373201][T13428] ext4_xattr_ibody_set+0x184/0x3c0 [ 175.378482][T13428] ext4_expand_extra_isize_ea+0xd7b/0x11a0 [ 175.384438][T13428] __ext4_expand_extra_isize+0x246/0x280 [ 175.390128][T13428] __ext4_mark_inode_dirty+0x29d/0x3f0 [ 175.395735][T13428] ext4_evict_inode+0x7c3/0xd40 [ 175.400705][T13428] ? __pfx_ext4_evict_inode+0x10/0x10 [ 175.406239][T13428] evict+0x2af/0x510 [ 175.410192][T13428] ? __dquot_initialize+0x146/0x7c0 [ 175.415499][T13428] iput+0x4b9/0x650 [ 175.419354][T13428] ext4_process_orphan+0x1a9/0x1c0 [ 175.424541][T13428] ext4_orphan_cleanup+0x6a8/0xa00 [ 175.429710][T13428] ext4_fill_super+0x3476/0x3800 [ 175.434869][T13428] ? set_blocksize+0x1a3/0x310 [ 175.439739][T13428] ? setup_bdev_super+0x30e/0x370 [ 175.444978][T13428] ? __pfx_ext4_fill_super+0x10/0x10 [ 175.450308][T13428] get_tree_bdev_flags+0x291/0x300 [ 175.455552][T13428] ? __pfx_ext4_fill_super+0x10/0x10 [ 175.460873][T13428] get_tree_bdev+0x1f/0x30 [ 175.465387][T13428] ext4_get_tree+0x1c/0x30 [ 175.469858][T13428] vfs_get_tree+0x57/0x1d0 [ 175.474363][T13428] do_new_mount+0x288/0x700 [ 175.478942][T13428] path_mount+0x4d0/0xbc0 [ 175.483320][T13428] ? user_path_at+0xbf/0x130 [ 175.487995][T13428] __se_sys_mount+0x28c/0x2e0 [ 175.492734][T13428] __x64_sys_mount+0x67/0x80 [ 175.497424][T13428] x64_sys_call+0x2cca/0x3000 [ 175.502148][T13428] do_syscall_64+0xc0/0x2a0 [ 175.506791][T13428] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.512743][T13428] RIP: 0033:0x7f33171cc14a [ 175.517266][T13428] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 175.536992][T13428] RSP: 002b:00007f3315c26e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 175.545495][T13428] RAX: ffffffffffffffda RBX: 00007f3315c26ee0 RCX: 00007f33171cc14a [ 175.553539][T13428] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007f3315c26ea0 [ 175.561552][T13428] RBP: 0000200000000180 R08: 00007f3315c26ee0 R09: 0000000000800718 [ 175.569701][T13428] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140 [ 175.577748][T13428] R13: 00007f3315c26ea0 R14: 00000000000004a3 R15: 0000200000000280 [ 175.585817][T13428] [ 175.588880][T13428] ---[ end trace 0000000000000000 ]--- [ 175.603610][T13428] EXT4-fs (loop6): 1 orphan inode deleted [ 175.609727][T13428] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 175.626972][T13439] netlink: 'syz.5.4101': attribute type 1 has an invalid length. [ 175.655094][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.715021][T13446] set_capacity_and_notify: 1 callbacks suppressed [ 175.715039][T13446] loop6: detected capacity change from 0 to 1024 [ 175.743497][T13449] dvmrp6: entered allmulticast mode [ 175.763058][T13451] sd 0:0:1:0: device reset [ 175.784871][T13455] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4107'. [ 175.794470][T13455] netlink: 3 bytes leftover after parsing attributes in process `syz.0.4107'. [ 175.801073][T13446] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 175.853300][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.023152][T13485] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 176.082824][ T29] kauditd_printk_skb: 19 callbacks suppressed [ 176.082906][ T29] audit: type=1326 audit(176.057:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13494 comm="syz.2.4127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 176.130697][ T29] audit: type=1326 audit(176.097:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13494 comm="syz.2.4127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 176.153776][ T29] audit: type=1326 audit(176.097:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13494 comm="syz.2.4127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 176.176762][ T29] audit: type=1326 audit(176.097:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13494 comm="syz.2.4127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 176.199970][ T29] audit: type=1326 audit(176.097:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13494 comm="syz.2.4127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 176.222936][ T29] audit: type=1326 audit(176.097:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13494 comm="syz.2.4127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 176.246054][ T29] audit: type=1326 audit(176.097:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13494 comm="syz.2.4127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 176.269211][ T29] audit: type=1326 audit(176.097:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13494 comm="syz.2.4127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 176.292228][ T29] audit: type=1326 audit(176.097:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13494 comm="syz.2.4127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 176.315190][ T29] audit: type=1326 audit(176.097:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13494 comm="syz.2.4127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 176.399471][T13515] netlink: 56 bytes leftover after parsing attributes in process `syz.2.4134'. [ 176.491957][T13533] ieee802154 phy0 wpan0: encryption failed: -22 [ 176.698237][T13546] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4148'. [ 176.742172][T13546] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4148'. [ 176.919819][T13565] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 176.929528][T13565] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 177.147518][T13575] netlink: 32 bytes leftover after parsing attributes in process `syz.9.4160'. [ 177.536403][T13596] batman_adv: batadv0: Removing interface: dummy0 [ 177.559339][T13596] bridge_slave_0: left allmulticast mode [ 177.565087][T13596] bridge_slave_0: left promiscuous mode [ 177.570935][T13596] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.594039][T13603] xt_hashlimit: size too large, truncated to 1048576 [ 177.601218][T13596] bridge_slave_1: left allmulticast mode [ 177.607035][T13596] bridge_slave_1: left promiscuous mode [ 177.612808][T13596] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.743565][T13596] bond0: (slave bond_slave_0): Releasing backup interface [ 177.763380][T13596] bond0: (slave bond_slave_1): Releasing backup interface [ 177.799925][T13596] team0: Port device team_slave_0 removed [ 177.822870][T13596] team0: Port device team_slave_1 removed [ 177.830196][T13607] netlink: 104 bytes leftover after parsing attributes in process `syz.6.4175'. [ 177.846767][T13596] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 177.867594][T13596] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 177.916560][T13596] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 178.328383][T13647] netlink: 'syz.9.4191': attribute type 19 has an invalid length. [ 178.336321][T13647] netlink: 'syz.9.4191': attribute type 20 has an invalid length. [ 179.687880][T13725] tap0: tun_chr_ioctl cmd 1074025677 [ 179.712508][T13725] tap0: linktype set to 774 [ 180.452627][T13752] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 180.463895][T13752] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 180.581419][T13764] __nla_validate_parse: 4 callbacks suppressed [ 180.581436][T13764] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4246'. [ 180.888367][T13783] bridge0: entered allmulticast mode [ 180.893728][T13787] loop9: detected capacity change from 0 to 1024 [ 180.964581][T13787] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 180.978800][T13787] EXT4-fs error (device loop9): ext4_map_blocks:825: inode #15: block 8: comm syz.9.4256: lblock 8 mapped to illegal pblock 8 (length 8) [ 180.993548][T13787] EXT4-fs error (device loop9): ext4_ext_remove_space:2955: inode #15: comm syz.9.4256: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 181.045271][T13797] netlink: 128 bytes leftover after parsing attributes in process `syz.2.4259'. [ 181.124648][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 181.377777][T13818] loop9: detected capacity change from 0 to 128 [ 181.401453][T13822] bridge0: port 3(syz_tun) entered blocking state [ 181.408051][T13822] bridge0: port 3(syz_tun) entered forwarding state [ 181.414818][T13822] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.421923][T13822] bridge0: port 2(bridge_slave_1) entered forwarding state [ 181.429261][T13822] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.436435][T13822] bridge0: port 1(bridge_slave_0) entered forwarding state [ 181.485198][T13822] bridge0: entered allmulticast mode [ 181.521665][T13818] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 181.549752][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 181.549770][ T29] audit: type=1400 audit(181.527:1219): avc: denied { add_name } for pid=13817 comm="syz.9.4267" name="file3" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 181.605883][ T29] audit: type=1400 audit(181.557:1220): avc: denied { remove_name } for pid=13817 comm="syz.9.4267" name="file3" dev="loop9" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 181.627859][ T29] audit: type=1400 audit(181.557:1221): avc: denied { rename } for pid=13817 comm="syz.9.4267" name="file3" dev="loop9" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 181.649788][ T29] audit: type=1400 audit(181.557:1222): avc: denied { reparent } for pid=13817 comm="syz.9.4267" name="file3" dev="loop9" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 181.673660][T13829] loop5: detected capacity change from 0 to 512 [ 181.676600][T11056] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 181.691676][T13829] EXT4-fs (loop5): orphan cleanup on readonly fs [ 181.698296][T13829] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 181.740943][T13832] batman_adv: batadv0: Interface deactivated: dummy0 [ 181.747819][T13832] batman_adv: batadv0: Removing interface: dummy0 [ 181.756644][T13829] EXT4-fs (loop5): 1 truncate cleaned up [ 181.763526][T13829] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 181.782565][T13832] bridge_slave_0: left allmulticast mode [ 181.788304][T13832] bridge_slave_0: left promiscuous mode [ 181.794014][T13832] bridge0: port 1(bridge_slave_0) entered disabled state [ 181.806337][ T29] audit: type=1400 audit(181.787:1223): avc: denied { mounton } for pid=13828 comm="syz.5.4271" path="/851/file0" dev="loop5" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 181.806374][T13829] loop5: Can't mount, would change RO state [ 181.844090][T13835] xt_hashlimit: size too large, truncated to 1048576 [ 181.943948][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.955242][T13832] bridge_slave_1: left allmulticast mode [ 181.960956][T13832] bridge_slave_1: left promiscuous mode [ 181.966742][T13832] bridge0: port 2(bridge_slave_1) entered disabled state [ 182.063535][T13832] bond0: (slave bond_slave_0): Releasing backup interface [ 182.112517][T13832] bond0: (slave bond_slave_1): Releasing backup interface [ 182.131401][ T29] audit: type=1326 audit(182.107:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13840 comm="syz.5.4276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 182.154473][ T29] audit: type=1326 audit(182.107:1225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13840 comm="syz.5.4276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 182.179551][T13832] team0: Port device team_slave_0 removed [ 182.198183][T13832] team0: Port device team_slave_1 removed [ 182.205492][T13832] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 182.213141][T13832] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 182.227646][T13832] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 182.235169][T13832] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 182.245817][T13832] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 182.279241][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 182.282759][ T29] audit: type=1326 audit(182.157:1226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13840 comm="syz.5.4276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 182.291441][ C1] IPv6: bridge0: IPv6 duplicate address fe80::a8aa:aaff:feaa:aa1c used by aa:aa:aa:aa:aa:1c detected! [ 182.314316][ T29] audit: type=1326 audit(182.157:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13840 comm="syz.5.4276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 182.348469][ T29] audit: type=1326 audit(182.157:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13840 comm="syz.5.4276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4637d3aeb9 code=0x7ffc0000 [ 182.512818][T13854] bridge0: entered allmulticast mode [ 182.539063][T13855] erspan0: entered promiscuous mode [ 182.637834][T13864] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 182.824368][T13876] loop9: detected capacity change from 0 to 256 [ 182.847677][T13876] netlink: 64859 bytes leftover after parsing attributes in process `syz.9.4291'. [ 182.935863][T13882] loop5: detected capacity change from 0 to 512 [ 182.944620][T13882] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 182.953651][T13884] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4296'. [ 182.977150][T13882] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.4295: invalid indirect mapped block 4294967295 (level 0) [ 183.002153][ T3401] kernel read not supported for file /vcs (pid: 3401 comm: kworker/1:4) [ 183.070131][T13882] EXT4-fs (loop5): Remounting filesystem read-only [ 183.078503][T13882] EXT4-fs (loop5): 1 orphan inode deleted [ 183.084434][T13882] EXT4-fs (loop5): 1 truncate cleaned up [ 183.132450][T13882] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.213207][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.454725][T13929] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4316'. [ 183.698170][T13966] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4334'. [ 183.799462][T13975] program syz.9.4339 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 183.867614][T13971] bridge_slave_0: left allmulticast mode [ 183.873356][T13971] bridge_slave_0: left promiscuous mode [ 183.879125][T13971] bridge0: port 1(bridge_slave_0) entered disabled state [ 183.923027][T13980] xt_hashlimit: size too large, truncated to 1048576 [ 184.043129][T13971] bridge_slave_1: left allmulticast mode [ 184.048838][T13971] bridge_slave_1: left promiscuous mode [ 184.054820][T13971] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.066132][T13971] bond0: (slave bond_slave_0): Releasing backup interface [ 184.086563][T13971] bond0: (slave bond_slave_1): Releasing backup interface [ 184.117696][T13971] team0: Port device team_slave_0 removed [ 184.129375][T13971] team0: Port device team_slave_1 removed [ 184.136006][T13984] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4342'. [ 184.177124][T13971] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 184.184614][T13971] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 184.238708][T13971] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 184.246198][T13971] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 184.260399][T13971] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 184.606605][T14013] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4356'. [ 184.615754][T14013] netlink: 'syz.0.4356': attribute type 21 has an invalid length. [ 185.505130][T14106] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4398'. [ 185.981202][T14154] loop6: detected capacity change from 0 to 512 [ 186.012517][T14154] EXT4-fs error (device loop6): __ext4_fill_super:5553: inode #2: comm syz.6.4418: casefold flag without casefold feature [ 186.038908][T14154] EXT4-fs (loop6): get root inode failed [ 186.044734][T14154] EXT4-fs (loop6): mount failed [ 186.289644][T14183] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4430'. [ 186.333482][T14192] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4438'. [ 186.347456][T14192] macvlan2: entered allmulticast mode [ 186.352895][T14192] veth1_vlan: entered allmulticast mode [ 186.435895][T14203] program syz.0.4443 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 186.489255][T14208] program syz.5.4445 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 186.654155][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 186.654175][ T29] audit: type=1326 audit(186.637:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.4454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 186.690438][ T29] audit: type=1326 audit(186.667:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.4454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 186.713598][ T29] audit: type=1326 audit(186.667:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.4454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 186.736532][ T29] audit: type=1326 audit(186.667:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.4454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 186.759598][ T29] audit: type=1326 audit(186.667:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.4454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 186.782539][ T29] audit: type=1326 audit(186.667:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.4454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 186.805605][ T29] audit: type=1326 audit(186.667:1250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.4454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 186.828747][ T29] audit: type=1326 audit(186.667:1251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.4454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 186.854914][ T29] audit: type=1326 audit(186.737:1252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.4454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 186.948722][T14250] netlink: 774 bytes leftover after parsing attributes in process `syz.6.4464'. [ 186.957859][T14250] netlink: 'syz.6.4464': attribute type 1 has an invalid length. [ 187.036924][T14264] block device autoloading is deprecated and will be removed. [ 187.069155][T14268] loop6: detected capacity change from 0 to 512 [ 187.099954][T14268] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 187.123100][ T29] audit: type=1400 audit(187.097:1253): avc: denied { mount } for pid=14267 comm="syz.6.4474" name="/" dev="loop6" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 187.367508][ T3331] kworker/u8:6: attempt to access beyond end of device [ 187.367508][ T3331] loop6: rw=1, sector=6168, nr_sectors = 2080 limit=512 [ 187.404236][ T3331] kworker/u8:6: attempt to access beyond end of device [ 187.404236][ T3331] loop6: rw=1, sector=8248, nr_sectors = 2064 limit=512 [ 187.442151][ T3331] kworker/u8:6: attempt to access beyond end of device [ 187.442151][ T3331] loop6: rw=1, sector=10312, nr_sectors = 2752 limit=512 [ 187.476591][ T3331] kworker/u8:6: attempt to access beyond end of device [ 187.476591][ T3331] loop6: rw=1, sector=13064, nr_sectors = 2056 limit=512 [ 187.513848][ T3331] kworker/u8:6: attempt to access beyond end of device [ 187.513848][ T3331] loop6: rw=1, sector=15120, nr_sectors = 1472 limit=512 [ 187.713886][T14300] netlink: 256 bytes leftover after parsing attributes in process `syz.6.4484'. [ 187.723012][T14300] netlink: 72 bytes leftover after parsing attributes in process `syz.6.4484'. [ 187.891104][T14318] program syz.2.4494 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 187.975205][T14328] loop9: detected capacity change from 0 to 512 [ 187.993681][T14328] EXT4-fs: inline encryption not supported [ 187.999803][T14328] EXT4-fs: inline encryption not supported [ 188.019993][T14328] EXT4-fs: Ignoring removed oldalloc option [ 188.037077][T14328] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -2 [ 188.048906][T14328] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.4498: invalid indirect mapped block 2683928664 (level 1) [ 188.083378][T14328] EXT4-fs (loop9): 1 truncate cleaned up [ 188.096922][T14328] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 188.134212][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.325924][T14357] netlink: 'syz.0.4510': attribute type 4 has an invalid length. [ 188.425077][T14364] loop9: detected capacity change from 0 to 512 [ 188.878747][T14402] loop6: detected capacity change from 0 to 512 [ 188.890338][T14402] EXT4-fs (loop6): 1 truncate cleaned up [ 188.900961][T14402] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 188.915464][T14402] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4533: bg 0: block 465: padding at end of block bitmap is not set [ 188.931402][T14402] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6689: Corrupt filesystem [ 188.941569][T14402] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.4533: invalid indirect mapped block 234881024 (level 0) [ 188.968350][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.434296][T14437] loop9: detected capacity change from 0 to 256 [ 189.443773][T14437] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 189.503377][T14437] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 189.512007][T14437] FAT-fs (loop9): Filesystem has been set read-only [ 189.807625][T14472] netlink: 16 bytes leftover after parsing attributes in process `syz.9.4566'. [ 189.909194][T14483] loop9: detected capacity change from 0 to 256 [ 189.950900][T14485] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4571'. [ 190.167743][T14502] loop6: detected capacity change from 0 to 512 [ 190.191579][T14502] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 190.210011][T14502] EXT4-fs (loop6): 1 truncate cleaned up [ 190.216547][T14502] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.282769][T14522] loop9: detected capacity change from 0 to 512 [ 190.307628][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.322994][T14522] EXT4-fs error (device loop9): ext4_orphan_get:1396: comm syz.9.4589: couldn't read orphan inode 26 (err -116) [ 190.337880][T14522] EXT4-fs (loop9): Remounting filesystem read-only [ 190.352650][T14522] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.411049][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.429579][T14540] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4598'. [ 190.477008][T14550] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4601'. [ 190.962606][T14578] netlink: 'syz.2.4613': attribute type 4 has an invalid length. [ 191.015506][T14580] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4614'. [ 191.124096][T14583] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 191.131664][T14583] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 191.169467][T14559] Set syz1 is full, maxelem 65536 reached [ 191.323288][ T3500] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 191.370855][T14609] loop6: detected capacity change from 0 to 512 [ 191.379252][T14609] EXT4-fs: inline encryption not supported [ 191.385255][T14609] EXT4-fs: inline encryption not supported [ 191.395066][T14609] EXT4-fs: Ignoring removed oldalloc option [ 191.406269][T14611] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4627'. [ 191.423162][T14609] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2 [ 191.440992][T14609] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.4626: invalid indirect mapped block 2683928664 (level 1) [ 191.476764][T14609] EXT4-fs (loop6): 1 truncate cleaned up [ 191.483089][T14609] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 191.589325][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.675271][T14630] tap1: tun_chr_ioctl cmd 2148553947 [ 191.893752][T14642] loop5: detected capacity change from 0 to 256 [ 192.093213][T14616] Set syz1 is full, maxelem 65536 reached [ 192.146968][T14649] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4645'. [ 192.761424][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 192.761452][ T29] audit: type=1400 audit(704.734:1269): avc: denied { mount } for pid=14665 comm="syz.9.4653" name="/" dev="hugetlbfs" ino=42201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 192.967730][T14678] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 193.186465][ T29] audit: type=1400 audit(705.164:1270): avc: denied { read } for pid=14692 comm="syz.9.4668" laddr=172.20.20.10 lport=58310 faddr=172.20.20.187 fport=20005 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 193.419917][ T29] audit: type=1326 audit(705.394:1271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14708 comm="syz.0.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 193.443107][ T29] audit: type=1326 audit(705.394:1272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14708 comm="syz.0.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 193.466017][ T29] audit: type=1326 audit(705.394:1273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14708 comm="syz.0.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 193.489060][ T29] audit: type=1326 audit(705.394:1274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14708 comm="syz.0.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 193.512060][ T29] audit: type=1326 audit(705.394:1275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14708 comm="syz.0.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 193.670763][T14679] Set syz1 is full, maxelem 65536 reached [ 193.683261][ T29] audit: type=1326 audit(705.514:1276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14708 comm="syz.0.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 193.706203][ T29] audit: type=1326 audit(705.514:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14708 comm="syz.0.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe9964aac22 code=0x7ffc0000 [ 193.729048][ T29] audit: type=1326 audit(705.514:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14708 comm="syz.0.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fe9964aacb7 code=0x7ffc0000 [ 193.798589][T14718] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 193.818648][T14718] vhci_hcd vhci_hcd.2: invalid port number 96 [ 193.825065][T14718] vhci_hcd vhci_hcd.2: default hub control req: 0311 v0005 i0060 l7 [ 193.913102][T14726] netlink: 48 bytes leftover after parsing attributes in process `syz.9.4682'. [ 194.008430][ T52] Bluetooth: hci0: Frame reassembly failed (-84) [ 194.313106][T14754] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4695'. [ 194.322052][T14754] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4695'. [ 194.378881][T14758] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4698'. [ 194.569792][T14778] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4707'. [ 194.603744][T14778] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4707'. [ 194.671513][T14786] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22 [ 194.679772][T14786] netdevsim netdevsim5: Direct firmware load for . failed with error -22 [ 194.715509][T14786] loop5: detected capacity change from 0 to 128 [ 194.740488][T14786] FAT-fs (loop5): bogus number of reserved sectors [ 194.747147][T14786] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 194.756492][T14786] FAT-fs (loop5): Can't find a valid FAT filesystem [ 194.900849][T14802] netlink: 'syz.5.4719': attribute type 62 has an invalid length. [ 195.038240][T14810] loop5: detected capacity change from 0 to 1024 [ 195.063605][T14810] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 195.082170][T14810] EXT4-fs warning (device loop5): ext4_empty_dir:3097: inode #11: comm syz.5.4722: directory missing '..' [ 195.131134][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.240426][T14829] loop5: detected capacity change from 0 to 512 [ 195.248078][T14829] EXT4-fs warning (device loop5): ext4_multi_mount_protect:314: fsck is running on the filesystem [ 195.258946][T14829] EXT4-fs warning (device loop5): ext4_multi_mount_protect:314: MMP failure info: last update time: 1669132786, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4 [ 196.043128][T13247] Bluetooth: hci0: command 0x1003 tx timeout [ 196.049347][ T3500] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 196.438460][T14886] loop5: detected capacity change from 0 to 1024 [ 196.491628][T14886] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 196.575499][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 196.654213][T14914] loop6: detected capacity change from 0 to 128 [ 196.888216][T14953] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4789'. [ 196.898736][T14952] loop9: detected capacity change from 0 to 1024 [ 196.926341][T14952] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 196.976368][T14952] EXT4-fs warning (device loop9): ext4_rmdir:3185: inode #11: comm syz.9.4790: empty directory 'file1' has too many links (111) [ 197.064466][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.086187][T14975] can0: slcan on ttyS3. [ 197.112297][T14981] program syz.2.4804 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 197.129187][T14983] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4805'. [ 197.146416][T14975] can0 (unregistered): slcan off ttyS3. [ 197.167958][T14975] Falling back ldisc for ttyS3. [ 197.650036][T15049] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 197.662306][T15049] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 198.079770][T15069] loop5: detected capacity change from 0 to 256 [ 198.118046][T15069] msdos: Bad value for 'gid' [ 198.123834][T15069] msdos: Bad value for 'gid' [ 198.234669][T15085] bond2: entered promiscuous mode [ 198.240562][T15085] 8021q: adding VLAN 0 to HW filter on device bond2 [ 198.248393][T15085] team0: Port device bond2 added [ 198.501106][T15108] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 198.513372][T15108] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 198.566823][T15114] can0: slcan on ttyS3. [ 198.578666][T15117] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 198.620042][T15122] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4863'. [ 198.633034][T15114] can0 (unregistered): slcan off ttyS3. [ 198.644795][T15114] Falling back ldisc for ttyS3. [ 198.665372][T15127] loop5: detected capacity change from 0 to 128 [ 198.692240][T15127] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 198.703065][T15127] System zones: 1-3, 19-19, 35-36 [ 198.713764][T15127] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 198.754181][ T3544] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 198.866140][T15156] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4870'. [ 198.875198][T15156] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4870'. [ 198.884219][T15156] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4870'. [ 198.911794][T15156] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4870'. [ 199.064604][T15185] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.094183][T15193] program syz.6.4881 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 199.415664][T15233] bond1: option resend_igmp: invalid value (18345) [ 199.422278][T15233] bond1: option resend_igmp: allowed values 0 - 255 [ 199.429538][T15233] bond1 (unregistering): Released all slaves [ 199.605477][ T29] kauditd_printk_skb: 59 callbacks suppressed [ 199.605497][ T29] audit: type=1400 audit(711.584:1338): avc: denied { execute } for pid=15261 comm="syz.0.4912" name="cgroup" dev="tmpfs" ino=5616 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=lnk_file permissive=1 [ 199.663216][ T29] audit: type=1400 audit(711.644:1339): avc: denied { read } for pid=15265 comm="syz.6.4914" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 199.682500][ T29] audit: type=1400 audit(711.644:1340): avc: denied { connect } for pid=15265 comm="syz.6.4914" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 199.701901][ T29] audit: type=1400 audit(711.644:1341): avc: denied { write } for pid=15265 comm="syz.6.4914" path="socket:[43398]" dev="sockfs" ino=43398 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 199.740862][T15270] loop6: detected capacity change from 0 to 128 [ 199.758182][T15270] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 199.779849][T15274] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4917'. [ 199.810677][T11119] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 200.020035][T15294] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4926'. [ 200.033716][ T29] audit: type=1326 audit(712.014:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15296 comm="syz.2.4928" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fba0b0aaeb9 code=0x0 [ 200.076965][ T12] Bluetooth: hci0: Frame reassembly failed (-84) [ 200.101097][T15304] loop5: detected capacity change from 0 to 1024 [ 200.112739][T15304] EXT4-fs (loop5): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 200.125497][T15304] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 2: comm syz.5.4931: lblock 2 mapped to illegal pblock 2 (length 1) [ 200.130782][ T29] audit: type=1326 audit(712.104:1343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15306 comm="syz.0.4932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 200.140211][T15304] Quota error (device loop5): qtree_write_dquot: dquota write failed [ 200.171053][T15304] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 48: comm syz.5.4931: lblock 0 mapped to illegal pblock 48 (length 1) [ 200.185611][T15304] Quota error (device loop5): v2_write_file_info: Can't write info structure [ 200.191484][ T29] audit: type=1326 audit(712.144:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15306 comm="syz.0.4932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fe9964aaeb9 code=0x7ffc0000 [ 200.194433][T15304] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.4931: Failed to acquire dquot type 0 [ 200.217606][ T29] audit: type=1326 audit(712.144:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15309 comm="syz.0.4932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe99646b78e code=0x7ffc0000 [ 200.255295][T15304] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 200.275466][T15311] netlink: 'syz.0.4933': attribute type 9 has an invalid length. [ 200.283427][T15304] EXT4-fs error (device loop5): ext4_evict_inode:253: inode #11: comm syz.5.4931: mark_inode_dirty error [ 200.297368][T15304] EXT4-fs warning (device loop5): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 200.307864][T15304] EXT4-fs (loop5): 1 orphan inode deleted [ 200.307895][T15313] loop9: detected capacity change from 0 to 128 [ 200.323869][T15304] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 200.336313][ T52] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1) [ 200.351623][T15313] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 200.360032][T15313] System zones: 1-3, 19-19, 35-36 [ 200.367234][ T52] EXT4-fs error (device loop5): ext4_release_dquot:7022: comm kworker/u8:3: Failed to release dquot type 0 [ 200.367494][T15313] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 200.410191][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.423216][ T52] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1) [ 200.437888][ T52] EXT4-fs error (device loop5): ext4_release_dquot:7022: comm kworker/u8:3: Failed to release dquot type 0 [ 200.451431][T11056] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 200.460978][ T3544] EXT4-fs error (device loop5): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 200.476466][ T3544] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 200.490891][ T3544] EXT4-fs error (device loop5): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error [ 200.600638][T15330] loop5: detected capacity change from 0 to 512 [ 200.636930][T15330] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 200.721593][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.834154][T15343] bond1: option resend_igmp: invalid value (18345) [ 200.840734][T15343] bond1: option resend_igmp: allowed values 0 - 255 [ 200.849060][T15343] bond1 (unregistering): Released all slaves [ 200.921313][T15350] Process accounting resumed [ 200.941538][T15355] loop9: detected capacity change from 0 to 512 [ 200.958008][T15355] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 200.988649][T15359] netlink: 'syz.2.4954': attribute type 2 has an invalid length. [ 201.141415][T15382] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4964'. [ 201.169146][T15377] program syz.5.4962 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 201.508211][T15405] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 201.562696][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.637654][T15421] set_capacity_and_notify: 1 callbacks suppressed [ 201.637671][T15421] loop5: detected capacity change from 0 to 512 [ 201.656780][T15421] EXT4-fs error (device loop5): __ext4_iget:5426: inode #11: block 1: comm syz.5.4980: invalid block [ 201.667875][T15421] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.4980: couldn't read orphan inode 11 (err -117) [ 201.692722][T15421] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 201.708153][T15421] EXT4-fs error (device loop5): ext4_add_entry:2415: inode #2: comm syz.5.4980: Directory hole found for htree leaf block 0 [ 201.732908][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.123056][T13247] Bluetooth: hci0: command 0x1003 tx timeout [ 202.125283][ T3500] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 202.819855][T15492] IPVS: Error connecting to the multicast addr [ 203.852232][T15570] __nla_validate_parse: 2 callbacks suppressed [ 203.852251][T15570] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5048'. [ 204.316670][T15619] loop9: detected capacity change from 0 to 1024 [ 204.419962][T15619] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.435649][T15626] loop6: detected capacity change from 0 to 1024 [ 204.459655][T15626] EXT4-fs (loop6): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 204.543340][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.570937][T15637] program syz.9.5075 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 204.580425][T15626] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 2: comm syz.6.5071: lblock 2 mapped to illegal pblock 2 (length 1) [ 204.613251][T15626] __quota_error: 15 callbacks suppressed [ 204.613271][T15626] Quota error (device loop6): qtree_write_dquot: dquota write failed [ 204.627891][T15626] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 48: comm syz.6.5071: lblock 0 mapped to illegal pblock 48 (length 1) [ 204.644179][T15626] Quota error (device loop6): v2_write_file_info: Can't write info structure [ 204.653079][T15626] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.5071: Failed to acquire dquot type 0 [ 204.664973][T15626] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 204.674700][T15626] EXT4-fs error (device loop6): ext4_evict_inode:253: inode #11: comm syz.6.5071: mark_inode_dirty error [ 204.689444][T15626] EXT4-fs warning (device loop6): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 204.699802][T15626] EXT4-fs (loop6): 1 orphan inode deleted [ 204.706498][ T29] audit: type=1400 audit(716.684:1359): avc: denied { read } for pid=15642 comm="syz.2.5078" laddr=::ac14:14aa lport=55547 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 204.709064][T15626] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.749320][ T12] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 204.773125][ T12] Quota error (device loop6): remove_tree: Can't read quota data block 1 [ 204.781743][ T12] EXT4-fs error (device loop6): ext4_release_dquot:7022: comm kworker/u8:0: Failed to release dquot type 0 [ 204.836914][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.853059][ T52] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1) [ 204.868921][ T52] Quota error (device loop6): remove_tree: Can't read quota data block 1 [ 204.877507][ T52] EXT4-fs error (device loop6): ext4_release_dquot:7022: comm kworker/u8:3: Failed to release dquot type 0 [ 204.895978][T11119] EXT4-fs error (device loop6): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 204.909398][T11119] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 204.919554][T11119] EXT4-fs error (device loop6): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error [ 205.002185][ T29] audit: type=1326 audit(716.964:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15665 comm="syz.9.5091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b0ec0aeb9 code=0x7ffc0000 [ 205.025212][ T29] audit: type=1326 audit(716.964:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15665 comm="syz.9.5091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b0ec0aeb9 code=0x7ffc0000 [ 205.048301][ T29] audit: type=1326 audit(716.964:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15665 comm="syz.9.5091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b0ec0aeb9 code=0x7ffc0000 [ 205.071257][ T29] audit: type=1326 audit(716.964:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15665 comm="syz.9.5091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7b0ec0aeb9 code=0x7ffc0000 [ 205.094121][ T29] audit: type=1326 audit(716.964:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15665 comm="syz.9.5091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b0ec0aeb9 code=0x7ffc0000 [ 205.821293][T15736] sctp: [Deprecated]: syz.2.5120 (pid 15736) Use of int in max_burst socket option. [ 205.821293][T15736] Use struct sctp_assoc_value instead [ 206.457877][T15803] netlink: 32 bytes leftover after parsing attributes in process `syz.9.5150'. [ 206.463692][T15805] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 206.828494][T15853] loop9: detected capacity change from 0 to 1024 [ 206.837646][T15853] EXT4-fs: Ignoring removed orlov option [ 206.843574][T15853] EXT4-fs: Ignoring removed nomblk_io_submit option [ 206.867916][T15853] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 206.906182][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.957210][T15870] loop9: detected capacity change from 0 to 512 [ 206.975782][T15870] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 206.997019][T15876] vlan4: entered promiscuous mode [ 207.002169][T15876] geneve1: entered promiscuous mode [ 207.007728][T15876] vlan4: entered allmulticast mode [ 207.012878][T15876] geneve1: entered allmulticast mode [ 207.075575][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.583211][T15923] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5203'. [ 208.225836][T15952] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5214'. [ 208.283725][T15959] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5220'. [ 208.342383][T15968] program syz.9.5223 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 208.579114][T16007] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 208.596190][T16007] vhci_hcd vhci_hcd.2: invalid port number 96 [ 208.602352][T16007] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0 [ 208.616833][T16019] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 208.616833][T16019] The task syz.2.5245 (16019) triggered the difference, watch for misbehavior. [ 208.726681][T16033] loop6: detected capacity change from 0 to 256 [ 208.754068][T16023] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5250'. [ 209.073665][T16070] netlink: 36 bytes leftover after parsing attributes in process `syz.5.5273'. [ 209.084811][T16070] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5273'. [ 209.093839][T16070] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5273'. [ 209.203648][T16083] delete_channel: no stack [ 209.442356][T16113] netlink: 'syz.5.5291': attribute type 5 has an invalid length. [ 209.717876][ T29] kauditd_printk_skb: 23 callbacks suppressed [ 209.717896][ T29] audit: type=1326 audit(721.694:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16150 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 209.774872][ T29] audit: type=1326 audit(721.724:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16150 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 209.797930][ T29] audit: type=1326 audit(721.724:1390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16150 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 209.821136][ T29] audit: type=1326 audit(721.724:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16150 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 209.844152][ T29] audit: type=1326 audit(721.724:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16150 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 209.867288][ T29] audit: type=1326 audit(721.724:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16150 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 209.890209][ T29] audit: type=1326 audit(721.724:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16150 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 209.913212][ T29] audit: type=1326 audit(721.724:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16150 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 209.936126][ T29] audit: type=1326 audit(721.724:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16150 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0b0aaeb9 code=0x7ffc0000 [ 210.003621][T16170] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 210.037607][T16172] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 210.044899][T16172] IPv6: NLM_F_CREATE should be set when creating new route [ 210.052188][T16172] IPv6: NLM_F_CREATE should be set when creating new route [ 210.059470][T16172] IPv6: NLM_F_CREATE should be set when creating new route [ 210.078542][T16175] netlink: 'syz.9.5319': attribute type 12 has an invalid length. [ 210.555314][T16239] C: renamed from team_slave_0 [ 210.562428][T16239] netlink: 'syz.0.5349': attribute type 2 has an invalid length. [ 210.570304][T16239] netlink: 108 bytes leftover after parsing attributes in process `syz.0.5349'. [ 210.579425][T16239] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 210.666288][T16248] netlink: 332 bytes leftover after parsing attributes in process `syz.5.5353'. [ 210.675691][T16248] netlink: 196 bytes leftover after parsing attributes in process `syz.5.5353'. [ 210.996483][T16269] loop5: detected capacity change from 0 to 512 [ 210.996891][T16269] EXT4-fs: Ignoring removed nomblk_io_submit option [ 210.997017][T16269] EXT4-fs: Ignoring removed orlov option [ 211.011474][T16269] EXT4-fs error (device loop5): ext4_iget_extra_inode:5073: inode #15: comm syz.5.5362: corrupted in-inode xattr: bad e_name length [ 211.019812][T16269] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.5362: couldn't read orphan inode 15 (err -117) [ 211.020484][T16269] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 211.051645][ T3544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.064490][T16273] loop9: detected capacity change from 0 to 512 [ 211.067656][T16273] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 211.092368][T16273] EXT4-fs (loop9): 1 truncate cleaned up [ 211.092860][T16273] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 211.136116][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.265642][T16280] loop5: detected capacity change from 0 to 128 [ 211.508516][T16301] loop9: detected capacity change from 0 to 512 [ 211.513522][T16301] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 211.542377][T16301] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 211.615309][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.653689][T16314] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5381'. [ 211.653718][T16314] netlink: 56 bytes leftover after parsing attributes in process `syz.9.5381'. [ 211.742402][T16322] netem: change failed [ 211.821939][T16335] netlink: 'syz.9.5391': attribute type 1 has an invalid length. [ 211.913272][T16346] netlink: 20 bytes leftover after parsing attributes in process `syz.9.5396'. [ 212.686894][T16404] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 212.688422][T16404] @0Ù: renamed from bond_slave_1 [ 212.854269][T16410] loop6: detected capacity change from 0 to 128 [ 212.876784][ T29] audit: type=1400 audit(724.854:1397): avc: denied { remount } for pid=16409 comm="syz.6.5425" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 212.964906][T16416] netlink: 'syz.6.5428': attribute type 1 has an invalid length. [ 213.150496][T16434] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5438'. [ 213.498062][T16455] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.513671][T16455] bond0: (slave gre1): The slave device specified does not support setting the MAC address [ 213.525843][T16455] bond0: (slave gre1): Error -95 calling set_mac_address [ 213.666064][T16461] loop9: detected capacity change from 0 to 1024 [ 213.694067][T16461] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 213.713517][T16461] EXT4-fs error (device loop9): ext4_map_blocks:825: inode #15: block 3: comm syz.9.5448: lblock 3 mapped to illegal pblock 3 (length 3) [ 213.733511][T16461] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 213.746059][T16461] EXT4-fs (loop9): This should not happen!! Data will be lost [ 213.746059][T16461] [ 213.773437][T16466] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5448: bg 0: block 112: padding at end of block bitmap is not set [ 213.801591][ T12] EXT4-fs error (device loop9): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:0: lblock 8 mapped to illegal pblock 8 (length 5) [ 213.817016][ T12] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 5 with error 117 [ 213.829410][ T12] EXT4-fs (loop9): This should not happen!! Data will be lost [ 213.829410][ T12] [ 213.841228][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 213.857834][T16471] loop5: detected capacity change from 0 to 512 [ 213.864946][T16471] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 213.963995][T16483] loop5: detected capacity change from 0 to 128 [ 214.212419][T16510] loop6: detected capacity change from 0 to 512 [ 214.219284][T16510] EXT4-fs: Ignoring removed mblk_io_submit option [ 214.234619][T16510] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=885ec129, mo2=0006] [ 214.243135][T16510] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.5470: Invalid inode bitmap blk 4 in block_group 0 [ 214.256023][T16510] EXT4-fs (loop6): Remounting filesystem read-only [ 214.263542][T16510] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 214.291517][T11119] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.415206][T16533] bridge1: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms) [ 214.635798][T16563] loop6: detected capacity change from 0 to 128 [ 214.648490][T16563] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 214.689160][T11119] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 214.834524][T16583] __nla_validate_parse: 1 callbacks suppressed [ 214.834546][T16583] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5503'. [ 214.851013][T16583] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5503'. [ 214.880282][T16587] xt_connbytes: Forcing CT accounting to be enabled [ 214.933947][T16590] bond0: entered promiscuous mode [ 214.939057][T16590] bond_slave_0: entered promiscuous mode [ 214.944795][T16590] bond_slave_1: entered promiscuous mode [ 214.951774][T16590] bond0: left promiscuous mode [ 214.956719][T16590] bond_slave_0: left promiscuous mode [ 214.962197][T16590] bond_slave_1: left promiscuous mode [ 215.211658][ T29] audit: type=1400 audit(727.184:1398): avc: denied { create } for pid=16609 comm="syz.0.5516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 215.241532][T16612] loop9: detected capacity change from 0 to 1024 [ 215.245580][ T29] audit: type=1400 audit(727.214:1399): avc: denied { bind } for pid=16609 comm="syz.0.5516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 215.250319][T16612] EXT4-fs: Ignoring removed nomblk_io_submit option [ 215.300771][T16612] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 215.309361][T16612] System zones: 0-1, 3-36 [ 215.315774][T16612] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 215.504530][T11056] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.664814][T16641] GUP no longer grows the stack in syz.5.5529 (16641): 200000004000-200000005000 (200000001000) [ 215.675348][T16641] CPU: 0 UID: 0 PID: 16641 Comm: syz.5.5529 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 215.675436][T16641] Tainted: [W]=WARN [ 215.675444][T16641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 215.675459][T16641] Call Trace: [ 215.675469][T16641] [ 215.675479][T16641] __dump_stack+0x1d/0x30 [ 215.675514][T16641] dump_stack_lvl+0x95/0xd0 [ 215.675559][T16641] dump_stack+0x15/0x1b [ 215.675653][T16641] __get_user_pages+0x195b/0x1ea0 [ 215.675698][T16641] ? __rcu_read_unlock+0x4e/0x70 [ 215.675821][T16641] ? try_charge_memcg+0x215/0xa10 [ 215.675849][T16641] __gup_longterm_locked+0x8d7/0xe30 [ 215.675870][T16641] ? __rcu_read_unlock+0x33/0x70 [ 215.675927][T16641] ? try_get_folio+0x369/0x3b0 [ 215.675959][T16641] ? try_grab_folio_fast+0xdc/0x370 [ 215.675988][T16641] gup_fast_fallback+0x1f3/0x13c0 [ 215.676022][T16641] get_user_pages_fast+0x5f/0x90 [ 215.676087][T16641] __iov_iter_get_pages_alloc+0x24e/0x6f0 [ 215.676116][T16641] ? __rcu_read_unlock+0x4e/0x70 [ 215.676158][T16641] iov_iter_get_pages2+0x5e/0xa0 [ 215.676185][T16641] __se_sys_vmsplice+0x538/0xf90 [ 215.676306][T16641] __x64_sys_vmsplice+0x55/0x70 [ 215.676332][T16641] x64_sys_call+0x2344/0x3000 [ 215.676370][T16641] do_syscall_64+0xc0/0x2a0 [ 215.676412][T16641] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.676486][T16641] RIP: 0033:0x7f4637d3aeb9 [ 215.676507][T16641] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 215.676531][T16641] RSP: 002b:00007f4636797028 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 215.676557][T16641] RAX: ffffffffffffffda RBX: 00007f4637fb5fa0 RCX: 00007f4637d3aeb9 [ 215.676575][T16641] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000004 [ 215.676592][T16641] RBP: 00007f4637da8c1f R08: 0000000000000000 R09: 0000000000000000 [ 215.676649][T16641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 215.676662][T16641] R13: 00007f4637fb6038 R14: 00007f4637fb5fa0 R15: 00007ffcca467998 [ 215.676685][T16641] [ 215.930574][T16647] loop5: detected capacity change from 0 to 256 [ 215.937228][T16645] tap1: tun_chr_ioctl cmd 1074025677 [ 215.942914][T16645] tap1: linktype set to 1 [ 215.960919][ T52] ================================================================== [ 215.969068][ T52] BUG: KCSAN: data-race in __fat_write_inode / copy_folio_from_iter_atomic [ 215.977697][ T52] [ 215.980049][ T52] write to 0xffff88811c5e193c of 4 bytes by task 16647 on cpu 0: [ 215.987796][ T52] __fat_write_inode+0x236/0x530 [ 215.992779][ T52] fat_sync_inode+0x1a/0x30 [ 215.997320][ T52] fat_truncate_blocks+0x1cc/0x5a0 [ 216.002475][ T52] fat_write_end+0xba/0x160 [ 216.007027][ T52] generic_perform_write+0x311/0x490 [ 216.012367][ T52] __generic_file_write_iter+0x9e/0x120 [ 216.017960][ T52] generic_file_write_iter+0x8d/0x310 [ 216.023468][ T52] vfs_write+0x5a6/0x9f0 [ 216.027854][ T52] ksys_write+0xdc/0x1a0 [ 216.032219][ T52] __x64_sys_write+0x40/0x50 [ 216.036835][ T52] x64_sys_call+0x2847/0x3000 [ 216.041557][ T52] do_syscall_64+0xc0/0x2a0 [ 216.046117][ T52] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.052047][ T52] [ 216.054394][ T52] read to 0xffff88811c5e1800 of 2048 bytes by task 52 on cpu 1: [ 216.062048][ T52] copy_folio_from_iter_atomic+0x75f/0x1170 [ 216.067994][ T52] generic_perform_write+0x2c1/0x490 [ 216.073344][ T52] shmem_file_write_iter+0xc5/0xf0 [ 216.078514][ T52] lo_rw_aio+0x67d/0x730 [ 216.082784][ T52] loop_process_work+0x56c/0xac0 [ 216.087761][ T52] loop_workfn+0x31/0x40 [ 216.092039][ T52] process_scheduled_works+0x4cd/0x9d0 [ 216.097555][ T52] worker_thread+0x6bc/0x8b0 [ 216.102188][ T52] kthread+0x488/0x510 [ 216.106303][ T52] ret_from_fork+0x148/0x280 [ 216.110933][ T52] ret_from_fork_asm+0x1a/0x30 [ 216.115737][ T52] [ 216.118092][ T52] Reported by Kernel Concurrency Sanitizer on: [ 216.124312][ T52] CPU: 1 UID: 0 PID: 52 Comm: kworker/u8:3 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 216.135622][ T52] Tainted: [W]=WARN [ 216.139450][ T52] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 216.149552][ T52] Workqueue: loop5 loop_workfn [ 216.154362][ T52] ==================================================================