last executing test programs: 1m1.180632825s ago: executing program 2 (id=316): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) mprotect(&(0x7f0000176000/0x2000)=nil, 0x2000, 0x9) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00') madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) lseek(r0, 0x2000, 0x0) 1m0.684403669s ago: executing program 2 (id=328): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x9, 0x690bb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400100142603600e1208000b0000000401a80016000800014009001100036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) 1m0.556238805s ago: executing program 2 (id=331): openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000000)=ANY=[], 0xffc9) 1m0.486674484s ago: executing program 2 (id=333): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f0000000040)=0x7, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 1m0.411320764s ago: executing program 2 (id=336): mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) mount$bpf(0x0, &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x24000, 0x0) mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x8b7848, 0x0) 1m0.306807267s ago: executing program 2 (id=338): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0xffffffff) r0 = open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x0) r1 = inotify_init() inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0xe400090d) vmsplice(r0, &(0x7f0000000380)=[{&(0x7f0000000000)="9b", 0x1}], 0x1, 0x7) 45.262846284s ago: executing program 32 (id=338): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0xffffffff) r0 = open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x0) r1 = inotify_init() inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0xe400090d) vmsplice(r0, &(0x7f0000000380)=[{&(0x7f0000000000)="9b", 0x1}], 0x1, 0x7) 37.234721657s ago: executing program 5 (id=879): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@fallback=r0, r0, 0x2f}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a3c0db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848022e8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0000000000000000000000000001545f0ec539c3b58facd2f62dc3307a6c91d6b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000480)={@cgroup=r1, r0, 0x2f, 0x2018, 0x4}, 0x20) 37.147740488s ago: executing program 5 (id=883): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = dup2(r0, r0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000340), 0x13f, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000005c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300), 0x111}}, 0x20) close_range(r0, r0, 0x0) 37.103125624s ago: executing program 5 (id=885): r0 = gettid() rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f0000000040)={[0xfffffffffffffff8]}, 0x0, 0x0, 0x8) r1 = getpid() tgkill(r1, r0, 0xf) 36.97627264s ago: executing program 5 (id=890): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f00000003c0)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/../file0/file0\x00') 36.915281659s ago: executing program 5 (id=892): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffe3a}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x60, 0x24, 0xf0b, 0x70bd2c, 0x0, {0x0, 0x0, 0x12, r2, {0x0, 0xfff3}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xff, 0x2, 0x3, 0x2, 0xb}, {0xb3, 0x1, 0x1, 0xb, 0x403, 0x8}, 0x4, 0x7, 0x52}}, @TCA_TBF_BURST={0x8, 0x6, 0x6}]}}]}, 0x60}}, 0x4000010) 36.707890675s ago: executing program 5 (id=899): r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @hyper}, 0x10) listen(r0, 0x0) accept4$unix(r0, 0x0, 0x0, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8) 36.650277133s ago: executing program 33 (id=899): r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @hyper}, 0x10) listen(r0, 0x0) accept4$unix(r0, 0x0, 0x0, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8) 22.619601129s ago: executing program 6 (id=1334): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000040)={0xb6ce, 0x3}) 22.565820926s ago: executing program 6 (id=1337): prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000040b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) ioprio_set$pid(0x2, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) write$binfmt_elf64(r0, &(0x7f00000002c0)=ANY=[], 0x10132) 22.503354044s ago: executing program 6 (id=1341): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000007c0)=""/153, 0x99}], 0x1}, 0x2000) sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=ANY=[@ANYBLOB="54010000100001000000000800000000ac1e000100000000000000000000000000000000000000000000000000000000000200004e2000500000200016000000", @ANYRES32=r1, @ANYRES32=0x0, @ANYBLOB="fc0000000000c700000000000000000100f2ffff32000000ac1414aa0000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000805600000000000000000000000000000000000000000001000000000001040000090000000000000000000000000000000a0001009000000000000000480001"], 0x154}}, 0x24000058) 22.420790514s ago: executing program 6 (id=1343): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0/../file0\x00') 22.353001113s ago: executing program 6 (id=1348): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10) sendmsg$tipc(r0, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0) sendmsg$tipc(r0, &(0x7f0000000380)={&(0x7f0000000100)=@nameseq={0x1e, 0x1, 0x0, {0x40, 0x0, 0x2}}, 0x10, &(0x7f0000000600)=[{&(0x7f0000000140)="14ec", 0x2}], 0x1, 0x0, 0x0, 0x20010080}, 0x50) 22.109448854s ago: executing program 6 (id=1362): openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x22008d0, 0x0) mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 22.028850394s ago: executing program 34 (id=1362): openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x22008d0, 0x0) mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 1.800469559s ago: executing program 1 (id=1925): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000240)={{r0, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)='%pi6 \x00'}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000400008500000061000000b7080000000000007b8af8ff00000000b70800000000ff907b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x36, 0x0, &(0x7f0000000480)="b9ff03076003008cb89e08f186ddcfd30edd522f3410a66ae780d92227fbbf1597fea99a4dfbed5be2b129007e3bb3c6c6750b6d84f7", 0x0, 0xfe6, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) 1.652083298s ago: executing program 1 (id=1932): r0 = socket$l2tp6(0xa, 0x2, 0x73) r1 = syz_io_uring_setup(0x12de, &(0x7f0000000300)={0x0, 0x2000, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000180)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x80, &(0x7f0000000380)=@ethernet={0x306, @multicast}}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x6a855000) io_uring_enter(r1, 0x5b43, 0x0, 0x20, 0x0, 0x0) 1.615167823s ago: executing program 4 (id=1934): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x51cfa, 0x0, 0x8000008, 0x3, 0xfffffffe, 0x1, 0x0, 0x7cce8c743ee810df}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f00000001c0)={0x800100, 0xfffffffd, 0x22, 0x6, 0x1101, 0x1}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x88440) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000280)={0x18f, @tick=0x8, 0x6, {0x8, 0x80}, 0x44, 0x1}) 1.566650069s ago: executing program 4 (id=1936): setresuid(0x0, 0xee00, 0x0) r0 = io_uring_setup(0xaae, &(0x7f0000000300)={0x0, 0xbfffeffb, 0x800, 0x7, 0x2}) setrlimit(0x40000000000008, &(0x7f0000000000)) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x2300000000000000, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) 1.448955824s ago: executing program 4 (id=1941): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e20, 0xdb, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x4}], 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x0, @loopback}, @in6={0xa, 0x0, 0x0, @private0}], 0x2c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f00000006c0)=[@in={0x2, 0x0, @loopback}, @in6={0xa, 0x4e23, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x6}], 0x2c) 1.410729179s ago: executing program 4 (id=1943): set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4) r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000300)={'vxcan1\x00', 0x0}) bind$can_raw(r0, &(0x7f0000000000)={0x1d, r1}, 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f00000000c0), 0xf00) 1.343477868s ago: executing program 4 (id=1946): syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) unshare(0xc020680) fsync(r0) 1.046068526s ago: executing program 1 (id=1951): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) mprotect(&(0x7f0000000000/0x11000)=nil, 0x11000, 0x0) splice(r1, &(0x7f0000000040), r0, 0x0, 0x800000000ff, 0x0) 995.035782ms ago: executing program 1 (id=1954): futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000040), &(0x7f0000048000), 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa31e6ae9ad066219, 0x31, 0xffffffffffffffff, 0x0) exit(0x0) 795.463258ms ago: executing program 4 (id=1955): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x6, 0x7fc00100}]}) timer_create(0x0, 0x0, 0x0) poll(&(0x7f0000000080)=[{r0, 0x4000}], 0x1, 0xfffffffa) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000680)) 519.095713ms ago: executing program 3 (id=1967): r0 = socket$inet(0x2, 0x5, 0x0) close(0x3) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000000)=[@in={0x2, 0x4e21, @empty}], 0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x7d, &(0x7f0000000000)=@assoc_value, &(0x7f0000000140)=0x8) 501.425586ms ago: executing program 3 (id=1968): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x24000154}, 0x20000050) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a20000000000a01080000000000000000010000090900010073797a3100000000d0000000030a030000000000000000000100000a0900010073797a31000000000900030073797a3000000000a4000300627269", @ANYRESDEC, @ANYRES16, @ANYRESOCT], 0x118}, 0x1, 0x0, 0x0, 0x24000144}, 0x20000050) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2400c000}, 0x20008800) 484.377928ms ago: executing program 3 (id=1969): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) connect$inet(r0, &(0x7f0000000480)={0x2, 0x2007, @local}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) recvmmsg(r0, &(0x7f0000000340)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=""/33, 0x21}, 0x4}], 0x3d5, 0x45833af92e4b38ff, 0x0) 434.619404ms ago: executing program 0 (id=1971): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x7ff}], 0x2c) sendto$inet6(r0, &(0x7f00000000c0)='\\', 0x1, 0x20000081, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x7f}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080)={0x3, 0x84, 0x1, 0xb, 0xff, 0x6, 0x0, 0x0, 0x7, 0x1, 0x2}, 0xe) recvmmsg(r0, &(0x7f0000000700)=[{{0x0, 0x0, 0x0}, 0x25}], 0x1, 0x400001d6, 0x0) 369.209873ms ago: executing program 7 (id=1974): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r0) sendmsg$NL802154_CMD_NEW_SEC_KEY(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)={0x5c, r3, 0x5eae78d9c54e9d3f, 0x0, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_KEY={0x40, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "403a050c5baee2004ef2b6d713459a7a"}, @NL802154_KEY_ATTR_ID={0x20, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}]}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xa}]}]}, 0x5c}}, 0x200440c4) 338.836517ms ago: executing program 7 (id=1975): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000ac0), 0x2, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f00000002c0)={0x12, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, r1}}, 0x18) 311.90077ms ago: executing program 7 (id=1976): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r2, {0x0, 0xffff}, {0xffff, 0xffff}, {0xf, 0x6}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x26, 0x2, {{0xd, [0x5, 0x1, 0x2c, 0x7, 0x1, 0x0, 0x3, 0xe, 0x1, 0x8, 0xc, 0x0, 0x5, 0xb, 0xd, 0xd], 0x1, [0x3, 0x94fe, 0x9, 0xfc00, 0x77, 0x0, 0x8834, 0x40, 0x4, 0xc445, 0x1, 0x474, 0x6, 0xb840, 0x9, 0x3], [0x9, 0xde, 0x1ff, 0x4, 0x8, 0x4, 0xb, 0x5, 0x3, 0x4, 0x0, 0x7, 0x7, 0x268, 0x7ff, 0x2d]}}}}]}, 0x88}, 0x1, 0x0, 0x0, 0x8004001}, 0x0) 285.259624ms ago: executing program 0 (id=1977): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000000c0)={'veth0_to_bridge\x00', 0x400}) close_range(r0, 0xffffffffffffffff, 0x0) 282.790794ms ago: executing program 7 (id=1978): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) writev(r0, &(0x7f0000000140)=[{&(0x7f00000001c0)="2e9b5b0007e03dd65193dfb6c575963f86dd6067", 0x14}, {&(0x7f0000000200)="b70000", 0x3}, {&(0x7f0000000540)="cfbe4a4052d83852972bf14f4fb7bdc70adccce20f322d9d9073dcdca7b049fe710303dd2f39e61a150f9f16c4879531f35f4b5b7e19518fc91e4fc2af52efc0a7a73045782cfd4ce678d7a8bb31db2dcadb6871b9d2089f009326d7e11578d5f217a8df8a13a8db8b5569da44528da559f2b5f8c5ae1cc93f347b2269fa9edb23745abc6f7a570981ad6ad90799e9710b7cef9f339468cda5a0bbfdc1f45c3746c519b64b5bc716843553859c8d14e4d3c1f8111d7e4db1bdbbf3a00b77cb5983f92a85c690e7cafef16dd229ebdb2bbada7933da910eed7ad0d520c1c672efed02210a97d5d0bb53d0abf0cc58d4b817327a", 0xf3}], 0x3) 237.852519ms ago: executing program 3 (id=1979): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]}) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/locks\x00', 0x0, 0x0) fcntl$lock(r1, 0x25, &(0x7f0000002380)) preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4094, 0xffe}], 0x1, 0x33, 0x1000000) close_range(r0, 0xffffffffffffffff, 0x0) 218.654802ms ago: executing program 7 (id=1980): r0 = syz_open_dev$evdev(&(0x7f0000000300), 0x66, 0x2000) r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x1000000009, 0x690bb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0xef, 0x3d27}, 0x400, 0x32, 0x43a1bd76, 0x7, 0x203, 0x6, 0x2, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x3) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) ioctl$EVIOCGLED(r0, 0x80404519, 0x0) 201.782314ms ago: executing program 3 (id=1981): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000340)=0x63ba, 0x4) setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000040)=0x10040a4, 0x4) sendmmsg$inet6(r0, &(0x7f0000000380)=[{{&(0x7f0000000b00)={0xa, 0x4e23, 0x0, @local}, 0x1c, 0x0}}], 0x1, 0x4000845) recvmmsg(r0, &(0x7f0000000940)=[{{0x0, 0x0, 0x0}, 0xdb30}], 0x1, 0x40002042, 0x0) 197.945005ms ago: executing program 3 (id=1982): r0 = io_uring_setup(0x25fd, &(0x7f0000000400)={0x0, 0xa770, 0x10, 0x2, 0x178}) io_uring_enter(r0, 0x2460, 0x7f8a, 0x0, 0x0, 0x0) futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 182.379527ms ago: executing program 0 (id=1983): r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) close(r0) socket$inet_mptcp(0x2, 0x1, 0x106) r1 = eventfd2(0xffffffff, 0x80000) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 164.718229ms ago: executing program 0 (id=1984): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x4, r1}, 0x14) r2 = socket$igmp(0x2, 0x3, 0x2) dup3(r2, r0, 0x80000) 132.562563ms ago: executing program 0 (id=1985): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000002c0)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="05002abd7000fddbdf2501000000400008803c00008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e227f000001000000000000000008000100", @ANYRES32=r3], 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x40) 132.130663ms ago: executing program 1 (id=1986): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0xfc, 0x7ffc0002}]}) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x2014, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x400000000000d07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) creat(&(0x7f0000000080)='./file0/file1\x00', 0x90) unlink(&(0x7f0000000100)='./file0/file1\x00') 98.401037ms ago: executing program 0 (id=1987): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_read_part_table(0x5c2, &(0x7f0000000000)="$eJzs2z1oU2sYB/AnavCil+vi5GQdnFwURzOoJFFRCNEu4qCgiBi4EEGIECjoYDO0NEPp2KUUsvRjapqhw6Wlhc6ldOil0KHTpV0KXZpL6Xv39vYDhN8PDg/v+/7Pec4znPEEv7QL8U+3281ERPfy8e/ubeULT2+WHpZfRWTiTUT0/PXH1MFJJiX+e+qttF5P67HRK53+nSfZ1trL3dtv5xsX0nlfuq6Ot3tPPBxnbiK3cO37j2pxoJb7tFqsb/5cWX4xuZ0vt583mlPPso/fp9xiqpdS/RK1+Baf411UohIfonpK/UdaG3f3bxRbMx8f7BU6g3P3Uq50wjmP2v9rz9DrZv3Rnenrw/drs0vlrYuHucr/+LoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADh/E7mFa99/VIsDtdyn1WJ98+fK8ovJ7Xy5/bzRnHqWffw+5RZTvZTql6jFt/gc76ISlfgQ1VPqP9LauLt/o9ia+fhgr9AZnLuXcqUTznnU/l97hl4364/uTF8fvl+bXSpvXTzMVS6f0QsAAAAAAAAAAAAAAAAAAABAROQLT2+WHpZfRWTiTUT8+fvczMF+N/3vnkm5W6mup/2x0Sud/p0n2dbay93bb+cbf6f9vt8i+iLi6ni799yH4dj+DQAA///B9JXf") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="22000000040000001000000012"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r0, 0xffffffffffffffff}, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000643200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007041af64090aac40d6600000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) 19.060568ms ago: executing program 7 (id=1988): syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x2004000, &(0x7f0000000040)={[{@nogrpid}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@usrjquota}]}, 0xfe, 0x563, &(0x7f00000007c0)="$eJzs3c9rHFUcAPDvbHbbpK02BSnoQQI9WKndtIk/KnioR9FiQe91SaahZNMt2U1pYsH2oBcvUgQRC+If4N1j8R/wryhooUgJevASmWQ22Ta7m1/bZHU/H5j2vZnZefPmzXv5vp1dNoCBNZb9U4h4OSK+SSKOt2wrRr5xbG2/5Se3p7IliZWVT/5MIsnXNfdP8v+PNjPFiF+/jDhT2FxufXFptlKtpvN5frwxd2O8vrh09tpcZSadSa9PTE5eeGty4t133u5ZXV+//Pf3Hz/44MLXp5a/+/nRiXtJXIxj+bbWeuzBndbMWIzl16QUF5/Z8XwPCusnyUGfALsylPfzUmRjwPEYyns98P/3RUSsAANpJBL9HwZUMw5ozu035sHDBxiV7J/H769NgDbXv7j23kgMr86NjiwnT82MsvnuaA/Kz8r45Y/797Ilevc+BMCW7tyNiHPF4ubxL8nHv907t419ni3D+Af750EW/7zRLv4prMc/0Sb+Odqm7+7G1v2/8KgHxXSUxX/vtY1/1x9ajQ7luRciRkajlFy9Vk2zse3FiDgdpcNZvtvznAvLD1c6bWuN/7IlK78ZC+bn8ah4+OnXTFcalb3UudXjuxGvtI1/k/X2T9q0f3Y9Lm+zjJPp/Vc7bdu6/s/Xyk8Rr7Vt/40nWkn355Pjq/fDePOu2Oyvr07+1qn8g65/1v5Hutd/NGl9XlvfeRk/Dv+Tdtq22/v/UPLpavpQvu5WpdGYPx9xKPlo8/qJjdc28839s/qfPtV9/Gt3/49ExGfbrH+3mXQ/tP/0jtp/54mHH37+Q6fy8/qXomv7v7maOp2v2c74t90T3Mu1AwAAAAAAgH5TiIhjkRTK6+lCoVxe+3zHS3GkUK3VG2eu1hauT8fqd2VHo1RoPuk+vpZPmp9/GG3JTzyTn4yIExHx7dDIar48VatOH3TlAQAAAAAAAAAAAAAAAAAAoE8c7fD9/8zvQwd9dsBz5ye/YXBt2f978UtPQF/a7d//+R6fB7D/xP8wuPR/GFz6Pwwu/R8Gl/4Pg0v/h8Gl/wMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPXb50KVtWlp/cnsry0zcXF2ZrN89Op/XZ8tzCVHmqNn+jPFOrzVTT8lRtbqvjVWu1G+cnYuHWeCOtN8bri0tX5moL1xtXrs1VZtIraWlfagUAAAAAAAAAAAAAAAAAAAD/LfXFpdlKtZrOS/RzYvg5HfnO3o9T7IfrI7HjRBLd9znokQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANvwbAAD//+f9MzI=") chdir(&(0x7f0000000140)='./file0\x00') perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x9400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0x9, 0x7}, 0x100, 0xa88, 0x8406, 0x5, 0x0, 0x3c, 0xffff, 0x0, 0x0, 0x0, 0x46}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) stat(&(0x7f00000000c0)='./file0\x00', 0x0) 0s ago: executing program 1 (id=1989): r0 = epoll_create1(0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000000)={0x20000002}) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000080)={0x20000008}) kernel console output (not intermixed with test programs): fs warning (device loop1): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 53.234458][ T4774] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 53.241540][ T4774] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.542: bg 0: block 40: padding at end of block bitmap is not set [ 53.265317][ T4774] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6689: Corrupt filesystem [ 53.274459][ T4774] EXT4-fs (loop1): 1 truncate cleaned up [ 53.283751][ T4774] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 53.308473][ T4774] EXT4-fs (loop1): shut down requested (1) [ 53.321336][ T4774] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=16 [ 53.344319][ T4783] lo speed is unknown, defaulting to 1000 [ 53.366436][ T4774] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=16 [ 53.372538][ T4787] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=16 [ 53.516315][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.584906][ T4804] syz.0.554: attempt to access beyond end of device [ 53.584906][ T4804] loop0: rw=2049, sector=154, nr_sectors = 6 limit=128 [ 53.643617][ T4804] syz.0.554: attempt to access beyond end of device [ 53.643617][ T4804] loop0: rw=8390657, sector=158, nr_sectors = 2 limit=128 [ 53.657303][ T4804] Buffer I/O error on dev loop0, logical block 79, lost async page write [ 53.711925][ T4804] syz.0.554: attempt to access beyond end of device [ 53.711925][ T4804] loop0: rw=8390657, sector=160, nr_sectors = 2 limit=128 [ 53.725671][ T4804] Buffer I/O error on dev loop0, logical block 80, lost async page write [ 53.746234][ T4804] syz.0.554: attempt to access beyond end of device [ 53.746234][ T4804] loop0: rw=2049, sector=162, nr_sectors = 6 limit=128 [ 53.771827][ T4804] syz.0.554: attempt to access beyond end of device [ 53.771827][ T4804] loop0: rw=8390657, sector=166, nr_sectors = 2 limit=128 [ 53.785675][ T4804] Buffer I/O error on dev loop0, logical block 83, lost async page write [ 53.798150][ T4804] Buffer I/O error on dev loop0, logical block 84, lost async page write [ 53.807667][ T4804] Buffer I/O error on dev loop0, logical block 95, lost async page write [ 53.816423][ T4804] Buffer I/O error on dev loop0, logical block 96, lost async page write [ 53.825647][ T4804] Buffer I/O error on dev loop0, logical block 99, lost async page write [ 53.834677][ T4804] Buffer I/O error on dev loop0, logical block 100, lost async page write [ 53.860457][ T4804] Buffer I/O error on dev loop0, logical block 111, lost async page write [ 53.870553][ T4804] Buffer I/O error on dev loop0, logical block 112, lost async page write [ 54.107404][ T29] kauditd_printk_skb: 66 callbacks suppressed [ 54.107419][ T29] audit: type=1326 audit(1768704975.359:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4823 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f8912acacb9 code=0x7ffc0000 [ 54.143190][ T29] audit: type=1326 audit(1768704975.389:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4823 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8912acacb9 code=0x7ffc0000 [ 54.166601][ T29] audit: type=1326 audit(1768704975.389:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4823 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8912acacb9 code=0x7ffc0000 [ 54.195636][ T29] audit: type=1326 audit(1768704975.449:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4823 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8912acacb9 code=0x7ffc0000 [ 54.219111][ T29] audit: type=1326 audit(1768704975.449:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4823 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8912acacb9 code=0x7ffc0000 [ 54.242471][ T29] audit: type=1326 audit(1768704975.449:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4823 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8912acacb9 code=0x7ffc0000 [ 54.265827][ T29] audit: type=1326 audit(1768704975.449:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4823 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8912acacb9 code=0x7ffc0000 [ 54.289075][ T29] audit: type=1326 audit(1768704975.449:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4823 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8912acacb9 code=0x7ffc0000 [ 54.312327][ T29] audit: type=1326 audit(1768704975.449:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4823 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=199 compat=0 ip=0x7f8912acacb9 code=0x7ffc0000 [ 54.335643][ T29] audit: type=1326 audit(1768704975.449:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4823 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8912acacb9 code=0x7ffc0000 [ 54.360871][ T4832] SELinux: policydb string does not match my string SE Linux [ 54.369532][ T4832] SELinux: failed to load policy [ 54.403442][ T4836] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.436798][ T4836] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.457287][ T4839] set_capacity_and_notify: 2 callbacks suppressed [ 54.457301][ T4839] loop2: detected capacity change from 0 to 7 [ 54.486943][ T4836] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.556933][ T4836] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.613886][ T55] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.626939][ T55] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.639271][ T55] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.651585][ T55] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.902784][ T4852] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 54.902784][ T4852] The task syz.3.574 (4852) triggered the difference, watch for misbehavior. [ 54.942030][ T4854] netlink: 4 bytes leftover after parsing attributes in process `syz.4.575'. [ 54.992261][ T4856] syzkaller1: entered promiscuous mode [ 54.997825][ T4856] syzkaller1: entered allmulticast mode [ 55.107998][ T4858] loop4: detected capacity change from 0 to 512 [ 55.120208][ T4858] EXT4-fs: Ignoring removed i_version option [ 55.126353][ T4858] EXT4-fs: Ignoring removed nobh option [ 55.134454][ T4858] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 55.146454][ T4858] EXT4-fs (loop4): 1 truncate cleaned up [ 55.156568][ T4858] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.184279][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.267251][ T4867] loop4: detected capacity change from 0 to 512 [ 55.284147][ T4867] ------------[ cut here ]------------ [ 55.289692][ T4867] EA inode 11 i_nlink=2 [ 55.289710][ T4867] WARNING: fs/ext4/xattr.c:1058 at ext4_xattr_inode_update_ref+0x2e6/0x320, CPU#1: syz.4.580/4867 [ 55.304604][ T4867] Modules linked in: [ 55.308570][ T4867] CPU: 1 UID: 0 PID: 4867 Comm: syz.4.580 Not tainted syzkaller #0 PREEMPT(voluntary) [ 55.309976][ T4870] loop1: detected capacity change from 0 to 256 [ 55.318296][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 55.318313][ T4867] RIP: 0010:ext4_xattr_inode_update_ref+0x305/0x320 [ 55.341314][ T4867] Code: 11 cf 9b ff 4c 8d 2d 4a aa 3f 05 49 8d 7e 40 e8 c1 85 b7 ff 49 8b 6e 40 4c 89 e7 e8 f5 80 b7 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 2b ff ff ff e8 6c bc c5 03 66 66 66 2e 0f 1f 84 [ 55.361110][ T4867] RSP: 0018:ffffc90011b575a8 EFLAGS: 00010246 [ 55.367268][ T4867] RAX: ffff88811adaab90 RBX: ffff88811a8a7220 RCX: ffffffff81bc669b [ 55.375340][ T4867] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff86fc10d0 [ 55.383484][ T4867] RBP: 000000000000000b R08: 000188811a8a71d3 R09: 0000000000000000 [ 55.391561][ T4867] R10: ffffc90011b574d8 R11: 0001c90011b574d8 R12: ffff88811a8a71d0 [ 55.399651][ T4867] R13: ffffffff86fc10d0 R14: ffff88811a8a7188 R15: 0000000000000001 [ 55.407794][ T4867] FS: 00007f10e4e676c0(0000) GS:ffff8882aec79000(0000) knlGS:0000000000000000 [ 55.416799][ T4867] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 55.423456][ T4867] CR2: 0000200000000201 CR3: 000000012aae0000 CR4: 00000000003506f0 [ 55.431461][ T4867] Call Trace: [ 55.434851][ T4867] [ 55.437812][ T4867] ext4_xattr_set_entry+0x77c/0x1010 [ 55.443217][ T4867] ext4_xattr_ibody_set+0x184/0x3c0 [ 55.448527][ T4867] ext4_expand_extra_isize_ea+0xd7b/0x11a0 [ 55.454458][ T4867] __ext4_expand_extra_isize+0x246/0x280 [ 55.460187][ T4867] __ext4_mark_inode_dirty+0x29d/0x3f0 [ 55.465733][ T4867] ext4_evict_inode+0x7c3/0xd40 [ 55.470662][ T4867] ? __pfx_ext4_evict_inode+0x10/0x10 [ 55.476108][ T4867] evict+0x2af/0x510 [ 55.480094][ T4867] ? __dquot_initialize+0x146/0x7c0 [ 55.485365][ T4867] iput+0x4b9/0x650 [ 55.489255][ T4867] ext4_process_orphan+0x1a9/0x1c0 [ 55.494482][ T4867] ext4_orphan_cleanup+0x6a8/0xa00 [ 55.499727][ T4867] ext4_fill_super+0x3476/0x3800 [ 55.504788][ T4867] ? set_blocksize+0x1a3/0x310 [ 55.509637][ T4867] ? setup_bdev_super+0x30e/0x370 [ 55.514766][ T4867] ? __pfx_ext4_fill_super+0x10/0x10 [ 55.520153][ T4867] get_tree_bdev_flags+0x291/0x300 [ 55.525345][ T4867] ? __pfx_ext4_fill_super+0x10/0x10 [ 55.530676][ T4867] get_tree_bdev+0x1f/0x30 [ 55.535238][ T4867] ext4_get_tree+0x1c/0x30 [ 55.539710][ T4867] vfs_get_tree+0x57/0x1d0 [ 55.544218][ T4867] do_new_mount+0x288/0x700 [ 55.548838][ T4867] path_mount+0x4c0/0xb90 [ 55.553301][ T4867] ? user_path_at+0xbf/0x130 [ 55.557968][ T4867] __se_sys_mount+0x28c/0x2e0 [ 55.562727][ T4867] __x64_sys_mount+0x67/0x80 [ 55.567356][ T4867] x64_sys_call+0x2cca/0x3000 [ 55.572077][ T4867] do_syscall_64+0xc0/0x2a0 [ 55.576660][ T4867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.582780][ T4867] RIP: 0033:0x7f10e640bf4a [ 55.587311][ T4867] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 55.607095][ T4867] RSP: 002b:00007f10e4e66e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 55.615650][ T4867] RAX: ffffffffffffffda RBX: 00007f10e4e66ee0 RCX: 00007f10e640bf4a [ 55.623688][ T4867] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f10e4e66ea0 [ 55.631692][ T4867] RBP: 0000200000000180 R08: 00007f10e4e66ee0 R09: 0000000000800700 [ 55.639732][ T4867] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 55.647760][ T4867] R13: 00007f10e4e66ea0 R14: 000000000000046f R15: 000000000000002c [ 55.655874][ T4867] [ 55.658985][ T4867] ---[ end trace 0000000000000000 ]--- [ 55.665279][ T4867] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #18: comm syz.4.580: iget: bad extra_isize 90 (inode size 256) [ 55.678981][ T4867] EXT4-fs (loop4): Remounting filesystem read-only [ 55.685685][ T4867] EXT4-fs warning (device loop4): ext4_evict_inode:273: xattr delete (err -30) [ 55.694799][ T4867] EXT4-fs (loop4): 1 orphan inode deleted [ 55.701013][ T4867] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 55.786957][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.942240][ T4894] netlink: 12 bytes leftover after parsing attributes in process `syz.3.592'. [ 55.958543][ T4895] netlink: 44 bytes leftover after parsing attributes in process `syz.4.593'. [ 56.172064][ T4922] loop4: detected capacity change from 0 to 1024 [ 56.204523][ T4922] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 56.310440][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.557579][ T4953] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN [ 56.726865][ T4962] macvtap1: entered promiscuous mode [ 56.732232][ T4962] macvtap1: entered allmulticast mode [ 56.745446][ T4962] dummy0: entered promiscuous mode [ 56.750651][ T4962] dummy0: entered allmulticast mode [ 56.766835][ T4962] team0: Device macvtap1 failed to register rx_handler [ 56.786008][ T4962] dummy0: left allmulticast mode [ 56.797733][ T4962] dummy0: left promiscuous mode [ 56.952528][ T4973] loop1: detected capacity change from 0 to 128 [ 56.987089][ T4973] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 57.008099][ T4973] ext4 filesystem being mounted at /124/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 57.101496][ T3320] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 57.172782][ T4989] netlink: 8 bytes leftover after parsing attributes in process `syz.1.632'. [ 57.181716][ T4989] netlink: 'syz.1.632': attribute type 30 has an invalid length. [ 57.213270][ T55] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 57.222224][ T55] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 57.232754][ T55] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 57.267639][ T55] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 57.303497][ T4997] netlink: 12 bytes leftover after parsing attributes in process `syz.3.635'. [ 57.312447][ T4997] netlink: 36 bytes leftover after parsing attributes in process `syz.3.635'. [ 57.335963][ T4997] bridge0: port 3(vlan2) entered blocking state [ 57.342364][ T4997] bridge0: port 3(vlan2) entered disabled state [ 57.348986][ T4997] vlan2: entered allmulticast mode [ 57.354287][ T4997] bridge0: entered allmulticast mode [ 57.360597][ T4997] vlan2: left allmulticast mode [ 57.365507][ T4997] bridge0: left allmulticast mode [ 57.451098][ T5006] loop1: detected capacity change from 0 to 512 [ 57.462547][ T5006] EXT4-fs: Ignoring removed i_version option [ 57.468638][ T5006] EXT4-fs: Ignoring removed nobh option [ 57.477157][ T5006] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 57.502851][ T5006] EXT4-fs (loop1): 1 truncate cleaned up [ 57.509058][ T5006] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.537586][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.731532][ T5012] loop1: detected capacity change from 0 to 128 [ 57.745546][ T5012] bio_check_eod: 38 callbacks suppressed [ 57.745564][ T5012] syz.1.642: attempt to access beyond end of device [ 57.745564][ T5012] loop1: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 57.781719][ T5012] syz.1.642: attempt to access beyond end of device [ 57.781719][ T5012] loop1: rw=2049, sector=170, nr_sectors = 8 limit=128 [ 57.995372][ T5016] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.066261][ T5016] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.137792][ T5016] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.176545][ T5016] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.267082][ T37] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.290433][ T37] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.311183][ T37] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.330036][ T37] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.386452][ T5030] loop1: detected capacity change from 0 to 512 [ 58.482176][ T5041] netlink: 8772 bytes leftover after parsing attributes in process `syz.4.655'. [ 58.933886][ T5071] lo speed is unknown, defaulting to 1000 [ 58.976921][ T123] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.072364][ T123] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.136745][ T123] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.173344][ T5071] chnl_net:caif_netlink_parms(): no params data found [ 59.201576][ T123] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.274238][ T29] kauditd_printk_skb: 54 callbacks suppressed [ 59.274252][ T29] audit: type=1400 audit(1768704980.529:575): avc: denied { read } for pid=3046 comm="dhcpcd" name="n25" dev="tmpfs" ino=3667 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 59.302067][ T29] audit: type=1400 audit(1768704980.529:576): avc: denied { open } for pid=3046 comm="dhcpcd" path="/run/udev/data/n25" dev="tmpfs" ino=3667 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 59.336186][ T29] audit: type=1400 audit(1768704980.579:577): avc: denied { getattr } for pid=3046 comm="dhcpcd" path="/run/udev/data/n25" dev="tmpfs" ino=3667 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 59.364457][ T5071] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.371605][ T5071] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.380744][ T5071] bridge_slave_0: entered allmulticast mode [ 59.387606][ T5071] bridge_slave_0: entered promiscuous mode [ 59.395284][ T123] bridge_slave_1: left allmulticast mode [ 59.396197][ T29] audit: type=1400 audit(1768704980.639:578): avc: denied { mount } for pid=5105 comm="syz.3.681" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 59.400960][ T123] bridge_slave_1: left promiscuous mode [ 59.428555][ T123] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.480437][ T123] bridge_slave_0: left allmulticast mode [ 59.486344][ T123] bridge_slave_0: left promiscuous mode [ 59.492099][ T123] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.548529][ T36] kernel write not supported for file [eventfd] (pid: 36 comm: kworker/1:1) [ 59.583192][ T29] audit: type=1400 audit(1768704980.799:579): avc: denied { mounton } for pid=5112 comm="syz.3.684" path="/116/bus" dev="tmpfs" ino=621 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 59.682346][ T123] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 59.696840][ T29] audit: type=1400 audit(1768704980.949:580): avc: denied { setattr } for pid=5124 comm="syz.1.689" name="TIPC" dev="sockfs" ino=11272 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 59.723519][ T123] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 59.763400][ T123] bond0 (unregistering): Released all slaves [ 59.775162][ T5071] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.782328][ T5071] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.822921][ T5071] bridge_slave_1: entered allmulticast mode [ 59.834974][ T5071] bridge_slave_1: entered promiscuous mode [ 59.856563][ T5071] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.867388][ T5071] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.878612][ T29] audit: type=1400 audit(1768704981.129:581): avc: denied { mount } for pid=5135 comm="syz.0.693" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 59.942796][ T29] audit: type=1400 audit(1768704981.179:582): avc: denied { unmount } for pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 60.005420][ T123] hsr_slave_0: left promiscuous mode [ 60.027625][ T123] hsr_slave_1: left promiscuous mode [ 60.040326][ T29] audit: type=1400 audit(1768704981.289:583): avc: denied { create } for pid=5141 comm="dhcpcd-run-hook" name="resolv.conf.eth1.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 60.043859][ T123] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 60.070079][ T123] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 60.118199][ T123] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 60.125689][ T123] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 60.136702][ T29] audit: type=1400 audit(1768704981.319:584): avc: denied { write } for pid=5141 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.eth1.link" dev="tmpfs" ino=3737 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 60.163170][ T123] veth1_macvtap: left promiscuous mode [ 60.168685][ T123] veth0_macvtap: left promiscuous mode [ 60.174999][ T123] veth1_vlan: left promiscuous mode [ 60.180316][ T123] veth0_vlan: left promiscuous mode [ 60.276370][ T123] team0 (unregistering): Port device team_slave_1 removed [ 60.286667][ T123] team0 (unregistering): Port device team_slave_0 removed [ 60.326689][ T5071] team0: Port device team_slave_0 added [ 60.341852][ T5170] syzkaller1: entered promiscuous mode [ 60.347409][ T5170] syzkaller1: entered allmulticast mode [ 60.358477][ T5071] team0: Port device team_slave_1 added [ 60.381601][ T5071] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.388632][ T5071] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 60.414585][ T5071] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.426457][ T5071] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.433523][ T5071] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 60.459512][ T5071] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.500007][ T5179] lo speed is unknown, defaulting to 1000 [ 60.533588][ T5185] loop0: detected capacity change from 0 to 512 [ 60.564020][ T5071] hsr_slave_0: entered promiscuous mode [ 60.570083][ T5071] hsr_slave_1: entered promiscuous mode [ 60.586912][ T5185] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 60.601025][ T5185] ext4 filesystem being mounted at /201/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 60.616177][ T5185] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #2: comm syz.0.704: corrupted inode contents [ 60.663138][ T5185] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #2: comm syz.0.704: mark_inode_dirty error [ 60.674731][ T5185] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #2: comm syz.0.704: corrupted inode contents [ 60.686733][ T5185] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.704: mark_inode_dirty error [ 60.719427][ T123] IPVS: stop unused estimator thread 0... [ 60.786724][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.890966][ T5203] lo speed is unknown, defaulting to 1000 [ 60.956024][ T5071] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 60.981540][ T5071] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 61.000052][ T5071] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 61.022598][ T5071] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 61.241052][ T5071] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.267008][ T5071] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.285050][ T1672] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.292177][ T1672] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.309347][ T123] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.316607][ T123] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.337595][ T5071] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 61.348155][ T5071] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 61.532504][ T5071] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.552489][ T5276] netlink: 'syz.1.724': attribute type 15 has an invalid length. [ 61.597653][ T5283] lo speed is unknown, defaulting to 1000 [ 61.782916][ T5071] veth0_vlan: entered promiscuous mode [ 61.810677][ T5071] veth1_vlan: entered promiscuous mode [ 61.841624][ T5071] veth0_macvtap: entered promiscuous mode [ 61.855083][ T5071] veth1_macvtap: entered promiscuous mode [ 61.874944][ T5071] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.899555][ T5071] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.912840][ T5319] loop3: detected capacity change from 0 to 512 [ 61.919482][ T5319] EXT4-fs: Ignoring removed orlov option [ 61.926065][ T5319] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 61.934301][ T5319] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 61.945314][ T5319] EXT4-fs (loop3): group descriptors corrupted! [ 61.966675][ T1672] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.988805][ T55] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.027266][ T5325] loop3: detected capacity change from 0 to 1024 [ 62.034955][ T55] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.055454][ T5325] EXT4-fs: Ignoring removed bh option [ 62.071885][ T55] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.093188][ T5325] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.116030][ T5325] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.734: Allocating blocks 385-513 which overlap fs metadata [ 62.168106][ T5325] EXT4-fs (loop3): pa ffff888107e03540: logic 16, phys. 129, len 24 [ 62.176231][ T5325] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 8 [ 62.204653][ T5328] loop5: detected capacity change from 0 to 8192 [ 62.218726][ T5328] syz.5.669: attempt to access beyond end of device [ 62.218726][ T5328] loop5: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 62.261942][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.283543][ T5071] FAT-fs (loop5): error, invalid access to FAT (entry 0x0000e1b1) [ 62.291441][ T5071] FAT-fs (loop5): Filesystem has been set read-only [ 62.501972][ T5355] loop0: detected capacity change from 0 to 512 [ 62.524984][ T5355] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.745: bg 0: block 393: padding at end of block bitmap is not set [ 62.566816][ T5355] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6689: Corrupt filesystem [ 62.591237][ T5355] EXT4-fs (loop0): 2 truncates cleaned up [ 62.597604][ T5355] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.620617][ T3521] IPVS: starting estimator thread 0... [ 62.643738][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.712806][ T5363] IPVS: using max 2352 ests per chain, 117600 per kthread [ 62.790118][ T5377] netlink: 67 bytes leftover after parsing attributes in process `syz.4.757'. [ 62.801151][ T3521] lo speed is unknown, defaulting to 1000 [ 62.807019][ T3521] syz1: Port: 1 Link DOWN [ 62.825911][ T3521] lo speed is unknown, defaulting to 1000 [ 63.026840][ T5401] loop3: detected capacity change from 0 to 1024 [ 63.139936][ T5401] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 63.285651][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.376075][ T5403] tun0: tun_chr_ioctl cmd 1074025675 [ 63.381464][ T5403] tun0: persist enabled [ 63.416196][ T5406] tun0: tun_chr_ioctl cmd 1074025675 [ 63.421559][ T5406] tun0: persist enabled [ 63.445341][ T5412] netlink: 'syz.3.768': attribute type 83 has an invalid length. [ 63.716859][ T5438] netlink: 48 bytes leftover after parsing attributes in process `syz.3.779'. [ 63.819389][ T5455] loop0: detected capacity change from 0 to 512 [ 63.830072][ T5455] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 63.847469][ T5455] EXT4-fs (loop0): 1 truncate cleaned up [ 63.854112][ T5455] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 63.917298][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.973548][ T5471] loop4: detected capacity change from 0 to 128 [ 63.980485][ T5471] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 64.000267][ T5472] netlink: 12 bytes leftover after parsing attributes in process `syz.3.792'. [ 64.012876][ T5471] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 64.101162][ T5479] loop1: detected capacity change from 0 to 4096 [ 64.132100][ T5479] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.170777][ T5484] loop3: detected capacity change from 0 to 2048 [ 64.225460][ T3501] Alternate GPT is invalid, using primary GPT. [ 64.231835][ T3501] loop3: p2 p3 p7 [ 64.257221][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.277456][ T5484] Alternate GPT is invalid, using primary GPT. [ 64.284094][ T5484] loop3: p2 p3 p7 [ 64.407021][ T3501] udevd[3501]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 64.415533][ T3502] udevd[3502]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 64.422332][ T3310] udevd[3310]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory [ 64.597149][ T5500] netlink: 27 bytes leftover after parsing attributes in process `syz.5.804'. [ 64.619122][ T29] kauditd_printk_skb: 37 callbacks suppressed [ 64.619174][ T29] audit: type=1400 audit(1768704985.859:622): avc: denied { ioctl } for pid=5499 comm="syz.3.803" path="socket:[12017]" dev="sockfs" ino=12017 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 64.692361][ T837] kworker/u8:6: attempt to access beyond end of device [ 64.692361][ T837] loop4: rw=1, sector=145, nr_sectors = 16 limit=128 [ 64.735415][ T837] kworker/u8:6: attempt to access beyond end of device [ 64.735415][ T837] loop4: rw=1, sector=169, nr_sectors = 8 limit=128 [ 64.751882][ T837] kworker/u8:6: attempt to access beyond end of device [ 64.751882][ T837] loop4: rw=1, sector=185, nr_sectors = 8 limit=128 [ 64.776324][ T837] kworker/u8:6: attempt to access beyond end of device [ 64.776324][ T837] loop4: rw=1, sector=201, nr_sectors = 8 limit=128 [ 64.800724][ T837] kworker/u8:6: attempt to access beyond end of device [ 64.800724][ T837] loop4: rw=1, sector=217, nr_sectors = 8 limit=128 [ 64.822114][ T837] kworker/u8:6: attempt to access beyond end of device [ 64.822114][ T837] loop4: rw=1, sector=233, nr_sectors = 8 limit=128 [ 64.842138][ T837] kworker/u8:6: attempt to access beyond end of device [ 64.842138][ T837] loop4: rw=1, sector=249, nr_sectors = 8 limit=128 [ 64.855755][ T837] kworker/u8:6: attempt to access beyond end of device [ 64.855755][ T837] loop4: rw=1, sector=265, nr_sectors = 8 limit=128 [ 64.869329][ T837] kworker/u8:6: attempt to access beyond end of device [ 64.869329][ T837] loop4: rw=1, sector=281, nr_sectors = 8 limit=128 [ 64.897482][ T837] kworker/u8:6: attempt to access beyond end of device [ 64.897482][ T837] loop4: rw=1, sector=297, nr_sectors = 8 limit=128 [ 64.914952][ T29] audit: type=1400 audit(1768704986.169:623): avc: denied { ioctl } for pid=5511 comm="syz.5.810" path="socket:[12478]" dev="sockfs" ino=12478 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 65.016066][ T29] audit: type=1400 audit(1768704986.239:624): avc: denied { create } for pid=5520 comm="syz.1.815" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 65.036441][ T29] audit: type=1400 audit(1768704986.239:625): avc: denied { write } for pid=5520 comm="syz.1.815" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 65.296838][ T5563] Invalid argument reading file caps for ./file0 [ 65.303484][ T29] audit: type=1400 audit(1768704986.549:626): avc: denied { execute_no_trans } for pid=5562 comm="syz.5.831" path="/20/file0" dev="tmpfs" ino=124 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 65.348411][ T5565] netlink: 8 bytes leftover after parsing attributes in process `syz.5.832'. [ 65.453631][ T29] audit: type=1326 audit(1768704986.699:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5573 comm="syz.5.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4991e7acb9 code=0x7ffc0000 [ 65.476974][ T29] audit: type=1326 audit(1768704986.699:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5573 comm="syz.5.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4991e7acb9 code=0x7ffc0000 [ 65.479352][ T5574] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 65.500305][ T29] audit: type=1326 audit(1768704986.709:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5573 comm="syz.5.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f4991e7acb9 code=0x7ffc0000 [ 65.531811][ T29] audit: type=1326 audit(1768704986.709:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5573 comm="syz.5.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4991e7acb9 code=0x7ffc0000 [ 65.555469][ T5574] EXT4-fs (loop3): invalid journal inode [ 65.561163][ T5574] EXT4-fs (loop3): can't get journal size [ 65.568247][ T29] audit: type=1326 audit(1768704986.709:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5573 comm="syz.5.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4991e7acb9 code=0x7ffc0000 [ 65.592500][ T5574] EXT4-fs (loop3): 1 truncate cleaned up [ 65.598815][ T5574] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 65.616374][ T5574] EXT4-fs warning (device loop3): verify_group_input:137: Cannot add at group 3 (only 1 groups) [ 65.636978][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.060022][ T5617] syzkaller1: entered promiscuous mode [ 66.065721][ T5617] syzkaller1: entered allmulticast mode [ 66.211153][ T5632] set_capacity_and_notify: 4 callbacks suppressed [ 66.211169][ T5632] loop3: detected capacity change from 0 to 128 [ 66.241863][ T5632] FAT-fs (loop3): error, invalid FAT chain (i_pos 548, last_block 8) [ 66.250070][ T5632] FAT-fs (loop3): Filesystem has been set read-only [ 66.257948][ T5632] FAT-fs (loop3): error, corrupted file size (i_pos 548, 522) [ 66.315783][ T5636] loop4: detected capacity change from 0 to 512 [ 66.328746][ T5640] loop3: detected capacity change from 0 to 1024 [ 66.336297][ T5636] EXT4-fs: Ignoring removed oldalloc option [ 66.342580][ T5636] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 66.359504][ T5640] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.372557][ T5636] EXT4-fs (loop4): 1 truncate cleaned up [ 66.381156][ T5636] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.407576][ T5640] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.866: Parent and EA inode have the same ino 15 [ 66.455280][ T5647] loop1: detected capacity change from 0 to 164 [ 66.462433][ T5647] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 66.480534][ T5647] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 66.499448][ T5647] rock: directory entry would overflow storage [ 66.503586][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.505777][ T5647] rock: sig=0x4f50, size=4, remaining=3 [ 66.520258][ T5647] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 66.532536][ T5647] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 66.540845][ T5647] rock: directory entry would overflow storage [ 66.547038][ T5647] rock: sig=0x4f50, size=4, remaining=3 [ 66.552797][ T5647] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 66.564534][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.618205][ T5656] netlink: 4 bytes leftover after parsing attributes in process `syz.5.873'. [ 66.627144][ T5656] netlink: 16 bytes leftover after parsing attributes in process `syz.5.873'. [ 66.652921][ T5657] syzkaller1: entered promiscuous mode [ 66.658449][ T5657] syzkaller1: entered allmulticast mode [ 66.699747][ T5663] loop5: detected capacity change from 0 to 512 [ 66.706655][ T5663] EXT4-fs: Ignoring removed i_version option [ 66.712921][ T5663] EXT4-fs: Ignoring removed nobh option [ 66.737284][ T5663] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 66.752281][ T5663] EXT4-fs (loop5): 1 truncate cleaned up [ 66.758496][ T5663] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.789410][ T5071] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.991030][ T5689] loop4: detected capacity change from 0 to 512 [ 67.030741][ T5689] EXT4-fs (loop4): 1 truncate cleaned up [ 67.058802][ T5689] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.116737][ T5689] EXT4-fs error (device loop4): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.4.888: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0 [ 67.202583][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.287547][ T1672] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.356377][ T1672] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.409332][ T1672] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.466022][ T1672] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.531782][ T5723] lo speed is unknown, defaulting to 1000 [ 67.588879][ T1672] bridge_slave_1: left allmulticast mode [ 67.594882][ T1672] bridge_slave_1: left promiscuous mode [ 67.600551][ T1672] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.626956][ T1672] bridge_slave_0: left allmulticast mode [ 67.632744][ T1672] bridge_slave_0: left promiscuous mode [ 67.638442][ T1672] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.709125][ T5741] netlink: 63 bytes leftover after parsing attributes in process `syz.3.908'. [ 67.755087][ T1672] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 67.765051][ T1672] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 67.774828][ T1672] bond0 (unregistering): Released all slaves [ 67.875241][ T1672] hsr_slave_0: left promiscuous mode [ 67.886933][ T1672] hsr_slave_1: left promiscuous mode [ 67.900173][ T1672] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 67.907684][ T1672] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 67.935288][ T5757] loop4: detected capacity change from 0 to 256 [ 67.942066][ T1672] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 67.949556][ T1672] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 67.980930][ T1672] veth1_macvtap: left promiscuous mode [ 67.991944][ T1672] veth0_macvtap: left promiscuous mode [ 67.997624][ T1672] veth1_vlan: left promiscuous mode [ 68.003112][ T1672] veth0_vlan: left promiscuous mode [ 68.109031][ T1672] team0 (unregistering): Port device team_slave_1 removed [ 68.119744][ T1672] team0 (unregistering): Port device team_slave_0 removed [ 68.290390][ T5723] chnl_net:caif_netlink_parms(): no params data found [ 68.391768][ T5795] loop1: detected capacity change from 0 to 128 [ 68.405035][ T5795] ext4 filesystem being mounted at /191/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 68.427576][ T5791] lo speed is unknown, defaulting to 1000 [ 68.438581][ T5723] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.445918][ T5723] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.453417][ T5723] bridge_slave_0: entered allmulticast mode [ 68.459965][ T5723] bridge_slave_0: entered promiscuous mode [ 68.467558][ T5723] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.474793][ T5723] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.484009][ T5723] bridge_slave_1: entered allmulticast mode [ 68.490500][ T5723] bridge_slave_1: entered promiscuous mode [ 68.508191][ T5723] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.535795][ T5723] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.579061][ T5723] team0: Port device team_slave_0 added [ 68.603967][ T5723] team0: Port device team_slave_1 added [ 68.644759][ T5723] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.651793][ T5723] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 68.678072][ T5723] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.693981][ T5772] netlink: 4 bytes leftover after parsing attributes in process `syz.0.915'. [ 68.703405][ T5723] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.710532][ T5723] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 68.736578][ T5723] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.800053][ T5723] hsr_slave_0: entered promiscuous mode [ 68.818429][ T5723] hsr_slave_1: entered promiscuous mode [ 68.875751][ T5826] loop0: detected capacity change from 0 to 512 [ 68.940810][ T5826] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 68.954848][ T5826] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002] [ 68.963491][ T5826] System zones: 1-12 [ 68.967738][ T5826] EXT4-fs (loop0): 1 truncate cleaned up [ 68.974402][ T5826] EXT4-fs mount: 1 callbacks suppressed [ 68.974420][ T5826] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.010881][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.011249][ T5723] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 69.033159][ T5723] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 69.050229][ T5723] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 69.073690][ T5723] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 69.148000][ T5723] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.173173][ T5723] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.187144][ T1644] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.194368][ T1644] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.221899][ T1644] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.229226][ T1644] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.245119][ T3320] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 69.332205][ T5871] loop1: detected capacity change from 0 to 128 [ 69.346226][ T5723] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.525097][ T5723] veth0_vlan: entered promiscuous mode [ 69.532615][ T5902] EXT4-fs: Ignoring removed mblk_io_submit option [ 69.542628][ T5723] veth1_vlan: entered promiscuous mode [ 69.548896][ T5902] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 69.574148][ T5723] veth0_macvtap: entered promiscuous mode [ 69.584024][ T5902] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.597735][ T5723] veth1_macvtap: entered promiscuous mode [ 69.610398][ T5723] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 69.624485][ T5723] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 69.640470][ T1644] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.643173][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.663234][ T55] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.683239][ T55] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.697106][ T55] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.715721][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 69.715734][ T29] audit: type=1400 audit(1768704990.969:653): avc: denied { mount } for pid=5723 comm="syz-executor" name="/" dev="gadgetfs" ino=4718 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 69.755802][ T5912] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 69.835395][ T5919] Quota error (device loop6): v2_read_file_info: Free block number 1 out of range (1, 6). [ 69.845567][ T5919] EXT4-fs warning (device loop6): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 69.860869][ T5919] EXT4-fs (loop6): mount failed [ 70.232987][ T5943] pim6reg: entered allmulticast mode [ 70.279314][ T5948] pim6reg: left allmulticast mode [ 70.380798][ T5954] EXT4-fs: inline encryption not supported [ 70.449681][ T5954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.468646][ T29] audit: type=1400 audit(1768704991.719:654): avc: denied { map } for pid=5953 comm="syz.4.957" path="/193/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 70.512880][ T29] audit: type=1400 audit(1768704991.719:655): avc: denied { execute } for pid=5953 comm="syz.4.957" path="/193/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 70.590137][ T29] audit: type=1400 audit(1768704991.719:656): avc: denied { ioctl } for pid=5953 comm="syz.4.957" path="/193/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop4" ino=15 ioctlcmd=0x662a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 70.639663][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.674825][ T29] audit: type=1400 audit(1768704991.909:657): avc: denied { bind } for pid=5968 comm="syz.4.964" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 70.755521][ T5979] sd 0:0:1:0: device reset [ 70.777466][ T5982] bio_check_eod: 101 callbacks suppressed [ 70.777484][ T5982] syz.0.968: attempt to access beyond end of device [ 70.777484][ T5982] loop0: rw=2049, sector=154, nr_sectors = 8 limit=128 [ 70.803456][ T5982] syz.0.968: attempt to access beyond end of device [ 70.803456][ T5982] loop0: rw=2049, sector=162, nr_sectors = 2 limit=128 [ 70.819095][ T29] audit: type=1400 audit(1768704992.069:658): avc: denied { create } for pid=5980 comm="syz.3.967" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 70.844228][ T5982] syz.0.968: attempt to access beyond end of device [ 70.844228][ T5982] loop0: rw=8390657, sector=164, nr_sectors = 2 limit=128 [ 70.857908][ T5982] buffer_io_error: 19 callbacks suppressed [ 70.857923][ T5982] Buffer I/O error on dev loop0, logical block 82, lost async page write [ 70.876216][ T5982] syz.0.968: attempt to access beyond end of device [ 70.876216][ T5982] loop0: rw=8390657, sector=166, nr_sectors = 2 limit=128 [ 70.889926][ T5982] Buffer I/O error on dev loop0, logical block 83, lost async page write [ 70.901409][ T5982] syz.0.968: attempt to access beyond end of device [ 70.901409][ T5982] loop0: rw=8390657, sector=168, nr_sectors = 2 limit=128 [ 70.915162][ T5982] Buffer I/O error on dev loop0, logical block 84, lost async page write [ 70.943237][ T29] audit: type=1400 audit(1768704992.119:659): avc: denied { bind } for pid=5980 comm="syz.3.967" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 70.968394][ T5982] syz.0.968: attempt to access beyond end of device [ 70.968394][ T5982] loop0: rw=2049, sector=170, nr_sectors = 8 limit=128 [ 70.995769][ T29] audit: type=1326 audit(1768704992.249:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5996 comm="syz.4.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 71.024258][ T5982] syz.0.968: attempt to access beyond end of device [ 71.024258][ T5982] loop0: rw=2049, sector=178, nr_sectors = 2 limit=128 [ 71.048421][ T29] audit: type=1326 audit(1768704992.269:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5996 comm="syz.4.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 71.074524][ T5982] syz.0.968: attempt to access beyond end of device [ 71.074524][ T5982] loop0: rw=8390657, sector=180, nr_sectors = 2 limit=128 [ 71.088148][ T5982] Buffer I/O error on dev loop0, logical block 90, lost async page write [ 71.101038][ T5982] syz.0.968: attempt to access beyond end of device [ 71.101038][ T5982] loop0: rw=8390657, sector=182, nr_sectors = 2 limit=128 [ 71.114757][ T5982] Buffer I/O error on dev loop0, logical block 91, lost async page write [ 71.145851][ T5982] syz.0.968: attempt to access beyond end of device [ 71.145851][ T5982] loop0: rw=8390657, sector=184, nr_sectors = 2 limit=128 [ 71.159559][ T5982] Buffer I/O error on dev loop0, logical block 92, lost async page write [ 71.170351][ T5982] Buffer I/O error on dev loop0, logical block 102, lost async page write [ 71.179135][ T5982] Buffer I/O error on dev loop0, logical block 103, lost async page write [ 71.187800][ T5982] Buffer I/O error on dev loop0, logical block 104, lost async page write [ 71.199221][ T5982] Buffer I/O error on dev loop0, logical block 106, lost async page write [ 71.240890][ T6017] netlink: 'syz.4.983': attribute type 1 has an invalid length. [ 71.248664][ T6017] netlink: 224 bytes leftover after parsing attributes in process `syz.4.983'. [ 71.377777][ T6026] lo speed is unknown, defaulting to 1000 [ 71.719556][ T23] kernel write not supported for file bpf-prog (pid: 23 comm: kworker/1:0) [ 71.822844][ T6054] netlink: 4 bytes leftover after parsing attributes in process `syz.6.993'. [ 71.832394][ T6054] netlink: 32 bytes leftover after parsing attributes in process `syz.6.993'. [ 71.836444][ T6056] set_capacity_and_notify: 5 callbacks suppressed [ 71.836486][ T6056] loop0: detected capacity change from 0 to 128 [ 71.843619][ T6054] netlink: 56 bytes leftover after parsing attributes in process `syz.6.993'. [ 71.849869][ T6056] EXT4-fs: Ignoring removed nobh option [ 71.871941][ T6056] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 71.884346][ T6056] ext4 filesystem being mounted at /244/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 71.925969][ T3317] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 72.060000][ T6081] Invalid ELF header magic: != ELF [ 72.255359][ T6096] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1011'. [ 72.335159][ T6104] batadv_slave_1: entered promiscuous mode [ 72.343350][ T6103] batadv_slave_1: left promiscuous mode [ 72.466024][ T6122] loop0: detected capacity change from 0 to 128 [ 72.539644][ T23] kernel write not supported for file bpf-prog (pid: 23 comm: kworker/1:0) [ 72.589600][ T23] kernel write not supported for file bpf-prog (pid: 23 comm: kworker/1:0) [ 72.881267][ T6163] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l0 [ 73.003255][ T6177] loop6: detected capacity change from 0 to 128 [ 73.427043][ T6222] loop0: detected capacity change from 0 to 256 [ 73.678958][ T6241] loop4: detected capacity change from 0 to 1024 [ 73.763988][ T6241] EXT4-fs: inline encryption not supported [ 73.775278][ T6241] EXT4-fs (loop4): orphan cleanup on readonly fs [ 73.782644][ T6241] EXT4-fs (loop4): 1 truncate cleaned up [ 73.791141][ T6241] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 73.817177][ T6252] team0 (unregistering): Port device team_slave_0 removed [ 73.870295][ T6252] team0 (unregistering): Port device team_slave_1 removed [ 73.924671][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.013897][ T6282] usb usb1: usbfs: process 6282 (syz.0.1079) did not claim interface 0 before use [ 74.065999][ T6289] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=6289 comm=syz.3.1082 [ 74.149317][ T6297] loop3: detected capacity change from 0 to 1024 [ 74.158570][ T6297] EXT4-fs: inline encryption not supported [ 74.164519][ T6297] EXT4-fs: Ignoring removed oldalloc option [ 74.170842][ T6297] EXT4-fs: inline encryption not supported [ 74.176826][ T6297] EXT4-fs: Ignoring removed orlov option [ 74.196089][ T6297] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.835670][ T29] kauditd_printk_skb: 35 callbacks suppressed [ 74.835725][ T29] audit: type=1400 audit(1768704996.089:697): avc: denied { mount } for pid=6348 comm="syz.0.1102" name="/" dev="hugetlbfs" ino=15104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 74.874218][ T29] audit: type=1400 audit(1768704996.089:698): avc: denied { create } for pid=6348 comm="syz.0.1102" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=chr_file permissive=1 [ 74.933561][ T6353] loop1: detected capacity change from 0 to 512 [ 74.940194][ T6353] EXT4-fs: Ignoring removed i_version option [ 74.946318][ T6353] EXT4-fs: Ignoring removed nobh option [ 74.957015][ T6353] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 74.986641][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.996216][ T6353] EXT4-fs (loop1): 1 truncate cleaned up [ 75.008366][ T6357] netlink: 'syz.4.1103': attribute type 4 has an invalid length. [ 75.018745][ T6353] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.075675][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.109881][ T6367] Invalid argument reading file caps for ./file0 [ 75.152040][ T6371] loop0: detected capacity change from 0 to 512 [ 75.173440][ T6371] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 75.181867][ T29] audit: type=1400 audit(1768704996.429:699): avc: denied { bind } for pid=6374 comm="syz.1.1116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 75.183151][ T6371] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #13: comm syz.0.1112: iget: bad i_size value: 12154757448730 [ 75.223012][ T6371] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1112: couldn't read orphan inode 13 (err -117) [ 75.261583][ T6371] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.282938][ T6371] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 75.320042][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.335212][ T6388] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1120'. [ 75.447721][ T29] audit: type=1400 audit(1768704996.699:700): avc: denied { bind } for pid=6405 comm="syz.3.1128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 75.530391][ T1672] tipc: Subscription rejected, illegal request [ 75.764482][ T6451] gre0: entered promiscuous mode [ 75.769575][ T6451] gre0: entered allmulticast mode [ 75.894671][ T29] audit: type=1326 audit(1768704997.149:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6464 comm="syz.4.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 75.962522][ T29] audit: type=1326 audit(1768704997.179:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6464 comm="syz.4.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 75.986175][ T29] audit: type=1326 audit(1768704997.179:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6464 comm="syz.4.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 76.009612][ T29] audit: type=1326 audit(1768704997.179:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6464 comm="syz.4.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 76.033075][ T29] audit: type=1326 audit(1768704997.179:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6464 comm="syz.4.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 76.056349][ T29] audit: type=1326 audit(1768704997.179:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6464 comm="syz.4.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 76.092150][ T6470] pim6reg1: entered allmulticast mode [ 76.173772][ T6473] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1158'. [ 76.225490][ T6475] loop0: detected capacity change from 0 to 2048 [ 76.234578][ T6475] EXT4-fs: Ignoring removed nobh option [ 76.240304][ T6475] EXT4-fs: Ignoring removed nobh option [ 76.246129][ T6475] EXT4-fs: inline encryption not supported [ 76.272182][ T6475] EXT4-fs (loop0): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.305564][ T3317] EXT4-fs (loop0): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 76.467768][ T6485] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13 sclass=netlink_route_socket pid=6485 comm=syz.6.1162 [ 76.480983][ T6485] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13 sclass=netlink_route_socket pid=6485 comm=syz.6.1162 [ 76.795644][ T6518] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1177'. [ 76.899937][ T6532] loop6: detected capacity change from 0 to 256 [ 77.104686][ T6547] loop4: detected capacity change from 0 to 128 [ 77.111525][ T6547] vfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ18446744073709551615ÿÿÿÿÿÿÿÿÿ|ª÷¿»ÖÈÕ9ô(›ßC˜©’-´Ó«âcnß°ÉŸI*ºÍE¢wD\<ØUÒ ÉÊè1È$ê4Á¼|61%ðH†\ݶõs—ª£»ò'£|‚\êPh­ £d°øçB [ 77.111525][ T6547] »lgåliñ³Ókí·^ŒÉç¨öFº B XŸ0Z¤_Lºî~´H[2žàÕ¤Údß‚ýöŸ“ãùË ü¾5I5C´º„†iÆ(ÁÎ|õî)ö¿HÂ' [ 77.179376][ T6549] loop4: detected capacity change from 0 to 512 [ 77.186635][ T6549] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 77.216988][ T6549] EXT4-fs (loop4): 1 truncate cleaned up [ 77.223227][ T6549] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.257911][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.282534][ T6560] batadv_slave_1: entered promiscuous mode [ 77.295057][ T6559] batadv_slave_1: left promiscuous mode [ 77.387885][ T6565] loop4: detected capacity change from 0 to 8192 [ 77.412308][ T6565] bio_check_eod: 74 callbacks suppressed [ 77.412326][ T6565] syz.4.1198: attempt to access beyond end of device [ 77.412326][ T6565] loop4: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 77.438346][ T6569] loop6: detected capacity change from 0 to 1024 [ 77.445466][ T6569] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 77.456441][ T6569] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 77.466313][ T6565] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 77.474240][ T6565] FAT-fs (loop4): Filesystem has been set read-only [ 77.485011][ T6569] JBD2: no valid journal superblock found [ 77.490851][ T6569] EXT4-fs (loop6): Could not load journal inode [ 77.498031][ T6565] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 77.507213][ T6565] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 77.603926][ T6578] lo speed is unknown, defaulting to 1000 [ 77.630826][ T6585] geneve2: entered promiscuous mode [ 77.648916][ T837] netdevsim netdevsim4 eth0: set [1, 1] type 2 family 0 port 54703 - 0 [ 77.658447][ T837] netdevsim netdevsim4 eth1: set [1, 1] type 2 family 0 port 54703 - 0 [ 77.674517][ T837] netdevsim netdevsim4 eth2: set [1, 1] type 2 family 0 port 54703 - 0 [ 77.688553][ T837] netdevsim netdevsim4 eth3: set [1, 1] type 2 family 0 port 54703 - 0 [ 77.961466][ T6608] loop1: detected capacity change from 0 to 2048 [ 77.988892][ T6608] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.106844][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.189228][ T6620] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 78.217550][ T6625] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 78.271559][ T6630] netlink: 'syz.1.1227': attribute type 39 has an invalid length. [ 78.397622][ T6635] loop0: detected capacity change from 0 to 8192 [ 78.407309][ T6642] loop4: detected capacity change from 0 to 512 [ 78.460791][ T6642] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.475487][ T6642] ext4 filesystem being mounted at /262/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 78.492929][ T6642] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #2: comm syz.4.1230: corrupted inode contents [ 78.505303][ T6642] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #2: comm syz.4.1230: mark_inode_dirty error [ 78.516940][ T6642] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #2: comm syz.4.1230: corrupted inode contents [ 78.529370][ T6642] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.1230: mark_inode_dirty error [ 78.543978][ T6642] EXT4-fs warning (device loop4): ext4_empty_dir:3087: inode #18: comm syz.4.1230: directory missing '.' [ 78.626072][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.861528][ T6684] loop1: detected capacity change from 0 to 512 [ 78.873113][ T6684] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.1251: inode has both inline data and extents flags [ 78.887060][ T6684] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1251: couldn't read orphan inode 15 (err -117) [ 78.900407][ T6684] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.953751][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.039144][ T6696] sctp: [Deprecated]: syz.1.1257 (pid 6696) Use of struct sctp_assoc_value in delayed_ack socket option. [ 79.039144][ T6696] Use struct sctp_sack_info instead [ 79.073505][ T6700] loop4: detected capacity change from 0 to 512 [ 79.098476][ T6703] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1259'. [ 79.116043][ T6700] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.142823][ T6700] ext4 filesystem being mounted at /266/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.157648][ T6708] netlink: 'syz.0.1263': attribute type 39 has an invalid length. [ 79.188593][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.254896][ T6722] EXT4-fs: Ignoring removed bh option [ 79.260358][ T6722] EXT4-fs: Ignoring removed mblk_io_submit option [ 79.323395][ T6722] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.342910][ T6722] ext4 filesystem being mounted at /267/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 79.439994][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.484032][ T6746] EXT4-fs: Ignoring removed nobh option [ 79.493823][ T6744] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1277'. [ 79.503013][ T6744] netlink: 212 bytes leftover after parsing attributes in process `syz.3.1277'. [ 79.542813][ T6744] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1277'. [ 79.573755][ T6746] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.596285][ T6746] ext4 filesystem being mounted at /308/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 79.605165][ T6758] netlink: 'syz.4.1282': attribute type 39 has an invalid length. [ 79.675544][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.748731][ T6771] lo speed is unknown, defaulting to 1000 [ 79.768245][ T6776] batadv_slave_0: entered promiscuous mode [ 79.798320][ T6775] batadv_slave_0: left promiscuous mode [ 79.890143][ T6792] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1297'. [ 79.899182][ T6792] netlink: 'syz.4.1297': attribute type 20 has an invalid length. [ 79.907055][ T6792] netlink: 'syz.4.1297': attribute type 21 has an invalid length. [ 80.166620][ T6801] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.247338][ T6801] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 80.263017][ T6813] SELinux: failed to load policy [ 80.313295][ T6801] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 80.325824][ T6801] EXT4-fs (loop0): This should not happen!! Data will be lost [ 80.325824][ T6801] [ 80.335526][ T6801] EXT4-fs (loop0): Total free blocks count 0 [ 80.341648][ T6801] EXT4-fs (loop0): Free/Dirty block details [ 80.347614][ T6801] EXT4-fs (loop0): free_blocks=2415919504 [ 80.353411][ T6801] EXT4-fs (loop0): dirty_blocks=32 [ 80.358538][ T6801] EXT4-fs (loop0): Block reservation details [ 80.364637][ T6801] EXT4-fs (loop0): i_reserved_data_blocks=2 [ 80.408688][ T6801] syz.0.1302 (6801) used greatest stack depth: 9504 bytes left [ 80.438276][ T6820] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 80.463146][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.533847][ T6830] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1308'. [ 80.624736][ T29] kauditd_printk_skb: 73 callbacks suppressed [ 80.624754][ T29] audit: type=1400 audit(1768705001.879:780): avc: denied { map } for pid=6834 comm="syz.4.1310" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 80.655083][ T29] audit: type=1400 audit(1768705001.879:781): avc: denied { execute } for pid=6834 comm="syz.4.1310" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 80.948580][ T29] audit: type=1326 audit(1768705002.199:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6867 comm="syz.4.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 80.972135][ T29] audit: type=1326 audit(1768705002.199:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6867 comm="syz.4.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 81.000090][ T29] audit: type=1326 audit(1768705002.249:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6867 comm="syz.4.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 81.076291][ T29] audit: type=1326 audit(1768705002.249:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6867 comm="syz.4.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 81.099763][ T29] audit: type=1326 audit(1768705002.249:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6867 comm="syz.4.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 81.123213][ T29] audit: type=1326 audit(1768705002.279:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6867 comm="syz.4.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 81.146547][ T29] audit: type=1326 audit(1768705002.279:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6867 comm="syz.4.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 81.169922][ T29] audit: type=1326 audit(1768705002.279:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6867 comm="syz.4.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 81.235540][ T6895] EXT4-fs: Ignoring removed nobh option [ 81.255579][ T6895] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.292088][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.542465][ T6946] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1341'. [ 81.568068][ T6946] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1341'. [ 81.579392][ T6946] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1341'. [ 81.821786][ T6986] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.834608][ T6986] ext4 filesystem being mounted at /267/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.857565][ T6990] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1360'. [ 81.870368][ T6990] hsr_slave_1 (unregistering): left promiscuous mode [ 81.871151][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.904766][ T6993] netlink: 'syz.3.1361': attribute type 3 has an invalid length. [ 81.912821][ T6993] netlink: 'syz.3.1361': attribute type 7 has an invalid length. [ 81.920803][ T6993] netlink: 'syz.3.1361': attribute type 8 has an invalid length. [ 81.928759][ T6993] netlink: 'syz.3.1361': attribute type 7 has an invalid length. [ 81.936792][ T6993] netlink: 198788 bytes leftover after parsing attributes in process `syz.3.1361'. [ 81.957721][ T123] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.974380][ T6995] set_capacity_and_notify: 5 callbacks suppressed [ 81.974397][ T6995] loop0: detected capacity change from 0 to 128 [ 82.060713][ T123] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.162004][ T7000] loop1: detected capacity change from 0 to 8192 [ 82.208609][ T123] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.255620][ T7010] loop1: detected capacity change from 0 to 512 [ 82.262263][ T7010] EXT4-fs: Ignoring removed nobh option [ 82.294836][ T123] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.338752][ T7010] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.358669][ T7010] ext4 filesystem being mounted at /272/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 82.476090][ T123] bridge_slave_1: left allmulticast mode [ 82.481787][ T123] bridge_slave_1: left promiscuous mode [ 82.487563][ T123] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.553990][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.604555][ T123] bridge_slave_0: left allmulticast mode [ 82.610247][ T123] bridge_slave_0: left promiscuous mode [ 82.616030][ T123] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.766240][ T7055] Invalid ELF header magic: != ELF [ 82.984343][ T123] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 82.994756][ T123] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 83.004497][ T123] bond0 (unregistering): Released all slaves [ 83.012430][ T123] bond1 (unregistering): Released all slaves [ 83.078073][ T7002] lo speed is unknown, defaulting to 1000 [ 83.328696][ T3504] kernel write not supported for file bpf-prog (pid: 3504 comm: kworker/0:9) [ 83.415616][ T123] hsr_slave_0: left promiscuous mode [ 83.427132][ T123] hsr_slave_1: left promiscuous mode [ 83.442229][ T123] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 83.449767][ T123] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 83.466935][ T123] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 83.474464][ T123] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 83.486049][ T123] veth1_macvtap: left promiscuous mode [ 83.491680][ T123] veth0_macvtap: left promiscuous mode [ 83.497436][ T123] veth1_vlan: left promiscuous mode [ 83.508158][ T7102] loop1: detected capacity change from 0 to 1024 [ 83.514935][ T123] veth0_vlan: left promiscuous mode [ 83.548949][ T7102] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.591347][ T7102] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: comm syz.1.1393: inode #813183037: comm syz.1.1393: iget: illegal inode # [ 83.607034][ T7102] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.1393: error while reading EA inode 813183037 err=-117 [ 83.658863][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.670226][ T123] team0 (unregistering): Port device team_slave_1 removed [ 83.683631][ T123] team0 (unregistering): Port device team_slave_0 removed [ 83.710386][ T7117] loop3: detected capacity change from 0 to 512 [ 83.726056][ T7117] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.744228][ T7117] ext4 filesystem being mounted at /286/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.773736][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.831893][ T7002] chnl_net:caif_netlink_parms(): no params data found [ 83.933175][ T7002] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.940301][ T7002] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.948388][ T7002] bridge_slave_0: entered allmulticast mode [ 83.966463][ T7002] bridge_slave_0: entered promiscuous mode [ 83.973622][ T7002] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.980708][ T7002] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.988070][ T7002] bridge_slave_1: entered allmulticast mode [ 83.994710][ T7002] bridge_slave_1: entered promiscuous mode [ 84.014069][ T7002] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.024999][ T7002] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.112950][ T7002] team0: Port device team_slave_0 added [ 84.119976][ T7002] team0: Port device team_slave_1 added [ 84.172099][ T7002] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 84.179253][ T7002] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 84.205308][ T7002] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 84.240151][ T7002] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 84.247197][ T7002] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 84.273169][ T7002] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 84.306477][ T7002] hsr_slave_0: entered promiscuous mode [ 84.312596][ T7002] hsr_slave_1: entered promiscuous mode [ 84.413795][ T7002] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 84.423586][ T7002] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 84.463888][ T7002] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 84.528543][ T7002] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 84.552003][ T7002] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.559145][ T7002] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.566489][ T7002] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.573574][ T7002] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.611341][ T7002] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.626715][ T123] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.635741][ T123] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.650855][ T7002] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.674786][ T7181] loop0: detected capacity change from 0 to 512 [ 84.694504][ T123] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.701620][ T123] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.710870][ T7181] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.724806][ T7181] ext4 filesystem being mounted at /338/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.758168][ T123] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.765380][ T123] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.819250][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.858654][ T7199] loop3: detected capacity change from 0 to 1024 [ 84.868062][ T7199] EXT4-fs: Ignoring removed bh option [ 84.873644][ T7002] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.903841][ T7199] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 84.956896][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.101132][ T7230] loop4: detected capacity change from 0 to 512 [ 85.111870][ T7002] veth0_vlan: entered promiscuous mode [ 85.135592][ T7002] veth1_vlan: entered promiscuous mode [ 85.135947][ T7230] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback. [ 85.156281][ T7002] veth0_macvtap: entered promiscuous mode [ 85.167549][ T7002] veth1_macvtap: entered promiscuous mode [ 85.188232][ T7002] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.198361][ T7230] ext4 filesystem being mounted at /297/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.211014][ T7002] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.233112][ T1644] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.244208][ T7230] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.1420: path /297/file0: bad entry in directory: directory entry overrun - offset=60, inode=113, rec_len=2048, size=2048 fake=0 [ 85.266106][ T7230] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 12: comm syz.4.1420: path /297/file0: bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0 [ 85.287006][ T7230] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 13: comm syz.4.1420: path /297/file0: bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0 [ 85.295398][ T1644] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.331425][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0007-000000000000. [ 85.348432][ T1644] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.357664][ T1644] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.556375][ T7264] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1431'. [ 85.593287][ T7264] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1431'. [ 85.949589][ T7293] loop0: detected capacity change from 0 to 2048 [ 85.984426][ T7293] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.084566][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.152445][ T7308] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1447'. [ 86.175554][ T7308] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1447'. [ 86.355456][ T7315] netlink: 'syz.7.1449': attribute type 12 has an invalid length. [ 86.355867][ T7313] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 86.363710][ T7315] netlink: 'syz.7.1449': attribute type 29 has an invalid length. [ 86.382943][ T7315] netlink: 148 bytes leftover after parsing attributes in process `syz.7.1449'. [ 86.464208][ T7321] netlink: 'syz.7.1452': attribute type 4 has an invalid length. [ 86.472855][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 86.481063][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 86.489278][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 86.527878][ T29] kauditd_printk_skb: 33 callbacks suppressed [ 86.527894][ T29] audit: type=1326 audit(1768705007.779:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7323 comm="syz.7.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb43985acb9 code=0x7ffc0000 [ 86.570047][ T29] audit: type=1326 audit(1768705007.819:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7323 comm="syz.7.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fb43985acb9 code=0x7ffc0000 [ 86.593440][ T29] audit: type=1326 audit(1768705007.819:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7323 comm="syz.7.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb43985acb9 code=0x7ffc0000 [ 86.616795][ T29] audit: type=1326 audit(1768705007.819:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7323 comm="syz.7.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb43985acb9 code=0x7ffc0000 [ 86.640294][ T29] audit: type=1326 audit(1768705007.819:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7323 comm="syz.7.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb43985acb9 code=0x7ffc0000 [ 86.663790][ T29] audit: type=1326 audit(1768705007.819:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7323 comm="syz.7.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb43985acb9 code=0x7ffc0000 [ 86.687210][ T29] audit: type=1326 audit(1768705007.819:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7323 comm="syz.7.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb43985acb9 code=0x7ffc0000 [ 86.710675][ T29] audit: type=1326 audit(1768705007.819:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7323 comm="syz.7.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb43985acb9 code=0x7ffc0000 [ 86.734285][ T29] audit: type=1326 audit(1768705007.819:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7323 comm="syz.7.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb43985acb9 code=0x7ffc0000 [ 86.757636][ T29] audit: type=1326 audit(1768705007.819:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7323 comm="syz.7.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb43985acb9 code=0x7ffc0000 [ 86.806981][ T7329] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1456'. [ 86.850412][ T7331] loop4: detected capacity change from 0 to 1024 [ 86.860861][ T7335] vcan0: tx drop: invalid sa for name 0xfffffffffffffffc [ 86.871777][ T7331] EXT4-fs: Ignoring removed bh option [ 86.890810][ T7339] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1462'. [ 86.916754][ T7331] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.978818][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.997482][ T7349] loop0: detected capacity change from 0 to 1024 [ 87.020314][ T7349] EXT4-fs: Ignoring removed orlov option [ 87.061312][ T7349] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.155678][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.237008][ T7354] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 87.252376][ T7354] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 87.349964][ T7388] loop1: detected capacity change from 0 to 4096 [ 87.373644][ T7388] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.437382][ T7400] loop4: detected capacity change from 0 to 256 [ 87.474589][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.525213][ T7405] macvlan2: entered promiscuous mode [ 87.531091][ T7405] batman_adv: batadv0: Adding interface: macvlan2 [ 87.537584][ T7405] batman_adv: batadv0: The MTU of interface macvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.563916][ T7405] batman_adv: batadv0: Not using interface macvlan2 (retrying later): interface not active [ 87.780227][ T7427] loop4: detected capacity change from 0 to 512 [ 87.805660][ T7427] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 87.899149][ T7427] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.921829][ T7427] ext4 filesystem being mounted at /316/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 87.965228][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.039632][ T7444] loop3: detected capacity change from 0 to 4096 [ 88.081926][ T7444] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.104567][ T7444] EXT4-fs (loop3): shut down requested (1) [ 88.163414][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.297524][ T7477] netlink: 'syz.3.1519': attribute type 3 has an invalid length. [ 88.305353][ T7477] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1519'. [ 88.355322][ T7486] sctp: [Deprecated]: syz.3.1526 (pid 7486) Use of int in max_burst socket option. [ 88.355322][ T7486] Use struct sctp_assoc_value instead [ 88.520539][ T7502] netlink: 'syz.3.1534': attribute type 12 has an invalid length. [ 88.528463][ T7502] netlink: 'syz.3.1534': attribute type 29 has an invalid length. [ 88.536326][ T7502] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1534'. [ 88.545441][ T7502] netlink: 51 bytes leftover after parsing attributes in process `syz.3.1534'. [ 88.571094][ T7500] lo speed is unknown, defaulting to 1000 [ 88.654493][ T7503] lo speed is unknown, defaulting to 1000 [ 88.801488][ T7521] loop3: detected capacity change from 0 to 1024 [ 88.808473][ T7522] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 88.812436][ T7521] EXT4-fs: inline encryption not supported [ 88.859223][ T7521] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.931680][ T7521] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.1541: Allocating blocks 385-513 which overlap fs metadata [ 88.978139][ T7521] EXT4-fs (loop3): pa ffff888105f74380: logic 16, phys. 129, len 24 [ 88.986290][ T7521] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 8 [ 88.997695][ T7521] EXT4-fs error (device loop3): mb_free_blocks:2037: group 0, inode 15: block 337:freeing already freed block (bit 21); block bitmap corrupt. [ 89.060614][ T7547] loop1: detected capacity change from 0 to 512 [ 89.142189][ T7553] loop1: detected capacity change from 0 to 512 [ 89.155625][ T7559] loop3: detected capacity change from 0 to 256 [ 89.182242][ T7553] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 89.193829][ T7553] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it [ 89.204036][ T7553] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.1555: Corrupt directory, running e2fsck is recommended [ 89.249043][ T7553] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 89.257524][ T7553] EXT4-fs error (device loop1): ext4_iget_extra_inode:5073: inode #15: comm syz.1.1555: corrupted in-inode xattr: invalid ea_ino [ 89.271893][ T7553] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1555: couldn't read orphan inode 15 (err -117) [ 89.333073][ T7572] pimreg: entered allmulticast mode [ 89.356192][ T7553] EXT4-fs (loop1): shut down requested (1) [ 89.398773][ T7579] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=263 sclass=netlink_audit_socket pid=7579 comm=syz.3.1567 [ 89.616760][ T7607] capability: warning: `syz.3.1580' uses 32-bit capabilities (legacy support in use) [ 89.727133][ T7620] loop0: detected capacity change from 0 to 1024 [ 89.742369][ T7620] EXT4-fs: Ignoring removed bh option [ 89.779954][ T23] IPVS: starting estimator thread 0... [ 89.872779][ T7630] IPVS: using max 1824 ests per chain, 91200 per kthread [ 89.910640][ T7649] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.482945][ T7672] futex_wake_op: syz.1.1607 tries to shift op by -1; fix this program [ 90.636289][ T7694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 90.644647][ T7694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 90.652905][ T7694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 90.664593][ T2639] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 90.672933][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 90.690056][ T7694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 91.081759][ T7702] all (unregistering): Released all slaves [ 91.097006][ T7719] __nla_validate_parse: 4 callbacks suppressed [ 91.097041][ T7719] netlink: 27 bytes leftover after parsing attributes in process `syz.0.1627'. [ 91.254873][ T7740] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1636'. [ 91.263941][ T7740] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1636'. [ 91.567191][ T7776] ext4 filesystem being mounted at /418/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.924484][ T1038] net_ratelimit: 6 callbacks suppressed [ 91.924515][ T1038] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 91.971364][ T7798] EXT4-fs: Ignoring removed bh option [ 92.141003][ T29] kauditd_printk_skb: 48 callbacks suppressed [ 92.141018][ T29] audit: type=1400 audit(1768705013.395:881): avc: denied { bind } for pid=7807 comm="syz.7.1666" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 92.176431][ T29] audit: type=1400 audit(1768705013.425:882): avc: denied { write } for pid=7807 comm="syz.7.1666" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 92.209030][ T7811] netdevsim netdevsim7: Direct firmware load for / [ 92.209030][ T7811] failed with error -2 [ 92.307816][ T29] audit: type=1400 audit(1768705013.565:883): avc: denied { create } for pid=7817 comm="syz.1.1670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 92.408460][ T7825] set_capacity_and_notify: 4 callbacks suppressed [ 92.408475][ T7825] loop7: detected capacity change from 0 to 512 [ 92.441183][ T7825] ext4 filesystem being mounted at /47/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 92.588159][ T7824] syz.7.1673 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 92.599209][ T7824] CPU: 0 UID: 0 PID: 7824 Comm: syz.7.1673 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 92.599264][ T7824] Tainted: [W]=WARN [ 92.599273][ T7824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 92.599290][ T7824] Call Trace: [ 92.599340][ T7824] [ 92.599351][ T7824] __dump_stack+0x1d/0x30 [ 92.599381][ T7824] dump_stack_lvl+0x95/0xd0 [ 92.599409][ T7824] dump_stack+0x15/0x1b [ 92.599450][ T7824] dump_header+0x80/0x240 [ 92.599476][ T7824] oom_kill_process+0x295/0x350 [ 92.599504][ T7824] out_of_memory+0x97d/0xb80 [ 92.599527][ T7824] try_charge_memcg+0x62e/0xa10 [ 92.599593][ T7824] charge_memcg+0x51/0xc0 [ 92.599638][ T7824] mem_cgroup_swapin_charge_folio+0xcc/0x150 [ 92.599713][ T7824] __read_swap_cache_async+0x17b/0x2d0 [ 92.599770][ T7824] swap_cluster_readahead+0x262/0x3c0 [ 92.599822][ T7824] swapin_readahead+0xde/0x840 [ 92.599930][ T7824] ? kvm_sched_clock_read+0x11/0x20 [ 92.600028][ T7824] ? sched_clock+0x3f/0x60 [ 92.600093][ T7824] ? __perf_event_task_sched_in+0xa65/0xad0 [ 92.600216][ T7824] ? __rcu_read_unlock+0x4e/0x70 [ 92.600236][ T7824] ? swap_cache_get_folio+0x26f/0x280 [ 92.600300][ T7824] do_swap_page+0x2f4/0x2140 [ 92.600329][ T7824] ? _raw_spin_unlock+0x26/0x50 [ 92.600354][ T7824] ? finish_task_switch+0x79/0x280 [ 92.600452][ T7824] ? __schedule+0x82d/0xc90 [ 92.600478][ T7824] ? __pfx_default_wake_function+0x10/0x10 [ 92.600593][ T7824] handle_mm_fault+0xb40/0x3030 [ 92.600705][ T7824] ? vma_start_read+0x1c7/0x2c0 [ 92.600781][ T7824] do_user_addr_fault+0x62f/0x1050 [ 92.600808][ T7824] exc_page_fault+0x62/0xa0 [ 92.600880][ T7824] asm_exc_page_fault+0x26/0x30 [ 92.600902][ T7824] RIP: 0033:0x7fb43981b58e [ 92.600917][ T7824] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 92.600982][ T7824] RSP: 002b:00007ffd3663d788 EFLAGS: 00010246 [ 92.600996][ T7824] RAX: 0000000000000000 RBX: 0000555565a9d500 RCX: 00007fb43981b58e [ 92.601007][ T7824] RDX: 00007ffd3663d7e0 RSI: 0000000000000000 RDI: 0000000000000000 [ 92.601018][ T7824] RBP: 00007fb439ad7da0 R08: 0000000000000000 R09: 0000000000000000 [ 92.601032][ T7824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000016c28 [ 92.601043][ T7824] R13: 00007fb439ad5fac R14: 0000000000016956 R15: 00007ffd3663d910 [ 92.601059][ T7824] [ 92.601065][ T7824] memory: usage 306160kB, limit 307200kB, failcnt 200 [ 92.847504][ T7824] memory+swap: usage 240096kB, limit 9007199254740988kB, failcnt 0 [ 92.855543][ T7824] kmem: usage 239424kB, limit 9007199254740988kB, failcnt 0 [ 92.862982][ T7824] Memory cgroup stats for /syz7: [ 92.925823][ T7836] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1675'. [ 93.084287][ T7824] cache 16384 [ 93.087630][ T7824] rss 4096 [ 93.090721][ T7824] shmem 0 [ 93.093729][ T7824] mapped_file 0 [ 93.097336][ T7824] dirty 0 [ 93.100281][ T7824] writeback 0 [ 93.103629][ T7824] workingset_refault_anon 8 [ 93.108187][ T7824] workingset_refault_file 0 [ 93.112752][ T7824] swap 512000 [ 93.116200][ T7824] swapcached 12288 [ 93.120075][ T7824] pgpgin 2097 [ 93.123443][ T7824] pgpgout 2090 [ 93.126842][ T7824] pgfault 5005 [ 93.130255][ T7824] pgmajfault 5 [ 93.133786][ T7824] inactive_anon 0 [ 93.137439][ T7824] active_anon 12288 [ 93.141288][ T7824] inactive_file 0 [ 93.144985][ T7824] active_file 16384 [ 93.148862][ T7824] unevictable 0 [ 93.152332][ T7824] hierarchical_memory_limit 314572800 [ 93.157762][ T7824] hierarchical_memsw_limit 9223372036854771712 [ 93.163986][ T7824] total_cache 16384 [ 93.167812][ T7824] total_rss 4096 [ 93.171455][ T7824] total_shmem 0 [ 93.174969][ T7824] total_mapped_file 0 [ 93.178972][ T7824] total_dirty 0 [ 93.182441][ T7824] total_writeback 0 [ 93.186312][ T7824] total_workingset_refault_anon 8 [ 93.191345][ T7824] total_workingset_refault_file 0 [ 93.197285][ T7824] total_swap 512000 [ 93.201117][ T7824] total_swapcached 12288 [ 93.205673][ T7824] total_pgpgin 2097 [ 93.209505][ T7824] total_pgpgout 2090 [ 93.213447][ T7824] total_pgfault 5005 [ 93.217439][ T7824] total_pgmajfault 5 [ 93.221342][ T7824] total_inactive_anon 0 [ 93.225640][ T7824] total_active_anon 12288 [ 93.230025][ T7824] total_inactive_file 0 [ 93.234273][ T7824] total_active_file 16384 [ 93.238686][ T7824] total_unevictable 0 [ 93.242700][ T7824] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz7,task_memcg=/syz7,task=syz.7.1673,pid=7824,uid=0 [ 93.257437][ T7824] Memory cgroup out of memory: Killed process 7824 (syz.7.1673) total-vm:96048kB, anon-rss:1204kB, file-rss:22288kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 93.548533][ T7862] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7862 comm=syz.3.1687 [ 93.615731][ T29] audit: type=1326 audit(1768705014.875:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7865 comm="syz.4.1690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 93.639244][ T29] audit: type=1326 audit(1768705014.875:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7865 comm="syz.4.1690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 93.662695][ T29] audit: type=1326 audit(1768705014.875:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7865 comm="syz.4.1690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 93.686108][ T29] audit: type=1326 audit(1768705014.875:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7865 comm="syz.4.1690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 93.709507][ T29] audit: type=1326 audit(1768705014.875:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7865 comm="syz.4.1690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 93.732908][ T29] audit: type=1326 audit(1768705014.875:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7865 comm="syz.4.1690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 93.756488][ T29] audit: type=1326 audit(1768705014.875:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7865 comm="syz.4.1690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e640acb9 code=0x7ffc0000 [ 93.815587][ T7873] netlink: 'syz.3.1692': attribute type 13 has an invalid length. [ 93.823641][ T7873] netlink: 24859 bytes leftover after parsing attributes in process `syz.3.1692'. [ 93.898783][ T7880] netlink: 'syz.1.1696': attribute type 4 has an invalid length. [ 93.920227][ T7881] loop7: detected capacity change from 0 to 1024 [ 93.966786][ T7881] EXT4-fs: Ignoring removed nomblk_io_submit option [ 93.978456][ T7881] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=6855c01c, mo2=0003] [ 93.986933][ T7881] System zones: 0-1, 3-36 [ 94.094894][ T7896] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1703'. [ 94.103939][ T7896] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1703'. [ 94.267661][ T7909] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1708'. [ 94.347815][ T7911] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1709'. [ 94.576521][ T7944] loop7: detected capacity change from 0 to 128 [ 94.593696][ T7944] syz.7.1725: attempt to access beyond end of device [ 94.593696][ T7944] loop7: rw=2049, sector=138, nr_sectors = 4 limit=128 [ 94.614195][ T7944] syz.7.1725: attempt to access beyond end of device [ 94.614195][ T7944] loop7: rw=8390657, sector=142, nr_sectors = 2 limit=128 [ 94.628020][ T7944] buffer_io_error: 42 callbacks suppressed [ 94.628037][ T7944] Buffer I/O error on dev loop7, logical block 71, lost async page write [ 94.642755][ T7944] syz.7.1725: attempt to access beyond end of device [ 94.642755][ T7944] loop7: rw=8390657, sector=144, nr_sectors = 2 limit=128 [ 94.656523][ T7944] Buffer I/O error on dev loop7, logical block 72, lost async page write [ 94.665377][ T7944] syz.7.1725: attempt to access beyond end of device [ 94.665377][ T7944] loop7: rw=2049, sector=146, nr_sectors = 60 limit=128 [ 94.765138][ T7950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 94.780348][ T7950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 94.788709][ T7950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 94.797061][ T7950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 94.805560][ T7950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 94.849712][ T7949] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 94.867804][ T7958] loop7: detected capacity change from 0 to 1024 [ 94.914289][ T7958] ext4 filesystem being mounted at /63/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.172105][ T7988] SELinux: failed to load policy [ 95.349189][ T8018] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1746'. [ 95.413857][ T8026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 95.422096][ T8026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 95.430593][ T8026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 95.520788][ T8037] sd 0:0:1:0: device reset [ 95.589104][ T8041] loop0: detected capacity change from 0 to 512 [ 95.630508][ T8041] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 95.649186][ T8041] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1754: invalid indirect mapped block 4294967295 (level 1) [ 95.664020][ T8041] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1754: invalid indirect mapped block 4294967295 (level 1) [ 95.679041][ T8041] EXT4-fs (loop0): 2 truncates cleaned up [ 95.829698][ T8059] loop0: detected capacity change from 0 to 1024 [ 95.855035][ T8059] ext4 filesystem being mounted at /443/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.865763][ T8061] loop7: detected capacity change from 0 to 2048 [ 95.961076][ T8071] netlink: 'syz.7.1765': attribute type 12 has an invalid length. [ 95.969151][ T8071] netlink: 'syz.7.1765': attribute type 29 has an invalid length. [ 95.977084][ T8071] netlink: 'syz.7.1765': attribute type 2 has an invalid length. [ 95.984854][ T8071] netlink: 'syz.7.1765': attribute type 3 has an invalid length. [ 95.998206][ T12] EXT4-fs error (device loop0): ext4_map_blocks:825: inode #15: comm kworker/u8:0: lblock 0 mapped to illegal pblock 0 (length 4) [ 96.025753][ T12] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 117 [ 96.038201][ T12] EXT4-fs (loop0): This should not happen!! Data will be lost [ 96.038201][ T12] [ 96.103146][ T8088] loop3: detected capacity change from 0 to 256 [ 96.137082][ T8088] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 96.163178][ T8088] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 96.414818][ T8110] loop0: detected capacity change from 0 to 8192 [ 97.033188][ C0] net_ratelimit: 4 callbacks suppressed [ 97.033206][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 97.048410][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 97.056653][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 97.416739][ T29] kauditd_printk_skb: 35 callbacks suppressed [ 97.416756][ T29] audit: type=1326 audit(1768705018.675:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.1.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72feb2acb9 code=0x7ffc0000 [ 97.451172][ T8188] loop1: detected capacity change from 0 to 512 [ 97.458107][ T29] audit: type=1326 audit(1768705018.705:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.1.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7f72feb2acb9 code=0x7ffc0000 [ 97.458404][ T8188] EXT4-fs: Ignoring removed i_version option [ 97.481593][ T29] audit: type=1326 audit(1768705018.705:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.1.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72feb2acb9 code=0x7ffc0000 [ 97.487578][ T8188] EXT4-fs: Ignoring removed bh option [ 97.510911][ T29] audit: type=1326 audit(1768705018.705:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.1.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72feb2acb9 code=0x7ffc0000 [ 97.539635][ T29] audit: type=1326 audit(1768705018.705:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.1.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f72feb2acb9 code=0x7ffc0000 [ 97.563155][ T29] audit: type=1326 audit(1768705018.705:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.1.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f72feb2aa22 code=0x7ffc0000 [ 97.586520][ T29] audit: type=1326 audit(1768705018.705:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.1.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f72feaeb58e code=0x7ffc0000 [ 97.609741][ T29] audit: type=1326 audit(1768705018.705:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.1.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f72feb2aae7 code=0x7ffc0000 [ 97.633122][ T29] audit: type=1326 audit(1768705018.705:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.1.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f72feaeb58e code=0x7ffc0000 [ 97.656725][ T29] audit: type=1326 audit(1768705018.705:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.1.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f72feb2a94b code=0x7ffc0000 [ 97.694311][ T8188] ext4 filesystem being mounted at /327/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 97.790721][ T8203] RDS: rds_bind could not find a transport for ::3:0:20:0, load rds_tcp or rds_rdma? [ 97.886149][ T8217] __nla_validate_parse: 3 callbacks suppressed [ 97.886167][ T8217] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1816'. [ 97.995695][ T8229] syzkaller1: entered promiscuous mode [ 98.001246][ T8229] syzkaller1: entered allmulticast mode [ 98.099877][ T8238] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 98.108301][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 98.151639][ T8241] loop3: detected capacity change from 0 to 128 [ 98.172462][ T8245] loop0: detected capacity change from 0 to 512 [ 98.192607][ T8241] syz.3.1827: attempt to access beyond end of device [ 98.192607][ T8241] loop3: rw=2049, sector=145, nr_sectors = 69 limit=128 [ 98.202989][ T8245] FAT-fs (loop0): error, corrupted file size (i_pos 51, 9216) [ 98.227171][ T8245] FAT-fs (loop0): error, corrupted file size (i_pos 51, 8960) [ 98.235083][ T8245] FAT-fs (loop0): error, corrupted file size (i_pos 51, 8960) [ 98.280454][ T8253] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1833'. [ 98.687872][ T8280] macvlan5: entered promiscuous mode [ 98.699922][ T8280] macvlan6: entered promiscuous mode [ 98.752905][ T8283] vcan0 speed is unknown, defaulting to 1000 [ 98.759550][ T8283] vcan0 speed is unknown, defaulting to 1000 [ 98.766042][ T8283] vcan0 speed is unknown, defaulting to 1000 [ 98.800207][ T8283] infiniband syz0: set active [ 98.805078][ T8283] infiniband syz0: added vcan0 [ 98.809990][ T9] vcan0 speed is unknown, defaulting to 1000 [ 98.825436][ T8283] RDS/IB: syz0: added [ 98.836314][ T8283] smc: adding ib device syz0 with port count 1 [ 98.842600][ T8283] smc: ib device syz0 port 1 has no pnetid [ 98.849161][ T36] vcan0 speed is unknown, defaulting to 1000 [ 98.855362][ T8283] vcan0 speed is unknown, defaulting to 1000 [ 98.909988][ T8283] vcan0 speed is unknown, defaulting to 1000 [ 98.923110][ T8292] loop7: detected capacity change from 0 to 512 [ 98.929923][ T8292] EXT4-fs: Ignoring removed nobh option [ 98.944755][ T8292] ext4 filesystem being mounted at /92/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 98.957033][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 98.982801][ T8283] vcan0 speed is unknown, defaulting to 1000 [ 98.990941][ T7002] EXT4-fs unmount: 26 callbacks suppressed [ 98.990959][ T7002] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.036264][ T8283] vcan0 speed is unknown, defaulting to 1000 [ 99.085117][ T8283] vcan0 speed is unknown, defaulting to 1000 [ 99.163523][ T8304] loop7: detected capacity change from 0 to 512 [ 99.186243][ T8304] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.200552][ T8304] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 99.262276][ T7002] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.880366][ T8374] loop7: detected capacity change from 0 to 512 [ 99.889220][ T8374] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 99.903265][ T8374] EXT4-fs (loop7): 1 truncate cleaned up [ 99.909608][ T8374] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.937539][ T7002] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.542332][ T12] tipc: Subscription rejected, illegal request [ 100.703605][ T8392] xt_hashlimit: size too large, truncated to 1048576 [ 100.992291][ T8411] loop7: detected capacity change from 0 to 8192 [ 101.124287][ T8420] lo speed is unknown, defaulting to 1000 [ 101.160976][ T8420] vcan0 speed is unknown, defaulting to 1000 [ 101.451360][ T8428] netlink: 'syz.3.1904': attribute type 6 has an invalid length. [ 101.513561][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 101.521897][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 101.587991][ T8447] netlink: 36 bytes leftover after parsing attributes in process `syz.7.1909'. [ 101.637177][ T8446] loop4: detected capacity change from 0 to 4096 [ 101.647783][ T8446] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.671057][ T8446] EXT4-fs (loop4): shut down requested (2) [ 101.677795][ T8446] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 101.687033][ T8446] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 101.755330][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.780238][ T8453] loop4: detected capacity change from 0 to 512 [ 101.795436][ T8453] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.815811][ T8453] ext4 filesystem being mounted at /397/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 101.845576][ T8457] loop0: detected capacity change from 0 to 1024 [ 101.853117][ T8457] EXT4-fs: Ignoring removed orlov option [ 101.864042][ T8457] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.891810][ T8461] netlink: 'syz.1.1916': attribute type 2 has an invalid length. [ 101.905923][ T8457] EXT4-fs error (device loop0): __ext4_new_inode:1279: comm syz.0.1915: failed to insert inode 15: doubly allocated? [ 101.924624][ T8457] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem [ 101.934804][ T8457] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem [ 101.951004][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.966074][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.990830][ T8463] syz.1.1917: attempt to access beyond end of device [ 101.990830][ T8463] loop1: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 102.005383][ T8463] syz.1.1917: attempt to access beyond end of device [ 102.005383][ T8463] loop1: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 102.025228][ T8463] syz.1.1917: attempt to access beyond end of device [ 102.025228][ T8463] loop1: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 102.040519][ T8463] syz.1.1917: attempt to access beyond end of device [ 102.040519][ T8463] loop1: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 102.054309][ T8468] syz.1.1917: attempt to access beyond end of device [ 102.054309][ T8468] loop1: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 102.070556][ T8463] syz.1.1917: attempt to access beyond end of device [ 102.070556][ T8463] loop1: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 102.086561][ T8468] syz.1.1917: attempt to access beyond end of device [ 102.086561][ T8468] loop1: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 102.101279][ T8463] syz.1.1917: attempt to access beyond end of device [ 102.101279][ T8463] loop1: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 102.115413][ T8468] syz.1.1917: attempt to access beyond end of device [ 102.115413][ T8468] loop1: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 102.129198][ T8463] syz.1.1917: attempt to access beyond end of device [ 102.129198][ T8463] loop1: rw=2049, sector=297, nr_sectors = 9 limit=128 [ 102.153658][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 102.162029][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 102.545372][ T8511] pim6reg1: entered promiscuous mode [ 102.550737][ T8511] pim6reg1: entered allmulticast mode [ 102.626259][ T29] kauditd_printk_skb: 43 callbacks suppressed [ 102.626314][ T29] audit: type=1400 audit(1768705023.885:979): avc: denied { setopt } for pid=8519 comm="syz.4.1943" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 102.699183][ T8525] set_capacity_and_notify: 1 callbacks suppressed [ 102.699197][ T8525] loop4: detected capacity change from 0 to 128 [ 102.749457][ T8522] loop7: detected capacity change from 0 to 8192 [ 102.756992][ T8525] Buffer I/O error on dev loop4, logical block 80, lost async page write [ 102.758079][ T8522] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 102.797832][ T8531] loop3: detected capacity change from 0 to 512 [ 102.805837][ T8531] vfat: Unknown parameter 'nonUmtail' [ 102.822629][ T8525] Buffer I/O error on dev loop4, logical block 84, lost async page write [ 102.831831][ T8525] Buffer I/O error on dev loop4, logical block 96, lost async page write [ 102.886366][ T8525] Buffer I/O error on dev loop4, logical block 100, lost async page write [ 102.903883][ T8525] Buffer I/O error on dev loop4, logical block 112, lost async page write [ 102.914208][ T8525] Buffer I/O error on dev loop4, logical block 116, lost async page write [ 102.925572][ T29] audit: type=1400 audit(1768705024.185:980): avc: denied { ioctl } for pid=8534 comm="syz.3.1950" path="/dev/ptp0" dev="devtmpfs" ino=246 ioctlcmd=0x3d06 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 102.952725][ T8525] Buffer I/O error on dev loop4, logical block 88, lost async page write [ 102.963187][ T8525] Buffer I/O error on dev loop4, logical block 92, lost async page write [ 102.989261][ T8525] Buffer I/O error on dev loop4, logical block 120, lost async page write [ 102.998831][ T8525] Buffer I/O error on dev loop4, logical block 124, lost async page write [ 103.013721][ T8541] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1952'. [ 103.031635][ T8544] loop3: detected capacity change from 0 to 512 [ 103.042571][ T8544] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 103.046809][ T8541] bond1: Invalid ad_actor_system MAC address. [ 103.058578][ T8541] bond1: option ad_actor_system: invalid value (4294967295) [ 103.068260][ T8541] bond1 (unregistering): Released all slaves [ 103.076169][ T8544] EXT4-fs (loop3): 1 truncate cleaned up [ 103.088595][ T8544] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.103968][ T8544] EXT4-fs (loop3): shut down requested (0) [ 103.111380][ T8544] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=12 [ 103.120663][ T8544] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=12 [ 103.130108][ T8544] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=15 [ 103.139229][ T8544] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=13 [ 103.148205][ T8544] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=12 [ 103.157365][ T8544] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=12 [ 103.166390][ T8544] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=13 [ 103.176164][ T29] audit: type=1400 audit(1768705024.435:981): avc: denied { remove_name } for pid=8542 comm="syz.3.1953" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 103.186674][ T8544] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=15 [ 103.198775][ T29] audit: type=1400 audit(1768705024.435:982): avc: denied { rename } for pid=8542 comm="syz.3.1953" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 103.238296][ T8544] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=15 [ 103.242851][ T29] audit: type=1400 audit(1768705024.495:983): avc: denied { unlink } for pid=8542 comm="syz.3.1953" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 103.269415][ T8544] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=12 [ 103.280227][ T8544] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=13 [ 103.292869][ T29] audit: type=1400 audit(1768705024.535:984): avc: denied { add_name } for pid=8542 comm="syz.3.1953" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 103.326552][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.561381][ T8587] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1970'. [ 103.599764][ T8590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 103.628019][ T8590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 103.636410][ T8590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 103.645076][ T8590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 103.653540][ T8590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 103.694069][ T8588] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 103.713158][ T8601] netlink: 48 bytes leftover after parsing attributes in process `syz.7.1976'. [ 103.891779][ T29] audit: type=1326 audit(1768705025.145:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8620 comm="syz.1.1986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72feb2acb9 code=0x7ffc0000 [ 103.915466][ T29] audit: type=1326 audit(1768705025.145:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8620 comm="syz.1.1986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72feb2acb9 code=0x7ffc0000 [ 103.938972][ T29] audit: type=1326 audit(1768705025.145:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8620 comm="syz.1.1986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f72feb2acb9 code=0x7ffc0000 [ 103.966311][ T29] audit: type=1326 audit(1768705025.225:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8620 comm="syz.1.1986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72feb2acb9 code=0x7ffc0000 [ 104.020782][ T8625] loop0: detected capacity change from 0 to 2048 [ 104.020782][ T8627] loop7: detected capacity change from 0 to 1024 [ 104.020920][ T8625] ================================================================== [ 104.020953][ T8625] BUG: KCSAN: data-race in data_push_tail / vsnprintf [ 104.021000][ T8625] [ 104.021009][ T8625] write to 0xffffffff890e7697 of 32 bytes by task 8627 on cpu 1: [ 104.021028][ T8625] vsnprintf+0x2ce/0x860 [ 104.021051][ T8625] vscnprintf+0x41/0x90 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 104.021075][ T8625] printk_sprint+0x30/0x2c0 [ 104.021103][ T8625] vprintk_store+0x57b/0x910 [ 104.021131][ T8625] vprintk_emit+0x1a4/0x600 [ 104.021162][ T8625] vprintk_default+0x26/0x30 [ 104.021197][ T8625] vprintk+0x1d/0x30 [ 104.021222][ T8625] _printk+0x79/0xa0 [ 104.021242][ T8625] set_capacity_and_notify+0x1dd/0x230 [ 104.021271][ T8625] loop_set_size+0x2e/0x70 [ 104.021295][ T8625] loop_configure+0x828/0x9c0 [ 104.021316][ T8625] lo_ioctl+0x1e1/0x13a0 [ 104.021339][ T8625] blkdev_ioctl+0x387/0x460 [ 104.021361][ T8625] __se_sys_ioctl+0xce/0x140 [ 104.021396][ T8625] __x64_sys_ioctl+0x43/0x50 [ 104.021433][ T8625] x64_sys_call+0x14b0/0x3000 [ 104.021466][ T8625] do_syscall_64+0xc0/0x2a0 [ 104.021491][ T8625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.021519][ T8625] [ 104.021527][ T8625] read to 0xffffffff890e76a8 of 8 bytes by task 8625 on cpu 0: [ 104.021549][ T8625] data_push_tail+0x100/0x470 [ 104.021587][ T8625] data_alloc+0x11b/0x390 [ 104.021615][ T8625] prb_reserve+0x8d7/0xae0 [ 104.021641][ T8625] vprintk_store+0x54a/0x910 [ 104.021678][ T8625] vprintk_emit+0x1a4/0x600 [ 104.021717][ T8625] vprintk_default+0x26/0x30 [ 104.021769][ T8625] vprintk+0x1d/0x30 [ 104.021790][ T8625] _printk+0x79/0xa0 [ 104.021806][ T8625] set_capacity_and_notify+0x1dd/0x230 [ 104.021829][ T8625] loop_set_size+0x2e/0x70 [ 104.021851][ T8625] loop_configure+0x828/0x9c0 [ 104.021872][ T8625] lo_ioctl+0x1e1/0x13a0 [ 104.021892][ T8625] blkdev_ioctl+0x387/0x460 [ 104.021913][ T8625] __se_sys_ioctl+0xce/0x140 [ 104.021951][ T8625] __x64_sys_ioctl+0x43/0x50 [ 104.021984][ T8625] x64_sys_call+0x14b0/0x3000 [ 104.022009][ T8625] do_syscall_64+0xc0/0x2a0 [ 104.022027][ T8625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.022050][ T8625] [ 104.022057][ T8625] value changed: 0x00000000ffffe090 -> 0x2065676e61686320 [ 104.022074][ T8625] [ 104.022080][ T8625] Reported by Kernel Concurrency Sanitizer on: [ 104.022098][ T8625] CPU: 0 UID: 0 PID: 8625 Comm: syz.0.1987 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 104.022136][ T8625] Tainted: [W]=WARN [ 104.022146][ T8625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 104.022164][ T8625] ================================================================== [ 104.288912][ T8627] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.353911][ T3310] Alternate GPT is invalid, using primary GPT. [ 104.360240][ T3310] loop0: p1 p2 p3 [ 104.364061][ T3310] loop0: partition table partially beyond EOD, truncated [ 104.389755][ T8626] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.417806][ T3501] udevd[3501]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 104.430428][ T3502] udevd[3502]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 104.442339][ T3310] udevd[3310]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 104.614658][ T55] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 104.673992][ T55] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 104.715493][ T3007] Alternate GPT is invalid, using primary GPT. [ 104.721747][ T3007] loop0: p1 p2 p3 [ 104.725713][ T3007] loop0: partition table partially beyond EOD, truncated [ 104.758744][ T55] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 104.793999][ T55] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 104.864147][ T55] bridge_slave_1: left allmulticast mode [ 104.869835][ T55] bridge_slave_1: left promiscuous mode [ 104.875587][ T55] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.883396][ T55] bridge_slave_0: left allmulticast mode [ 104.889073][ T55] bridge_slave_0: left promiscuous mode [ 104.894800][ T55] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.965607][ T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 104.975595][ T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 104.984773][ T55] bond0 (unregistering): Released all slaves [ 105.050806][ T55] hsr_slave_0: left promiscuous mode [ 105.056593][ T55] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 105.067015][ T55] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 105.105987][ T55] team0 (unregistering): Port device team_slave_1 removed [ 105.285578][ T55] IPVS: stop unused estimator thread 0... [ 105.336884][ T55] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.375821][ T55] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.436350][ T55] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.465900][ T55] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.551492][ T55] bridge_slave_1: left allmulticast mode [ 105.557211][ T55] bridge_slave_1: left promiscuous mode [ 105.562949][ T55] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.570830][ T55] bridge_slave_0: left allmulticast mode [ 105.576574][ T55] bridge_slave_0: left promiscuous mode [ 105.582256][ T55] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.646593][ T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 105.656911][ T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 105.666864][ T55] bond0 (unregistering): Released all slaves [ 105.765119][ T55] hsr_slave_0: left promiscuous mode [ 105.770814][ T55] hsr_slave_1: left promiscuous mode [ 105.779510][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 105.786971][ T55] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 105.794710][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 105.802164][ T55] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 105.812151][ T55] veth1_macvtap: left promiscuous mode [ 105.817649][ T55] veth0_macvtap: left promiscuous mode [ 105.823238][ T55] veth1_vlan: left promiscuous mode [ 105.828543][ T55] veth0_vlan: left promiscuous mode [ 105.891816][ T55] team0 (unregistering): Port device team_slave_1 removed [ 105.904384][ T55] team0 (unregistering): Port device team_slave_0 removed [ 106.115903][ T55] IPVS: stop unused estimator thread 0... [ 106.552821][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 107.273361][ T2348] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 107.281612][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 107.913234][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 107.921509][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 108.552906][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 109.106043][ T2348] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.152979][ T2348] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.193652][ T3393] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 109.202733][ T2348] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.264416][ T2348] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.333240][ T2348] bridge_slave_1: left allmulticast mode [ 109.339122][ T2348] bridge_slave_1: left promiscuous mode [ 109.344944][ T2348] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.356288][ T2348] bridge_slave_0: left allmulticast mode [ 109.361956][ T2348] bridge_slave_0: left promiscuous mode [ 109.367729][ T2348] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.465042][ T2348] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 109.475099][ T2348] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 109.484856][ T2348] bond0 (unregistering): Released all slaves [ 109.524396][ T2348] tipc: Disabling bearer [ 109.529495][ T2348] tipc: Left network mode [ 109.572559][ T2348] hsr_slave_0: left promiscuous mode [ 109.579240][ T2348] hsr_slave_1: left promiscuous mode [ 109.587068][ T2348] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 109.594535][ T2348] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 109.603250][ T2348] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 109.610667][ T2348] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 109.621772][ T2348] veth1_macvtap: left promiscuous mode [ 109.628134][ T2348] veth0_macvtap: left promiscuous mode [ 109.634051][ T2348] veth1_vlan: left promiscuous mode [ 109.639443][ T2348] veth0_vlan: left promiscuous mode [ 109.906158][ T2348] IPVS: stop unused estimator thread 0... [ 113.033261][ T55] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 113.041486][ T55] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 113.049722][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 113.057915][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog