last executing test programs: 1m6.892895166s ago: executing program 2 (id=305): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0xfffffffffffffffe, 0x7}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r1, 0x1, 0x4, 0x0, {{}, {0x0, 0x6}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4081}, 0x0) 1m6.619831532s ago: executing program 2 (id=312): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000d46000/0x1000)=nil, 0x1000) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x4) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) 1m6.567899685s ago: executing program 2 (id=315): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e24, 0x0, @empty, 0xffdffff4}], 0x1c) sendmsg$inet6(r0, &(0x7f0000000480)={&(0x7f00000001c0)={0xa, 0x4e24, 0x80001804, @ipv4={'\x00', '\xff\xff', @loopback}, 0x4}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000240)="a5", 0x1}], 0x1}, 0x2408c8c0) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000040)=0xfffffcfe, 0x4) 1m6.117157631s ago: executing program 2 (id=325): syz_mount_image$ext4(&(0x7f00000005c0)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f00000002c0)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x603}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@errors_continue}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=") mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x103495, 0x0) chroot(&(0x7f0000000100)='./file0\x00') getcwd(0x0, 0x0) 1m5.580161893s ago: executing program 2 (id=338): r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x54, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0x5, 0x3, 0x2, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) chmod(&(0x7f0000000180)='./file0\x00', 0x2f0) write$binfmt_elf32(r0, &(0x7f00000008c0)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x7, 0x0, 0x3, 0x7, 0x2, 0x3, 0x3, 0x309, 0x38, 0xfffffffc, 0xe, 0x0, 0x20, 0x1, 0x5}, [{0x3, 0x8, 0xf3, 0x7f, 0x4, 0x200004, 0xc, 0x400}]}, 0x58) 1m5.154162567s ago: executing program 2 (id=345): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200010, &(0x7f0000000300)=ANY=[@ANYRES32=r0, @ANYRES64, @ANYRES8], 0x1, 0x286, &(0x7f0000000640)="$eJzs2s9rHGUYB/BnYkw3LelG/EUL4ose1MvQ5OyhRSKIAUWNUAXp1GzsmnE3ZJbAipic9Oqf4Fk8ehOkRy+5+Bd48JZLjj2IK7O7iZsSaqxtUsrnc0geZua7M/O+sy/PwO69/t0X62tVvlb0YirLYupq7MSdLOZjKg7sxGuvXP/1hfevf/T2teXlxnjrYkrp4ou/fPzVjy/d7l348KeLP5+L3flP9vYX/9h9bvfS3l8f3GpXqV2lTrdXf1a32ytulq202q7W85TeLVtF1UrtTtXa7KUi3TzYv1Z2Nzb6qeiszp3f2GxVVSo6/bTe6qdeN/U2+6n4rGh3Up7nae58MHTr/mIrP9wZDGJ/8OSNGAwGs9/Hhdsx93s0I3sqZU9fzZ69kT2/k13aHwyad0dnH8BVc+buNf/nxsccO/88FsaL+tJ7KTUiym+3VrZWRv/rvY24thbtKKMVV2I2/oz6MRkb1W++tbx0JQ3Nxzfl9ji/vbXyREQMn6BRfiGaMX98fmGUTwf5OlX/rVf3w/MvRjOeOT6/eDQ/Mzp/I159eSKfRzN++zS6UcZq1NnYHg/B0tcLKb3xznI6ev2Xh8cBADxu8nSo7t/qpm2if4vI8yP7J/qjUX6iP2xO9Iczx/SHd/VX03F5+mzvnYiq/+V6UZatzfoFb1gcbjlBcfCG+N9SD7+Y+T/x2clhuWcRkU2O5cO7r6kjc3bKgzl9wtFQjIrskfs63FcR8flpLkSciX8m/V8PbZzKBQEAAAAAAAAAAHAip/FzwrO+RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NH2dwAAAP//NLm0Nw==") mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) getsockopt$sock_buf(r0, 0x1, 0x1f, 0x0, &(0x7f0000000080)) 1m5.148498538s ago: executing program 32 (id=345): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200010, &(0x7f0000000300)=ANY=[@ANYRES32=r0, @ANYRES64, @ANYRES8], 0x1, 0x286, &(0x7f0000000640)="$eJzs2s9rHGUYB/BnYkw3LelG/EUL4ose1MvQ5OyhRSKIAUWNUAXp1GzsmnE3ZJbAipic9Oqf4Fk8ehOkRy+5+Bd48JZLjj2IK7O7iZsSaqxtUsrnc0geZua7M/O+sy/PwO69/t0X62tVvlb0YirLYupq7MSdLOZjKg7sxGuvXP/1hfevf/T2teXlxnjrYkrp4ou/fPzVjy/d7l348KeLP5+L3flP9vYX/9h9bvfS3l8f3GpXqV2lTrdXf1a32ytulq202q7W85TeLVtF1UrtTtXa7KUi3TzYv1Z2Nzb6qeiszp3f2GxVVSo6/bTe6qdeN/U2+6n4rGh3Up7nae58MHTr/mIrP9wZDGJ/8OSNGAwGs9/Hhdsx93s0I3sqZU9fzZ69kT2/k13aHwyad0dnH8BVc+buNf/nxsccO/88FsaL+tJ7KTUiym+3VrZWRv/rvY24thbtKKMVV2I2/oz6MRkb1W++tbx0JQ3Nxzfl9ji/vbXyREQMn6BRfiGaMX98fmGUTwf5OlX/rVf3w/MvRjOeOT6/eDQ/Mzp/I159eSKfRzN++zS6UcZq1NnYHg/B0tcLKb3xznI6ev2Xh8cBADxu8nSo7t/qpm2if4vI8yP7J/qjUX6iP2xO9Iczx/SHd/VX03F5+mzvnYiq/+V6UZatzfoFb1gcbjlBcfCG+N9SD7+Y+T/x2clhuWcRkU2O5cO7r6kjc3bKgzl9wtFQjIrskfs63FcR8flpLkSciX8m/V8PbZzKBQEAAAAAAAAAAHAip/FzwrO+RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NH2dwAAAP//NLm0Nw==") mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) getsockopt$sock_buf(r0, 0x1, 0x1f, 0x0, &(0x7f0000000080)) 42.789176439s ago: executing program 3 (id=922): setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000}, 0x20) r0 = syz_open_dev$sg(&(0x7f0000000740), 0x0, 0x18b203) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0}) 42.746378942s ago: executing program 3 (id=923): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000780)=@newqdisc={0x50, 0x24, 0xf0b, 0x8070bd2a, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xc}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x20, 0x2, [@TCA_CAKE_MPU={0x8, 0xe, 0xe8}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x1}, @TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x3}]}}]}, 0x50}}, 0x0) 42.676571856s ago: executing program 3 (id=925): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x9, 0x5, 0x7, 0x0, 0xffffffffffffffff, 0x20}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000004c0), &(0x7f00000004c0), 0x3f, r0}, 0x38) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r0, &(0x7f00000000c0), &(0x7f0000000340)=""/207}, 0x20) bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) 42.637023138s ago: executing program 3 (id=928): syz_mount_image$ext4(&(0x7f00000005c0)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f00000002c0)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x603}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@errors_continue}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=") mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x103495, 0x0) chroot(&(0x7f0000000100)='./file0\x00') getcwd(0x0, 0x0) 42.316761867s ago: executing program 3 (id=937): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000100)=[@in={0x2, 0x4e23, @loopback}], 0x10) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000040)=0x5, 0x4) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000000)=0x10, 0x4) 42.014650284s ago: executing program 3 (id=946): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000100)={0x7, 0x8, 0xfa00, {r1, 0x8}}, 0x10) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000140)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f00000000c0)=0xfffffffc, r1, 0x0, 0x1, 0x4}}, 0x20) 41.988687345s ago: executing program 33 (id=946): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000100)={0x7, 0x8, 0xfa00, {r1, 0x8}}, 0x10) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000140)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f00000000c0)=0xfffffffc, r1, 0x0, 0x1, 0x4}}, 0x20) 4.167861998s ago: executing program 6 (id=1844): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={r1, 0x1, 0x6}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000000c0)={r1, 0x1, 0x6, @random="8327ad9e0b15"}, 0x10) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000080)={0x0, 0x1, 0x6, @link_local}, 0x10) 4.101746741s ago: executing program 6 (id=1849): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) shutdown(r0, 0x1) recvmmsg(r0, &(0x7f0000001d00)=[{{0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000001d40)=""/4078, 0xfee}, {&(0x7f0000000340)=""/141, 0x8d}, {&(0x7f0000002d40)=""/4116, 0x1005}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/231, 0xe7}], 0x5}}], 0x3ffffbd, 0x0, 0x0) getpid() syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r0) 2.654839395s ago: executing program 6 (id=1871): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000080)={r2, 0x8, 0x6}, 0x8) 2.619096347s ago: executing program 6 (id=1876): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800000, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x4, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r0, &(0x7f0000001540)=[{{&(0x7f0000000280)={0x2, 0x4e22, @private=0xa010101}, 0x10, &(0x7f0000001140)=[{&(0x7f0000000200)="9c", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000300)="99", 0x1}], 0x1}}], 0x2, 0x48000) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000500)={0x0, 0x3ff}, 0x8) 2.523594503s ago: executing program 6 (id=1878): r0 = socket$kcm(0x2, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0xd000000, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000340)={'wg0\x00', 0x0}) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000000380)={@empty, r2}, 0x14) 2.499188145s ago: executing program 6 (id=1880): syz_usb_connect(0x2, 0x6ee78b90ef7fb6da, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x88ce359bdb00143c, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000005c0)) 1.013601381s ago: executing program 1 (id=1921): r0 = creat(&(0x7f0000000200)='./file1\x00', 0x12e) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400}, 0x50) r1 = fsopen(&(0x7f00000002c0)='ext4\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000001200), 0xa, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 961.994974ms ago: executing program 4 (id=1923): syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb87, &(0x7f00000017c0)="$eJzs3c9vFFUcAPDvzG5LKWgX40GMCTUeIDFsW0BB4gE8Gg8mkqAnXPuDNCxgaE0sIbHcTLyowZMnT2qiR6+GGPXkweiJ/8CQEFP4A2pmdras7W5LYcuQ9vNJZve9eSzvO02++9503nQC2LFGs5c0Yn9EfJ5EjBT704gYzEtDEYutf3dv6dpktiWxvPzOv0kkEXF36dpk+/9Kivc92Us1/2T89UvEM5W1/c4tXL3QaDanrxT1sfmLH47NLVw9PHuxcX76/PSlI6+OH5147diJV47d/9DQox3rwvH0sz/ffOO7G+e+/uPHEy98msSp2Fu0dR5Hv4zG6MrPpFM1It7rd2clqRTH0+04AQB48qQdc7j9MRKVvNQyEvXZUoMDAAAA+uKTiFgGAAAAtrnE+T8AAABsc+11AHeXrk22t3JXJACPy53TEVFr5X/7/v5WSzUW8/ehGIiI4XtJx51Brfu9a33ofzQifvjq+IFsiy26Dx/obvF6RDzXbfxP8vyvFX90Y3X+pxEx3of+R1fV5T88Pt3yv3VesHH+n+pD//IfAAAAAAAA+ufm6daF/LXX/9OV9T/R5fpfpcu1u4ex8fW/9HYfugG6uHM64vWOZ/vc68j/Qq1S1J7K1wMMJDOzzenxiHg6Ig7FwK6sPrFOH9/+dPLvXm2d6/+yLeu/vRawiON2ddf/PzPVmG88yjEDLXeuRzxf7Zb/ycr4n/RY//v2A/bx29mfZ3q1bZz/wFZZ/ibiYNfx//4T3ZL1n883ls8HxtqzgrXOvvjr9736l/9Qnmz8H14//2tJ5/M65zbfx/jw4fO92h52/j+YnMmfKjpY7Pu4MT9/ZSJiMHlr7f4jm48ZtqN2PrTzJcv/Qy91P/9fb/6fJdn7xbdEGhGN4j2rf7Cqz13nfv+iVzzGfyhPlv9Tmxr/N1/48t2lM736f7Dx/1g+ph8q9vj9H6zvQRO07DgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgSZJGxN5I0vpKOU3r9Yg9EfFsDKfNy3PzL89c/ujSVNYWUYuBdGa2OT0eESOtepLVJ/Ly/fqRVfWjEbEvIm6M7M7r9cnLzamyDx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAVeyJibyRpPSLSvJym9Xqr7Z+RsqMDAAAA+qZWdgAAAADAlnP+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj2nfg5q0kIhZP7s63zGDRNlBqZMBWS8sOAChNpewAgNJUyw4AKI1zfCDZoH2oZ4sZBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBOcnD/zVtJRCye3J1vmcGibaDUyICtlpYdAFCaStkBAKWplh0AUBrn+ECyQftQzxYzCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdZG7h6oVGszl9RWHdQjUinoAwFBQeU6HsbyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2s/8CAAD//yT3/f8=") r0 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) fallocate(r0, 0x0, 0x0, 0x8800000) 961.351384ms ago: executing program 1 (id=1936): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000000000), &(0x7f0000000080)=0x14) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000003c0)={r0, &(0x7f0000000080), &(0x7f00000008c0)=""/177}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000400008500000001000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000000c0)={r1}, 0xc) 922.087917ms ago: executing program 1 (id=1924): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0) r1 = syz_io_uring_setup(0x49a, &(0x7f00000003c0)={0x0, 0x79ad, 0x3180, 0x7ffd, 0x32c, 0x0, r0}, &(0x7f0000000340)=0x0, &(0x7f00000000c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd=r0, 0x6, 0x0, 0x0, 0x2, 0x1}) io_uring_enter(r1, 0xfd0, 0x4c1, 0x43, 0x0, 0x0) 839.846051ms ago: executing program 1 (id=1926): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x183, 0x6}, 0x6025, 0x4005, 0xb, 0x0, 0x1, 0x1, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020025797a31000000000900010073797a3000000000080005400000001c"], 0xe8}}, 0x0) 734.629287ms ago: executing program 1 (id=1927): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0, 0xffffffffffffffff}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0x18, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000050000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000072000000b7080000000000007b8af8ff00000000b7080000d50000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000480)={r2}, 0xc) 734.263627ms ago: executing program 1 (id=1928): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) openat$dir(0xffffffffffffff9c, 0x0, 0xea, 0x0) prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000003c0)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000700)={r1, 0x0, r0, 0x0, 0x80000}) 649.968463ms ago: executing program 5 (id=1930): r0 = socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x841e, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_bp={0x0, 0x8}, 0x82, 0x4, 0x4, 0x5, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, 0x0, 0x0) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x2c, r1, 0x1, 0x70bd27, 0x25dfdbff, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x14}, 0x4000000) 619.812664ms ago: executing program 5 (id=1933): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800000, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x4, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r0, &(0x7f0000001540)=[{{&(0x7f0000000280)={0x2, 0x4e22, @private=0xa010101}, 0x10, &(0x7f0000001140)=[{&(0x7f0000000200)="9c", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000300)="99", 0x1}], 0x1}}], 0x2, 0x48000) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000500)={0x0, 0x3ff}, 0x8) 619.506884ms ago: executing program 4 (id=1934): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000010000100ab5a0000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4024}, 0x4000010) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40) sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c80)={0x2c, 0xa, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24048014}, 0x4000) 561.581148ms ago: executing program 0 (id=1935): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0xcf, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x7, 0x6}, 0x1004, 0x0, 0x10000, 0x0, 0x2, 0x80004001, 0x0, 0x0, 0x0, 0x0, 0xbf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) socket$inet_udp(0x2, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2}, 0x48) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000", @ANYRES64=r0], 0xc4}, 0x1, 0x0, 0x0, 0x10}, 0x0) 560.926417ms ago: executing program 5 (id=1937): r0 = socket$kcm(0xa, 0x2, 0x0) r1 = socket(0x2, 0x80805, 0x0) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x16}, 0x4e22, 0x3, 'nq\x00', 0x15, 0x80005, 0x49}, 0x2c) setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e20, 0x2, 0xcd}}, 0x44) sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e20, 0x0, @empty}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0) 519.20059ms ago: executing program 0 (id=1938): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000ec0)={'wpan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), r1) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000700)={0x30, r3, 0x1, 0x70bd2e, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_LEVEL={0x14, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x7}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x44}, 0x20004000) 518.76452ms ago: executing program 4 (id=1939): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0) r1 = syz_io_uring_setup(0x49a, &(0x7f00000003c0)={0x0, 0x79ad, 0x3180, 0x7ffd, 0x32c, 0x0, r0}, &(0x7f0000000340)=0x0, &(0x7f00000000c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd=r0, 0x6, 0x0, 0x0, 0x2, 0x1}) io_uring_enter(r1, 0xfd0, 0x4c1, 0x43, 0x0, 0x0) 517.22064ms ago: executing program 5 (id=1948): syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000000c0), 0x2, 0xbd1, &(0x7f0000001340)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup\x00', 0x42, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup\x00', 0x42, 0x81) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611) 505.071191ms ago: executing program 0 (id=1940): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x5}, {0xfff1, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@deltfilter={0x34, 0x2d, 0x1, 0x78bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xfff3, 0x3}, {0x5, 0xffff}, {0xfff2, 0xf}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x20044000) 487.001982ms ago: executing program 0 (id=1941): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000000000), &(0x7f0000000080)=0x14) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000003c0)={r0, &(0x7f0000000080), &(0x7f00000008c0)=""/177}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000400008500000001000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000000c0)={r1}, 0xc) 470.892023ms ago: executing program 0 (id=1942): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x6, 0x8, 0x8, 0x42}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000600)="c9f7b98600"/14, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 293.889433ms ago: executing program 0 (id=1943): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000700)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab190c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e23, 0x8020000c, @private0={0xfc, 0x0, '\x00', 0x1}, 0xffffffff}, 0x1c) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x1, 0x70bd25, 0x25dfdbf9, {0x0, 0x0, 0x0, 0x0, 0x48815, 0x40003}, [@IFLA_GROUP={0x8}, @IFLA_TXQLEN={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x46801}, 0x4000000) 293.536483ms ago: executing program 5 (id=1944): syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb87, &(0x7f00000017c0)="$eJzs3c9vFFUcAPDvzG5LKWgX40GMCTUeIDFsW0BB4gE8Gg8mkqAnXPuDNCxgaE0sIbHcTLyowZMnT2qiR6+GGPXkweiJ/8CQEFP4A2pmdras7W5LYcuQ9vNJZve9eSzvO02++9503nQC2LFGs5c0Yn9EfJ5EjBT704gYzEtDEYutf3dv6dpktiWxvPzOv0kkEXF36dpk+/9Kivc92Us1/2T89UvEM5W1/c4tXL3QaDanrxT1sfmLH47NLVw9PHuxcX76/PSlI6+OH5147diJV47d/9DQox3rwvH0sz/ffOO7G+e+/uPHEy98msSp2Fu0dR5Hv4zG6MrPpFM1It7rd2clqRTH0+04AQB48qQdc7j9MRKVvNQyEvXZUoMDAAAA+uKTiFgGAAAAtrnE+T8AAABsc+11AHeXrk22t3JXJACPy53TEVFr5X/7/v5WSzUW8/ehGIiI4XtJx51Brfu9a33ofzQifvjq+IFsiy26Dx/obvF6RDzXbfxP8vyvFX90Y3X+pxEx3of+R1fV5T88Pt3yv3VesHH+n+pD//IfAAAAAAAA+ufm6daF/LXX/9OV9T/R5fpfpcu1u4ex8fW/9HYfugG6uHM64vWOZ/vc68j/Qq1S1J7K1wMMJDOzzenxiHg6Ig7FwK6sPrFOH9/+dPLvXm2d6/+yLeu/vRawiON2ddf/PzPVmG88yjEDLXeuRzxf7Zb/ycr4n/RY//v2A/bx29mfZ3q1bZz/wFZZ/ibiYNfx//4T3ZL1n883ls8HxtqzgrXOvvjr9736l/9Qnmz8H14//2tJ5/M65zbfx/jw4fO92h52/j+YnMmfKjpY7Pu4MT9/ZSJiMHlr7f4jm48ZtqN2PrTzJcv/Qy91P/9fb/6fJdn7xbdEGhGN4j2rf7Cqz13nfv+iVzzGfyhPlv9Tmxr/N1/48t2lM736f7Dx/1g+ph8q9vj9H6zvQRO07DgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgSZJGxN5I0vpKOU3r9Yg9EfFsDKfNy3PzL89c/ujSVNYWUYuBdGa2OT0eESOtepLVJ/Ly/fqRVfWjEbEvIm6M7M7r9cnLzamyDx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAVeyJibyRpPSLSvJym9Xqr7Z+RsqMDAAAA+qZWdgAAAADAlnP+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj2nfg5q0kIhZP7s63zGDRNlBqZMBWS8sOAChNpewAgNJUyw4AKI1zfCDZoH2oZ4sZBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBOcnD/zVtJRCye3J1vmcGibaDUyICtlpYdAFCaStkBAKWplh0AUBrn+ECyQftQzxYzCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdZG7h6oVGszl9RWHdQjUinoAwFBQeU6HsbyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2s/8CAAD//yT3/f8=") r0 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) fallocate(r0, 0x0, 0x0, 0x8800000) 293.353423ms ago: executing program 4 (id=1945): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000b, 0x12, r1, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x2000) 31.353788ms ago: executing program 4 (id=1946): setrlimit(0x40000000000008, &(0x7f0000000000)={0x5, 0x7}) capset(&(0x7f0000a31000)={0x20080522}, &(0x7f0000000080)) r0 = memfd_secret(0x80000) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r0, 0x0) mlock2(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0) 4.32756ms ago: executing program 4 (id=1947): r0 = socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x841e, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_bp={0x0, 0x8}, 0x82, 0x4, 0x4, 0x5, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, 0x0, 0x0) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x2c, r1, 0x1, 0x70bd27, 0x25dfdbff, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x14}, 0x4000000) 0s ago: executing program 5 (id=1949): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'lc\x00', 0x12, 0x4000ffc, 0x54}, 0x2c) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000014ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x4800) kernel console output (not intermixed with test programs): 0][ T3296] loop1: p4 size 197376 extends beyond EOD, [ 43.960682][ T3306] EXT4-fs error (device loop2): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39 [ 43.985344][ T3296] truncated [ 44.006091][ T4265] loop1: p2 p3 p4[EZD] [ 44.011151][ T4265] loop1: p3 start 331781 is beyond EOD, truncated [ 44.018606][ T4122] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.038828][ T4265] loop1: p4 size 197376 extends beyond EOD, truncated [ 44.163477][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 44.174692][ T3298] udevd[3298]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 44.207400][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 44.222166][ T3298] udevd[3298]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 44.281541][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.359956][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.422939][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.463602][ T4291] netlink: 9 bytes leftover after parsing attributes in process `syz.3.348'. [ 44.498075][ T4291] gretap0: entered promiscuous mode [ 44.535634][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.596360][ T4302] netlink: 'syz.3.349': attribute type 66 has an invalid length. [ 44.674291][ T4305] netlink: 'syz.3.350': attribute type 83 has an invalid length. [ 44.718630][ T12] bridge_slave_1: left allmulticast mode [ 44.745733][ T12] bridge_slave_1: left promiscuous mode [ 44.753385][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.789418][ T12] bridge_slave_0: left allmulticast mode [ 44.807933][ T12] bridge_slave_0: left promiscuous mode [ 44.813600][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.816488][ T4308] loop3: detected capacity change from 0 to 128 [ 44.854764][ T4308] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 44.908237][ T4308] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 45.078156][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 45.097400][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 45.127016][ T12] bond0 (unregistering): Released all slaves [ 45.149906][ T4330] netlink: 556 bytes leftover after parsing attributes in process `syz.1.355'. [ 45.189955][ T12] hsr_slave_0: left promiscuous mode [ 45.218869][ T12] hsr_slave_1: left promiscuous mode [ 45.224688][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 45.239170][ T4341] loop3: detected capacity change from 0 to 128 [ 45.270471][ T4341] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 45.276811][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 45.294189][ T4341] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 45.303225][ T4341] FAT-fs (loop3): Filesystem has been set read-only [ 45.321825][ T4341] syz.3.360: attempt to access beyond end of device [ 45.321825][ T4341] loop3: rw=8912896, sector=2065, nr_sectors = 8 limit=128 [ 45.337257][ T4341] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 45.364096][ T4341] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 45.382483][ T4344] syz.3.360: attempt to access beyond end of device [ 45.382483][ T4344] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 45.425432][ T4344] syz.3.360: attempt to access beyond end of device [ 45.425432][ T4344] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 45.456125][ T4344] syz.3.360: attempt to access beyond end of device [ 45.456125][ T4344] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 45.485541][ T4344] syz.3.360: attempt to access beyond end of device [ 45.485541][ T4344] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 45.515451][ T4344] syz.3.360: attempt to access beyond end of device [ 45.515451][ T4344] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 45.545446][ T4344] syz.3.360: attempt to access beyond end of device [ 45.545446][ T4344] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 45.575511][ T4344] syz.3.360: attempt to access beyond end of device [ 45.575511][ T4344] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 45.605475][ T4344] syz.3.360: attempt to access beyond end of device [ 45.605475][ T4344] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 45.635440][ T4344] syz.3.360: attempt to access beyond end of device [ 45.635440][ T4344] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 46.136796][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 46.146444][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 46.174858][ T12] veth1_macvtap: left promiscuous mode [ 46.191477][ T12] veth0_macvtap: left promiscuous mode [ 46.214990][ T12] veth1_vlan: left promiscuous mode [ 46.221123][ T12] veth0_vlan: left promiscuous mode [ 46.412773][ T4381] sctp: [Deprecated]: syz.0.376 (pid 4381) Use of int in max_burst socket option. [ 46.412773][ T4381] Use struct sctp_assoc_value instead [ 46.433367][ T12] team0 (unregistering): Port device team_slave_1 removed [ 46.466353][ T12] team0 (unregistering): Port device team_slave_0 removed [ 46.646347][ T4292] chnl_net:caif_netlink_parms(): no params data found [ 46.751383][ T4292] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.759516][ T4292] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.766942][ T4292] bridge_slave_0: entered allmulticast mode [ 46.782709][ T4292] bridge_slave_0: entered promiscuous mode [ 46.819647][ T4292] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.827708][ T4292] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.834977][ T4292] bridge_slave_1: entered allmulticast mode [ 46.841904][ T4292] bridge_slave_1: entered promiscuous mode [ 46.900278][ T4446] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 46.913077][ T4446] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 46.924964][ T4292] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.950571][ T4292] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.044039][ T4292] team0: Port device team_slave_0 added [ 47.064019][ T4292] team0: Port device team_slave_1 added [ 47.127540][ T4292] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.134640][ T4292] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 47.168127][ T4292] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.169434][ T4480] loop1: detected capacity change from 0 to 1024 [ 47.179582][ T4292] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.194562][ T4292] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 47.222901][ T4292] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.233756][ T4480] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.248869][ T4476] netlink: 16 bytes leftover after parsing attributes in process `syz.3.407'. [ 47.278696][ T4292] hsr_slave_0: entered promiscuous mode [ 47.284983][ T4292] hsr_slave_1: entered promiscuous mode [ 47.291443][ T4292] debugfs: 'hsr0' already exists in 'hsr' [ 47.297302][ T4292] Cannot create hsr debugfs directory [ 47.337775][ T28] kauditd_printk_skb: 25 callbacks suppressed [ 47.337789][ T28] audit: type=1400 audit(1770913834.337:356): avc: denied { remove_name } for pid=4479 comm="syz.1.408" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 47.368731][ T28] audit: type=1400 audit(1770913834.337:357): avc: denied { add_name } for pid=4479 comm="syz.1.408" name="file0" dev="loop1" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 47.431463][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.483407][ T12] Bluetooth: hci0: Frame reassembly failed (-84) [ 47.504636][ T4494] Bluetooth: hci0: Frame reassembly failed (-84) [ 47.521478][ T4292] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 47.529609][ T28] audit: type=1400 audit(1770913834.527:358): avc: denied { bind } for pid=4502 comm="syz.4.415" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 47.563487][ T4508] netlink: 56 bytes leftover after parsing attributes in process `syz.0.416'. [ 47.581953][ T4292] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 47.600355][ T4292] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 47.614272][ T4292] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 47.732385][ T4292] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.746863][ T4292] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.760423][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.767516][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.787317][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.794426][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.835229][ T28] audit: type=1400 audit(1770913834.827:359): avc: denied { create } for pid=4541 comm="syz.0.424" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 47.873768][ T4292] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 47.903630][ T4545] loop1: detected capacity change from 0 to 2048 [ 47.911993][ T28] audit: type=1400 audit(1770913834.827:360): avc: denied { setopt } for pid=4541 comm="syz.0.424" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 47.932248][ T4292] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 47.955573][ T28] audit: type=1400 audit(1770913834.827:361): avc: denied { name_bind } for pid=4539 comm="syz.1.423" src=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 48.007970][ T4545] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 48.066158][ T4292] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.248489][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.282223][ T4570] bridge0: entered promiscuous mode [ 48.305059][ T4570] bridge0: port 3(macvtap1) entered blocking state [ 48.305894][ T4573] loop1: detected capacity change from 0 to 1024 [ 48.311925][ T4570] bridge0: port 3(macvtap1) entered disabled state [ 48.327344][ T4570] macvtap1: entered allmulticast mode [ 48.332852][ T4570] bridge0: entered allmulticast mode [ 48.339011][ T4570] macvtap1: left allmulticast mode [ 48.344262][ T4570] bridge0: left allmulticast mode [ 48.350690][ T4573] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 48.366024][ T4570] bridge0: left promiscuous mode [ 48.372735][ T4573] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 48.387377][ T28] audit: type=1400 audit(1770913835.387:362): avc: denied { append } for pid=4572 comm="syz.1.428" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 48.388423][ T4573] EXT4-fs error (device loop1): ext4_map_blocks:825: inode #15: comm syz.1.428: lblock 0 mapped to illegal pblock 0 (length 6) [ 48.423908][ T4573] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 48.437764][ T4573] EXT4-fs (loop1): This should not happen!! Data will be lost [ 48.437764][ T4573] [ 48.461718][ T4579] netlink: 8 bytes leftover after parsing attributes in process `syz.4.429'. [ 48.484546][ T4573] EXT4-fs error (device loop1): ext4_map_blocks:783: inode #15: comm syz.1.428: lblock 0 mapped to illegal pblock 0 (length 1) [ 48.487103][ T4292] veth0_vlan: entered promiscuous mode [ 48.506708][ T4292] veth1_vlan: entered promiscuous mode [ 48.512427][ T4573] EXT4-fs error (device loop1): ext4_free_blocks:6727: comm syz.1.428: Freeing blocks not in datazone - block = 1, count = 5 [ 48.539878][ T4581] loop0: detected capacity change from 0 to 256 [ 48.562433][ T4292] veth0_macvtap: entered promiscuous mode [ 48.579127][ T3438] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:7: bg 0: block 112: padding at end of block bitmap is not set [ 48.590082][ T4292] veth1_macvtap: entered promiscuous mode [ 48.609121][ T4292] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.624760][ T3438] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 37 with max blocks 7 with error 28 [ 48.635002][ T4292] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.650888][ T3438] EXT4-fs (loop1): This should not happen!! Data will be lost [ 48.650888][ T3438] [ 48.662663][ T3438] EXT4-fs (loop1): Total free blocks count 0 [ 48.671189][ T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.673388][ T3438] EXT4-fs (loop1): Free/Dirty block details [ 48.691758][ T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.698426][ T3438] EXT4-fs (loop1): free_blocks=0 [ 48.712566][ T3438] EXT4-fs (loop1): dirty_blocks=16 [ 48.718110][ T378] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.729455][ T28] audit: type=1400 audit(1770913835.727:363): avc: denied { connect } for pid=4591 comm="syz.4.436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 48.749710][ T336] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.755460][ T3438] EXT4-fs (loop1): Block reservation details [ 48.847461][ T28] audit: type=1400 audit(1770913835.837:364): avc: denied { append } for pid=4601 comm="syz.0.438" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 48.884598][ T4606] loop5: detected capacity change from 0 to 512 [ 48.902099][ T4606] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 48.932105][ T4606] EXT4-fs (loop5): 1 truncate cleaned up [ 48.953191][ T4606] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.037490][ T28] audit: type=1400 audit(1770913836.027:365): avc: denied { remove_name } for pid=4605 comm="syz.5.440" name="file0" dev="loop5" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 49.101245][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.145626][ T4621] netlink: 8 bytes leftover after parsing attributes in process `syz.4.447'. [ 49.205086][ T4626] netlink: 68 bytes leftover after parsing attributes in process `syz.5.449'. [ 49.226052][ T4626] netlink: 8 bytes leftover after parsing attributes in process `syz.5.449'. [ 49.516125][ T43] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 49.786037][ T4648] netlink: 56 bytes leftover after parsing attributes in process `syz.4.458'. [ 50.156132][ T4687] smc: net device bond0 applied user defined pnetid SYZ2 [ 50.367321][ T4707] loop5: detected capacity change from 0 to 256 [ 50.638292][ T4733] netlink: 12 bytes leftover after parsing attributes in process `syz.0.495'. [ 50.650975][ T4733] netlink: 240 bytes leftover after parsing attributes in process `syz.0.495'. [ 50.660154][ T4733] netlink: 424 bytes leftover after parsing attributes in process `syz.0.495'. [ 50.669300][ T4733] netlink: 12 bytes leftover after parsing attributes in process `syz.0.495'. [ 50.798515][ T4739] loop3: detected capacity change from 0 to 256 [ 50.815931][ T4739] msdos: Unknown parameter 'nęs' [ 51.516369][ T4745] loop3: detected capacity change from 0 to 512 [ 51.550519][ T4745] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 51.566766][ T4745] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 51.734891][ T4764] program syz.4.509 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 51.761316][ T4764] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 51.913028][ T4768] loop3: detected capacity change from 0 to 8192 [ 51.919717][ T4776] loop1: detected capacity change from 0 to 128 [ 51.975066][ T4768] bio_check_eod: 7905 callbacks suppressed [ 51.975123][ T4768] syz.3.511: attempt to access beyond end of device [ 51.975123][ T4768] loop3: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 52.035365][ T4768] Buffer I/O error on dev loop3, logical block 57847, async page read [ 52.115486][ T4789] loop5: detected capacity change from 0 to 1024 [ 52.128490][ T4789] EXT4-fs: Ignoring removed orlov option [ 52.193934][ T4789] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.260189][ T4789] EXT4-fs error (device loop5): __ext4_new_inode:1279: comm syz.5.521: failed to insert inode 15: doubly allocated? [ 52.309318][ T4789] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem [ 52.328610][ T4789] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem [ 52.347679][ T28] kauditd_printk_skb: 33 callbacks suppressed [ 52.347695][ T28] audit: type=1400 audit(1770913839.347:399): avc: denied { ioctl } for pid=4811 comm="syz.4.530" path="socket:[9477]" dev="sockfs" ino=9477 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 52.369017][ T4814] netlink: 8 bytes leftover after parsing attributes in process `syz.3.531'. [ 52.399684][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.683009][ T28] audit: type=1400 audit(1770913839.677:400): avc: denied { write } for pid=4845 comm="syz.4.545" path="socket:[9027]" dev="sockfs" ino=9027 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.721131][ T4851] netlink: 24 bytes leftover after parsing attributes in process `syz.3.547'. [ 52.743773][ T4852] loop0: detected capacity change from 0 to 256 [ 52.759055][ T28] audit: type=1400 audit(1770913839.737:401): avc: denied { override_creds } for pid=4853 comm="syz.4.549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 52.784276][ T4860] capability: warning: `syz.4.550' uses deprecated v2 capabilities in a way that may be insecure [ 52.829686][ T28] audit: type=1400 audit(1770913839.827:402): avc: denied { write } for pid=4861 comm="syz.4.552" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 52.892583][ T4864] RDS: rds_bind could not find a transport for c00::, load rds_tcp or rds_rdma? [ 52.963458][ T4876] erspan0: entered promiscuous mode [ 53.033626][ T4885] loop5: detected capacity change from 0 to 128 [ 53.055901][ T4885] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 53.082447][ T4885] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 53.111675][ T4881] syz.4.561: attempt to access beyond end of device [ 53.111675][ T4881] loop4: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 53.126456][ T4881] Buffer I/O error on dev loop4, logical block 57847, async page read [ 53.145899][ T4881] syz.4.561: attempt to access beyond end of device [ 53.145899][ T4881] loop4: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 53.174423][ T4881] Buffer I/O error on dev loop4, logical block 57847, async page read [ 53.183748][ T4895] netlink: 'syz.0.567': attribute type 9 has an invalid length. [ 53.210965][ T4881] syz.4.561: attempt to access beyond end of device [ 53.210965][ T4881] loop4: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 53.228607][ T4881] Buffer I/O error on dev loop4, logical block 57847, async page read [ 53.240018][ T4881] syz.4.561: attempt to access beyond end of device [ 53.240018][ T4881] loop4: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 53.260174][ T4881] Buffer I/O error on dev loop4, logical block 57847, async page read [ 53.269563][ T4881] syz.4.561: attempt to access beyond end of device [ 53.269563][ T4881] loop4: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 53.293718][ T28] audit: type=1400 audit(1770913840.277:403): avc: denied { name_bind } for pid=4900 comm="syz.0.570" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 53.315354][ T4881] Buffer I/O error on dev loop4, logical block 57847, async page read [ 53.327198][ T4881] syz.4.561: attempt to access beyond end of device [ 53.327198][ T4881] loop4: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 53.391170][ T4881] Buffer I/O error on dev loop4, logical block 57847, async page read [ 53.427721][ T4881] syz.4.561: attempt to access beyond end of device [ 53.427721][ T4881] loop4: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 53.447744][ T4881] Buffer I/O error on dev loop4, logical block 57847, async page read [ 53.459401][ T4881] syz.4.561: attempt to access beyond end of device [ 53.459401][ T4881] loop4: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 53.489580][ T4881] Buffer I/O error on dev loop4, logical block 57847, async page read [ 53.502585][ T4923] netlink: 'syz.3.580': attribute type 29 has an invalid length. [ 53.511784][ T4881] syz.4.561: attempt to access beyond end of device [ 53.511784][ T4881] loop4: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 53.534126][ T4921] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.579: invalid indirect mapped block 256 (level 2) [ 53.540574][ T4881] Buffer I/O error on dev loop4, logical block 57847, async page read [ 53.630843][ T4921] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 53.632123][ T4921] EXT4-fs (loop1): 2 truncates cleaned up [ 53.660191][ T4930] set_capacity_and_notify: 2 callbacks suppressed [ 53.660209][ T4930] loop3: detected capacity change from 0 to 1024 [ 53.673478][ T28] audit: type=1400 audit(1770913840.657:404): avc: denied { create } for pid=4931 comm="syz.0.584" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 53.711000][ T4921] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.732874][ T4930] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002] [ 53.755049][ T28] audit: type=1400 audit(1770913840.697:405): avc: denied { bind } for pid=4931 comm="syz.0.584" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 53.783535][ T4930] System zones: 0-1, 3-36 [ 53.803631][ T4930] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.583: bad orphan inode 134217728 [ 53.867058][ T4930] loop3: lost filesystem error report for type 5 error -117 [ 53.868548][ T4930] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.895517][ T28] audit: type=1400 audit(1770913840.697:406): avc: denied { write } for pid=4931 comm="syz.0.584" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 53.934965][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.951239][ T28] audit: type=1400 audit(1770913840.787:407): avc: denied { create } for pid=4937 comm="syz.5.586" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 54.022621][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.068442][ T28] audit: type=1400 audit(1770913840.797:408): avc: denied { sys_admin } for pid=4937 comm="syz.5.586" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 54.471220][ T5001] loop3: detected capacity change from 0 to 2048 [ 54.503054][ T5001] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 54.543191][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.743356][ T5026] __nla_validate_parse: 4 callbacks suppressed [ 54.743369][ T5026] netlink: 4 bytes leftover after parsing attributes in process `syz.4.623'. [ 55.017192][ T5055] loop1: detected capacity change from 0 to 1024 [ 55.023886][ T5055] EXT4-fs: Ignoring removed orlov option [ 55.071905][ T5055] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 55.112402][ T5055] EXT4-fs error (device loop1): __ext4_new_inode:1279: comm syz.1.635: failed to insert inode 15: doubly allocated? [ 55.127696][ T5055] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem [ 55.137494][ T5055] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem [ 55.173695][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.452446][ T5099] netlink: 'syz.5.655': attribute type 29 has an invalid length. [ 55.505756][ T5108] program syz.1.657 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 55.526001][ T5108] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 55.649798][ T5120] netlink: 4 bytes leftover after parsing attributes in process `syz.1.663'. [ 56.052712][ T5140] netlink: 'syz.1.671': attribute type 29 has an invalid length. [ 56.110125][ T5148] netlink: 76 bytes leftover after parsing attributes in process `syz.5.676'. [ 56.139506][ T5150] loop5: detected capacity change from 0 to 2048 [ 56.158533][ T5150] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 56.250272][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.423108][ T5160] loop5: detected capacity change from 0 to 512 [ 56.429738][ T5159] loop3: detected capacity change from 0 to 2048 [ 56.436546][ T5160] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 56.454077][ T5160] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 56.495803][ T5159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 56.638745][ T5174] netlink: 'syz.4.685': attribute type 29 has an invalid length. [ 56.663775][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.727251][ T5176] loop5: detected capacity change from 0 to 8192 [ 56.788701][ T5185] loop4: detected capacity change from 0 to 512 [ 56.813530][ T5185] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.690: invalid indirect mapped block 256 (level 2) [ 56.828929][ T5185] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 56.829355][ T5185] EXT4-fs (loop4): 2 truncates cleaned up [ 56.844973][ T5185] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 56.864916][ T5188] netlink: 4 bytes leftover after parsing attributes in process `syz.0.688'. [ 56.869646][ T5185] netlink: 44 bytes leftover after parsing attributes in process `syz.4.690'. [ 56.905127][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.976041][ T5176] bio_check_eod: 15031 callbacks suppressed [ 56.976055][ T5176] syz.5.684: attempt to access beyond end of device [ 56.976055][ T5176] loop5: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 57.024000][ T5176] syz.5.684: attempt to access beyond end of device [ 57.024000][ T5176] loop5: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 57.027102][ T5196] loop3: detected capacity change from 0 to 1024 [ 57.039067][ T5176] buffer_io_error: 15032 callbacks suppressed [ 57.039081][ T5176] Buffer I/O error on dev loop5, logical block 57847, async page read [ 57.059570][ T5176] syz.5.684: attempt to access beyond end of device [ 57.059570][ T5176] loop5: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 57.070874][ T5196] EXT4-fs: Ignoring removed orlov option [ 57.074575][ T5176] Buffer I/O error on dev loop5, logical block 57847, async page read [ 57.111909][ T5196] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 57.114407][ T5176] syz.5.684: attempt to access beyond end of device [ 57.114407][ T5176] loop5: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 57.146225][ T5176] Buffer I/O error on dev loop5, logical block 57847, async page read [ 57.154662][ T5176] syz.5.684: attempt to access beyond end of device [ 57.154662][ T5176] loop5: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 57.169436][ T5176] Buffer I/O error on dev loop5, logical block 57847, async page read [ 57.171107][ T5196] EXT4-fs error (device loop3): __ext4_new_inode:1279: comm syz.3.704: failed to insert inode 15: doubly allocated? [ 57.177959][ T5176] syz.5.684: attempt to access beyond end of device [ 57.177959][ T5176] loop5: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 57.205010][ T5176] Buffer I/O error on dev loop5, logical block 57847, async page read [ 57.213552][ T5176] syz.5.684: attempt to access beyond end of device [ 57.213552][ T5176] loop5: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 57.228572][ T5176] Buffer I/O error on dev loop5, logical block 57847, async page read [ 57.237043][ T5176] syz.5.684: attempt to access beyond end of device [ 57.237043][ T5176] loop5: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 57.238752][ T5196] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem [ 57.251194][ T5176] Buffer I/O error on dev loop5, logical block 57847, async page read [ 57.268808][ T5176] syz.5.684: attempt to access beyond end of device [ 57.268808][ T5176] loop5: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 57.271666][ T5196] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem [ 57.285244][ T5176] Buffer I/O error on dev loop5, logical block 57847, async page read [ 57.307733][ T5176] syz.5.684: attempt to access beyond end of device [ 57.307733][ T5176] loop5: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 57.321815][ T5210] loop0: detected capacity change from 0 to 2048 [ 57.330241][ T5211] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 57.350287][ T5211] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 57.360159][ T5176] Buffer I/O error on dev loop5, logical block 57847, async page read [ 57.376130][ T5210] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 57.388151][ T5176] Buffer I/O error on dev loop5, logical block 57847, async page read [ 57.401607][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.466480][ T5215] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002] [ 57.495325][ T5215] System zones: 0-1, 3-36 [ 57.516427][ T5215] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.701: bad orphan inode 134217728 [ 57.538393][ T5215] loop1: lost filesystem error report for type 5 error -117 [ 57.538881][ T5215] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.608228][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.638518][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.723513][ T5230] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.705: invalid indirect mapped block 256 (level 2) [ 57.775431][ T5230] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 57.775736][ T5230] EXT4-fs (loop0): 2 truncates cleaned up [ 57.809839][ T5230] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.827023][ T5230] netlink: 44 bytes leftover after parsing attributes in process `syz.0.705'. [ 57.890495][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.964432][ T5248] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002] [ 57.984525][ T5248] System zones: 0-1, 3-36 [ 57.997113][ T5248] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.717: bad orphan inode 134217728 [ 58.033178][ T5248] loop5: lost filesystem error report for type 5 error -117 [ 58.036436][ T5248] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.144832][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.239851][ T5272] netlink: 8 bytes leftover after parsing attributes in process `syz.1.729'. [ 58.274605][ T5270] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 58.550698][ T5292] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.728: invalid indirect mapped block 256 (level 2) [ 58.602115][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.612218][ T5292] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 58.613878][ T5292] EXT4-fs (loop5): 2 truncates cleaned up [ 58.685496][ T5301] netlink: 8 bytes leftover after parsing attributes in process `syz.3.734'. [ 58.697920][ T5292] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.717978][ T5303] set_capacity_and_notify: 9 callbacks suppressed [ 58.718031][ T5303] loop4: detected capacity change from 0 to 512 [ 58.759604][ T5305] bridge0: entered promiscuous mode [ 58.769662][ T5292] netlink: 44 bytes leftover after parsing attributes in process `syz.5.728'. [ 58.782498][ T5303] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 58.797060][ T5305] bridge0: port 3(macvtap1) entered blocking state [ 58.824565][ T5305] bridge0: port 3(macvtap1) entered disabled state [ 58.824788][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.844341][ T5305] macvtap1: entered allmulticast mode [ 58.850170][ T5303] EXT4-fs (loop4): 1 truncate cleaned up [ 58.865942][ T5303] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 58.878178][ T5305] bridge0: entered allmulticast mode [ 58.883849][ T5305] macvtap1: left allmulticast mode [ 58.899898][ T5305] bridge0: left allmulticast mode [ 58.920112][ T5305] bridge0: left promiscuous mode [ 58.988943][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.105820][ T5340] loop4: detected capacity change from 0 to 256 [ 59.107122][ T5328] loop3: detected capacity change from 0 to 8192 [ 59.298083][ T5353] loop4: detected capacity change from 0 to 2048 [ 59.345084][ T5353] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 59.467652][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.518575][ T5377] loop0: detected capacity change from 0 to 512 [ 59.559980][ T5377] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.573925][ T5380] bridge0: entered promiscuous mode [ 59.597276][ T5380] bridge0: port 3(macvtap1) entered blocking state [ 59.604042][ T5380] bridge0: port 3(macvtap1) entered disabled state [ 59.611010][ T5377] ext4 filesystem being mounted at /142/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 59.636307][ T5380] macvtap1: entered allmulticast mode [ 59.641716][ T5380] bridge0: entered allmulticast mode [ 59.655730][ T5380] macvtap1: left allmulticast mode [ 59.662290][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.671226][ T5380] bridge0: left allmulticast mode [ 59.685422][ T5380] bridge0: left promiscuous mode [ 60.021305][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 60.021320][ T28] audit: type=1400 audit(1770913847.017:421): avc: denied { listen } for pid=5417 comm="syz.5.764" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 60.101710][ T5426] loop5: detected capacity change from 0 to 512 [ 60.109521][ T28] audit: type=1400 audit(1770913847.017:422): avc: denied { setopt } for pid=5417 comm="syz.5.764" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 60.142464][ T5426] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 60.184520][ T5426] ext4 filesystem being mounted at /73/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 60.224752][ T5432] loop4: detected capacity change from 0 to 512 [ 60.451996][ T5449] loop0: detected capacity change from 0 to 512 [ 60.458494][ T5446] tap0: tun_chr_ioctl cmd 1074025672 [ 60.473513][ T5446] tap0: ignored: set checksum disabled [ 60.530330][ T5447] loop1: detected capacity change from 0 to 8192 [ 60.767231][ T5459] loop5: detected capacity change from 0 to 512 [ 60.787566][ T5459] EXT4-fs: journaled quota format not specified [ 61.346275][ T5465] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 61.348914][ T5467] tap0: tun_chr_ioctl cmd 1074025672 [ 61.387308][ T5465] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 61.395333][ T5465] FAT-fs (loop4): Filesystem has been set read-only [ 61.398402][ T5467] tap0: ignored: set checksum disabled [ 61.407592][ T5465] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 61.426185][ T5465] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 61.706001][ T28] audit: type=1400 audit(1770913848.707:423): avc: denied { cpu } for pid=5486 comm="syz.1.796" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 61.985391][ T5476] bio_check_eod: 78658 callbacks suppressed [ 61.985453][ T5476] syz.4.787: attempt to access beyond end of device [ 61.985453][ T5476] loop4: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 62.006330][ T5476] syz.4.787: attempt to access beyond end of device [ 62.006330][ T5476] loop4: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 62.020328][ T5476] syz.4.787: attempt to access beyond end of device [ 62.020328][ T5476] loop4: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 62.035132][ T5476] syz.4.787: attempt to access beyond end of device [ 62.035132][ T5476] loop4: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 62.050301][ T5476] syz.4.787: attempt to access beyond end of device [ 62.050301][ T5476] loop4: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 62.064296][ T5476] syz.4.787: attempt to access beyond end of device [ 62.064296][ T5476] loop4: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 62.079071][ T5476] syz.4.787: attempt to access beyond end of device [ 62.079071][ T5476] loop4: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 62.093101][ T5476] syz.4.787: attempt to access beyond end of device [ 62.093101][ T5476] loop4: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 62.108083][ T5476] syz.4.787: attempt to access beyond end of device [ 62.108083][ T5476] loop4: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 62.122321][ T5476] syz.4.787: attempt to access beyond end of device [ 62.122321][ T5476] loop4: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 62.408054][ T28] audit: type=1400 audit(1770913849.397:424): avc: denied { append } for pid=5491 comm="syz.5.798" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 62.475424][ T28] audit: type=1400 audit(1770913849.397:425): avc: denied { map } for pid=5491 comm="syz.5.798" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 62.499694][ T28] audit: type=1400 audit(1770913849.397:426): avc: denied { execute } for pid=5491 comm="syz.5.798" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 62.533152][ T5500] buffer_io_error: 62376 callbacks suppressed [ 62.533167][ T5500] Buffer I/O error on dev loop4, logical block 57847, async page read [ 62.562764][ T5500] Buffer I/O error on dev loop4, logical block 57847, async page read [ 62.572872][ T5500] Buffer I/O error on dev loop4, logical block 57847, async page read [ 62.581505][ T5500] Buffer I/O error on dev loop4, logical block 57847, async page read [ 62.582513][ T28] audit: type=1400 audit(1770913849.557:427): avc: denied { mount } for pid=5506 comm="syz.5.804" name="/" dev="configfs" ino=110 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 62.591315][ T5500] Buffer I/O error on dev loop4, logical block 57847, async page read [ 62.629037][ T28] audit: type=1400 audit(1770913849.557:428): avc: denied { search } for pid=5506 comm="syz.5.804" name="/" dev="configfs" ino=110 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 62.640301][ T5500] Buffer I/O error on dev loop4, logical block 57847, async page read [ 62.654659][ T28] audit: type=1400 audit(1770913849.557:429): avc: denied { search } for pid=5506 comm="syz.5.804" name="/" dev="configfs" ino=110 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 62.671361][ T5500] Buffer I/O error on dev loop4, logical block 57847, async page read [ 62.691330][ T5494] EXT4-fs: journaled quota format not specified [ 62.738599][ T5500] Buffer I/O error on dev loop4, logical block 57847, async page read [ 62.752665][ T5500] Buffer I/O error on dev loop4, logical block 57847, async page read [ 62.761202][ T5500] Buffer I/O error on dev loop4, logical block 57847, async page read [ 62.785091][ T28] audit: type=1400 audit(1770913849.777:430): avc: denied { mounton } for pid=5520 comm="syz.1.810" path="/" dev="tmpfs" ino=832 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=lnk_file permissive=1 [ 63.622335][ T5593] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 63.675927][ T5593] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 63.683909][ T5593] FAT-fs (loop1): Filesystem has been set read-only [ 63.702773][ T5593] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 63.711502][ T5593] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 63.886030][ T5617] set_capacity_and_notify: 8 callbacks suppressed [ 63.886049][ T5617] loop0: detected capacity change from 0 to 2048 [ 64.740329][ T5638] GUP no longer grows the stack in syz.1.872 (5638): 200000006000-200000008000 (200000004000) [ 64.774020][ T5638] CPU: 1 UID: 0 PID: 5638 Comm: syz.1.872 Not tainted syzkaller #0 PREEMPT(full) [ 64.774052][ T5638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 64.774103][ T5638] Call Trace: [ 64.774111][ T5638] [ 64.774119][ T5638] __dump_stack+0x1d/0x30 [ 64.774151][ T5638] dump_stack_lvl+0x95/0xd0 [ 64.774177][ T5638] dump_stack+0x15/0x1b [ 64.774233][ T5638] fixup_user_fault+0x4fb/0x550 [ 64.774261][ T5638] fault_in_user_writeable+0x5c/0xc0 [ 64.774290][ T5638] futex_lock_pi+0x60b/0x7e0 [ 64.774326][ T5638] ? __pfx_futex_wake_mark+0x10/0x10 [ 64.774367][ T5638] do_futex+0x21f/0x380 [ 64.774397][ T5638] __se_sys_futex+0x2f6/0x370 [ 64.774471][ T5638] ? xfd_validate_state+0x45/0xf0 [ 64.774563][ T5638] __x64_sys_futex+0x78/0x90 [ 64.774648][ T5638] x64_sys_call+0x24ab/0x3020 [ 64.774750][ T5638] do_syscall_64+0x12c/0x370 [ 64.774777][ T5638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.774797][ T5638] RIP: 0033:0x7ff243b2bf79 [ 64.774821][ T5638] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 64.774914][ T5638] RSP: 002b:00007ff24257f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 64.774937][ T5638] RAX: ffffffffffffffda RBX: 00007ff243da5fa0 RCX: 00007ff243b2bf79 [ 64.774951][ T5638] RDX: 00000000fffff7fc RSI: 000000000000008d RDI: 0000200000004000 [ 64.774965][ T5638] RBP: 00007ff243bc27e0 R08: 0000000000000000 R09: 0000000000000000 [ 64.774978][ T5638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 64.774990][ T5638] R13: 00007ff243da6038 R14: 00007ff243da5fa0 R15: 00007ffca7a5cc58 [ 64.775053][ T5638] [ 65.206923][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 65.206939][ T28] audit: type=1326 audit(1770913852.197:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5673 comm="syz.1.880" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff243b2bf79 code=0x0 [ 65.223656][ T5680] loop0: detected capacity change from 0 to 512 [ 65.255103][ T28] audit: type=1400 audit(1770913852.207:433): avc: denied { connect } for pid=5676 comm="syz.0.882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 65.315961][ T28] audit: type=1400 audit(1770913852.317:434): avc: denied { read } for pid=5675 comm="syz.3.881" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 65.352382][ T28] audit: type=1400 audit(1770913852.317:435): avc: denied { open } for pid=5675 comm="syz.3.881" path="/dev/usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 65.389689][ T5688] loop4: detected capacity change from 0 to 512 [ 65.396945][ T28] audit: type=1400 audit(1770913852.337:436): avc: denied { ioctl } for pid=5675 comm="syz.3.881" path="/dev/usbmon0" dev="devtmpfs" ino=141 ioctlcmd=0x9204 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 66.424260][ T28] audit: type=1400 audit(1770913853.417:437): avc: denied { map } for pid=5743 comm="syz.5.909" path="socket:[11969]" dev="sockfs" ino=11969 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 66.478667][ T5750] loop5: detected capacity change from 0 to 256 [ 66.486560][ T28] audit: type=1400 audit(1770913853.417:438): avc: denied { read accept } for pid=5743 comm="syz.5.909" path="socket:[11969]" dev="sockfs" ino=11969 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 66.529600][ T28] audit: type=1326 audit(1770913853.527:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5751 comm="syz.4.914" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc02b18bf79 code=0x0 [ 66.608042][ T28] audit: type=1400 audit(1770913853.557:440): avc: denied { connect } for pid=5749 comm="syz.5.913" lport=256 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 66.775969][ T5777] ipvlan0: entered promiscuous mode [ 66.786082][ T5777] ipvlan0: left promiscuous mode [ 66.876530][ T5783] loop3: detected capacity change from 0 to 512 [ 66.893469][ T5783] EXT4-fs: Ignoring removed orlov option [ 66.905247][ T5783] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 66.937789][ T5783] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 66.968514][ T5783] EXT4-fs error (device loop3): ext4_iget_extra_inode:5073: inode #15: comm syz.3.928: corrupted in-inode xattr: e_value size too large [ 67.009815][ T5783] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 67.010015][ T5783] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.928: couldn't read orphan inode 15 (err -117) [ 67.032182][ T5783] loop3: lost filesystem error report for type 5 error -117 [ 67.038040][ T5783] EXT4-fs mount: 7 callbacks suppressed [ 67.038056][ T5783] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.110918][ T5799] bond1: option lacp_rate: invalid value (29) [ 67.119313][ T5799] bond1 (unregistering): Released all slaves [ 67.120267][ T28] audit: type=1400 audit(1770913854.117:441): avc: denied { mounton } for pid=5781 comm="syz.3.928" path="/188/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 67.181440][ T3308] EXT4-fs error (device loop3): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39 [ 67.203860][ T3308] EXT4-fs error (device loop3): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39 [ 67.285870][ T5812] loop0: detected capacity change from 0 to 256 [ 67.418411][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.445558][ T3438] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.530326][ T3438] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.611179][ T3438] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.660540][ T3438] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.731073][ T3438] bridge_slave_1: left allmulticast mode [ 67.737492][ T3438] bridge_slave_1: left promiscuous mode [ 67.743189][ T3438] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.751227][ T3438] bridge_slave_0: left allmulticast mode [ 67.757014][ T3438] bridge_slave_0: left promiscuous mode [ 67.762641][ T3438] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.848724][ T3438] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 67.858591][ T3438] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 67.868909][ T3438] bond0 (unregistering): Released all slaves [ 67.875894][ T5823] chnl_net:caif_netlink_parms(): no params data found [ 67.919606][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.926815][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.934048][ T5823] bridge_slave_0: entered allmulticast mode [ 67.940883][ T5823] bridge_slave_0: entered promiscuous mode [ 67.947821][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.955191][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.963611][ T5823] bridge_slave_1: entered allmulticast mode [ 67.970313][ T5823] bridge_slave_1: entered promiscuous mode [ 67.979409][ T3438] hsr_slave_0: left promiscuous mode [ 67.985188][ T3438] hsr_slave_1: left promiscuous mode [ 67.991073][ T3438] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 67.999518][ T3438] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 68.007169][ T3438] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 68.014737][ T3438] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 68.027180][ T3438] veth1_macvtap: left promiscuous mode [ 68.032875][ T3438] veth0_macvtap: left promiscuous mode [ 68.039083][ T3438] veth1_vlan: left promiscuous mode [ 68.044305][ T3438] veth0_vlan: left promiscuous mode [ 68.085627][ T3438] pim6reg (unregistering): left allmulticast mode [ 68.115786][ T3438] team_slave_1 (unregistering): left allmulticast mode [ 68.122982][ T3438] team0 (unregistering): Port device team_slave_1 removed [ 68.132369][ T3438] team_slave_0 (unregistering): left allmulticast mode [ 68.141066][ T3438] team0 (unregistering): Port device team_slave_0 removed [ 68.167348][ T3438] team0 (unregistering): left allmulticast mode [ 68.188332][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.203297][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.221979][ T5823] team0: Port device team_slave_0 added [ 68.228730][ T5823] team0: Port device team_slave_1 added [ 68.244496][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.251858][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 68.279138][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.291048][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.298092][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 68.324788][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.354061][ T5823] hsr_slave_0: entered promiscuous mode [ 68.361314][ T5823] hsr_slave_1: entered promiscuous mode [ 68.367298][ T5823] debugfs: 'hsr0' already exists in 'hsr' [ 68.373101][ T5823] Cannot create hsr debugfs directory [ 68.441848][ T5823] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 68.451041][ T5823] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 68.467336][ T5823] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 68.486961][ T5823] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 68.538520][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 68.552947][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 68.562988][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.570587][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.580945][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.588106][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.612492][ T5823] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 68.674097][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 68.801662][ T5823] veth0_vlan: entered promiscuous mode [ 68.810521][ T5823] veth1_vlan: entered promiscuous mode [ 68.825457][ T5823] veth0_macvtap: entered promiscuous mode [ 68.832537][ T5823] veth1_macvtap: entered promiscuous mode [ 68.844767][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 68.857692][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 68.868823][ T40] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.877917][ T40] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.888927][ T40] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.898067][ T40] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.951305][ T5930] loop5: detected capacity change from 0 to 1024 [ 68.971898][ T5930] EXT4-fs: Ignoring removed bh option [ 68.986091][ T5930] EXT4-fs: Ignoring removed nomblk_io_submit option [ 68.994790][ T5930] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e841c01c, mo2=0003] [ 69.008324][ T5930] System zones: 0-1, 3-36 [ 69.014637][ T5930] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.055243][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.836153][ T5947] bond1: option lacp_rate: invalid value (157) [ 69.862287][ T5947] bond1 (unregistering): Released all slaves [ 70.774211][ T6047] netlink: 44 bytes leftover after parsing attributes in process `syz.1.998'. [ 70.798279][ T6049] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 70.840667][ T6049] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 70.915095][ T6057] netlink: 'syz.5.1001': attribute type 1 has an invalid length. [ 70.931703][ T6057] netlink: 'syz.5.1001': attribute type 2 has an invalid length. [ 71.212159][ T28] kauditd_printk_skb: 9 callbacks suppressed [ 71.212173][ T28] audit: type=1326 audit(1770913858.207:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6043 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc02b18bf79 code=0x7ffc0000 [ 71.267487][ T28] audit: type=1326 audit(1770913858.237:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6043 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc02b18bf79 code=0x7ffc0000 [ 71.306863][ T6057] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1001'. [ 71.446743][ T6077] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1011'. [ 72.144899][ T6120] netlink: 'syz.0.1028': attribute type 1 has an invalid length. [ 72.187567][ T6120] netlink: 'syz.0.1028': attribute type 2 has an invalid length. [ 72.227824][ T6120] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1028'. [ 72.802298][ T6159] pim6reg: entered allmulticast mode [ 72.852781][ T6159] team0: entered allmulticast mode [ 72.893742][ T6159] team_slave_0: entered allmulticast mode [ 72.923585][ T6159] team_slave_1: entered allmulticast mode [ 72.952990][ T6167] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1052'. [ 72.995305][ T6173] netlink: 488 bytes leftover after parsing attributes in process `syz.5.1055'. [ 73.004543][ T6173] netlink: 488 bytes leftover after parsing attributes in process `syz.5.1055'. [ 73.057038][ T6184] sctp: [Deprecated]: syz.5.1060 (pid 6184) Use of int in max_burst socket option. [ 73.057038][ T6184] Use struct sctp_assoc_value instead [ 73.145355][ T6194] sctp: [Deprecated]: syz.1.1074 (pid 6194) Use of int in max_burst socket option. [ 73.145355][ T6194] Use struct sctp_assoc_value instead [ 73.189043][ T6200] pim6reg: entered allmulticast mode [ 73.198318][ T6200] team0: entered allmulticast mode [ 73.203472][ T6200] team_slave_0: entered allmulticast mode [ 73.209469][ T6200] team_slave_1: entered allmulticast mode [ 73.246095][ T6206] netlink: 488 bytes leftover after parsing attributes in process `syz.4.1070'. [ 73.252282][ T6204] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1068'. [ 73.271807][ T6206] netlink: 488 bytes leftover after parsing attributes in process `syz.4.1070'. [ 73.433969][ T6232] random: crng reseeded on system resumption [ 73.642874][ T6258] pimreg: tun_chr_ioctl cmd 1074812117 [ 73.681795][ T28] audit: type=1326 audit(1770913860.677:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6265 comm="syz.0.1099" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f94b7b0bf79 code=0x0 [ 73.786747][ T28] audit: type=1400 audit(1770913860.787:454): avc: denied { ioctl } for pid=6276 comm="syz.5.1105" path="socket:[14338]" dev="sockfs" ino=14338 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 74.024129][ T6296] pimreg: tun_chr_ioctl cmd 1074812117 [ 74.100711][ T6302] netlink: 'syz.5.1116': attribute type 83 has an invalid length. [ 74.298504][ T6310] loop5: detected capacity change from 0 to 256 [ 74.310601][ T6310] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 74.714672][ T28] audit: type=1400 audit(1770913861.707:455): avc: denied { append } for pid=6347 comm="syz.4.1139" name="loop7" dev="devtmpfs" ino=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 74.827363][ T6356] loop6: detected capacity change from 0 to 1024 [ 74.837817][ T6356] EXT4-fs: Ignoring removed i_version option [ 74.844695][ T6356] EXT4-fs: Ignoring removed nomblk_io_submit option [ 74.845220][ T6358] loop0: detected capacity change from 0 to 512 [ 74.878560][ T6356] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.878678][ T6358] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.903652][ T28] audit: type=1400 audit(1770913861.887:456): avc: denied { watch_reads } for pid=6355 comm="syz.6.1142" path="/42/file1" dev="loop6" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 74.927182][ T28] audit: type=1400 audit(1770913861.897:457): avc: denied { setattr } for pid=6355 comm="syz.6.1142" name="file0" dev="loop6" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 74.943722][ T6358] ext4 filesystem being mounted at /215/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 74.954307][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.024018][ T6371] loop6: detected capacity change from 0 to 512 [ 75.042629][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.048217][ T6371] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 75.067095][ T6371] EXT4-fs (loop6): 1 truncate cleaned up [ 75.088159][ T6371] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.158783][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.350030][ T6401] mmap: syz.6.1158 (6401) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 75.365440][ T28] audit: type=1400 audit(1770914118.339:458): avc: denied { getopt } for pid=6402 comm="syz.5.1159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 75.420586][ T28] audit: type=1400 audit(1770914118.359:459): avc: denied { create } for pid=6404 comm="syz.1.1161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 75.442465][ T28] audit: type=1400 audit(1770914118.359:460): avc: denied { write } for pid=6404 comm="syz.1.1161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 75.481691][ T6420] program syz.6.1166 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 75.735935][ T6455] bond_slave_0: entered promiscuous mode [ 75.741792][ T6455] bond_slave_1: entered promiscuous mode [ 75.748593][ T6455] macvtap1: entered promiscuous mode [ 75.754241][ T6455] bond0: entered promiscuous mode [ 75.760526][ T6456] program syz.1.1180 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 75.770987][ T6455] macvtap1: entered allmulticast mode [ 75.785832][ T6455] bond0: entered allmulticast mode [ 75.791059][ T6455] bond_slave_0: entered allmulticast mode [ 75.797081][ T6455] bond_slave_1: entered allmulticast mode [ 75.804314][ T6455] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 75.821685][ T6464] loop0: detected capacity change from 0 to 512 [ 75.830281][ T6464] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 75.839039][ T6455] bond0: left allmulticast mode [ 75.844056][ T6455] bond_slave_0: left allmulticast mode [ 75.852332][ T6455] bond_slave_1: left allmulticast mode [ 75.858649][ T6455] bond0: left promiscuous mode [ 75.863973][ T6455] bond_slave_0: left promiscuous mode [ 75.869850][ T6455] bond_slave_1: left promiscuous mode [ 75.877852][ T6464] EXT4-fs (loop0): 1 truncate cleaned up [ 75.884054][ T6464] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.950419][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.991623][ T6476] __nla_validate_parse: 5 callbacks suppressed [ 75.991679][ T6476] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1193'. [ 76.012486][ T6476] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1193'. [ 76.029504][ T6483] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1195'. [ 76.045542][ T6483] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1195'. [ 76.190918][ T6505] loop5: detected capacity change from 0 to 512 [ 76.198532][ T6505] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 76.209611][ T6505] EXT4-fs (loop5): 1 truncate cleaned up [ 76.216335][ T6505] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.292366][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.532335][ T6520] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1208'. [ 76.544338][ T6520] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1208'. [ 76.624047][ T28] kauditd_printk_skb: 40 callbacks suppressed [ 76.624062][ T28] audit: type=1400 audit(1770914631.613:501): avc: denied { execute } for pid=6531 comm="syz.1.1214" dev="tmpfs" ino=1106 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 76.654323][ T28] audit: type=1400 audit(1770914631.613:502): avc: denied { execute_no_trans } for pid=6531 comm="syz.1.1214" path=2F6D656D66643A2D42D54E34A64579DBD1A7B153F13A29202864656C6574656429 dev="tmpfs" ino=1106 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 76.718276][ T6538] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1217'. [ 76.802203][ T6547] loop6: detected capacity change from 0 to 512 [ 76.813830][ T6547] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 76.826794][ T6547] EXT4-fs (loop6): 1 truncate cleaned up [ 76.842582][ T6547] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.865790][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.940562][ T28] audit: type=1400 audit(1770914631.933:503): avc: denied { watch watch_reads } for pid=6561 comm="syz.0.1240" path="/237/file0" dev="tmpfs" ino=1239 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 77.102519][ T6573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 77.112602][ T28] audit: type=1326 audit(1770914632.093:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6574 comm="syz.5.1234" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f38a0bcbf79 code=0x0 [ 77.138353][ T6573] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 77.379240][ T6610] loop6: detected capacity change from 0 to 1024 [ 77.386413][ T6610] EXT4-fs: Ignoring removed mblk_io_submit option [ 77.407421][ T6610] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.477308][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.244159][ T6667] loop0: detected capacity change from 0 to 512 [ 78.290290][ T6667] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.290946][ T6674] netlink: 'syz.5.1265': attribute type 9 has an invalid length. [ 78.315678][ T6667] ext4 filesystem being mounted at /244/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.364644][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.849411][ T6731] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1291'. [ 79.221802][ T6765] loop0: detected capacity change from 0 to 512 [ 79.241595][ T6765] EXT4-fs: Ignoring removed i_version option [ 79.267384][ T6765] EXT4-fs: Ignoring removed bh option [ 79.303490][ T6765] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.367845][ T6765] ext4 filesystem being mounted at /255/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 79.434270][ T28] audit: type=1400 audit(1770914634.423:505): avc: denied { create } for pid=6777 comm="syz.1.1323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 79.462236][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.486581][ T28] audit: type=1400 audit(1770914634.423:506): avc: denied { write } for pid=6777 comm="syz.1.1323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 79.543488][ T6784] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 79.618738][ T6778] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 79.641776][ T6778] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 79.750377][ T6813] loop1: detected capacity change from 0 to 512 [ 79.771120][ T6813] EXT4-fs: Ignoring removed i_version option [ 79.795479][ T6813] EXT4-fs: Ignoring removed bh option [ 79.827852][ T6813] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.851592][ T6813] ext4 filesystem being mounted at /276/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 79.880657][ T6820] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 79.918438][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.003083][ T6827] loop1: detected capacity change from 0 to 1024 [ 80.023874][ T6827] EXT4-fs: inline encryption not supported [ 80.057042][ T6827] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.096329][ T6827] EXT4-fs error (device loop1): mb_free_blocks:2037: group 0, inode 15: block 145:freeing already freed block (bit 9); block bitmap corrupt. [ 80.121978][ T6827] EXT4-fs (loop1): Remounting filesystem read-only [ 80.176739][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.238072][ T6859] loop5: detected capacity change from 0 to 512 [ 80.268707][ T6859] EXT4-fs: Ignoring removed i_version option [ 80.274830][ T6859] EXT4-fs: Ignoring removed bh option [ 80.322380][ T6859] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.352715][ T6859] ext4 filesystem being mounted at /205/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 80.438044][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.466418][ T23] IPVS: starting estimator thread 0... [ 80.522775][ T6896] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6896 comm=syz.4.1356 [ 80.546403][ T6893] loop0: detected capacity change from 0 to 1024 [ 80.565439][ T6887] IPVS: using max 2688 ests per chain, 134400 per kthread [ 80.588711][ T6893] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.640035][ T6893] EXT4-fs (loop0): shut down requested (0) [ 80.669217][ T6910] loop6: detected capacity change from 0 to 512 [ 80.717985][ T6910] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.1360: invalid indirect mapped block 256 (level 2) [ 80.744557][ T6910] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 80.746340][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.760459][ T6910] EXT4-fs (loop6): 2 truncates cleaned up [ 80.829972][ T6910] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.890302][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.917648][ T3406] IPVS: starting estimator thread 0... [ 80.979272][ T6944] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6944 comm=syz.0.1369 [ 81.016280][ T6939] IPVS: using max 2160 ests per chain, 108000 per kthread [ 81.105210][ T6964] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1386'. [ 81.121562][ T6967] loop6: detected capacity change from 0 to 1024 [ 81.171208][ T6964] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 81.181890][ T6967] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.201975][ T6967] EXT4-fs (loop6): shut down requested (0) [ 81.212827][ T6967] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=15 [ 81.227773][ T6967] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=15 [ 81.244250][ T6964] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 81.252810][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.257640][ T28] audit: type=1326 audit(1770914636.233:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6977 comm="syz.5.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38a0bcbf79 code=0x7ffc0000 [ 81.307924][ T6980] loop1: detected capacity change from 0 to 512 [ 81.308870][ T28] audit: type=1326 audit(1770914636.233:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6977 comm="syz.5.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38a0bcbf79 code=0x7ffc0000 [ 81.356929][ T6980] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1379: invalid indirect mapped block 256 (level 2) [ 81.367645][ T28] audit: type=1326 audit(1770914636.253:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6977 comm="syz.5.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f38a0bcbf79 code=0x7ffc0000 [ 81.401256][ T6988] syzkaller1: entered promiscuous mode [ 81.404287][ T28] audit: type=1326 audit(1770914636.253:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6977 comm="syz.5.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38a0bcbf79 code=0x7ffc0000 [ 81.435642][ T6980] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 81.445876][ T6980] EXT4-fs (loop1): 2 truncates cleaned up [ 81.455814][ T6988] syzkaller1: entered allmulticast mode [ 81.466531][ T6980] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.529351][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.543697][ T7001] loop4: detected capacity change from 0 to 764 [ 81.555427][ T7001] Symlink component flag not implemented [ 81.561730][ T7001] Symlink component flag not implemented [ 81.570745][ T7001] Symlink component flag not implemented (129) [ 81.603672][ T7001] Symlink component flag not implemented (6) [ 81.668062][ T28] kauditd_printk_skb: 11 callbacks suppressed [ 81.668075][ T28] audit: type=1326 audit(1770914636.663:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7015 comm="syz.1.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff243b2bf79 code=0x7ffc0000 [ 81.703793][ T7010] loop5: detected capacity change from 0 to 1024 [ 81.718626][ T28] audit: type=1326 audit(1770914636.693:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7015 comm="syz.1.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff243b2bf79 code=0x7ffc0000 [ 81.771331][ T7019] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1395'. [ 81.792150][ T7010] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.812897][ T7019] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 81.820397][ T28] audit: type=1326 audit(1770914636.693:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7015 comm="syz.1.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff243b2bf79 code=0x7ffc0000 [ 81.844265][ T7010] EXT4-fs (loop5): shut down requested (0) [ 81.850431][ T28] audit: type=1326 audit(1770914636.693:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7015 comm="syz.1.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff243b2bf79 code=0x7ffc0000 [ 81.874970][ T28] audit: type=1326 audit(1770914636.693:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7015 comm="syz.1.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff243b2bf79 code=0x7ffc0000 [ 81.887499][ T7019] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 81.899152][ T28] audit: type=1326 audit(1770914636.693:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7015 comm="syz.1.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7ff243b2bf79 code=0x7ffc0000 [ 81.939778][ T28] audit: type=1326 audit(1770914636.693:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7015 comm="syz.1.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff243b2bf79 code=0x7ffc0000 [ 81.964705][ T28] audit: type=1326 audit(1770914636.693:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7015 comm="syz.1.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff243b2bf79 code=0x7ffc0000 [ 81.964964][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.989113][ T28] audit: type=1326 audit(1770914636.693:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7015 comm="syz.1.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff243b2bf79 code=0x7ffc0000 [ 82.034502][ T28] audit: type=1326 audit(1770914636.693:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7015 comm="syz.1.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff243b2bf79 code=0x7ffc0000 [ 82.108328][ T7038] loop0: detected capacity change from 0 to 764 [ 82.148554][ T7042] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 82.176662][ T7038] Symlink component flag not implemented [ 82.182418][ T7038] Symlink component flag not implemented [ 82.199670][ T7042] EXT4-fs (loop5): 1 truncate cleaned up [ 82.211237][ T7038] Symlink component flag not implemented (129) [ 82.218959][ T7042] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.265483][ T7038] Symlink component flag not implemented (6) [ 82.456473][ T7060] Invalid argument reading file caps for ./file0 [ 82.468959][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.499871][ T7061] syzkaller1: entered promiscuous mode [ 82.512572][ T7061] syzkaller1: entered allmulticast mode [ 82.547333][ T7067] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.565047][ T7072] netlink: 63503 bytes leftover after parsing attributes in process `syz.1.1411'. [ 82.600767][ T7067] EXT4-fs (loop4): shut down requested (0) [ 82.635325][ T7067] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=15 [ 82.666510][ T7067] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=15 [ 82.708424][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.942151][ T7100] bio_check_eod: 33266 callbacks suppressed [ 82.942246][ T7100] syz.1.1422: attempt to access beyond end of device [ 82.942246][ T7100] loop1: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 82.996524][ T7100] buffer_io_error: 9329 callbacks suppressed [ 82.996543][ T7100] Buffer I/O error on dev loop1, logical block 57847, async page read [ 83.399883][ T7118] netlink: 'syz.1.1431': attribute type 12 has an invalid length. [ 83.408479][ T7118] netlink: 'syz.1.1431': attribute type 29 has an invalid length. [ 83.420956][ T7118] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1431'. [ 83.826143][ T7142] 8021q: adding VLAN 0 to HW filter on device bond1 [ 84.151343][ T7153] netlink: 'syz.6.1446': attribute type 12 has an invalid length. [ 84.169935][ T7153] netlink: 'syz.6.1446': attribute type 29 has an invalid length. [ 84.179266][ T7153] netlink: 148 bytes leftover after parsing attributes in process `syz.6.1446'. [ 84.552927][ T7189] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 84.629171][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.674178][ T7200] netlink: 'syz.5.1464': attribute type 2 has an invalid length. [ 84.684379][ T7198] SELinux: failed to load policy [ 84.694954][ T7200] netlink: 'syz.5.1464': attribute type 1 has an invalid length. [ 85.191311][ T7236] set_capacity_and_notify: 6 callbacks suppressed [ 85.191387][ T7236] loop1: detected capacity change from 0 to 1024 [ 85.252863][ T7236] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 85.265896][ T7236] ext4 filesystem being mounted at /309/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.295348][ T7242] loop5: detected capacity change from 0 to 1024 [ 85.303716][ T7236] EXT4-fs error (device loop1): ext4_map_blocks:825: inode #15: block 3: comm syz.1.1487: lblock 3 mapped to illegal pblock 3 (length 3) [ 85.336658][ T7242] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.348678][ T7236] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 85.348714][ T7236] EXT4-fs (loop1): This should not happen!! Data will be lost [ 85.348714][ T7236] [ 85.349503][ T7249] EXT4-fs error (device loop1): ext4_map_blocks:825: inode #15: block 8: comm syz.1.1487: lblock 8 mapped to illegal pblock 8 (length 8) [ 85.469093][ T7242] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: comm syz.5.1478: inode #3102817150: comm syz.5.1478: iget: illegal inode # [ 85.493663][ T7249] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 85.509781][ T7242] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.1478: error while reading EA inode 3102817150 err=-117 [ 85.524079][ T7249] EXT4-fs (loop1): This should not happen!! Data will be lost [ 85.524079][ T7249] [ 85.553788][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.564772][ T7251] loop4: detected capacity change from 0 to 8192 [ 85.610921][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 85.750664][ T7262] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 85.783814][ T7262] SELinux: failed to load policy [ 86.114885][ T7278] loop4: detected capacity change from 0 to 512 [ 86.134138][ T7280] loop1: detected capacity change from 0 to 512 [ 86.153448][ T7278] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 86.540089][ T7290] loop1: detected capacity change from 0 to 1024 [ 86.596709][ T7290] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.658683][ T7290] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: comm syz.1.1494: inode #3102817150: comm syz.1.1494: iget: illegal inode # [ 86.706167][ T7290] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.1494: error while reading EA inode 3102817150 err=-117 [ 86.772373][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.802147][ T7297] SELinux: failed to load policy [ 86.834152][ T7238] syz.6.1477 (7238) used greatest stack depth: 7432 bytes left [ 87.015256][ T7311] netlink: 'syz.1.1499': attribute type 2 has an invalid length. [ 87.041543][ T7311] netlink: 'syz.1.1499': attribute type 1 has an invalid length. [ 87.736767][ T7333] SELinux: failed to load policy [ 87.994846][ T7344] loop5: detected capacity change from 0 to 8192 [ 88.114347][ T7351] loop6: detected capacity change from 0 to 512 [ 88.302700][ T7359] veth1_to_bond: entered allmulticast mode [ 88.325174][ T7358] veth1_to_bond: left allmulticast mode [ 88.621067][ T28] kauditd_printk_skb: 11 callbacks suppressed [ 88.621082][ T28] audit: type=1326 audit(1770914643.613:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7367 comm="syz.5.1525" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f38a0bcbf79 code=0x0 [ 88.659408][ T7370] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1526'. [ 88.836477][ T7379] loop1: detected capacity change from 0 to 8192 [ 88.976957][ T7339] syz.0.1513 (7339) used greatest stack depth: 6384 bytes left [ 88.991465][ T7390] veth1_to_bond: entered allmulticast mode [ 88.997855][ T7389] veth1_to_bond: left allmulticast mode [ 89.729314][ T7426] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1542'. [ 89.890444][ T7434] loop1: detected capacity change from 0 to 512 [ 89.909845][ T7434] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 89.941638][ T7434] EXT4-fs (loop1): 1 truncate cleaned up [ 89.957240][ T7434] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.996011][ T28] audit: type=1326 audit(1770914644.993:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7433 comm="syz.1.1547" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff243b2bf79 code=0x0 [ 90.113682][ T7453] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1557'. [ 90.728123][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.748495][ T28] audit: type=1326 audit(1770914645.743:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7467 comm="syz.6.1572" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbdb681bf79 code=0x0 [ 91.335045][ T7524] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 91.460356][ T7530] 9p: Unknown access argument us: -22 [ 91.727867][ T7542] netlink: 143700 bytes leftover after parsing attributes in process `syz.1.1598'. [ 92.235166][ T7554] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 92.584715][ T28] audit: type=1326 audit(1770914647.573:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7564 comm="syz.0.1607" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f94b7b0bf79 code=0x0 [ 92.769813][ T7579] 9p: Unknown access argument us: -22 [ 93.177935][ T7589] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 93.583862][ T7603] netlink: 143700 bytes leftover after parsing attributes in process `syz.0.1625'. [ 94.324325][ T7646] netlink: 143700 bytes leftover after parsing attributes in process `syz.6.1640'. [ 94.410923][ T7652] netlink: 'syz.6.1644': attribute type 21 has an invalid length. [ 94.419878][ T7652] netlink: 128 bytes leftover after parsing attributes in process `syz.6.1644'. [ 94.429355][ T7652] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1644'. [ 94.439077][ T7652] netlink: 'syz.6.1644': attribute type 21 has an invalid length. [ 94.448798][ T7652] netlink: 128 bytes leftover after parsing attributes in process `syz.6.1644'. [ 94.458381][ T7652] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1644'. [ 94.486432][ T7659] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7659 comm=syz.6.1649 [ 94.523581][ T28] audit: type=1400 audit(1770914649.513:547): avc: denied { connect } for pid=7660 comm="syz.6.1652" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 94.613363][ T7671] loop6: detected capacity change from 0 to 512 [ 94.621718][ T7671] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 94.641744][ T7671] EXT4-fs (loop6): 1 truncate cleaned up [ 94.648877][ T7671] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.664480][ T28] audit: type=1326 audit(1770914649.653:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7669 comm="syz.6.1655" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbdb681bf79 code=0x0 [ 94.740330][ T7675] netlink: 143700 bytes leftover after parsing attributes in process `syz.4.1656'. [ 94.923449][ T7693] loop4: detected capacity change from 0 to 512 [ 94.931838][ T7693] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.1672: inode has both inline data and extents flags [ 94.945289][ T7693] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 94.945933][ T7693] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1672: couldn't read orphan inode 15 (err -117) [ 94.968793][ T7693] loop4: lost filesystem error report for type 5 error -117 [ 94.969453][ T7693] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.013891][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.464935][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.153472][ T7698] syz.5.1663 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 96.168483][ T7698] CPU: 1 UID: 0 PID: 7698 Comm: syz.5.1663 Not tainted syzkaller #0 PREEMPT(full) [ 96.168502][ T7698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 96.168511][ T7698] Call Trace: [ 96.168518][ T7698] [ 96.168524][ T7698] __dump_stack+0x1d/0x30 [ 96.168544][ T7698] dump_stack_lvl+0x95/0xd0 [ 96.168630][ T7698] dump_stack+0x15/0x1b [ 96.168705][ T7698] dump_header+0x80/0x240 [ 96.168719][ T7698] oom_kill_process+0x295/0x350 [ 96.168739][ T7698] out_of_memory+0x97d/0xb80 [ 96.168827][ T7698] try_charge_memcg+0x62e/0xa10 [ 96.168848][ T7698] obj_cgroup_charge_pages+0x23/0xc0 [ 96.168861][ T7698] __memcg_kmem_charge_page+0x9e/0x170 [ 96.168874][ T7698] __alloc_frozen_pages_noprof+0x18a/0x350 [ 96.168964][ T7698] alloc_pages_mpol+0xb3/0x260 [ 96.168978][ T7698] alloc_pages_noprof+0x8f/0x130 [ 96.168991][ T7698] __vmalloc_node_range_noprof+0xa46/0x12b0 [ 96.169059][ T7698] __kvmalloc_node_noprof+0x3c3/0x620 [ 96.169098][ T7698] ? ip_set_alloc+0x24/0x30 [ 96.169111][ T7698] ? ip_set_alloc+0x24/0x30 [ 96.169123][ T7698] ? __kmalloc_cache_noprof+0x18a/0x400 [ 96.169143][ T7698] ip_set_alloc+0x24/0x30 [ 96.169175][ T7698] hash_netiface_create+0x282/0x740 [ 96.169200][ T7698] ? __pfx_hash_netiface_create+0x10/0x10 [ 96.169213][ T7698] ip_set_create+0x3cf/0x970 [ 96.169232][ T7698] ? __nla_parse+0x40/0x60 [ 96.169309][ T7698] nfnetlink_rcv_msg+0x509/0x5d0 [ 96.169344][ T7698] netlink_rcv_skb+0x123/0x220 [ 96.169358][ T7698] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 96.169455][ T7698] nfnetlink_rcv+0x167/0x1720 [ 96.169477][ T7698] ? __kfree_skb+0x109/0x150 [ 96.169542][ T7698] ? nlmon_xmit+0x4f/0x60 [ 96.169597][ T7698] ? consume_skb+0x49/0x140 [ 96.169641][ T7698] ? nlmon_xmit+0x4f/0x60 [ 96.169652][ T7698] ? dev_hard_start_xmit+0x3a8/0x3e0 [ 96.169668][ T7698] ? __dev_queue_xmit+0x139a/0x1f20 [ 96.169681][ T7698] ? __dev_queue_xmit+0x148/0x1f20 [ 96.169695][ T7698] ? ref_tracker_free+0x37d/0x3e0 [ 96.169754][ T7698] ? __netlink_deliver_tap+0x4dc/0x500 [ 96.169769][ T7698] netlink_unicast+0x5c0/0x690 [ 96.169782][ T7698] netlink_sendmsg+0x5c8/0x6f0 [ 96.169798][ T7698] ? __pfx_netlink_sendmsg+0x10/0x10 [ 96.169874][ T7698] ____sys_sendmsg+0x5af/0x600 [ 96.169890][ T7698] ___sys_sendmsg+0x195/0x1e0 [ 96.169910][ T7698] __x64_sys_sendmsg+0xd4/0x160 [ 96.169961][ T7698] x64_sys_call+0x194c/0x3020 [ 96.169977][ T7698] do_syscall_64+0x12c/0x370 [ 96.170074][ T7698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.170088][ T7698] RIP: 0033:0x7f38a0bcbf79 [ 96.170099][ T7698] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 96.170157][ T7698] RSP: 002b:00007f389f627028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 96.170171][ T7698] RAX: ffffffffffffffda RBX: 00007f38a0e45fa0 RCX: 00007f38a0bcbf79 [ 96.170180][ T7698] RDX: 0000000000000880 RSI: 0000200000000040 RDI: 0000000000000003 [ 96.170188][ T7698] RBP: 00007f38a0c627e0 R08: 0000000000000000 R09: 0000000000000000 [ 96.170196][ T7698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 96.170225][ T7698] R13: 00007f38a0e46038 R14: 00007f38a0e45fa0 R15: 00007fff98337f78 [ 96.170247][ T7698] [ 96.170252][ T7698] memory: usage 307200kB, limit 307200kB, failcnt 65 [ 96.502200][ T7698] memory+swap: usage 307368kB, limit 9007199254740988kB, failcnt 0 [ 96.510775][ T7698] kmem: usage 301828kB, limit 9007199254740988kB, failcnt 0 [ 96.518340][ T7698] Memory cgroup stats for /syz5: [ 96.518578][ T7698] cache 0 [ 96.526919][ T7698] rss 5468160 [ 96.530232][ T7698] shmem 0 [ 96.533185][ T7698] mapped_file 0 [ 96.537235][ T7698] dirty 0 [ 96.540161][ T7698] writeback 0 [ 96.543425][ T7698] workingset_refault_anon 0 [ 96.547985][ T7698] workingset_refault_file 0 [ 96.552515][ T7698] swap 172032 [ 96.555807][ T7698] swapcached 32768 [ 96.559518][ T7698] pgpgin 54180 [ 96.562894][ T7698] pgpgout 52837 [ 96.566885][ T7698] pgfault 53923 [ 96.570324][ T7698] pgmajfault 2 [ 96.573668][ T7698] inactive_anon 16384 [ 96.577649][ T7698] active_anon 16384 [ 96.581438][ T7698] inactive_file 5468160 [ 96.585586][ T7698] active_file 0 [ 96.589028][ T7698] unevictable 0 [ 96.592458][ T7698] hierarchical_memory_limit 314572800 [ 96.598295][ T7698] hierarchical_memsw_limit 9223372036854771712 [ 96.604426][ T7698] total_cache 0 [ 96.607924][ T7698] total_rss 5468160 [ 96.611730][ T7698] total_shmem 0 [ 96.615166][ T7698] total_mapped_file 0 [ 96.619177][ T7698] total_dirty 0 [ 96.622707][ T7698] total_writeback 0 [ 96.627041][ T7698] total_workingset_refault_anon 0 [ 96.632045][ T7698] total_workingset_refault_file 0 [ 96.638132][ T7698] total_swap 172032 [ 96.642867][ T7698] total_swapcached 32768 [ 96.647622][ T7698] total_pgpgin 54180 [ 96.654035][ T7698] total_pgpgout 52837 [ 96.658531][ T7698] total_pgfault 53923 [ 96.662536][ T7698] total_pgmajfault 2 [ 96.666435][ T7698] total_inactive_anon 16384 [ 96.670926][ T7698] total_active_anon 16384 [ 96.675322][ T7698] total_inactive_file 5468160 [ 96.680012][ T7698] total_active_file 0 [ 96.683984][ T7698] total_unevictable 0 [ 96.688574][ T7698] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.1663,pid=7696,uid=0 [ 96.703453][ T7698] Memory cgroup out of memory: Killed process 7696 (syz.5.1663) total-vm:96336kB, anon-rss:6644kB, file-rss:22176kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 96.787513][ T12] Bluetooth: hci0: Frame reassembly failed (-84) [ 96.855317][ T7724] netlink: 143700 bytes leftover after parsing attributes in process `syz.5.1669'. [ 96.894809][ T7733] loop6: detected capacity change from 0 to 512 [ 96.914743][ T7733] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 96.941344][ T7737] loop4: detected capacity change from 0 to 512 [ 96.958134][ T7733] EXT4-fs (loop6): 1 truncate cleaned up [ 96.968198][ T7737] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 96.985949][ T7733] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.998925][ T7741] loop5: detected capacity change from 0 to 1024 [ 97.006890][ T7737] EXT4-fs (loop4): 1 truncate cleaned up [ 97.008991][ T7741] EXT4-fs: inline encryption not supported [ 97.019457][ T28] audit: type=1400 audit(1770914652.003:549): avc: denied { map } for pid=7731 comm="syz.6.1677" path="/151/file2/file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 97.056906][ T7737] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.064563][ T28] audit: type=1400 audit(1770914652.003:550): avc: denied { read write execute } for pid=7731 comm="syz.6.1677" path="/151/file2/file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 97.094712][ T7741] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.113369][ T28] audit: type=1400 audit(1770914652.063:551): avc: denied { ioctl } for pid=7731 comm="syz.6.1677" path="/151/file2/file1" dev="loop6" ino=15 ioctlcmd=0x662a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 97.152804][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.162562][ T28] audit: type=1326 audit(1770914652.063:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7735 comm="syz.4.1680" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc02b18bf79 code=0x0 [ 97.175718][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.186281][ T28] audit: type=1400 audit(1770914652.133:553): avc: denied { append } for pid=7740 comm="syz.5.1681" name="file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 97.218453][ T28] audit: type=1400 audit(1770914652.133:554): avc: denied { open } for pid=7740 comm="syz.5.1681" path="/264/file1/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 97.288902][ T7756] loop5: detected capacity change from 0 to 512 [ 97.300513][ T7756] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.1689: inode has both inline data and extents flags [ 97.314062][ T7756] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 97.314708][ T7756] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.1689: couldn't read orphan inode 15 (err -117) [ 97.336071][ T7756] loop5: lost filesystem error report for type 5 error -117 [ 97.336645][ T7756] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.364792][ T7759] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1690'. [ 97.374179][ T7759] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 97.388732][ T7759] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 97.397504][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.520473][ T7763] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1692'. [ 97.535666][ T7763] netlink: 'syz.5.1692': attribute type 30 has an invalid length. [ 97.549406][ T378] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 97.558263][ T378] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 97.567080][ T7763] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1692'. [ 97.576887][ T7763] netlink: 'syz.5.1692': attribute type 30 has an invalid length. [ 97.584967][ T378] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 97.605810][ T378] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 97.607921][ T7767] loop6: detected capacity change from 0 to 4096 [ 97.644471][ T7767] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.703664][ T7772] loop0: detected capacity change from 0 to 1024 [ 97.711357][ T7772] EXT4-fs: Ignoring removed nomblk_io_submit option [ 97.732227][ T7772] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.758137][ T28] audit: type=1400 audit(1770914652.753:555): avc: denied { map } for pid=7771 comm="syz.0.1696" path="/336/file1/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 97.798485][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.814246][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.899970][ T7790] loop0: detected capacity change from 0 to 512 [ 97.922962][ T7790] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.1702: inode has both inline data and extents flags [ 97.944971][ T7790] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 97.945132][ T7790] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1702: couldn't read orphan inode 15 (err -117) [ 97.967687][ T7790] loop0: lost filesystem error report for type 5 error -117 [ 97.968255][ T7790] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.008839][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.062827][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.130556][ T28] audit: type=1400 audit(1770914653.123:556): avc: denied { ioctl } for pid=7807 comm="syz.0.1712" path="socket:[18955]" dev="sockfs" ino=18955 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 98.199819][ T7815] loop0: detected capacity change from 0 to 1024 [ 98.206761][ T7815] EXT4-fs: inline encryption not supported [ 98.228962][ T7815] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.264355][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.866025][ T4503] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 98.889990][ T7838] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 99.003552][ T7848] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 99.030732][ T7848] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 99.037300][ T7852] EXT4-fs: Ignoring removed nomblk_io_submit option [ 99.061421][ T7852] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.089906][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.124690][ T7861] EXT4-fs: inline encryption not supported [ 99.158909][ T7861] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.175870][ T7866] EXT4-fs (loop5): blocks per group (95) and clusters per group (32768) inconsistent [ 99.246493][ T7871] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 99.267614][ T7871] EXT4-fs (loop5): 1 truncate cleaned up [ 99.273790][ T7871] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.346618][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.482941][ T7880] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.496275][ T7881] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.591146][ T7880] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 99.613065][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.632311][ T7880] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 640 with error 28 [ 99.682982][ T7880] EXT4-fs (loop6): This should not happen!! Data will be lost [ 99.682982][ T7880] [ 99.688286][ T7890] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 99.695584][ T7880] EXT4-fs (loop6): Total free blocks count 0 [ 99.709443][ T7880] EXT4-fs (loop6): Free/Dirty block details [ 99.715631][ T28] audit: type=1326 audit(1770914654.703:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7891 comm="syz.0.1745" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f94b7b0bf79 code=0x0 [ 99.738831][ T7880] EXT4-fs (loop6): free_blocks=68451041280 [ 99.744715][ T7880] EXT4-fs (loop6): dirty_blocks=656 [ 99.751080][ T7880] EXT4-fs (loop6): Block reservation details [ 99.758174][ T7880] EXT4-fs (loop6): i_reserved_data_blocks=41 [ 99.800572][ T7899] __nla_validate_parse: 1 callbacks suppressed [ 99.800592][ T7899] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1747'. [ 99.816842][ T40] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 640 with error 28 [ 99.821393][ T7899] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 99.851788][ T7899] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 99.873402][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.915139][ T7904] set_capacity_and_notify: 6 callbacks suppressed [ 99.915176][ T7904] loop1: detected capacity change from 0 to 512 [ 99.946827][ T7904] EXT4-fs (loop1): blocks per group (95) and clusters per group (32768) inconsistent [ 100.548837][ T3438] Bluetooth: hci0: Frame reassembly failed (-84) [ 100.549423][ T7916] loop1: detected capacity change from 0 to 512 [ 100.576037][ T7916] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 100.591967][ T7916] EXT4-fs (loop1): 1 truncate cleaned up [ 100.607734][ T7916] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.771445][ T28] audit: type=1326 audit(1770914655.763:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7922 comm="syz.6.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdb681bf79 code=0x7ffc0000 [ 100.774361][ T7927] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1767'. [ 100.806390][ T7927] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 100.824899][ T28] audit: type=1326 audit(1770914655.763:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7922 comm="syz.6.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdb681bf79 code=0x7ffc0000 [ 100.866908][ T7927] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 100.878174][ T28] audit: type=1326 audit(1770914655.763:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7922 comm="syz.6.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdb681bf79 code=0x7ffc0000 [ 100.913928][ T28] audit: type=1326 audit(1770914655.763:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7922 comm="syz.6.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fbdb681bf79 code=0x7ffc0000 [ 100.925535][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.938059][ T28] audit: type=1326 audit(1770914655.763:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7922 comm="syz.6.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdb681bf79 code=0x7ffc0000 [ 100.971140][ T28] audit: type=1326 audit(1770914655.793:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7922 comm="syz.6.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdb681bf79 code=0x7ffc0000 [ 101.030208][ T28] audit: type=1326 audit(1770914655.793:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7922 comm="syz.6.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdb681bf79 code=0x7ffc0000 [ 101.059056][ T28] audit: type=1326 audit(1770914655.793:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7922 comm="syz.6.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fbdb681bf79 code=0x7ffc0000 [ 101.087949][ T28] audit: type=1326 audit(1770914655.793:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7922 comm="syz.6.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdb681bf79 code=0x7ffc0000 [ 101.216240][ T7942] loop1: detected capacity change from 0 to 8192 [ 101.266384][ T3298] loop1: p1 p2 p3 < > p4 < p5 p6 > [ 101.271831][ T3298] loop1: partition table partially beyond EOD, truncated [ 101.279344][ T3298] loop1: p1 start 30976 is beyond EOD, truncated [ 101.286242][ T3298] loop1: p2 size 16128 extends beyond EOD, truncated [ 101.296255][ T3298] loop1: p3 start 327168 is beyond EOD, truncated [ 101.308266][ T3298] loop1: p5 start 30976 is beyond EOD, truncated [ 101.315519][ T3298] loop1: p6 size 16128 extends beyond EOD, truncated [ 101.339416][ T7942] loop1: p1 p2 p3 < > p4 < p5 p6 > [ 101.357189][ T7942] loop1: partition table partially beyond EOD, truncated [ 101.365651][ T7942] loop1: p1 start 30976 is beyond EOD, truncated [ 101.372368][ T7942] loop1: p2 size 16128 extends beyond EOD, truncated [ 101.379940][ T7942] loop1: p3 start 327168 is beyond EOD, truncated [ 101.389376][ T7942] loop1: p5 start 30976 is beyond EOD, truncated [ 101.396022][ T7942] loop1: p6 size 16128 extends beyond EOD, truncated [ 101.480705][ T3298] udevd[3298]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 101.481883][ T4917] udevd[4917]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 101.506227][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop1p6, 10) failed: No such file or directory [ 101.522807][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop1p6, 10) failed: No such file or directory [ 101.534926][ T3298] udevd[3298]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 101.546018][ T4917] udevd[4917]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 102.437117][ T7982] loop1: detected capacity change from 0 to 1024 [ 102.446934][ T7982] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.532132][ T7982] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 102.549052][ T7982] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1000 with error 28 [ 102.564076][ T7982] EXT4-fs (loop1): This should not happen!! Data will be lost [ 102.564076][ T7982] [ 102.574176][ T7982] EXT4-fs (loop1): Total free blocks count 0 [ 102.583065][ T7982] EXT4-fs (loop1): Free/Dirty block details [ 102.589292][ T7982] EXT4-fs (loop1): free_blocks=68451041280 [ 102.595163][ T7982] EXT4-fs (loop1): dirty_blocks=1008 [ 102.600877][ T7982] EXT4-fs (loop1): Block reservation details [ 102.607879][ T7982] EXT4-fs (loop1): i_reserved_data_blocks=63 [ 102.625392][ T4503] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 102.625433][ T43] Bluetooth: hci0: command 0x1003 tx timeout [ 102.711265][ T1759] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1000 with error 28 [ 103.306996][ T8025] batadv_slave_1: entered promiscuous mode [ 103.325892][ T8024] batadv_slave_1: left promiscuous mode [ 103.517251][ T8027] loop5: detected capacity change from 0 to 512 [ 103.545368][ T8027] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.578253][ T8027] ext4 filesystem being mounted at /292/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 103.592054][ T8033] loop4: detected capacity change from 0 to 1024 [ 103.639284][ T8033] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.661659][ T8027] EXT4-fs (loop5): shut down requested (1) [ 103.676441][ T8027] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop5 ino=12 [ 103.697660][ T8027] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop5 ino=12 [ 103.718531][ T8027] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop5 ino=12 [ 103.731242][ T8033] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 103.747282][ T8033] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1304 with error 28 [ 103.759830][ T8033] EXT4-fs (loop4): This should not happen!! Data will be lost [ 103.759830][ T8033] [ 103.769496][ T8033] EXT4-fs (loop4): Total free blocks count 0 [ 103.776784][ T8033] EXT4-fs (loop4): Free/Dirty block details [ 103.782680][ T8033] EXT4-fs (loop4): free_blocks=68451041280 [ 103.789235][ T8033] EXT4-fs (loop4): dirty_blocks=1312 [ 103.794739][ T8033] EXT4-fs (loop4): Block reservation details [ 103.795022][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.800759][ T8033] EXT4-fs (loop4): i_reserved_data_blocks=82 [ 103.950756][ T3438] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1304 with error 28 [ 104.075026][ T8065] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 104.298084][ T8085] loop1: detected capacity change from 0 to 512 [ 104.304797][ T8085] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 104.334250][ T8087] loop4: detected capacity change from 0 to 512 [ 104.346010][ T8087] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 104.360216][ T8087] EXT4-fs (loop4): 1 truncate cleaned up [ 104.375826][ T8087] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.391345][ T8087] EXT4-fs error (device loop4): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.4.1826: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 104.412297][ T8087] EXT4-fs (loop4): Remounting filesystem read-only [ 104.419713][ T8087] EXT4-fs warning (device loop4): ext4_rename_delete:3729: inode #2: comm syz.4.1826: Deleting old file: nlink 5, error=-117 [ 104.443344][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.007105][ T8098] batadv_slave_1: entered promiscuous mode [ 105.016995][ T8097] batadv_slave_1: left promiscuous mode [ 105.174363][ T8114] loop1: detected capacity change from 0 to 512 [ 105.205121][ T8114] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.245470][ T8114] ext4 filesystem being mounted at /378/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 105.258702][ T8114] EXT4-fs (loop1): shut down requested (1) [ 105.265183][ T8114] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=12 [ 105.277285][ T8114] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=12 [ 105.286168][ T8114] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=12 [ 105.307657][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.397876][ T28] kauditd_printk_skb: 209 callbacks suppressed [ 105.397935][ T28] audit: type=1400 audit(1770914660.393:776): avc: denied { shutdown } for pid=8139 comm="syz.6.1849" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 105.429221][ T28] audit: type=1400 audit(1770914660.423:777): avc: denied { read } for pid=8139 comm="syz.6.1849" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 105.527132][ T8152] loop1: detected capacity change from 0 to 164 [ 105.537954][ T8152] Unsupported NM flag settings (240) [ 105.555436][ T28] audit: type=1400 audit(1770914660.543:778): avc: denied { watch watch_reads } for pid=8151 comm="syz.1.1854" path="/382/file0/file0" dev="loop1" ino=1856 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=dir permissive=1 [ 105.905408][ T4503] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 105.906256][ T43] Bluetooth: hci0: command 0x1003 tx timeout [ 106.334123][ T8181] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.364279][ T35] IPVS: starting estimator thread 0... [ 106.485404][ T8184] IPVS: using max 2208 ests per chain, 110400 per kthread [ 106.531034][ T8173] SELinux: ebitmap: truncated map [ 106.536478][ T8173] SELinux: failed to load policy [ 106.888331][ T8200] loop1: detected capacity change from 0 to 1024 [ 106.896500][ T8200] EXT4-fs: Ignoring removed bh option [ 106.909935][ T8200] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.931972][ T8200] raw_sendmsg: syz.1.1874 forgot to set AF_INET. Fix it! [ 106.944386][ T8205] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 106.970689][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.019969][ T3438] Bluetooth: hci0: Frame reassembly failed (-84) [ 107.071890][ T28] audit: type=1326 audit(1770914662.063:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8221 comm="syz.0.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94b7b0bf79 code=0x7ffc0000 [ 107.098620][ T28] audit: type=1326 audit(1770914662.063:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8221 comm="syz.0.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94b7b0bf79 code=0x7ffc0000 [ 107.122584][ T28] audit: type=1326 audit(1770914662.063:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8221 comm="syz.0.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94b7b0bf79 code=0x7ffc0000 [ 107.146753][ T28] audit: type=1326 audit(1770914662.063:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8221 comm="syz.0.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94b7b0bf79 code=0x7ffc0000 [ 107.170157][ T28] audit: type=1326 audit(1770914662.063:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8221 comm="syz.0.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f94b7b0bf79 code=0x7ffc0000 [ 107.194095][ T28] audit: type=1326 audit(1770914662.093:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8221 comm="syz.0.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94b7b0bf79 code=0x7ffc0000 [ 107.218379][ T28] audit: type=1326 audit(1770914662.093:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8221 comm="syz.0.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94b7b0bf79 code=0x7ffc0000 [ 107.413920][ T8237] loop5: detected capacity change from 0 to 1024 [ 107.421481][ T8237] EXT4-fs: Ignoring removed bh option [ 107.437817][ T8237] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.463154][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.525807][ T8247] syz_tun: entered allmulticast mode [ 107.531766][ T8247] team0: Port device syz_tun added [ 107.559462][ T8247] syz_tun: left allmulticast mode [ 107.572311][ T8247] team0: Port device syz_tun removed [ 107.601214][ T8247] bridge_slave_0: left allmulticast mode [ 107.608542][ T8247] bridge_slave_0: left promiscuous mode [ 107.615272][ T8247] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.627706][ T8247] bridge_slave_1: left allmulticast mode [ 107.633701][ T8247] bridge_slave_1: left promiscuous mode [ 107.640963][ T8247] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.651302][ T8247] bond0: (slave bond_slave_0): Releasing backup interface [ 107.670039][ T8247] bond0: (slave bond_slave_1): Releasing backup interface [ 107.687330][ T8247] team_slave_0: left allmulticast mode [ 107.699707][ T8247] team0: Port device team_slave_0 removed [ 107.708281][ T8247] team_slave_1: left allmulticast mode [ 107.717889][ T8247] team0: Port device team_slave_1 removed [ 107.732646][ T8247] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 107.744217][ T8247] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 107.753644][ T8247] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 107.761409][ T8247] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 107.771717][ T8247] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 108.111545][ T8287] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 108.177602][ T8294] syz_tun: entered allmulticast mode [ 108.187453][ T8294] team0: Port device syz_tun added [ 108.205580][ T8294] syz_tun: left allmulticast mode [ 108.216956][ T8294] team0: Port device syz_tun removed [ 108.244736][ T8294] bridge_slave_0: left allmulticast mode [ 108.251089][ T8294] bridge_slave_0: left promiscuous mode [ 108.257523][ T8294] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.268669][ T8294] bridge_slave_1: left allmulticast mode [ 108.274302][ T8294] bridge_slave_1: left promiscuous mode [ 108.280815][ T8294] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.290931][ T8294] bond0: (slave bond_slave_0): Releasing backup interface [ 108.306721][ T8294] bond0: (slave bond_slave_1): Releasing backup interface [ 108.318464][ T8294] team_slave_0: left allmulticast mode [ 108.325795][ T8294] team0: Port device team_slave_0 removed [ 108.334114][ T8294] team_slave_1: left allmulticast mode [ 108.343266][ T8294] team0: Port device team_slave_1 removed [ 108.357742][ T8294] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 108.365247][ T8294] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 108.375270][ T8294] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 108.557921][ T8314] loop4: detected capacity change from 0 to 4096 [ 108.576827][ T8314] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.665448][ T8322] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1926'. [ 108.791337][ T8320] SELinux: ebitmap: truncated map [ 108.798526][ T8320] SELinux: failed to load policy [ 108.896557][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.951891][ T10] IPVS: starting estimator thread 0... [ 109.025522][ T4503] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 109.028832][ T8347] loop5: detected capacity change from 0 to 4096 [ 109.055546][ T8341] IPVS: using max 2640 ests per chain, 132000 per kthread [ 109.056707][ T8347] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.158632][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.231565][ T8360] loop5: detected capacity change from 0 to 4096 [ 109.244449][ T8360] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.291041][ T8362] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 109.438489][ T8356] SELinux: ebitmap: truncated map [ 109.443905][ T8356] SELinux: failed to load policy [ 109.503070][ T4292] ================================================================== [ 109.511174][ T4292] BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked [ 109.518531][ T4292] [ 109.520834][ T4292] read-write to 0xffff88811aa6d900 of 8 bytes by task 40 on cpu 1: [ 109.528751][ T4292] __xa_clear_mark+0xf5/0x1e0 [ 109.533435][ T4292] __folio_end_writeback+0xf4/0x360 [ 109.538631][ T4292] folio_end_writeback_no_dropbehind+0x6d/0x1d0 [ 109.544853][ T4292] folio_end_writeback+0x1c/0x70 [ 109.549776][ T4292] ext4_finish_bio+0x459/0x8b0 [ 109.554518][ T4292] ext4_release_io_end+0x9f/0x1f0 [ 109.559537][ T4292] ext4_end_io_end+0x18d/0x240 [ 109.564307][ T4292] ext4_end_io_rsv_work+0x15b/0x1f0 [ 109.569493][ T4292] process_scheduled_works+0x4cd/0x9d0 [ 109.574964][ T4292] worker_thread+0x581/0x770 [ 109.579543][ T4292] kthread+0x22a/0x280 [ 109.583605][ T4292] ret_from_fork+0x150/0x360 [ 109.588193][ T4292] ret_from_fork_asm+0x1a/0x30 [ 109.592945][ T4292] [ 109.595257][ T4292] read to 0xffff88811aa6d900 of 8 bytes by task 4292 on cpu 0: [ 109.602780][ T4292] xas_find_marked+0x213/0x620 [ 109.607536][ T4292] filemap_get_folios_tag+0xfa/0x510 [ 109.612817][ T4292] filemap_fdatawait_keep_errors+0x6c/0x190 [ 109.618702][ T4292] sync_inodes_sb+0x40e/0x4c0 [ 109.623365][ T4292] sync_filesystem+0x102/0x190 [ 109.628121][ T4292] generic_shutdown_super+0x44/0x220 [ 109.633395][ T4292] kill_block_super+0x2a/0x70 [ 109.638074][ T4292] ext4_kill_sb+0x42/0x80 [ 109.642394][ T4292] deactivate_locked_super+0x75/0x1c0 [ 109.647754][ T4292] deactivate_super+0x97/0xa0 [ 109.652415][ T4292] cleanup_mnt+0x2bb/0x330 [ 109.656816][ T4292] __cleanup_mnt+0x19/0x20 [ 109.661231][ T4292] task_work_run+0x130/0x1a0 [ 109.665894][ T4292] exit_to_user_mode_loop+0x1f4/0x6f0 [ 109.671267][ T4292] do_syscall_64+0x249/0x370 [ 109.675853][ T4292] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.681736][ T4292] [ 109.684138][ T4292] value changed: 0xfffffffff8000000 -> 0xfffffff000000000 [ 109.691225][ T4292] [ 109.693530][ T4292] Reported by Kernel Concurrency Sanitizer on: [ 109.699672][ T4292] CPU: 0 UID: 0 PID: 4292 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 109.710882][ T4292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 109.721031][ T4292] ================================================================== [ 109.764611][ T4292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.791288][ T8370] tipc: Started in network mode [ 109.797055][ T8370] tipc: Node identity ac1414aa, cluster identity 4711 [ 109.804085][ T8370] tipc: Enabled bearer , priority 10 [ 110.915411][ T811] tipc: Node number set to 2886997162