last executing test programs: 3.604363071s ago: executing program 0 (id=774): openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) r0 = socket(0x10, 0x803, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x4, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0xc00}}}]}, 0x38}}, 0x0) r3 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newtfilter={0x894, 0x2c, 0xd2b, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r4, {0xb, 0x3}, {}, {0x1, 0x9}}, [@filter_kind_options=@f_fw={{0x7}, {0x868, 0x2, [@TCA_FW_MASK={0x8, 0x5, 0x7}, @TCA_FW_INDEV={0x14, 0x3, 'geneve1\x00'}, @TCA_FW_POLICE={0x848, 0x2, [@TCA_POLICE_RATE={0x404, 0x2, [0x7ff, 0x9, 0x9, 0x6, 0x10e000e5, 0x8, 0x2, 0x3463, 0x3ff, 0x2, 0x100, 0x10001, 0xc9f, 0xf2, 0x2, 0xccb2, 0x101, 0x8000, 0x1, 0xfffffffe, 0x110b, 0x8fd, 0x0, 0x6, 0x557a, 0x8, 0xffff, 0x4, 0x6, 0x7, 0x8, 0xa, 0x9, 0xe3, 0x2, 0xb, 0x7, 0xfffffffb, 0x40, 0x2, 0x9b, 0xf, 0x80000001, 0x9, 0x7ff, 0x5, 0x0, 0x8, 0x401, 0x712a, 0x1, 0x2, 0x8, 0x80, 0x7af, 0x8, 0x9, 0x1, 0x5, 0x68b, 0xd3, 0x9, 0x800, 0x9, 0x2, 0x3ff, 0x3ff, 0x0, 0x6, 0xd7, 0xffffffc0, 0x5, 0x4, 0xfffffff9, 0xb4a, 0x40, 0x8caa, 0x3, 0x5, 0x4, 0x3, 0xfd, 0x4, 0xd, 0x81, 0x0, 0x5, 0x6, 0x9, 0x5, 0xf, 0x6, 0xffffffff, 0x3, 0xc631, 0xfffffe00, 0x9, 0x1ff, 0x0, 0x2, 0x8, 0xc94, 0x8, 0x1, 0x3, 0x2, 0x7f, 0x7c5231e7, 0x5, 0x0, 0x9, 0x3, 0xf, 0x6, 0x3, 0x7, 0x0, 0x1ff, 0x4, 0x6, 0x8, 0x5, 0xfb, 0x8, 0x9, 0x5, 0x7, 0x800, 0x9, 0xd, 0x401, 0x8, 0xffffffff, 0x0, 0x7, 0x4, 0xffff, 0x3, 0x401, 0x2, 0x3, 0xfffffff9, 0x1, 0x8, 0x6, 0x400, 0x8, 0x3ba, 0x5, 0x80000001, 0x7, 0x9, 0x7, 0x4, 0x3, 0x6, 0xe, 0x6, 0x9, 0x7, 0x7af9b4d9, 0x10001, 0x9, 0x7, 0x5670, 0xfffffffb, 0x8, 0x4, 0x2, 0x800, 0x4, 0x2, 0xfffffff8, 0x2, 0x3, 0x1, 0x7, 0x4, 0x5, 0x1ff, 0x8b6, 0x7, 0xd629, 0x4, 0xdc, 0x1000, 0x10, 0x80, 0x2000, 0x446, 0xffff0e8f, 0x6, 0x4, 0x2a1d, 0x40000000, 0xf5, 0x1, 0x4, 0x10001, 0x7, 0x1, 0xfffffff7, 0x3, 0xb2, 0xfd3d, 0xfffffff9, 0x6, 0x7, 0x6, 0x200, 0x40, 0x3, 0xfffffffb, 0x7, 0x5, 0x44, 0x2, 0x6f, 0x10000, 0x5, 0x7, 0x1ff, 0xb3c, 0x5, 0x10, 0xd, 0x7, 0x8, 0x8, 0x1eb00000, 0xffffffff, 0x5, 0x8, 0xee, 0x992f, 0x800, 0x4, 0x6, 0x543, 0x8, 0xc6, 0xffffff78, 0x80, 0x7, 0x0, 0x7, 0x1, 0x0, 0x7, 0xc09, 0x80000000, 0x5, 0xa, 0x5, 0x0, 0x8]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0xca, 0xcfbd, 0x6, 0x9, 0xfffffffc, 0x3, 0xffff, 0x1, 0x6ec99ac6, 0x2, 0x40, 0xd, 0x7, 0x45, 0x6, 0x400, 0x4, 0x7, 0x5, 0x1, 0x711, 0x2c66, 0x9, 0x3, 0x5, 0x8, 0x7, 0x1000, 0x6, 0x34, 0x1, 0xec, 0x4, 0x4, 0x3ff, 0x76a, 0x2, 0x8000008, 0x6, 0xfffffffd, 0x8001, 0x5, 0x1, 0xffffffc0, 0xd, 0x23f6, 0x0, 0x7fff, 0x7, 0x8000, 0x484, 0x7fffffff, 0x5, 0x5, 0x4, 0x7, 0x9, 0x0, 0x4, 0x10001, 0xd, 0x6, 0x6, 0x80000001, 0xffff, 0xf, 0x342, 0x2, 0x5, 0x4, 0xffffffdf, 0x1, 0x0, 0x6, 0x2, 0x381d, 0x7ff, 0x9, 0xfc, 0x0, 0x81, 0xfbe, 0x0, 0x2, 0x7, 0xa69, 0x0, 0x6, 0x5, 0x6, 0x6, 0x4, 0x10001, 0x6, 0x487, 0x0, 0xc96, 0x0, 0x9, 0x10000, 0x9, 0x2, 0x8, 0x0, 0x2, 0x2, 0x5, 0x3, 0x2, 0xa, 0xd, 0x4, 0xfff, 0x9f, 0xffffffff, 0x1fe0, 0x5, 0x80000000, 0x8000, 0xa, 0x400, 0x1, 0x4, 0xa4a, 0x5, 0x40, 0x7, 0xd, 0x8, 0x8, 0x7, 0xe5, 0x0, 0xeab59c6, 0x2, 0x3, 0x4f, 0x1, 0x6, 0x8001, 0x1000, 0x8, 0x4, 0x9, 0xa269, 0x2, 0xd, 0x8001, 0xffff, 0x4, 0x6, 0xad, 0x1, 0x9, 0x9, 0x9, 0x9, 0x6, 0x0, 0x7ff9, 0x8, 0x4, 0x7, 0x1, 0x28, 0x2, 0x6, 0x8000, 0x3, 0x2, 0x7, 0x0, 0x7, 0x8001, 0x4, 0x5d0e, 0x8, 0x8, 0x8e9d, 0xaf01, 0x1, 0x81, 0x5, 0x3, 0x7, 0xa4d0, 0x8, 0x5, 0x5f, 0xb, 0x6, 0x0, 0xf, 0xffffffff, 0x9, 0x1, 0x3, 0x5, 0x2, 0x1, 0x7575, 0x306, 0x7, 0x4, 0x1, 0x9, 0xd, 0x2d1e, 0x3, 0x1, 0x1, 0x3ff, 0x9, 0x80, 0x74cc, 0x800, 0x8, 0x8, 0x6, 0xd8a, 0x10001, 0xb17f, 0x8001, 0xff, 0x3, 0x716, 0x89, 0xf, 0xe940, 0x9, 0x5, 0x80, 0xd, 0x9, 0x0, 0xff, 0xffffff81, 0x0, 0x9044, 0x80000000, 0x5, 0xaaf3, 0x7a3, 0x1, 0x61, 0x6, 0x6, 0x4, 0x7, 0x0, 0x3, 0x0, 0xffffffff, 0x2, 0x4]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x8, 0x4, 0xb, 0xffff, 0xf, {0x1b, 0x1, 0x5, 0x5, 0x3, 0x9}, {0x3, 0x0, 0x0, 0x4, 0x2, 0x1000}, 0x4, 0x80000000, 0x1}}]}]}}]}, 0x894}, 0x1, 0x0, 0x0, 0x81}, 0x800) 3.398830174s ago: executing program 4 (id=777): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000200)='cdg\x00', 0x4) sendmmsg$inet(r0, &(0x7f00000007c0)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000080)='>', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000280)=[{0x0}, {&(0x7f00000021c0)="f85df043030025335f4ef1a9623b15dd4a2b6568eff3c39bfb626f4c7812736513905a7b87a85e288b83e4c648d096b4b9ee7c33e7cac6c63ac91416d87d90ce41b507fefd99368c0b3e4f40effef5eb9734779bd61aa2314ff65d80e3c5f0f80057d0d05d6ffe448cc65eaba0baba237a1e601d3d736dfe551e4e50307fa8f285b68f6858fe5f293efb62011d742501c71757a67116abe7e0a88e2923a5a2fb5eae07de81d0b979e8360b318fad3f9433dc6dd8470cf99dc9547b808a817568c9d8a5253a4af6382e066ad5980313e1075619ca1f2e99b94eff8f8dcbfce8f1c125dbf92b6e21fb21f806960000b9c12c9216525783de7d905695071550576af6688b71c5e7fbdecb302b29f521229de29f4e0e7df84d55df2bff14ba33b45a664be5ae13947d736ee4502203948af12c2f53b11ed4a1d76cc1f92d1c35909da850c91631a36bb5e81b3e9b3cb3b259e4e9c62319fb11a199e54671a8537ce3fdd947fad4813693d48703c922fa6ceb199841eec0bead6e7110b34a0dfcbaad872d98832e611b71f26dd6de4509a7180900000000000000decccb8a35365ab1c26d838e115898de6662f7144b36ff96a4bff1ffffff4c470d8db40fc8af8f3d9d8fdd4d398c538a12c9d01df575d68153d5225ab5", 0x1d5}, {&(0x7f0000000640)="ccae0da80e2a91a2987b85fad66389cfa584ce6aff2663ac7f3468de3c45fada36b4058e35816f1f3138150d40813713c30d76f0", 0x34}], 0x3}}, {{0x0, 0x0, &(0x7f0000000300)}}], 0x3, 0x850) 3.398065585s ago: executing program 0 (id=778): r0 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000140), 0x12) r3 = openat$cgroup(r1, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r6}, 0x10) write$cgroup_pid(r4, &(0x7f0000000500), 0x12) 3.315501746s ago: executing program 4 (id=781): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=") setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) truncate(0x0, 0x5) setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000000500)=ANY=[], 0x835, 0x2) 3.302027346s ago: executing program 0 (id=783): bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff}) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)}, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x5452, &(0x7f00000006c0)='\x02;\xe5\b\x00\x1c\x9c\x00\x00\x00\x00\x00\x00\x91\xecB\xdcZ\xe5\xbd$\x05\x90\xa9\xf3\xc7\xcb\xb7\xf0\xa1;#\x989\xe9\x12\xdf^6T\xdf\xcd\x02\xc5\xb0\xba\x12\'QXp\t\xfc\xf3\x01\x02\xbc\xbf\xc0\xf0\x10\xee\xd3\\yy\xa4\xf9\xe8\x00\xdd\xe97 0_\xe4]W\xf7~\xacVK\xc9t\x9e+:\x85\xef\x94\x0e\x19\x9cV[N.\xeb\x9fJ>\xd9\x99\x88\xd8\xdd\xb8Y\xc3$\xc6\x93\v\x04REY\xf4\xea\xf2\xcd\xcd.\x16\x861\xa1\v\x8d\x8e\x84R\xa6\x83\x84\xc0\x01e\xc3\xc8\xcc?\xc8?\x19\xb2\xa2\xe1\xac<\xe9f\x11\xff3\xc7\x19\x9e\x19\xf5-\xfe\xbd\xae\xbbR\x82\x16\xf9\x15S\x03U\xe0\xd8t\xe3%96') ioctl$TUNGETFEATURES(0xffffffffffffffff, 0x5452, &(0x7f00000013c0)) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x6, 0xf, &(0x7f0000000240)=ANY=[@ANYRESOCT, @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$packet(0x11, 0xa, 0x300) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) r3 = perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000780)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d0000000000005f"], 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="7c0100001900010000000000fddbdf2500000000000000000000000000000000ac1414bb00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYRES64=r3], 0x17c}}, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000001200)=[{}], 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x1, &(0x7f0000000180)) mprotect(&(0x7f00003c2000/0x4000)=nil, 0x4000, 0x9) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x0) rmdir(0x0) 3.165599888s ago: executing program 2 (id=785): clock_gettime(0x6, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) bind$unix(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7") r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x800) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r1}, 0x18) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r4, 0x0, 0x4}, 0x18) memfd_secret(0x80000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) writev(r3, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x100000}], 0x1) 3.05392979s ago: executing program 4 (id=786): r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x24, r0, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r2}]}, 0x24}, 0x1, 0x0, 0x0, 0x804}, 0x0) 2.836450524s ago: executing program 4 (id=787): open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000)=@fuse_with_parent={0x18, 0x82, {{0x9, 0x123, 0x2cb}, {0x2, 0x10000, 0xffffffff}}}, 0x8000) r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) write$binfmt_aout(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="03040000b500000000000000"], 0xc8) 2.828616534s ago: executing program 4 (id=788): prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x10000008b}, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x12, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file2\x00', 0x1200000, &(0x7f0000000940)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@noquota}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0xff, 0x57e, &(0x7f0000001b40)="$eJzs3c9rHOUbAPBnNkl/f79NoRT1IIEerNRumsQfFYTWo2ixoPe6JNNQsumW7KY0sdD2YC9epAgiFsQ/wLvH4j8gePVc0EKREvTgJTKb2XabzSabZHW37ucD077vzGSfeXfmffd5d3bZAAbWWPZPIeLFiPgiiTjctG048o1ja/utPL4xnS1JrK5+9HsSSb6usX+S/38wr7wQET9+FnGy0Bq3urQ8VyqX04W8Pl6bvzpeXVo+dXm+NJvOplcmp6bOvDE1+fZbb3atra9e+PPrD++/d+bz4ytfff/wyN0kzsWhfFtzO3bhVnNlLMby52Qkzq3bcaILwfpJ0usDYEeG8n4+EtkYcDiG8l4P/PfdjIhVYEAl+j8MqEYe0Jjbd2ke/Nx49O7aBKi1/cNr743Evvrc6MBK8szMKJvvjnYhfhbjh9/u3c2W2OJ9iJtdiAfQcOt2RJweHm4d/5J8/Nu50/U3jze3Psagvf5AL93P8p/XNsp/Ck/yn2jJf36uZ467HR+io/5feNiFMG1l+d87G+a/T4au0aG89r96zjeSXLpcTk9HxP8j4kSM7M3qm93PObPyYLXdtub8L1uy+I1cMD+Oh8N7n/2bmVKttJs2N3t0O+Klp/lvEi3j/756rrs+/82ejwsdxjiW3nu53bat29+s+xnw6ncRr2x4/p/e0Uo2vz85Xr8exhtXRas/7hz7qV387bW/+7Lzf2Dz9o8mzfdrq9uP8e2+v9J223Z6/e9JPq6X9+TrrpdqtYWJiD3JB63rJ5/+baPe2D9r/4njm49/G13/+yPikw7bf+fonba79sP5n9nW+d9+4cH7n37TLn5n5//1eulEvqaT8a/TA9zNcwcAAAAAAAD9phARhyIpFJ+UC4Vice07vEfjQKFcqdZOXqosXpmJ+ndlR2Ok0LjTfbjp8xAT+edhG/XJdfWpiDgSEV8O7a/Xi9OV8kyvGw8AAAAAAAAAAAAAAAAAAAB94mCb7/9nfh3q9dEB/zg/+Q2Da8v+341fegL6ktd/GFz6Pwwu/R8GV4f9/5ctf80deO54/YfBpf/D4NL/YXBt3P/N9gEAAAAAAAAAAAAAAAAAAAAAAAAAAGCHLpw/ny2rK49vTGf1mWtLi3OVa6dm0upccX5xujhdWbhanK1UZstpcboyv9XjlSuVqxOTsXh9vJZWa+PVpeWL85XFK7WLl+dLs+nFdORfaRUAAAAAAAAAAAAAAAAAAAA8X6pLy3OlcjldUGhbOBt9cRg7LiRbneWz+cWwoxDDm+2zfzePrNDLQg8HJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABY5+8AAAD//5d3NP0=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.idle_time\x00', 0x275a, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x8004587d, &(0x7f0000000080)) renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file5\x00', 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000, 0x105}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) pread64(0xffffffffffffffff, &(0x7f0000001240)=""/102400, 0x19000, 0x20000000f5) connect$inet(0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet6_dccp(0xa, 0x6, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8b18, &(0x7f0000000000)={'wlan0\x00'}) 2.45409119s ago: executing program 3 (id=790): syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000540)='./file0\x00', 0x320c81c, &(0x7f0000000380)=ANY=[], 0x1, 0x556, &(0x7f00000015c0)="$eJzs3VFv01gWwPHj0kI3KyG0u0KoKnApu1KRSnASCIp48jo36QXHjmwHtU+ooimqSGFFWWnalxlemBlp5kPwOh9ivhGa93npyHZSWtrELaUNqv6/aMY39rHvuW7kg9vYFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIJZbt+2SJZ7xO0tqOLceBq1Pb/trH5ghd/ZNRvQrYiX/yfS0XMtmXfvXp8VXk//NyWz2blamk8m0bP/96pVH/5ycGKw/IuEzsbm1/XKl1+u+GcyY2rdTzoXrl4Yva2rfRIFpOU2tTBSoWrVq31tsRKphPB0tR7FuKTfUThyEat69o0q1WkXp4nLQ8Zt1x9ODmQ/vlm27qh4X29oJo8C/97gYuYvG84zfTGOSxUnMw+SD+MTEKtZOS6m19V63kjeAJKh0lKDyyAgRVbbL5VKpXC5VH9QePLTtyQMz7M/IgYjxf2gxXl/x6A2czES//osnRnzpyJKoQ1+u1CWUQFpDlvcN6v9/7umR/e6t/4Mqf+3T4hlJ6/+N7N2NYfV/SC5n99qULdmWl7IiPelJV96MPaOzfTVFiy9GIgnESEucdI7qz1FSk6pUxZZnsigNiURJQ4x4oiWSZYkkFp1+olwJRYsjsQQSipJ5ceWOKClJTWpSESVairIsgXTEl6bUxUm3sibr6X6viLKG5bgbVBo6jMLgc9eV8ojRUv9xcl/1+A2cxM6g/otcGXcuAAAAAADgdFjpb9+T8/8puZ62GsbT9rjTAgAAAAAAX1H6l//ZZDKVtK6Lxfk/AAAAAADnjZVeY2eJSEFuZq01sdLLpfglAAAAAAAA50T69/8bySS9B8pNsXZvl8L5PwAAAAAA58RPuffYj9qXrN//kDCcst61l/5tbThJnLNxIVvvwudbjBsz1uX+RpLJnzuZyUlXz1rTWdDuTTA/9idreXlYhyXww1ESeFSd7L+TX+RWFnNrNZuuDpZkvRQaxtNFN/AelcRxLk/Eein+/6v17yQd/s9+67Ila+u9bvH5695qmsu7ZCvvNqxsc9Yxcnmb3m8hvebi0BFPpRdi9PstZP3ae8c/ka0+cYw+38tcFjPXv+NtYf/4p5M+S8Vho+9nUTrhyN/L7Szm9vztbHJIFuW8LMp7s/iifXGELCp5WVROmAUAjMtaThWyDhb+LzjKfVl1l2NW9/cyn8XMz6QH1smZQ47odt4R3T5hdfvtwDOQhtXYpN9fP6uqH5IVPgztN/LKVrILL7zd+J9c3dzavru+sfKi+6L7qlyuVO37tv2gLFPpMPoTag8A4BC5z9jZuZQXYd3POav+x+5XCoryXF5LT1ZlIb3aIP3GwaFbLez5GsJCzllrIS2T2RNeFkac1V1Mr3IYbLc8MnZ/DpXT/0EAAHCG5nLqsJX/LwRrIee8e38tH312XNjztDYAAHA6dPjRKsQ/WmFo2s9KtVrJiRe1CgP3iQpNvamV8WMduouO39SqHQZx4AZe0nhq6jpSUafdDsJYNYJQtYPILKVPflf9R79HuuX4sXGjtqedSCs38GPHjVXdRK5qd/7rmWhRh+nKUVu7pmFcJzaBr6KgE7q6qFSk9Z5AU9d+bBomafqqHZqWEy6rp4HXaWlV15EbmnYcZBsc9GX8RhC20s0Wx72zAQD4Rmxubb9c6fW6b47U+Ntxgncb4x4jAADYjyoNAAAAAAAAAAAAAAAAAAAAAMC373hX8tEYT2Nn5+Cii0f6CT7uR51qhoNbQY9/R53TRvqgCxE5y05zDx3fn84RCcBZ+SsAAP//5lhNjA==") open_by_handle_at(0xffffffffffffff9c, 0x0, 0x0) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000040)='fscache_volume\x00', 0xffffffffffffffff, 0x0, 0xd}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$pfkey(0xffffffffffffff9c, 0x0, 0x505203, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="b800000019000100fcffffff00000000ac14142c000000000000000000000000fe8000000000000000000000000000aa4e2200004e2400000a00006000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000005b72d72000000000010feffffffffffffff000000400000000000000000000000001a000000000000000100000000000000feffffffffffffff7a0000000000000005000000000000000000000000000000ff7f00000000000008000000000000000101030000"], 0xb8}}, 0x0) sendto$inet6(r3, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c) 2.025308457s ago: executing program 0 (id=792): socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0x0) flock(r0, 0x5) futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) 1.736791212s ago: executing program 2 (id=794): r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newtfilter={0x50, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r6, {0x4, 0xfff2}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x1c, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x2204402c}, 0x0) 1.462047936s ago: executing program 3 (id=796): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@ipv6_newnexthop={0x40, 0x68, 0x1, 0x0, 0xfffffffe, {}, [@NHA_ENCAP={0x18, 0x8, 0x0, 0x1, @LWTUNNEL_IP6_SRC={0x14, 0x3, @private2}}, @NHA_ENCAP_TYPE={0x6, 0x7, 0x2}, @NHA_OIF={0x8, 0x5, r1}]}, 0x40}, 0x1, 0x0, 0x0, 0x8810}, 0x40040d0) 1.459792276s ago: executing program 1 (id=797): r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x24, r0, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r2}]}, 0x24}, 0x1, 0x0, 0x0, 0x804}, 0x0) 1.335972378s ago: executing program 1 (id=798): open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000)=@fuse_with_parent={0x18, 0x82, {{0x9, 0x123, 0x2cb}, {0x2, 0x10000, 0xffffffff}}}, 0x8000) r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) write$binfmt_aout(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="03040000b500000000000000"], 0xc8) 1.335333858s ago: executing program 3 (id=799): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r0, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c) sendto$inet6(r0, &(0x7f0000000080)="a2", 0x1, 0x8880, 0x0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='cdg\x00', 0x4) shutdown(r0, 0x1) 1.22438097s ago: executing program 1 (id=800): socket$nl_route(0x10, 0x3, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000003c0)={{0x7e}, 'port0\x00', 0x511e36599023629, 0x1000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b) r1 = syz_io_uring_setup(0x24fa, &(0x7f00000002c0)={0x0, 0x0, 0x10100, 0xffffffff}, &(0x7f0000000240)=0x0, &(0x7f0000000200)=0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB='2'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READ_FIXED) io_uring_enter(r1, 0x2d41, 0x0, 0x0, 0x0, 0x0) 1.20127369s ago: executing program 3 (id=801): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r1, 0x0, 0x0) r2 = dup2(r1, 0xffffffffffffffff) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000140)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) r5 = epoll_create1(0x0) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0) read$char_usb(r6, 0x0, 0x0) ppoll(&(0x7f0000000080)=[{r5, 0x100}], 0x1, 0x0, 0x0, 0x0) fdatasync(r3) ioctl$TUNSETSTEERINGEBPF(r2, 0x800454e0, &(0x7f0000000040)=r3) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r7 = getpid() sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001b00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0xa0, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x78, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x40, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x30, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_DATA={0xc, 0x7, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '+f'}]}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x114}}, 0x0) 466.391272ms ago: executing program 2 (id=802): r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000005c0)='./file0\x00', 0x101400, 0x148) open(&(0x7f00009e1000)='./file0\x00', 0x0, 0xc) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) r3 = openat$cgroup_subtree(r2, &(0x7f0000000100), 0x2, 0x0) write$cgroup_subtree(r3, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5) write$cgroup_subtree(r3, &(0x7f0000000480)={[{0x2b, 'rdma'}]}, 0x6) quotactl_fd$Q_GETFMT(r0, 0xffffffff80000402, 0x0, 0x0) open(&(0x7f00000002c0)='./file0\x00', 0x1491ff, 0x22) syz_emit_ethernet(0x4e, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffff00005403cb0086dd6003136c00188700fc020000000000000000000000000000ff"], 0x0) 361.426424ms ago: executing program 2 (id=803): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESDEC=r0, @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) readlink(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) setgroups(0x0, 0x0) getgroups(0x0, &(0x7f0000000100)) setregid(0x0, 0x0) syz_clone(0x22180, 0x0, 0xa42f, 0x0, 0x0, 0x0) fchdir(0xffffffffffffffff) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0), 0x48441, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x3, 0x1000002, 0x0, 0xff, "d4e9002b2c000000ff00"}) r3 = syz_open_pts(r2, 0x0) r4 = dup(r3) ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0x3) dup3(r2, r4, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x13) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840), 0x1a01, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$EVIOCGPROP(r5, 0x40047438, &(0x7f0000000180)=""/246) pwritev(r5, &(0x7f0000000080)=[{&(0x7f0000000100)="39ac8469c75e197eba", 0x9}, {&(0x7f0000000340)="a4ce", 0x2}], 0x2, 0xffffffff, 0x4) ioctl$TCFLSH(r2, 0x540b, 0x1) 360.885014ms ago: executing program 1 (id=804): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb5, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffe, 0x0, 0x0, 0x10, &(0x7f0000002e00), &(0x7f0000000200), 0x8, 0xa0, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r2, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) 250.888796ms ago: executing program 0 (id=805): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file2\x00', 0x1200000, &(0x7f0000000940)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@noquota}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0xff, 0x57e, &(0x7f0000001b40)="$eJzs3c9rHOUbAPBnNkl/f79NoRT1IIEerNRumsQfFYTWo2ixoPe6JNNQsumW7KY0sdD2YC9epAgiFsQ/wLvH4j8gePVc0EKREvTgJTKb2XabzSabZHW37ucD077vzGSfeXfmffd5d3bZAAbWWPZPIeLFiPgiiTjctG048o1ja/utPL4xnS1JrK5+9HsSSb6usX+S/38wr7wQET9+FnGy0Bq3urQ8VyqX04W8Pl6bvzpeXVo+dXm+NJvOplcmp6bOvDE1+fZbb3atra9e+PPrD++/d+bz4ytfff/wyN0kzsWhfFtzO3bhVnNlLMby52Qkzq3bcaILwfpJ0usDYEeG8n4+EtkYcDiG8l4P/PfdjIhVYEAl+j8MqEYe0Jjbd2ke/Nx49O7aBKi1/cNr743Evvrc6MBK8szMKJvvjnYhfhbjh9/u3c2W2OJ9iJtdiAfQcOt2RJweHm4d/5J8/Nu50/U3jze3Psagvf5AL93P8p/XNsp/Ck/yn2jJf36uZ467HR+io/5feNiFMG1l+d87G+a/T4au0aG89r96zjeSXLpcTk9HxP8j4kSM7M3qm93PObPyYLXdtub8L1uy+I1cMD+Oh8N7n/2bmVKttJs2N3t0O+Klp/lvEi3j/756rrs+/82ejwsdxjiW3nu53bat29+s+xnw6ncRr2x4/p/e0Uo2vz85Xr8exhtXRas/7hz7qV387bW/+7Lzf2Dz9o8mzfdrq9uP8e2+v9J223Z6/e9JPq6X9+TrrpdqtYWJiD3JB63rJ5/+baPe2D9r/4njm49/G13/+yPikw7bf+fonba79sP5n9nW+d9+4cH7n37TLn5n5//1eulEvqaT8a/TA9zNcwcAAAAAAAD9phARhyIpFJ+UC4Vice07vEfjQKFcqdZOXqosXpmJ+ndlR2Ok0LjTfbjp8xAT+edhG/XJdfWpiDgSEV8O7a/Xi9OV8kyvGw8AAAAAAAAAAAAAAAAAAAB94mCb7/9nfh3q9dEB/zg/+Q2Da8v+341fegL6ktd/GFz6Pwwu/R8GV4f9/5ctf80deO54/YfBpf/D4NL/YXBt3P/N9gEAAAAAAAAAAAAAAAAAAAAAAAAAAGCHLpw/ny2rK49vTGf1mWtLi3OVa6dm0upccX5xujhdWbhanK1UZstpcboyv9XjlSuVqxOTsXh9vJZWa+PVpeWL85XFK7WLl+dLs+nFdORfaRUAAAAAAAAAAAAAAAAAAAA8X6pLy3OlcjldUGhbOBt9cRg7LiRbneWz+cWwoxDDm+2zfzePrNDLQg8HJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABY5+8AAAD//5d3NP0=") r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x8004587d, &(0x7f0000000080)) rmdir(&(0x7f0000004680)='./file0\x00') 226.777306ms ago: executing program 2 (id=806): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESDEC=r0, @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) readlink(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) setgroups(0x0, 0x0) getgroups(0x0, &(0x7f0000000100)) setregid(0x0, 0x0) syz_clone(0x22180, 0x0, 0xa42f, 0x0, 0x0, 0x0) fchdir(0xffffffffffffffff) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0), 0x48441, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x3, 0x1000002, 0x0, 0xff, "d4e9002b2c000000ff00"}) r3 = syz_open_pts(r2, 0x0) r4 = dup(r3) dup3(r2, r4, 0x0) r5 = dup3(r3, r2, 0x0) ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000000)=0x13) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840), 0x1a01, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/246) pwritev(r6, &(0x7f0000000080)=[{&(0x7f0000000100)="39ac8469c75e197eba", 0x9}, {&(0x7f0000000340)="a4ce", 0x2}], 0x2, 0xffffffff, 0x4) 128.681078ms ago: executing program 1 (id=807): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000ff0d1400bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe000000008500000007000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/685], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r0, 0x2000012, 0xffe, 0x0, &(0x7f0000000c40), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 128.283488ms ago: executing program 2 (id=808): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14) 127.752078ms ago: executing program 3 (id=809): mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4000, 0x0, 0x0, 0x2) 50.694899ms ago: executing program 1 (id=810): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r0 = socket(0x10, 0x803, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x4, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0xc00}}}]}, 0x38}}, 0x0) r3 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newtfilter={0x894, 0x2c, 0xd2b, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r4, {0xb, 0x3}, {}, {0x1, 0x9}}, [@filter_kind_options=@f_fw={{0x7}, {0x868, 0x2, [@TCA_FW_MASK={0x8, 0x5, 0x7}, @TCA_FW_INDEV={0x14, 0x3, 'geneve1\x00'}, @TCA_FW_POLICE={0x848, 0x2, [@TCA_POLICE_RATE={0x404, 0x2, [0x7ff, 0x9, 0x9, 0x6, 0x10e000e5, 0x8, 0x2, 0x3463, 0x3ff, 0x2, 0x100, 0x10001, 0xc9f, 0xf2, 0x2, 0xccb2, 0x101, 0x8000, 0x1, 0xfffffffe, 0x110b, 0x8fd, 0x0, 0x6, 0x557a, 0x8, 0xffff, 0x4, 0x6, 0x7, 0x8, 0xa, 0x9, 0xe3, 0x2, 0xb, 0x7, 0xfffffffb, 0x40, 0x2, 0x9b, 0xf, 0x80000001, 0x9, 0x7ff, 0x5, 0x0, 0x8, 0x401, 0x712a, 0x1, 0x2, 0x8, 0x80, 0x7af, 0x8, 0x9, 0x1, 0x5, 0x68b, 0xd3, 0x9, 0x800, 0x9, 0x2, 0x3ff, 0x3ff, 0x0, 0x6, 0xd7, 0xffffffc0, 0x5, 0x4, 0xfffffff9, 0xb4a, 0x40, 0x8caa, 0x3, 0x5, 0x4, 0x3, 0xfd, 0x4, 0xd, 0x81, 0x0, 0x5, 0x6, 0x9, 0x5, 0xf, 0x6, 0xffffffff, 0x3, 0xc631, 0xfffffe00, 0x9, 0x1ff, 0x0, 0x2, 0x8, 0xc94, 0x8, 0x1, 0x3, 0x2, 0x7f, 0x7c5231e7, 0x5, 0x0, 0x9, 0x3, 0xf, 0x6, 0x3, 0x7, 0x0, 0x1ff, 0x4, 0x6, 0x8, 0x5, 0xfb, 0x8, 0x9, 0x5, 0x7, 0x800, 0x9, 0xd, 0x401, 0x8, 0xffffffff, 0x0, 0x7, 0x4, 0xffff, 0x3, 0x401, 0x2, 0x3, 0xfffffff9, 0x1, 0x8, 0x6, 0x400, 0x8, 0x3ba, 0x5, 0x80000001, 0x7, 0x9, 0x7, 0x4, 0x3, 0x6, 0xe, 0x6, 0x9, 0x7, 0x7af9b4d9, 0x10001, 0x9, 0x7, 0x5670, 0xfffffffb, 0x8, 0x4, 0x2, 0x800, 0x4, 0x2, 0xfffffff8, 0x2, 0x3, 0x1, 0x7, 0x4, 0x5, 0x1ff, 0x8b6, 0x7, 0xd629, 0x4, 0xdc, 0x1000, 0x10, 0x80, 0x2000, 0x446, 0xffff0e8f, 0x6, 0x4, 0x2a1d, 0x40000000, 0xf5, 0x1, 0x4, 0x10001, 0x7, 0x1, 0xfffffff7, 0x3, 0xb2, 0xfd3d, 0xfffffff9, 0x6, 0x7, 0x6, 0x200, 0x40, 0x3, 0xfffffffb, 0x7, 0x5, 0x44, 0x2, 0x6f, 0x10000, 0x5, 0x7, 0x1ff, 0xb3c, 0x5, 0x10, 0xd, 0x7, 0x8, 0x8, 0x1eb00000, 0xffffffff, 0x5, 0x8, 0xee, 0x992f, 0x800, 0x4, 0x6, 0x543, 0x8, 0xc6, 0xffffff78, 0x80, 0x7, 0x0, 0x7, 0x1, 0x0, 0x7, 0xc09, 0x80000000, 0x5, 0xa, 0x5, 0x0, 0x8]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0xca, 0xcfbd, 0x6, 0x9, 0xfffffffc, 0x3, 0xffff, 0x1, 0x6ec99ac6, 0x2, 0x40, 0xd, 0x7, 0x45, 0x6, 0x400, 0x4, 0x7, 0x5, 0x1, 0x711, 0x2c66, 0x9, 0x3, 0x5, 0x8, 0x7, 0x1000, 0x6, 0x34, 0x1, 0xec, 0x4, 0x4, 0x3ff, 0x76a, 0x2, 0x8000008, 0x6, 0xfffffffd, 0x8001, 0x5, 0x1, 0xffffffc0, 0xd, 0x23f6, 0x0, 0x7fff, 0x7, 0x8000, 0x484, 0x7fffffff, 0x5, 0x5, 0x4, 0x7, 0x9, 0x0, 0x4, 0x10001, 0xd, 0x6, 0x6, 0x80000001, 0xffff, 0xf, 0x342, 0x2, 0x5, 0x4, 0xffffffdf, 0x1, 0x0, 0x6, 0x2, 0x381d, 0x7ff, 0x9, 0xfc, 0x0, 0x81, 0xfbe, 0x0, 0x2, 0x7, 0xa69, 0x0, 0x6, 0x5, 0x6, 0x6, 0x4, 0x10001, 0x6, 0x487, 0x0, 0xc96, 0x0, 0x9, 0x10000, 0x9, 0x2, 0x8, 0x0, 0x2, 0x2, 0x5, 0x3, 0x2, 0xa, 0xd, 0x4, 0xfff, 0x9f, 0xffffffff, 0x1fe0, 0x5, 0x80000000, 0x8000, 0xa, 0x400, 0x1, 0x4, 0xa4a, 0x5, 0x40, 0x7, 0xd, 0x8, 0x8, 0x7, 0xe5, 0x0, 0xeab59c6, 0x2, 0x3, 0x4f, 0x1, 0x6, 0x8001, 0x1000, 0x8, 0x4, 0x9, 0xa269, 0x2, 0xd, 0x8001, 0xffff, 0x4, 0x6, 0xad, 0x1, 0x9, 0x9, 0x9, 0x9, 0x6, 0x0, 0x7ff9, 0x8, 0x4, 0x7, 0x1, 0x28, 0x2, 0x6, 0x8000, 0x3, 0x2, 0x7, 0x0, 0x7, 0x8001, 0x4, 0x5d0e, 0x8, 0x8, 0x8e9d, 0xaf01, 0x1, 0x81, 0x5, 0x3, 0x7, 0xa4d0, 0x8, 0x5, 0x5f, 0xb, 0x6, 0x0, 0xf, 0xffffffff, 0x9, 0x1, 0x3, 0x5, 0x2, 0x1, 0x7575, 0x306, 0x7, 0x4, 0x1, 0x9, 0xd, 0x2d1e, 0x3, 0x1, 0x1, 0x3ff, 0x9, 0x80, 0x74cc, 0x800, 0x8, 0x8, 0x6, 0xd8a, 0x10001, 0xb17f, 0x8001, 0xff, 0x3, 0x716, 0x89, 0xf, 0xe940, 0x9, 0x5, 0x80, 0xd, 0x9, 0x0, 0xff, 0xffffff81, 0x0, 0x9044, 0x80000000, 0x5, 0xaaf3, 0x7a3, 0x1, 0x61, 0x6, 0x6, 0x4, 0x7, 0x0, 0x3, 0x0, 0xffffffff, 0x2, 0x4]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x8, 0x4, 0xb, 0xffff, 0xf, {0x1b, 0x1, 0x5, 0x5, 0x3, 0x9}, {0x3, 0x0, 0x0, 0x4, 0x2, 0x1000}, 0x4, 0x80000000, 0x1}}]}]}}]}, 0x894}, 0x1, 0x0, 0x0, 0x81}, 0x800) 50.150139ms ago: executing program 4 (id=811): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010020000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a30000000004c000000060a010400000000000000000100000908000b40000000002400048020000180080001006c6f67001400028008000640000000110900014001ff00000900010073797a"], 0xc0}}, 0x0) 36.927509ms ago: executing program 3 (id=812): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000001680)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002c0000009500000000000000eb4779fcbb3e3bbff2971871b1b1c0b4f0fca28377f3aa77d6c8d949060c54d53bd61b3561319f7b346f8cadae05957ee562fe28a5d0b564a59c30cb37ebb90e516d9c72b9d81817f7a04496e4261b41dae579bd93d38e2740ac98d6108c318a35d29534fd3c6bf14ef7a5c59c3d48f092e6b6bb43ec765d850f71052de0718c"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@newlink={0x44, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0x1c, 0x2b, 0x0, 0x1, [@IFLA_XDP_EXPECTED_FD={0x8, 0x8, r2}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x19}, @IFLA_XDP_FD={0x8, 0x1, r1}]}, @IFLA_GROUP={0x8}]}, 0x44}}, 0x0) 0s ago: executing program 0 (id=813): r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000005c0)='./file0\x00', 0x101400, 0x148) open(&(0x7f00009e1000)='./file0\x00', 0x0, 0xc) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) r3 = openat$cgroup_subtree(r2, &(0x7f0000000100), 0x2, 0x0) write$cgroup_subtree(r3, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5) write$cgroup_subtree(r3, &(0x7f0000000480)={[{0x2b, 'rdma'}]}, 0x6) quotactl_fd$Q_GETFMT(r0, 0xffffffff80000402, 0x0, 0x0) open(&(0x7f00000002c0)='./file0\x00', 0x1491ff, 0x22) syz_emit_ethernet(0x4e, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffff00005403cb0086dd6003136c00188700fc020000000000000000000000000000ff0200000000000000000000000000015202040151"], 0x0) kernel console output (not intermixed with test programs): ite } for pid=3450 comm="syz.0.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 31.003058][ T3313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.003077][ T3313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.003090][ T3313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.063741][ T3313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.074997][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 31.084535][ T3313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.095081][ T3313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.105246][ T3313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.115791][ T3313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.122197][ T3456] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5'. [ 31.125657][ T3313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.144849][ T3313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.154777][ T3313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.165252][ T3313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.177736][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 31.191315][ T29] audit: type=1400 audit(1745377790.806:136): avc: denied { create } for pid=3458 comm="syz.4.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 31.220101][ T3313] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.228961][ T3313] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.237708][ T3313] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.246522][ T3313] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.256387][ T29] audit: type=1400 audit(1745377790.846:137): avc: denied { block_suspend } for pid=3458 comm="syz.4.8" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 31.277645][ T29] audit: type=1400 audit(1745377790.846:138): avc: denied { module_load } for pid=3458 comm="syz.4.8" path="/sys/power/wakeup_count" dev="sysfs" ino=216 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1 [ 31.314039][ T29] audit: type=1400 audit(1745377790.896:139): avc: denied { setopt } for pid=3458 comm="syz.4.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 31.358678][ T3466] loop3: detected capacity change from 0 to 2048 [ 31.377172][ T3466] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 31.392696][ T3468] loop1: detected capacity change from 0 to 2048 [ 31.400041][ T29] audit: type=1326 audit(1745377791.006:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3458 comm="syz.4.8" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f16cddde169 code=0x0 [ 31.431322][ T3466] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 31.455459][ T3468] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 31.468337][ T3468] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 31.480600][ T29] audit: type=1400 audit(1745377791.056:141): avc: denied { create } for pid=3474 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 31.523384][ T3478] loop7: detected capacity change from 0 to 16384 [ 31.676230][ T3481] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 345: padding at end of block bitmap is not set [ 31.700297][ T29] audit: type=1326 audit(1745377791.286:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3477 comm="syz.0.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f318deee169 code=0x7ffc0000 [ 31.723561][ T29] audit: type=1326 audit(1745377791.286:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3477 comm="syz.0.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f318deee169 code=0x7ffc0000 [ 31.737487][ T3481] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 240 with error 117 [ 31.759466][ T3481] EXT4-fs (loop3): This should not happen!! Data will be lost [ 31.759466][ T3481] [ 31.792385][ T3482] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 345: padding at end of block bitmap is not set [ 31.820453][ T3482] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 240 with error 117 [ 31.833147][ T3482] EXT4-fs (loop1): This should not happen!! Data will be lost [ 31.833147][ T3482] [ 31.849076][ T51] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 256 with max blocks 2048 with error 117 [ 31.862106][ T51] EXT4-fs (loop3): This should not happen!! Data will be lost [ 31.862106][ T51] [ 31.975408][ T31] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 256 with max blocks 1801 with error 117 [ 31.988463][ T31] EXT4-fs (loop1): This should not happen!! Data will be lost [ 31.988463][ T31] [ 31.999667][ T3404] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2305 with max blocks 264 with error 28 [ 32.012432][ T3404] EXT4-fs (loop3): This should not happen!! Data will be lost [ 32.012432][ T3404] [ 32.022193][ T3404] EXT4-fs (loop3): Total free blocks count 0 [ 32.028240][ T3404] EXT4-fs (loop3): Free/Dirty block details [ 32.034243][ T3404] EXT4-fs (loop3): free_blocks=0 [ 32.155610][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 32.295539][ T3493] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 32.639728][ T3498] loop3: detected capacity change from 0 to 2048 [ 32.667755][ T3498] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 32.667919][ T3498] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 32.858701][ T3503] netlink: 76 bytes leftover after parsing attributes in process `syz.0.17'. [ 32.858729][ T3503] netlink: 76 bytes leftover after parsing attributes in process `syz.0.17'. [ 32.858754][ T3503] netlink: 76 bytes leftover after parsing attributes in process `syz.0.17'. [ 32.873017][ T3503] netlink: 76 bytes leftover after parsing attributes in process `syz.0.17'. [ 32.873042][ T3503] netlink: 76 bytes leftover after parsing attributes in process `syz.0.17'. [ 32.873055][ T3503] netlink: 76 bytes leftover after parsing attributes in process `syz.0.17'. [ 32.892354][ T3503] netlink: 76 bytes leftover after parsing attributes in process `syz.0.17'. [ 32.934008][ T3503] netlink: 76 bytes leftover after parsing attributes in process `syz.0.17'. [ 32.942838][ T3503] netlink: 76 bytes leftover after parsing attributes in process `syz.0.17'. [ 33.151639][ T3498] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 345: padding at end of block bitmap is not set [ 33.151834][ T3498] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 240 with error 117 [ 33.151862][ T3498] EXT4-fs (loop3): This should not happen!! Data will be lost [ 33.151862][ T3498] [ 33.159648][ T12] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 256 with max blocks 2048 with error 117 [ 33.201442][ T12] EXT4-fs (loop3): This should not happen!! Data will be lost [ 33.201442][ T12] [ 33.231860][ T12] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2305 with max blocks 1800 with error 28 [ 33.244704][ T12] EXT4-fs (loop3): This should not happen!! Data will be lost [ 33.244704][ T12] [ 33.254407][ T12] EXT4-fs (loop3): Total free blocks count 0 [ 33.254425][ T12] EXT4-fs (loop3): Free/Dirty block details [ 33.254438][ T12] EXT4-fs (loop3): free_blocks=0 [ 33.312095][ T3514] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 33.312128][ T3514] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 33.330075][ T3514] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 33.330104][ T3514] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 33.362079][ T3512] loop2: detected capacity change from 0 to 256 [ 33.362322][ T3512] ======================================================= [ 33.362322][ T3512] WARNING: The mand mount option has been deprecated and [ 33.362322][ T3512] and is ignored by this kernel. Remove the mand [ 33.362322][ T3512] option from the mount to silence this warning. [ 33.362322][ T3512] ======================================================= [ 33.631745][ T3528] loop2: detected capacity change from 0 to 256 [ 33.715433][ T3531] capability: warning: `syz.2.27' uses 32-bit capabilities (legacy support in use) [ 33.715603][ T3531] FAULT_INJECTION: forcing a failure. [ 33.715603][ T3531] name failslab, interval 1, probability 0, space 0, times 1 [ 33.715707][ T3531] CPU: 0 UID: 0 PID: 3531 Comm: syz.2.27 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 33.715738][ T3531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 33.715792][ T3531] Call Trace: [ 33.715800][ T3531] [ 33.715809][ T3531] dump_stack_lvl+0xf6/0x150 [ 33.715926][ T3531] dump_stack+0x15/0x1a [ 33.716027][ T3531] should_fail_ex+0x261/0x270 [ 33.716057][ T3531] should_failslab+0x8f/0xb0 [ 33.716077][ T3531] kmem_cache_alloc_noprof+0x59/0x340 [ 33.716186][ T3531] ? alloc_empty_file+0x78/0x200 [ 33.716221][ T3531] alloc_empty_file+0x78/0x200 [ 33.716319][ T3531] path_openat+0x6f/0x2000 [ 33.716352][ T3531] ? _parse_integer_limit+0x167/0x180 [ 33.716380][ T3531] ? kstrtoull+0x115/0x140 [ 33.716404][ T3531] ? kstrtouint+0x7b/0xc0 [ 33.716487][ T3531] do_filp_open+0x115/0x240 [ 33.716533][ T3531] do_sys_openat2+0xaa/0x110 [ 33.716570][ T3531] __x64_sys_openat+0xf8/0x120 [ 33.716601][ T3531] x64_sys_call+0x1ac/0x2e10 [ 33.716705][ T3531] do_syscall_64+0xc9/0x1a0 [ 33.716738][ T3531] ? clear_bhb_loop+0x25/0x80 [ 33.716761][ T3531] ? clear_bhb_loop+0x25/0x80 [ 33.716806][ T3531] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 33.716838][ T3531] RIP: 0033:0x7f348f8ce169 [ 33.716862][ T3531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 33.716883][ T3531] RSP: 002b:00007f348df37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 33.716910][ T3531] RAX: ffffffffffffffda RBX: 00007f348faf5fa0 RCX: 00007f348f8ce169 [ 33.716925][ T3531] RDX: 0000000000000100 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 33.716955][ T3531] RBP: 00007f348df37090 R08: 0000000000000000 R09: 0000000000000000 [ 33.716971][ T3531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 33.717053][ T3531] R13: 0000000000000000 R14: 00007f348faf5fa0 R15: 00007ffddc7226a8 [ 33.717071][ T3531] [ 34.353853][ T3549] syz.0.33 uses obsolete (PF_INET,SOCK_PACKET) [ 34.836174][ T3576] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 34.874360][ T3576] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98 [ 35.535001][ T3587] loop1: detected capacity change from 0 to 512 [ 35.628837][ T3587] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.42: bg 0: block 35: padding at end of block bitmap is not set [ 35.794045][ T3587] EXT4-fs (loop1): Remounting filesystem read-only [ 35.853498][ T3587] EXT4-fs (loop1): 1 truncate cleaned up [ 35.899656][ T3587] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 35.983449][ T29] kauditd_printk_skb: 113 callbacks suppressed [ 35.983466][ T29] audit: type=1400 audit(1745377795.596:257): avc: denied { mount } for pid=3584 comm="syz.1.42" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 35.983785][ T3587] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.285343][ T3606] __nla_validate_parse: 4 callbacks suppressed [ 36.285361][ T3606] netlink: 40 bytes leftover after parsing attributes in process `syz.1.45'. [ 36.611408][ T29] audit: type=1400 audit(1745377796.146:258): avc: denied { connect } for pid=3612 comm="syz.1.46" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 36.631667][ T29] audit: type=1400 audit(1745377796.156:259): avc: denied { execmem } for pid=3612 comm="syz.1.46" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 37.148048][ T29] audit: type=1400 audit(1745377796.426:260): avc: denied { create } for pid=3612 comm="syz.1.46" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 37.167302][ T29] audit: type=1400 audit(1745377796.426:261): avc: denied { setopt } for pid=3612 comm="syz.1.46" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 37.186667][ T29] audit: type=1400 audit(1745377796.436:262): avc: denied { setopt } for pid=3612 comm="syz.1.46" laddr=::1 lport=7 faddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 37.208436][ T29] audit: type=1400 audit(1745377796.606:263): avc: denied { create } for pid=3618 comm="syz.0.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 37.227665][ T29] audit: type=1400 audit(1745377796.616:264): avc: denied { create } for pid=3618 comm="syz.0.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 37.248594][ T29] audit: type=1400 audit(1745377796.636:265): avc: denied { write } for pid=3618 comm="syz.0.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 37.418183][ T3626] loop4: detected capacity change from 0 to 2048 [ 37.500634][ T29] audit: type=1400 audit(1745377797.106:266): avc: denied { read } for pid=3629 comm="syz.1.53" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 37.606934][ T3626] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 37.795069][ T3630] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 37.807099][ T3630] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 38.100622][ T3626] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 38.213938][ T3630] loop1: detected capacity change from 0 to 764 [ 38.238428][ T3630] iso9660: Unknown parameter '' [ 38.392851][ T3643] loop3: detected capacity change from 0 to 512 [ 38.428907][ T3643] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.55: bg 0: block 35: padding at end of block bitmap is not set [ 38.458535][ T3643] EXT4-fs (loop3): Remounting filesystem read-only [ 38.460116][ T3641] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 345: padding at end of block bitmap is not set [ 38.472267][ T3643] EXT4-fs (loop3): 1 truncate cleaned up [ 38.479769][ T3641] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 240 with error 117 [ 38.497477][ T3641] EXT4-fs (loop4): This should not happen!! Data will be lost [ 38.497477][ T3641] [ 38.510007][ T3643] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 38.643278][ T3643] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.783946][ T1731] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 256 with max blocks 2048 with error 117 [ 38.796835][ T1731] EXT4-fs (loop4): This should not happen!! Data will be lost [ 38.796835][ T1731] [ 38.829896][ T3652] netlink: 76 bytes leftover after parsing attributes in process `syz.3.58'. [ 38.838841][ T3652] netlink: 76 bytes leftover after parsing attributes in process `syz.3.58'. [ 38.847712][ T3652] netlink: 76 bytes leftover after parsing attributes in process `syz.3.58'. [ 38.885604][ T1731] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2305 with max blocks 1001 with error 28 [ 38.898432][ T1731] EXT4-fs (loop4): This should not happen!! Data will be lost [ 38.898432][ T1731] [ 38.908151][ T1731] EXT4-fs (loop4): Total free blocks count 0 [ 38.914287][ T1731] EXT4-fs (loop4): Free/Dirty block details [ 38.920210][ T1731] EXT4-fs (loop4): free_blocks=0 [ 38.979587][ T3652] netlink: 76 bytes leftover after parsing attributes in process `syz.3.58'. [ 38.988514][ T3652] netlink: 76 bytes leftover after parsing attributes in process `syz.3.58'. [ 38.997332][ T3652] netlink: 76 bytes leftover after parsing attributes in process `syz.3.58'. [ 39.035792][ T3652] netlink: 76 bytes leftover after parsing attributes in process `syz.3.58'. [ 39.044753][ T3652] netlink: 76 bytes leftover after parsing attributes in process `syz.3.58'. [ 39.053638][ T3652] netlink: 76 bytes leftover after parsing attributes in process `syz.3.58'. [ 39.264794][ T3669] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 39.403071][ T3676] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.447725][ T3673] loop2: detected capacity change from 0 to 2048 [ 39.650024][ T3680] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.104575][ T3673] EXT4-fs (loop2): failed to initialize system zone (-117) [ 40.115369][ T3684] netlink: 'syz.3.63': attribute type 10 has an invalid length. [ 40.133222][ T3673] EXT4-fs (loop2): mount failed [ 40.274470][ T3684] team0: Failed to send port change of device geneve1 via netlink (err -105) [ 40.393775][ T3684] team0: Failed to send options change via netlink (err -105) [ 40.401342][ T3684] team0: Port device geneve1 added [ 40.410332][ T3676] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.478326][ T3680] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.516508][ T3699] loop1: detected capacity change from 0 to 128 [ 40.530071][ T3696] loop4: detected capacity change from 0 to 512 [ 40.530504][ T3699] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 40.552711][ T3699] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 40.556132][ T3696] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.69: bg 0: block 35: padding at end of block bitmap is not set [ 40.591140][ T3676] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.737328][ T3680] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.756497][ T3676] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.814837][ T3680] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.855846][ T3676] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.887093][ T3676] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.935848][ T3680] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.962999][ T3676] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.990790][ T3680] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.048023][ T3676] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.074173][ T3312] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 41.091391][ T3680] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.150222][ T3680] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.320370][ T3709] loop3: detected capacity change from 0 to 1024 [ 41.350455][ T29] kauditd_printk_skb: 31 callbacks suppressed [ 41.350472][ T29] audit: type=1400 audit(1745377800.956:298): avc: denied { write } for pid=3710 comm="syz.0.75" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 41.384143][ T3709] EXT4-fs: Ignoring removed i_version option [ 41.390172][ T3709] EXT4-fs: dax option not supported [ 41.435336][ T3711] __nla_validate_parse: 1 callbacks suppressed [ 41.435356][ T3711] netlink: 132 bytes leftover after parsing attributes in process `syz.0.75'. [ 41.454462][ T29] audit: type=1400 audit(1745377801.016:299): avc: denied { create } for pid=3708 comm="syz.3.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 41.473689][ T29] audit: type=1400 audit(1745377801.026:300): avc: denied { write } for pid=3710 comm="syz.0.75" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 41.493189][ T29] audit: type=1400 audit(1745377801.026:301): avc: denied { connect } for pid=3710 comm="syz.0.75" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 41.512571][ T29] audit: type=1400 audit(1745377801.026:302): avc: denied { name_connect } for pid=3710 comm="syz.0.75" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 41.546472][ T3696] EXT4-fs (loop4): Remounting filesystem read-only [ 41.548216][ T29] audit: type=1400 audit(1745377801.156:303): avc: denied { create } for pid=3713 comm="syz.2.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 41.565343][ T3711] vhci_hcd: invalid port number 96 [ 41.577413][ T29] audit: type=1400 audit(1745377801.176:304): avc: denied { write } for pid=3713 comm="syz.2.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 41.596708][ T3711] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 41.604836][ T3696] EXT4-fs (loop4): 1 truncate cleaned up [ 41.621970][ T3696] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 41.662440][ T3696] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.683142][ T3709] Zero length message leads to an empty skb [ 41.730486][ T29] audit: type=1400 audit(1745377801.336:305): avc: denied { name_bind } for pid=3726 comm="syz.3.78" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 41.752079][ T29] audit: type=1400 audit(1745377801.336:306): avc: denied { node_bind } for pid=3726 comm="syz.3.78" saddr=::ffff:0.0.0.0 src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 41.775476][ T3727] FAULT_INJECTION: forcing a failure. [ 41.775476][ T3727] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 41.784370][ T3730] 9pnet_fd: Insufficient options for proto=fd [ 41.788636][ T3727] CPU: 1 UID: 0 PID: 3727 Comm: syz.3.78 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 41.788693][ T3727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 41.788778][ T3727] Call Trace: [ 41.788786][ T3727] [ 41.788797][ T3727] dump_stack_lvl+0xf6/0x150 [ 41.788826][ T3727] dump_stack+0x15/0x1a [ 41.788849][ T3727] should_fail_ex+0x261/0x270 [ 41.788880][ T3727] should_fail+0xb/0x10 [ 41.788905][ T3727] should_fail_usercopy+0x1a/0x20 [ 41.788936][ T3727] _copy_to_user+0x20/0xa0 [ 41.789022][ T3727] simple_read_from_buffer+0xb2/0x130 [ 41.789070][ T3727] proc_fail_nth_read+0x103/0x140 [ 41.789113][ T3727] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 41.789201][ T3727] vfs_read+0x1b2/0x710 [ 41.789221][ T3727] ? __rcu_read_unlock+0x4e/0x70 [ 41.789308][ T3727] ? __fget_files+0x186/0x1c0 [ 41.789337][ T3727] ksys_read+0xeb/0x1b0 [ 41.789361][ T3727] __x64_sys_read+0x42/0x50 [ 41.789384][ T3727] x64_sys_call+0x2a3b/0x2e10 [ 41.789411][ T3727] do_syscall_64+0xc9/0x1a0 [ 41.789518][ T3727] ? clear_bhb_loop+0x25/0x80 [ 41.789544][ T3727] ? clear_bhb_loop+0x25/0x80 [ 41.789571][ T3727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 41.789597][ T3727] RIP: 0033:0x7f0ac331cb7c [ 41.789616][ T3727] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 41.789694][ T3727] RSP: 002b:00007f0ac1987030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 41.789717][ T3727] RAX: ffffffffffffffda RBX: 00007f0ac3545fa0 RCX: 00007f0ac331cb7c [ 41.789732][ T3727] RDX: 000000000000000f RSI: 00007f0ac19870a0 RDI: 0000000000000004 [ 41.789746][ T3727] RBP: 00007f0ac1987090 R08: 0000000000000000 R09: 0000000000000000 [ 41.789760][ T3727] R10: 000000000000005a R11: 0000000000000246 R12: 0000000000000001 [ 41.789775][ T3727] R13: 0000000000000000 R14: 00007f0ac3545fa0 R15: 00007fff05dcb678 [ 41.789797][ T3727] [ 41.814579][ T3729] netlink: 76 bytes leftover after parsing attributes in process `syz.0.79'. [ 41.878318][ T3734] loop4: detected capacity change from 0 to 512 [ 41.880695][ T3729] netlink: 76 bytes leftover after parsing attributes in process `syz.0.79'. [ 41.880713][ T3729] netlink: 76 bytes leftover after parsing attributes in process `syz.0.79'. [ 42.028132][ T3739] netlink: 'syz.2.77': attribute type 10 has an invalid length. [ 42.035871][ T3739] netlink: 40 bytes leftover after parsing attributes in process `syz.2.77'. [ 42.053379][ T3730] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.064770][ T3729] netlink: 76 bytes leftover after parsing attributes in process `syz.0.79'. [ 42.073752][ T3729] netlink: 76 bytes leftover after parsing attributes in process `syz.0.79'. [ 42.082647][ T3729] netlink: 76 bytes leftover after parsing attributes in process `syz.0.79'. [ 42.096113][ T3739] team0: Failed to send port change of device geneve1 via netlink (err -105) [ 42.106045][ T3739] team0: Failed to send options change via netlink (err -105) [ 42.106107][ T3734] EXT4-fs (loop4): blocks per group (71) and clusters per group (20800) inconsistent [ 42.113561][ T3739] team0: Port device geneve1 added [ 42.142431][ T3741] loop3: detected capacity change from 0 to 764 [ 42.149270][ T3729] netlink: 76 bytes leftover after parsing attributes in process `syz.0.79'. [ 42.158199][ T3729] netlink: 76 bytes leftover after parsing attributes in process `syz.0.79'. [ 42.180689][ T3730] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.192750][ T29] audit: type=1400 audit(1745377801.806:307): avc: denied { mount } for pid=3740 comm="syz.3.82" name="/" dev="loop3" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 42.280031][ T3730] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.312961][ T3748] vhci_hcd: invalid port number 96 [ 42.318152][ T3748] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 42.344440][ T3730] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.372018][ T3760] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 42.478789][ T3730] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.494241][ T3730] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.512320][ T3730] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.563646][ T3730] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.595675][ T3763] xt_TPROXY: Can be used only with -p tcp or -p udp [ 43.047692][ T3770] loop3: detected capacity change from 0 to 1764 [ 43.056899][ T3770] iso9660: Unknown parameter 'pÕ ¸¸' [ 43.127391][ T3774] loop1: detected capacity change from 0 to 512 [ 43.138481][ T3774] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.91: bg 0: block 35: padding at end of block bitmap is not set [ 43.206385][ T3774] EXT4-fs (loop1): Remounting filesystem read-only [ 43.228005][ T3774] EXT4-fs (loop1): 1 truncate cleaned up [ 43.261584][ T3774] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 43.321357][ T3774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.439992][ T3795] loop2: detected capacity change from 0 to 2048 [ 43.485105][ T3795] EXT4-fs: inline encryption not supported [ 43.553766][ T3795] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal [ 43.622652][ T3795] bond1: entered promiscuous mode [ 43.627751][ T3795] bond1: entered allmulticast mode [ 43.643383][ T3795] 8021q: adding VLAN 0 to HW filter on device bond1 [ 43.660773][ T3795] bond1 (unregistering): Released all slaves [ 43.785137][ T3812] loop1: detected capacity change from 0 to 512 [ 43.804394][ T3812] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 43.891492][ T3819] tipc: Started in network mode [ 43.896433][ T3819] tipc: Node identity 461d57a08335, cluster identity 4711 [ 43.903638][ T3819] tipc: Enabled bearer , priority 0 [ 43.932214][ T3812] EXT4-fs (loop1): orphan cleanup on readonly fs [ 43.998497][ C1] vcan0: j1939_tp_rxtimer: 0xffff88811c895a00: rx timeout, send abort [ 43.999713][ T3818] tipc: Resetting bearer [ 44.017660][ T3812] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.105: Failed to acquire dquot type 1 [ 44.048784][ T3812] EXT4-fs (loop1): 1 truncate cleaned up [ 44.077223][ T3812] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 44.092666][ T3818] tipc: Disabling bearer [ 44.107331][ T3824] loop2: detected capacity change from 0 to 512 [ 44.140043][ T3824] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.108: bg 0: block 35: padding at end of block bitmap is not set [ 44.195676][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.264209][ T3824] EXT4-fs (loop2): Remounting filesystem read-only [ 44.281250][ T3824] EXT4-fs (loop2): 1 truncate cleaned up [ 44.302443][ T3824] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 44.338367][ T3824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.498525][ C1] vcan0: j1939_tp_rxtimer: 0xffff88811c895e00: rx timeout, send abort [ 44.511507][ C1] vcan0: j1939_tp_rxtimer: 0xffff88811c895a00: abort rx timeout. Force session deactivation [ 44.962857][ T3848] sch_fq: defrate 4294967295 ignored. [ 45.006806][ C1] vcan0: j1939_tp_rxtimer: 0xffff88811c895e00: abort rx timeout. Force session deactivation [ 45.025184][ T3848] loop0: detected capacity change from 0 to 512 [ 45.056041][ T3848] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix. [ 45.079611][ T3852] mmap: syz.4.119 (3852) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 45.094583][ T3848] EXT4-fs (loop0): mount failed [ 45.176404][ T3865] loop2: detected capacity change from 0 to 512 [ 45.188477][ T3867] loop0: detected capacity change from 0 to 512 [ 45.202971][ T3865] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.124: bg 0: block 35: padding at end of block bitmap is not set [ 45.243816][ T3867] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 45.248400][ T3865] EXT4-fs (loop2): Remounting filesystem read-only [ 45.264009][ T3865] EXT4-fs (loop2): 1 truncate cleaned up [ 45.273908][ T3867] EXT4-fs (loop0): 1 orphan inode deleted [ 45.294083][ T3865] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 45.310914][ T3865] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.392552][ T3867] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.417602][ T3875] loop4: detected capacity change from 0 to 128 [ 45.468183][ T3877] hub 9-0:1.0: USB hub found [ 45.473245][ T3877] hub 9-0:1.0: 8 ports detected [ 45.555738][ T3867] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 45.716355][ T3882] FAULT_INJECTION: forcing a failure. [ 45.716355][ T3882] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 45.729511][ T3882] CPU: 1 UID: 0 PID: 3882 Comm: syz.4.129 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 45.729601][ T3882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 45.729612][ T3882] Call Trace: [ 45.729618][ T3882] [ 45.729625][ T3882] dump_stack_lvl+0xf6/0x150 [ 45.729650][ T3882] dump_stack+0x15/0x1a [ 45.729671][ T3882] should_fail_ex+0x261/0x270 [ 45.729700][ T3882] should_fail+0xb/0x10 [ 45.729733][ T3882] should_fail_usercopy+0x1a/0x20 [ 45.729783][ T3882] _copy_from_iter+0xd8/0xd10 [ 45.729811][ T3882] ? kmalloc_reserve+0x16e/0x190 [ 45.729829][ T3882] ? __build_skb_around+0x199/0x1f0 [ 45.729853][ T3882] ? __alloc_skb+0x227/0x320 [ 45.729897][ T3882] ? __virt_addr_valid+0x1ed/0x250 [ 45.729920][ T3882] ? __check_object_size+0x367/0x510 [ 45.730015][ T3882] netlink_sendmsg+0x492/0x720 [ 45.730040][ T3882] ? __pfx_netlink_sendmsg+0x10/0x10 [ 45.730058][ T3882] __sock_sendmsg+0x140/0x180 [ 45.730087][ T3882] ____sys_sendmsg+0x350/0x4e0 [ 45.730186][ T3882] __sys_sendmsg+0x1a0/0x240 [ 45.730226][ T3882] __x64_sys_sendmsg+0x46/0x50 [ 45.730315][ T3882] x64_sys_call+0x26f3/0x2e10 [ 45.730419][ T3882] do_syscall_64+0xc9/0x1a0 [ 45.730529][ T3882] ? clear_bhb_loop+0x25/0x80 [ 45.730599][ T3882] ? clear_bhb_loop+0x25/0x80 [ 45.730679][ T3882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 45.730698][ T3882] RIP: 0033:0x7f16cddde169 [ 45.730716][ T3882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 45.730742][ T3882] RSP: 002b:00007f16cc447038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 45.730760][ T3882] RAX: ffffffffffffffda RBX: 00007f16ce005fa0 RCX: 00007f16cddde169 [ 45.730771][ T3882] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004 [ 45.730782][ T3882] RBP: 00007f16cc447090 R08: 0000000000000000 R09: 0000000000000000 [ 45.730793][ T3882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 45.730847][ T3882] R13: 0000000000000000 R14: 00007f16ce005fa0 R15: 00007ffcd2832778 [ 45.730870][ T3882] [ 46.000787][ T3867] tipc: Enabling of bearer rejected, failed to enable media [ 46.027032][ C1] hrtimer: interrupt took 8935 ns [ 46.204286][ T1731] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1 [ 46.263262][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.288364][ T3890] FAULT_INJECTION: forcing a failure. [ 46.288364][ T3890] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 46.301565][ T3890] CPU: 1 UID: 0 PID: 3890 Comm: syz.4.132 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 46.301592][ T3890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 46.301681][ T3890] Call Trace: [ 46.301687][ T3890] [ 46.301695][ T3890] dump_stack_lvl+0xf6/0x150 [ 46.301723][ T3890] dump_stack+0x15/0x1a [ 46.301753][ T3890] should_fail_ex+0x261/0x270 [ 46.301783][ T3890] should_fail+0xb/0x10 [ 46.301807][ T3890] should_fail_usercopy+0x1a/0x20 [ 46.301833][ T3890] _copy_from_user+0x1c/0xa0 [ 46.301864][ T3890] copy_from_bpfptr+0x60/0xa0 [ 46.301925][ T3890] bpf_prog_load+0x773/0x10e0 [ 46.301968][ T3890] __sys_bpf+0x533/0x800 [ 46.302010][ T3890] __x64_sys_bpf+0x43/0x50 [ 46.302037][ T3890] x64_sys_call+0x23da/0x2e10 [ 46.302095][ T3890] do_syscall_64+0xc9/0x1a0 [ 46.302126][ T3890] ? clear_bhb_loop+0x25/0x80 [ 46.302151][ T3890] ? clear_bhb_loop+0x25/0x80 [ 46.302174][ T3890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 46.302199][ T3890] RIP: 0033:0x7f16cddde169 [ 46.302216][ T3890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 46.302302][ T3890] RSP: 002b:00007f16cc447038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 46.302403][ T3890] RAX: ffffffffffffffda RBX: 00007f16ce005fa0 RCX: 00007f16cddde169 [ 46.302417][ T3890] RDX: 0000000000000094 RSI: 0000200000000980 RDI: 0000000000000005 [ 46.302431][ T3890] RBP: 00007f16cc447090 R08: 0000000000000000 R09: 0000000000000000 [ 46.302445][ T3890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 46.302518][ T3890] R13: 0000000000000000 R14: 00007f16ce005fa0 R15: 00007ffcd2832778 [ 46.302536][ T3890] [ 46.505481][ T3904] loop0: detected capacity change from 0 to 256 [ 46.519784][ T3903] __nla_validate_parse: 26 callbacks suppressed [ 46.519800][ T3903] netlink: 40 bytes leftover after parsing attributes in process `syz.1.137'. [ 46.521816][ T29] kauditd_printk_skb: 237 callbacks suppressed [ 46.521887][ T29] audit: type=1400 audit(1745377806.136:541): avc: denied { append } for pid=3909 comm="syz.4.139" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 46.526968][ T3904] vfat: Unknown parameter '' [ 46.620820][ T29] audit: type=1400 audit(1745377806.236:542): avc: denied { mounton } for pid=3916 comm="syz.4.141" path="/syzcgroup/unified/syz4" dev="cgroup2" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 46.665712][ T3915] netlink: 12 bytes leftover after parsing attributes in process `+}[@'. [ 46.686373][ T3915] netlink: 16 bytes leftover after parsing attributes in process `+}[@'. [ 46.695880][ T3915] netlink: '+}[@': attribute type 7 has an invalid length. [ 46.723145][ T29] audit: type=1400 audit(1745377806.336:543): avc: denied { ioctl } for pid=3922 comm="syz.4.144" path="socket:[6576]" dev="sockfs" ino=6576 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 46.753402][ T3925] loop4: detected capacity change from 0 to 1024 [ 46.761342][ T3925] EXT4-fs: Ignoring removed nomblk_io_submit option [ 46.768009][ T3925] EXT4-fs: Ignoring removed nomblk_io_submit option [ 46.774692][ T3925] ext4: Unknown parameter 'euid<00000000000000016832' [ 46.818342][ T3933] netlink: 12 bytes leftover after parsing attributes in process `syz.4.146'. [ 46.827472][ T29] audit: type=1400 audit(1745377806.426:544): avc: denied { create } for pid=3929 comm="syz.1.145" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 46.848103][ T29] audit: type=1400 audit(1745377806.426:545): avc: denied { create } for pid=3931 comm="syz.4.146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 46.955726][ T29] audit: type=1400 audit(1745377806.566:546): avc: denied { setopt } for pid=3938 comm="syz.4.149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 47.154585][ T3949] netlink: 4 bytes leftover after parsing attributes in process `syz.2.152'. [ 47.170154][ T29] audit: type=1400 audit(1745377806.646:547): avc: denied { ioctl } for pid=3937 comm="syz.2.148" path="socket:[5771]" dev="sockfs" ino=5771 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 47.238085][ T3951] netlink: 24 bytes leftover after parsing attributes in process `syz.4.150'. [ 47.307885][ T3946] netlink: 40 bytes leftover after parsing attributes in process `syz.4.150'. [ 47.316867][ T3946] netlink: 'syz.4.150': attribute type 2 has an invalid length. [ 47.324562][ T3946] netlink: 248 bytes leftover after parsing attributes in process `syz.4.150'. [ 47.328321][ T29] audit: type=1400 audit(1745377806.936:548): avc: denied { getopt } for pid=3953 comm="syz.2.153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 47.334129][ T3950] ALSA: seq fatal error: cannot create timer (-19) [ 47.362353][ T3950] FAULT_INJECTION: forcing a failure. [ 47.362353][ T3950] name failslab, interval 1, probability 0, space 0, times 0 [ 47.375041][ T3950] CPU: 1 UID: 0 PID: 3950 Comm: syz.0.151 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 47.375092][ T3950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 47.375172][ T3950] Call Trace: [ 47.375179][ T3950] [ 47.375186][ T3950] dump_stack_lvl+0xf6/0x150 [ 47.375210][ T3950] dump_stack+0x15/0x1a [ 47.375311][ T3950] should_fail_ex+0x261/0x270 [ 47.375346][ T3950] should_failslab+0x8f/0xb0 [ 47.375403][ T3950] __kmalloc_cache_noprof+0x55/0x320 [ 47.375436][ T3950] ? snd_timer_instance_new+0x31/0x160 [ 47.375556][ T3950] snd_timer_instance_new+0x31/0x160 [ 47.375621][ T3950] snd_seq_timer_open+0x129/0x350 [ 47.375644][ T3950] ? _raw_spin_lock_irqsave+0x40/0xb0 [ 47.375719][ T3950] snd_seq_queue_timer_open+0xcb/0xe0 [ 47.375744][ T3950] snd_seq_ioctl_set_queue_timer+0x154/0x170 [ 47.375789][ T3950] snd_seq_ioctl+0x16b/0x2c0 [ 47.375842][ T3950] ? __pfx_snd_seq_ioctl+0x10/0x10 [ 47.375876][ T3950] __se_sys_ioctl+0xc9/0x140 [ 47.375912][ T3950] __x64_sys_ioctl+0x43/0x50 [ 47.375994][ T3950] x64_sys_call+0x168d/0x2e10 [ 47.376014][ T3950] do_syscall_64+0xc9/0x1a0 [ 47.376038][ T3950] ? clear_bhb_loop+0x25/0x80 [ 47.376059][ T3950] ? clear_bhb_loop+0x25/0x80 [ 47.376083][ T3950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 47.376140][ T3950] RIP: 0033:0x7f318deee169 [ 47.376157][ T3950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 47.376222][ T3950] RSP: 002b:00007f318c557038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 47.376242][ T3950] RAX: ffffffffffffffda RBX: 00007f318e115fa0 RCX: 00007f318deee169 [ 47.376253][ T3950] RDX: 0000200000001280 RSI: 0000000040605346 RDI: 0000000000000007 [ 47.376265][ T3950] RBP: 00007f318c557090 R08: 0000000000000000 R09: 0000000000000000 [ 47.376279][ T3950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 47.376292][ T3950] R13: 0000000000000000 R14: 00007f318e115fa0 R15: 00007ffed26bba78 [ 47.376315][ T3950] [ 47.623303][ T3959] netlink: 76 bytes leftover after parsing attributes in process `syz.0.155'. [ 47.632380][ T3959] netlink: 76 bytes leftover after parsing attributes in process `syz.0.155'. [ 47.650313][ T3955] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 47.707084][ T29] audit: type=1400 audit(1745377807.316:549): avc: denied { unlink } for pid=3312 comm="syz-executor" name="file0" dev="tmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 47.748404][ T29] audit: type=1400 audit(1745377807.356:550): avc: denied { create } for pid=3972 comm="syz.4.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 47.751281][ T3969] FAULT_INJECTION: forcing a failure. [ 47.751281][ T3969] name failslab, interval 1, probability 0, space 0, times 0 [ 47.780453][ T3969] CPU: 1 UID: 0 PID: 3969 Comm: syz.2.158 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 47.780485][ T3969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 47.780498][ T3969] Call Trace: [ 47.780585][ T3969] [ 47.780595][ T3969] dump_stack_lvl+0xf6/0x150 [ 47.780621][ T3969] dump_stack+0x15/0x1a [ 47.780637][ T3969] should_fail_ex+0x261/0x270 [ 47.780707][ T3969] should_failslab+0x8f/0xb0 [ 47.780730][ T3969] __kmalloc_cache_noprof+0x55/0x320 [ 47.780765][ T3969] ? audit_log_d_path+0x8e/0x150 [ 47.780858][ T3969] audit_log_d_path+0x8e/0x150 [ 47.780885][ T3969] audit_log_d_path_exe+0x42/0x70 [ 47.780914][ T3969] audit_log_task+0x1f1/0x250 [ 47.780954][ T3969] ? kstrtouint+0x7b/0xc0 [ 47.780977][ T3969] audit_seccomp+0x62/0x100 [ 47.781000][ T3969] __seccomp_filter+0x694/0x10e0 [ 47.781021][ T3969] ? vfs_write+0x669/0x950 [ 47.781041][ T3969] ? putname+0xe1/0x100 [ 47.781097][ T3969] __secure_computing+0x7e/0x150 [ 47.781120][ T3969] syscall_trace_enter+0xcf/0x1f0 [ 47.781237][ T3969] ? fpregs_assert_state_consistent+0x83/0xa0 [ 47.781310][ T3969] do_syscall_64+0xaa/0x1a0 [ 47.781340][ T3969] ? clear_bhb_loop+0x25/0x80 [ 47.781360][ T3969] ? clear_bhb_loop+0x25/0x80 [ 47.781379][ T3969] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 47.781513][ T3969] RIP: 0033:0x7f348f8ce169 [ 47.781529][ T3969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 47.781549][ T3969] RSP: 002b:00007f348df37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000008 [ 47.781645][ T3969] RAX: ffffffffffffffda RBX: 00007f348faf5fa0 RCX: 00007f348f8ce169 [ 47.781656][ T3969] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000006 [ 47.781668][ T3969] RBP: 00007f348df37090 R08: 0000000000000000 R09: 0000000000000000 [ 47.781681][ T3969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 47.781695][ T3969] R13: 0000000000000000 R14: 00007f348faf5fa0 R15: 00007ffddc7226a8 [ 47.781715][ T3969] [ 48.025772][ T3979] netlink: 'syz.2.162': attribute type 1 has an invalid length. [ 48.042830][ T3979] FAULT_INJECTION: forcing a failure. [ 48.042830][ T3979] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 48.056045][ T3979] CPU: 1 UID: 0 PID: 3979 Comm: +}[@ Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 48.056085][ T3979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 48.056106][ T3979] Call Trace: [ 48.056112][ T3979] [ 48.056119][ T3979] dump_stack_lvl+0xf6/0x150 [ 48.056146][ T3979] dump_stack+0x15/0x1a [ 48.056163][ T3979] should_fail_ex+0x261/0x270 [ 48.056213][ T3979] should_fail+0xb/0x10 [ 48.056286][ T3979] should_fail_usercopy+0x1a/0x20 [ 48.056315][ T3979] _copy_from_iter+0xd8/0xd10 [ 48.056426][ T3979] ? kmalloc_reserve+0x16e/0x190 [ 48.056450][ T3979] ? __build_skb_around+0x199/0x1f0 [ 48.056474][ T3979] ? __alloc_skb+0x227/0x320 [ 48.056495][ T3979] ? __virt_addr_valid+0x1ed/0x250 [ 48.056532][ T3979] ? __check_object_size+0x367/0x510 [ 48.056571][ T3979] netlink_sendmsg+0x492/0x720 [ 48.056602][ T3979] ? __pfx_netlink_sendmsg+0x10/0x10 [ 48.056627][ T3979] __sock_sendmsg+0x140/0x180 [ 48.056663][ T3979] ____sys_sendmsg+0x350/0x4e0 [ 48.056800][ T3979] __sys_sendmsg+0x1a0/0x240 [ 48.056898][ T3979] __x64_sys_sendmsg+0x46/0x50 [ 48.056920][ T3979] x64_sys_call+0x26f3/0x2e10 [ 48.056941][ T3979] do_syscall_64+0xc9/0x1a0 [ 48.057037][ T3979] ? clear_bhb_loop+0x25/0x80 [ 48.057057][ T3979] ? clear_bhb_loop+0x25/0x80 [ 48.057078][ T3979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 48.057098][ T3979] RIP: 0033:0x7f348f8ce169 [ 48.057112][ T3979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 48.057166][ T3979] RSP: 002b:00007f348df37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 48.057184][ T3979] RAX: ffffffffffffffda RBX: 00007f348faf5fa0 RCX: 00007f348f8ce169 [ 48.057195][ T3979] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000f [ 48.057213][ T3979] RBP: 00007f348df37090 R08: 0000000000000000 R09: 0000000000000000 [ 48.057224][ T3979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 48.057235][ T3979] R13: 0000000000000000 R14: 00007f348faf5fa0 R15: 00007ffddc7226a8 [ 48.057296][ T3979] [ 48.366860][ T3990] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3990 comm=syz.2.166 [ 48.608774][ T4003] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 48.835107][ T4010] loop1: detected capacity change from 0 to 256 [ 48.915783][ T4012] FAULT_INJECTION: forcing a failure. [ 48.915783][ T4012] name failslab, interval 1, probability 0, space 0, times 0 [ 48.928501][ T4012] CPU: 1 UID: 0 PID: 4012 Comm: syz.0.174 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 48.928533][ T4012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 48.928548][ T4012] Call Trace: [ 48.928556][ T4012] [ 48.928566][ T4012] dump_stack_lvl+0xf6/0x150 [ 48.928593][ T4012] dump_stack+0x15/0x1a [ 48.928653][ T4012] should_fail_ex+0x261/0x270 [ 48.928680][ T4012] should_failslab+0x8f/0xb0 [ 48.928701][ T4012] kmem_cache_alloc_lru_noprof+0x5e/0x330 [ 48.928759][ T4012] ? __d_alloc+0x3d/0x350 [ 48.928784][ T4012] __d_alloc+0x3d/0x350 [ 48.928805][ T4012] ? mpol_shared_policy_init+0xd2/0x510 [ 48.928879][ T4012] d_alloc_pseudo+0x1e/0x80 [ 48.928910][ T4012] alloc_file_pseudo+0x75/0x160 [ 48.928942][ T4012] __shmem_file_setup+0x1bb/0x1f0 [ 48.928971][ T4012] shmem_file_setup+0x3b/0x50 [ 48.929077][ T4012] __se_sys_memfd_create+0x2e1/0x5a0 [ 48.929119][ T4012] __x64_sys_memfd_create+0x31/0x40 [ 48.929221][ T4012] x64_sys_call+0x1163/0x2e10 [ 48.929243][ T4012] do_syscall_64+0xc9/0x1a0 [ 48.929269][ T4012] ? clear_bhb_loop+0x25/0x80 [ 48.929349][ T4012] ? clear_bhb_loop+0x25/0x80 [ 48.929376][ T4012] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 48.929402][ T4012] RIP: 0033:0x7f318deee169 [ 48.929419][ T4012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 48.929435][ T4012] RSP: 002b:00007f318c556e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 48.929452][ T4012] RAX: ffffffffffffffda RBX: 000000000000046f RCX: 00007f318deee169 [ 48.929463][ T4012] RDX: 00007f318c556ef0 RSI: 0000000000000000 RDI: 00007f318df71404 [ 48.929522][ T4012] RBP: 0000200000000580 R08: 00007f318c556bb7 R09: 00007f318c556e40 [ 48.929536][ T4012] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000480 [ 48.929550][ T4012] R13: 00007f318c556ef0 R14: 00007f318c556eb0 R15: 0000200000000b80 [ 48.929573][ T4012] [ 49.128929][ T4003] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.207401][ T4003] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.248844][ T4018] netlink: 'syz.0.177': attribute type 10 has an invalid length. [ 49.260198][ T4018] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.261242][ T4021] loop3: detected capacity change from 0 to 2048 [ 49.271970][ T4018] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 49.284222][ T4003] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.294637][ T4021] /dev/loop3: Can't open blockdev [ 49.472988][ T4036] loop1: detected capacity change from 0 to 512 [ 49.576748][ T4036] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.630580][ T4036] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 49.751524][ T4047] siw: device registration error -23 [ 49.864684][ T4003] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.953234][ T4003] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.008352][ T4003] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.071898][ T4003] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.200175][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.366168][ T4063] futex_wake_op: syz.1.190 tries to shift op by -1; fix this program [ 50.502386][ T4068] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=3968 sclass=netlink_audit_socket pid=4068 comm=syz.2.192 [ 50.619648][ T4068] loop2: detected capacity change from 0 to 512 [ 50.673282][ T4068] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 50.750757][ T4068] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 50.802748][ T4078] loop1: detected capacity change from 0 to 2048 [ 50.834438][ T4068] EXT4-fs (loop2): 1 truncate cleaned up [ 50.885179][ T4078] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 50.897759][ T4068] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 51.012104][ T4078] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 51.106210][ T4088] loop4: detected capacity change from 0 to 512 [ 51.210485][ T4088] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 51.242022][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.263517][ T4088] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 51.561808][ T4091] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 345: padding at end of block bitmap is not set [ 51.587445][ T4098] __nla_validate_parse: 12 callbacks suppressed [ 51.587465][ T4098] netlink: 4 bytes leftover after parsing attributes in process `syz.2.203'. [ 51.610877][ T4091] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 240 with error 117 [ 51.623530][ T4091] EXT4-fs (loop1): This should not happen!! Data will be lost [ 51.623530][ T4091] [ 51.633957][ T4098] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 51.641427][ T4098] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 51.695192][ T4098] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 51.702724][ T4098] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 51.712566][ T29] kauditd_printk_skb: 209 callbacks suppressed [ 51.712583][ T29] audit: type=1400 audit(1745377811.326:760): avc: denied { append } for pid=4100 comm="syz.0.204" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 51.754370][ T4101] FAULT_INJECTION: forcing a failure. [ 51.754370][ T4101] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 51.767554][ T4101] CPU: 0 UID: 0 PID: 4101 Comm: syz.0.204 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 51.767580][ T4101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 51.767593][ T4101] Call Trace: [ 51.767601][ T4101] [ 51.767610][ T4101] dump_stack_lvl+0xf6/0x150 [ 51.767640][ T4101] dump_stack+0x15/0x1a [ 51.767661][ T4101] should_fail_ex+0x261/0x270 [ 51.767692][ T4101] should_fail+0xb/0x10 [ 51.767728][ T4101] should_fail_usercopy+0x1a/0x20 [ 51.767758][ T4101] _copy_from_user+0x1c/0xa0 [ 51.767834][ T4101] copy_msghdr_from_user+0x54/0x2b0 [ 51.767864][ T4101] ? __fget_files+0x186/0x1c0 [ 51.767965][ T4101] __sys_sendmsg+0x141/0x240 [ 51.768106][ T4101] __x64_sys_sendmsg+0x46/0x50 [ 51.768132][ T4101] x64_sys_call+0x26f3/0x2e10 [ 51.768160][ T4101] do_syscall_64+0xc9/0x1a0 [ 51.768192][ T4101] ? clear_bhb_loop+0x25/0x80 [ 51.768219][ T4101] ? clear_bhb_loop+0x25/0x80 [ 51.768313][ T4101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.768340][ T4101] RIP: 0033:0x7f318deee169 [ 51.768408][ T4101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.768431][ T4101] RSP: 002b:00007f318c557038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 51.768453][ T4101] RAX: ffffffffffffffda RBX: 00007f318e115fa0 RCX: 00007f318deee169 [ 51.768468][ T4101] RDX: 0000000020004804 RSI: 0000200000006040 RDI: 0000000000000005 [ 51.768479][ T4101] RBP: 00007f318c557090 R08: 0000000000000000 R09: 0000000000000000 [ 51.768490][ T4101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.768551][ T4101] R13: 0000000000000000 R14: 00007f318e115fa0 R15: 00007ffed26bba78 [ 51.768574][ T4101] [ 51.953182][ T1731] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 256 with max blocks 2044 with error 117 [ 51.966123][ T1731] EXT4-fs (loop1): This should not happen!! Data will be lost [ 51.966123][ T1731] [ 51.992475][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.025366][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.087505][ T4115] FAULT_INJECTION: forcing a failure. [ 52.087505][ T4115] name failslab, interval 1, probability 0, space 0, times 0 [ 52.100282][ T4115] CPU: 1 UID: 0 PID: 4115 Comm: syz.4.211 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 52.100356][ T4115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 52.100435][ T4115] Call Trace: [ 52.100442][ T4115] [ 52.100450][ T4115] dump_stack_lvl+0xf6/0x150 [ 52.100477][ T4115] dump_stack+0x15/0x1a [ 52.100496][ T4115] should_fail_ex+0x261/0x270 [ 52.100599][ T4115] should_failslab+0x8f/0xb0 [ 52.100626][ T4115] kmem_cache_alloc_noprof+0x59/0x340 [ 52.100655][ T4115] ? skb_clone+0x154/0x1f0 [ 52.100679][ T4115] skb_clone+0x154/0x1f0 [ 52.100700][ T4115] pfkey_sendmsg+0x2e9/0x950 [ 52.100768][ T4115] ? selinux_socket_sendmsg+0x18a/0x1c0 [ 52.100806][ T4115] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 52.100833][ T4115] __sock_sendmsg+0x140/0x180 [ 52.100887][ T4115] ____sys_sendmsg+0x350/0x4e0 [ 52.100920][ T4115] __sys_sendmmsg+0x22a/0x4b0 [ 52.101010][ T4115] __x64_sys_sendmmsg+0x57/0x70 [ 52.101058][ T4115] x64_sys_call+0x2b53/0x2e10 [ 52.101085][ T4115] do_syscall_64+0xc9/0x1a0 [ 52.101176][ T4115] ? clear_bhb_loop+0x25/0x80 [ 52.101201][ T4115] ? clear_bhb_loop+0x25/0x80 [ 52.101227][ T4115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 52.101252][ T4115] RIP: 0033:0x7f16cddde169 [ 52.101302][ T4115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 52.101318][ T4115] RSP: 002b:00007f16cc447038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 52.101335][ T4115] RAX: ffffffffffffffda RBX: 00007f16ce005fa0 RCX: 00007f16cddde169 [ 52.101349][ T4115] RDX: 000000000400008a RSI: 0000200000000180 RDI: 0000000000000003 [ 52.101363][ T4115] RBP: 00007f16cc447090 R08: 0000000000000000 R09: 0000000000000000 [ 52.101384][ T4115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 52.101398][ T4115] R13: 0000000000000000 R14: 00007f16ce005fa0 R15: 00007ffcd2832778 [ 52.101419][ T4115] [ 52.361912][ T4119] loop1: detected capacity change from 0 to 2048 [ 52.444199][ T29] audit: type=1400 audit(1745377812.056:761): avc: denied { getopt } for pid=4122 comm="syz.4.215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 52.490968][ T4119] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.525990][ T4119] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 52.539789][ T29] audit: type=1400 audit(1745377812.096:762): avc: denied { getopt } for pid=4122 comm="syz.4.215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 52.575738][ T4128] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 52.615893][ T4132] netlink: 8 bytes leftover after parsing attributes in process `syz.0.216'. [ 52.624862][ T4132] netlink: 24 bytes leftover after parsing attributes in process `syz.0.216'. [ 52.667726][ T4128] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 52.702884][ T29] audit: type=1400 audit(1745377812.316:763): avc: denied { read } for pid=3042 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 52.729766][ T29] audit: type=1400 audit(1745377812.336:764): avc: denied { search } for pid=3042 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 52.777304][ T4136] loop3: detected capacity change from 0 to 512 [ 52.780121][ T4128] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 52.795189][ T29] audit: type=1400 audit(1745377812.336:765): avc: denied { read } for pid=3042 comm="dhcpcd" name="n27" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 52.817014][ T29] audit: type=1400 audit(1745377812.336:766): avc: denied { open } for pid=3042 comm="dhcpcd" path="/run/udev/data/n27" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 52.832117][ T4136] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 52.840161][ T29] audit: type=1400 audit(1745377812.336:767): avc: denied { getattr } for pid=3042 comm="dhcpcd" path="/run/udev/data/n27" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 52.868232][ T4136] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 52.912521][ T4135] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 345: padding at end of block bitmap is not set [ 52.927542][ T4135] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 240 with error 117 [ 52.930903][ T4128] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 52.940103][ T4135] EXT4-fs (loop1): This should not happen!! Data will be lost [ 52.940103][ T4135] [ 52.950199][ T37] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 256 with max blocks 2048 with error 117 [ 52.972941][ T37] EXT4-fs (loop1): This should not happen!! Data will be lost [ 52.972941][ T37] [ 53.001776][ T29] audit: type=1326 audit(1745377812.616:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4133 comm="syz.3.217" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0ac331e169 code=0x0 [ 53.032218][ T37] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2305 with max blocks 1800 with error 28 [ 53.045016][ T37] EXT4-fs (loop1): This should not happen!! Data will be lost [ 53.045016][ T37] [ 53.054781][ T37] EXT4-fs (loop1): Total free blocks count 0 [ 53.060963][ T37] EXT4-fs (loop1): Free/Dirty block details [ 53.066885][ T37] EXT4-fs (loop1): free_blocks=0 [ 53.074400][ T29] audit: type=1400 audit(1745377812.646:769): avc: denied { read } for pid=4147 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=415 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 53.105382][ T4128] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.117883][ T4128] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.130089][ T4128] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.155065][ T4128] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.235821][ T4167] netlink: 256 bytes leftover after parsing attributes in process `syz.0.220'. [ 53.245008][ T4167] netlink: 72 bytes leftover after parsing attributes in process `syz.0.220'. [ 53.338988][ T4180] netlink: 76 bytes leftover after parsing attributes in process `syz.4.223'. [ 53.348094][ T4180] netlink: 76 bytes leftover after parsing attributes in process `syz.4.223'. [ 53.357094][ T4180] netlink: 76 bytes leftover after parsing attributes in process `syz.4.223'. [ 53.374556][ T4180] netlink: 76 bytes leftover after parsing attributes in process `syz.4.223'. [ 53.383522][ T4180] netlink: 76 bytes leftover after parsing attributes in process `syz.4.223'. [ 53.431271][ T4188] loop4: detected capacity change from 0 to 2048 [ 53.437964][ T4188] /dev/loop4: Can't open blockdev [ 53.494378][ T4192] loop4: detected capacity change from 0 to 512 [ 53.530001][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.543042][ T4192] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.556425][ T4192] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 53.573005][ T4192] FAULT_INJECTION: forcing a failure. [ 53.573005][ T4192] name failslab, interval 1, probability 0, space 0, times 0 [ 53.585744][ T4192] CPU: 1 UID: 0 PID: 4192 Comm: syz.4.226 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 53.585775][ T4192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 53.585788][ T4192] Call Trace: [ 53.585795][ T4192] [ 53.585805][ T4192] dump_stack_lvl+0xf6/0x150 [ 53.585831][ T4192] dump_stack+0x15/0x1a [ 53.585847][ T4192] should_fail_ex+0x261/0x270 [ 53.585971][ T4192] should_failslab+0x8f/0xb0 [ 53.585996][ T4192] __kmalloc_noprof+0xad/0x410 [ 53.586022][ T4192] ? find_next_id+0x3f/0x540 [ 53.586049][ T4192] find_next_id+0x3f/0x540 [ 53.586095][ T4192] ? __brelse+0x30/0x60 [ 53.586131][ T4192] ? ext4_quota_read+0x1ab/0x1d0 [ 53.586162][ T4192] find_next_id+0x429/0x540 [ 53.586194][ T4192] qtree_get_next_id+0x58/0x120 [ 53.586289][ T4192] v2_get_next_id+0x82/0xc0 [ 53.586317][ T4192] ? __pfx_v2_get_next_id+0x10/0x10 [ 53.586376][ T4192] dquot_get_next_id+0xac/0xe0 [ 53.586402][ T4192] dquot_get_next_dqblk+0x43/0x210 [ 53.586426][ T4192] quota_getnextquota+0x185/0x2f0 [ 53.586454][ T4192] ? selinux_capable+0x1f9/0x260 [ 53.586537][ T4192] do_quotactl+0x3d2/0x6d0 [ 53.586570][ T4192] __se_sys_quotactl+0x1f1/0x650 [ 53.586625][ T4192] __x64_sys_quotactl+0x55/0x70 [ 53.586657][ T4192] x64_sys_call+0x265d/0x2e10 [ 53.586758][ T4192] do_syscall_64+0xc9/0x1a0 [ 53.586841][ T4192] ? clear_bhb_loop+0x25/0x80 [ 53.586875][ T4192] ? clear_bhb_loop+0x25/0x80 [ 53.586902][ T4192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.586978][ T4192] RIP: 0033:0x7f16cddde169 [ 53.586993][ T4192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 53.587009][ T4192] RSP: 002b:00007f16cc447038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3 [ 53.587026][ T4192] RAX: ffffffffffffffda RBX: 00007f16ce005fa0 RCX: 00007f16cddde169 [ 53.587037][ T4192] RDX: 0000000000000000 RSI: 0000200000000400 RDI: ffffffff80000900 [ 53.587100][ T4192] RBP: 00007f16cc447090 R08: 0000000000000000 R09: 0000000000000000 [ 53.587114][ T4192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.587128][ T4192] R13: 0000000000000000 R14: 00007f16ce005fa0 R15: 00007ffcd2832778 [ 53.587149][ T4192] [ 53.870291][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.053066][ T4218] loop3: detected capacity change from 0 to 2048 [ 54.054969][ T4218] /dev/loop3: Can't open blockdev [ 54.134628][ T4228] unsupported nla_type 65024 [ 54.451865][ T4252] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 54.451950][ T4252] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 54.470103][ T4252] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 54.470181][ T4252] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 54.623954][ T4267] FAULT_INJECTION: forcing a failure. [ 54.623954][ T4267] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 54.623988][ T4267] CPU: 1 UID: 0 PID: 4267 Comm: syz.2.256 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 54.624083][ T4267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 54.624099][ T4267] Call Trace: [ 54.624106][ T4267] [ 54.624115][ T4267] dump_stack_lvl+0xf6/0x150 [ 54.624183][ T4267] dump_stack+0x15/0x1a [ 54.624203][ T4267] should_fail_ex+0x261/0x270 [ 54.624235][ T4267] should_fail+0xb/0x10 [ 54.624304][ T4267] should_fail_usercopy+0x1a/0x20 [ 54.624378][ T4267] _copy_from_user+0x1c/0xa0 [ 54.624416][ T4267] copy_msghdr_from_user+0x54/0x2b0 [ 54.624456][ T4267] ? __fget_files+0x186/0x1c0 [ 54.624553][ T4267] __sys_sendmsg+0x141/0x240 [ 54.624600][ T4267] __x64_sys_sendmsg+0x46/0x50 [ 54.624707][ T4267] x64_sys_call+0x26f3/0x2e10 [ 54.624728][ T4267] do_syscall_64+0xc9/0x1a0 [ 54.624759][ T4267] ? clear_bhb_loop+0x25/0x80 [ 54.624823][ T4267] ? clear_bhb_loop+0x25/0x80 [ 54.624848][ T4267] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.624870][ T4267] RIP: 0033:0x7f348f8ce169 [ 54.624888][ T4267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.624909][ T4267] RSP: 002b:00007f348df37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 54.624932][ T4267] RAX: ffffffffffffffda RBX: 00007f348faf5fa0 RCX: 00007f348f8ce169 [ 54.624947][ T4267] RDX: 0000000020004804 RSI: 0000200000006040 RDI: 0000000000000004 [ 54.625009][ T4267] RBP: 00007f348df37090 R08: 0000000000000000 R09: 0000000000000000 [ 54.625024][ T4267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.625038][ T4267] R13: 0000000000000000 R14: 00007f348faf5fa0 R15: 00007ffddc7226a8 [ 54.625060][ T4267] [ 54.798414][ T4282] netlink: 'syz.2.261': attribute type 1 has an invalid length. [ 55.000344][ T4305] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 55.085175][ T4312] FAULT_INJECTION: forcing a failure. [ 55.085175][ T4312] name failslab, interval 1, probability 0, space 0, times 0 [ 55.097971][ T4312] CPU: 1 UID: 0 PID: 4312 Comm: syz.0.272 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 55.098103][ T4312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 55.098114][ T4312] Call Trace: [ 55.098119][ T4312] [ 55.098127][ T4312] dump_stack_lvl+0xf6/0x150 [ 55.098155][ T4312] dump_stack+0x15/0x1a [ 55.098174][ T4312] should_fail_ex+0x261/0x270 [ 55.098212][ T4312] should_failslab+0x8f/0xb0 [ 55.098243][ T4312] kmem_cache_alloc_node_noprof+0x5c/0x340 [ 55.098380][ T4312] ? __alloc_skb+0x10d/0x320 [ 55.098409][ T4312] __alloc_skb+0x10d/0x320 [ 55.098431][ T4312] netlink_alloc_large_skb+0xad/0xe0 [ 55.098535][ T4312] netlink_sendmsg+0x3da/0x720 [ 55.098621][ T4312] ? __pfx_netlink_sendmsg+0x10/0x10 [ 55.098640][ T4312] __sock_sendmsg+0x140/0x180 [ 55.098668][ T4312] ____sys_sendmsg+0x350/0x4e0 [ 55.098764][ T4312] __sys_sendmsg+0x1a0/0x240 [ 55.098807][ T4312] __x64_sys_sendmsg+0x46/0x50 [ 55.098831][ T4312] x64_sys_call+0x26f3/0x2e10 [ 55.098913][ T4312] do_syscall_64+0xc9/0x1a0 [ 55.098936][ T4312] ? clear_bhb_loop+0x25/0x80 [ 55.098956][ T4312] ? clear_bhb_loop+0x25/0x80 [ 55.098979][ T4312] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.099004][ T4312] RIP: 0033:0x7f318deee169 [ 55.099022][ T4312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 55.099084][ T4312] RSP: 002b:00007f318c557038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 55.099103][ T4312] RAX: ffffffffffffffda RBX: 00007f318e115fa0 RCX: 00007f318deee169 [ 55.099134][ T4312] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000006 [ 55.099148][ T4312] RBP: 00007f318c557090 R08: 0000000000000000 R09: 0000000000000000 [ 55.099162][ T4312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 55.099176][ T4312] R13: 0000000000000000 R14: 00007f318e115fa0 R15: 00007ffed26bba78 [ 55.099198][ T4312] [ 55.356415][ T4329] loop3: detected capacity change from 0 to 128 [ 55.371801][ T4329] FAT-fs (loop3): Directory bread(block 162) failed [ 55.379134][ T4321] FAULT_INJECTION: forcing a failure. [ 55.379134][ T4321] name failslab, interval 1, probability 0, space 0, times 0 [ 55.386106][ T4329] FAT-fs (loop3): Directory bread(block 163) failed [ 55.391900][ T4321] CPU: 0 UID: 0 PID: 4321 Comm: syz.2.275 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 55.391934][ T4321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 55.391948][ T4321] Call Trace: [ 55.391960][ T4321] [ 55.391969][ T4321] dump_stack_lvl+0xf6/0x150 [ 55.392025][ T4321] dump_stack+0x15/0x1a [ 55.392044][ T4321] should_fail_ex+0x261/0x270 [ 55.392076][ T4321] should_failslab+0x8f/0xb0 [ 55.392169][ T4321] kmem_cache_alloc_node_noprof+0x5c/0x340 [ 55.392207][ T4321] ? __alloc_skb+0x10d/0x320 [ 55.392232][ T4321] __alloc_skb+0x10d/0x320 [ 55.392326][ T4321] ? audit_log_start+0x37f/0x6e0 [ 55.392419][ T4321] audit_log_start+0x39a/0x6e0 [ 55.392527][ T4321] audit_seccomp+0x49/0x100 [ 55.392560][ T4321] __seccomp_filter+0x694/0x10e0 [ 55.392586][ T4321] ? __rcu_read_unlock+0x4e/0x70 [ 55.392622][ T4321] ? kmem_cache_free+0xe4/0x2e0 [ 55.392656][ T4321] ? putname+0xe1/0x100 [ 55.392720][ T4321] __secure_computing+0x7e/0x150 [ 55.392746][ T4321] syscall_trace_enter+0xcf/0x1f0 [ 55.392776][ T4321] do_syscall_64+0xaa/0x1a0 [ 55.392809][ T4321] ? clear_bhb_loop+0x25/0x80 [ 55.392835][ T4321] ? clear_bhb_loop+0x25/0x80 [ 55.392865][ T4321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.392892][ T4321] RIP: 0033:0x7f348f8ccb7c [ 55.392911][ T4321] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 55.392932][ T4321] RSP: 002b:00007f348df37030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 55.392955][ T4321] RAX: ffffffffffffffda RBX: 00007f348faf5fa0 RCX: 00007f348f8ccb7c [ 55.392970][ T4321] RDX: 000000000000000f RSI: 00007f348df370a0 RDI: 0000000000000008 [ 55.392985][ T4321] RBP: 00007f348df37090 R08: 0000000000000000 R09: 0000000000000000 [ 55.393027][ T4321] R10: 00000000000000cc R11: 0000000000000246 R12: 0000000000000002 [ 55.393041][ T4321] R13: 0000000000000000 R14: 00007f348faf5fa0 R15: 00007ffddc7226a8 [ 55.393065][ T4321] [ 55.600554][ T4329] FAT-fs (loop3): Directory bread(block 164) failed [ 55.607192][ T4329] FAT-fs (loop3): Directory bread(block 165) failed [ 55.614201][ T4329] FAT-fs (loop3): Directory bread(block 166) failed [ 55.620928][ T4329] FAT-fs (loop3): Directory bread(block 167) failed [ 55.627640][ T4329] FAT-fs (loop3): Directory bread(block 168) failed [ 55.634312][ T4329] FAT-fs (loop3): Directory bread(block 169) failed [ 55.643662][ T4329] FAT-fs (loop3): Directory bread(block 162) failed [ 55.650351][ T4329] FAT-fs (loop3): Directory bread(block 163) failed [ 55.657525][ T4329] syz.3.279: attempt to access beyond end of device [ 55.657525][ T4329] loop3: rw=3, sector=226, nr_sectors = 6 limit=128 [ 55.670831][ T4329] syz.3.279: attempt to access beyond end of device [ 55.670831][ T4329] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 55.689690][ T4329] syz.3.279: attempt to access beyond end of device [ 55.689690][ T4329] loop3: rw=3, sector=234, nr_sectors = 6 limit=128 [ 55.702890][ T4329] syz.3.279: attempt to access beyond end of device [ 55.702890][ T4329] loop3: rw=2051, sector=240, nr_sectors = 2 limit=128 [ 55.752377][ T4353] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 55.776270][ T4353] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 55.805300][ T4357] loop3: detected capacity change from 0 to 512 [ 55.812701][ T4357] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 55.835189][ T4357] EXT4-fs (loop3): 1 truncate cleaned up [ 55.844446][ T4357] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.860013][ T4357] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.290: invalid indirect mapped block 6 (level 1) [ 55.909175][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.337497][ T4375] __nla_validate_parse: 53 callbacks suppressed [ 57.337515][ T4375] netlink: 44 bytes leftover after parsing attributes in process `syz.0.295'. [ 57.371210][ T4375] netlink: 12 bytes leftover after parsing attributes in process `syz.0.295'. [ 57.380134][ T4375] netlink: 8 bytes leftover after parsing attributes in process `syz.0.295'. [ 57.566075][ T29] kauditd_printk_skb: 32 callbacks suppressed [ 57.566102][ T29] audit: type=1400 audit(1745377817.176:800): avc: denied { bind } for pid=4380 comm="syz.2.297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 57.626530][ T29] audit: type=1326 audit(1745377817.206:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4376 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f318deee169 code=0x7fc00000 [ 57.931378][ T29] audit: type=1400 audit(1745377817.426:802): avc: denied { create } for pid=4372 comm="syz.3.292" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 58.191239][ T29] audit: type=1400 audit(1745377817.776:803): avc: denied { setopt } for pid=4390 comm="syz.1.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 58.211121][ T29] audit: type=1400 audit(1745377817.776:804): avc: denied { connect } for pid=4390 comm="syz.1.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 58.231005][ T29] audit: type=1400 audit(1745377817.776:805): avc: denied { write } for pid=4390 comm="syz.1.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 58.265835][ T4398] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 58.274474][ T4398] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 58.286000][ T29] audit: type=1326 audit(1745377817.876:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4376 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f318de8a359 code=0x7fc00000 [ 58.396939][ T4406] loop0: detected capacity change from 0 to 512 [ 58.409367][ T4406] loop0: detected capacity change from 0 to 512 [ 58.456110][ T4406] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 58.464208][ T4406] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 58.473464][ T4406] System zones: 0-1, 15-15, 18-18, 34-34 [ 58.479438][ T4406] EXT4-fs (loop0): orphan cleanup on readonly fs [ 58.486029][ T4406] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 58.495580][ T4406] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 58.510202][ T4406] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 58.518250][ T4406] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.306: bg 0: block 40: padding at end of block bitmap is not set [ 58.532717][ T4406] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 58.541820][ T4406] EXT4-fs (loop0): 1 truncate cleaned up [ 58.547849][ T4406] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 58.565321][ T29] audit: type=1400 audit(1745377818.176:807): avc: denied { remount } for pid=4405 comm="syz.0.306" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 58.586615][ T4406] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 58.594588][ T4406] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 58.632078][ T29] audit: type=1400 audit(1745377818.236:808): avc: denied { getopt } for pid=4412 comm="syz.2.308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 58.716345][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.135164][ T4444] loop2: detected capacity change from 0 to 512 [ 59.153459][ T4444] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 59.179507][ T4444] EXT4-fs (loop2): 1 truncate cleaned up [ 59.193125][ T4444] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.243674][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.325403][ T4451] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.356110][ T4451] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.612240][ T4461] netlink: 8 bytes leftover after parsing attributes in process `syz.1.325'. [ 60.108648][ T4473] loop0: detected capacity change from 0 to 512 [ 60.155690][ T4473] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 60.339841][ T4473] EXT4-fs (loop0): 1 truncate cleaned up [ 60.348829][ T4473] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 60.387175][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.999972][ T4481] loop2: detected capacity change from 0 to 256 [ 61.156427][ T4483] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 61.179264][ T4483] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 62.974091][ T29] kauditd_printk_skb: 18 callbacks suppressed [ 62.974121][ T29] audit: type=1400 audit(1745377822.216:827): avc: denied { bind } for pid=4508 comm="syz.4.341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 63.000235][ T29] audit: type=1400 audit(1745377822.216:828): avc: denied { connect } for pid=4508 comm="syz.4.341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 63.415745][ T4518] loop2: detected capacity change from 0 to 512 [ 63.438432][ T4520] capability: warning: `syz.4.345' uses deprecated v2 capabilities in a way that may be insecure [ 63.450008][ T4518] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 63.500361][ T4518] EXT4-fs (loop2): 1 truncate cleaned up [ 63.526990][ T4518] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.549435][ T4526] loop4: detected capacity change from 0 to 2048 [ 63.625547][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.651637][ T4526] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #2: comm syz.4.347: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 63.677143][ T4526] EXT4-fs (loop4): get root inode failed [ 63.682872][ T4526] EXT4-fs (loop4): mount failed [ 63.698016][ T29] audit: type=1400 audit(1745377823.306:829): avc: denied { mount } for pid=4523 comm="syz.3.346" name="/" dev="rpc_pipefs" ino=7958 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1 [ 63.761712][ T29] audit: type=1400 audit(1745377823.356:830): avc: denied { unmount } for pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1 [ 63.797107][ T4547] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 63.807484][ T4547] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 63.841983][ T4554] netlink: 4 bytes leftover after parsing attributes in process `syz.0.359'. [ 63.924891][ T4562] loop0: detected capacity change from 0 to 256 [ 63.959569][ T4562] FAT-fs (loop0): codepage cp857 not found [ 64.723690][ T4583] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 64.776013][ T4587] loop4: detected capacity change from 0 to 1024 [ 64.788871][ T4587] EXT4-fs: Ignoring removed oldalloc option [ 64.798116][ T4587] EXT4-fs: Ignoring removed orlov option [ 64.809566][ T4587] EXT4-fs (loop4): stripe (1570) is not aligned with cluster size (16), stripe is disabled [ 64.952094][ T4587] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.990708][ T29] audit: type=1400 audit(1745377824.596:831): avc: denied { read write open } for pid=4586 comm="syz.4.370" path="/72/file2/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 65.274099][ T29] audit: type=1400 audit(1745377824.876:832): avc: denied { bind } for pid=4595 comm="syz.2.373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 65.345185][ T4610] loop3: detected capacity change from 0 to 1024 [ 66.074238][ T4610] EXT4-fs (loop3): Number of reserved GDT blocks insanely large: 37376 [ 66.368880][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.281940][ T4651] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 67.300622][ T4651] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 67.653321][ T4654] loop4: detected capacity change from 0 to 256 [ 67.682580][ T4654] FAT-fs (loop4): IO charset cp866 not found [ 67.731378][ T4661] netlink: 8 bytes leftover after parsing attributes in process `syz.1.395'. [ 67.767832][ T29] audit: type=1400 audit(1745377827.376:833): avc: denied { execute } for pid=4656 comm="syz.0.394" name="file0" dev="tmpfs" ino=512 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 67.767867][ T4657] process 'syz.0.394' launched './file0' with NULL argv: empty string added [ 67.799757][ T29] audit: type=1400 audit(1745377827.416:834): avc: denied { execute_no_trans } for pid=4656 comm="syz.0.394" path="/95/file0" dev="tmpfs" ino=512 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 67.915462][ T29] audit: type=1400 audit(1745377827.526:835): avc: denied { map } for pid=4670 comm="syz.2.399" path="socket:[8178]" dev="sockfs" ino=8178 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 67.939106][ T29] audit: type=1400 audit(1745377827.526:836): avc: denied { read accept } for pid=4670 comm="syz.2.399" path="socket:[8178]" dev="sockfs" ino=8178 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 68.093938][ T4679] loop3: detected capacity change from 0 to 1024 [ 68.122138][ T4679] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.145322][ T4679] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 68.232045][ T29] audit: type=1400 audit(1745377827.846:837): avc: denied { append } for pid=4678 comm="syz.3.403" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 68.232412][ T4679] EXT4-fs (loop3): shut down requested (1) [ 68.334190][ T4685] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 68.841629][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.114787][ T4705] loop2: detected capacity change from 0 to 1024 [ 69.131071][ T4705] EXT4-fs: Ignoring removed nomblk_io_submit option [ 69.253290][ T4705] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 69.301457][ T29] audit: type=1400 audit(1745377828.916:838): avc: denied { append } for pid=4704 comm="syz.2.411" path="/79/file2/blkio.bfq.idle_time" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 69.340929][ T4705] EXT4-fs (loop2): shut down requested (0) [ 69.384629][ T4705] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop2 ino=15 [ 69.409978][ T4705] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop2 ino=15 [ 69.428959][ T29] audit: type=1400 audit(1745377828.956:839): avc: denied { ioctl } for pid=4704 comm="syz.2.411" path="/79/file2/blkio.bfq.idle_time" dev="loop2" ino=18 ioctlcmd=0x587d scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 69.543989][ T29] audit: type=1400 audit(1745377829.086:840): avc: denied { rename } for pid=4704 comm="syz.2.411" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 70.084775][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.116882][ T4726] loop3: detected capacity change from 0 to 512 [ 70.131756][ T4725] netlink: 40 bytes leftover after parsing attributes in process `syz.1.414'. [ 70.160032][ T4726] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 70.180339][ T29] audit: type=1400 audit(1745377829.786:841): avc: denied { sqpoll } for pid=4727 comm="syz.2.416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 70.193210][ T4726] EXT4-fs (loop3): 1 truncate cleaned up [ 70.205536][ T4728] loop2: detected capacity change from 0 to 128 [ 70.215654][ T4726] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.316374][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.412071][ T4734] x_tables: ip6_tables: sctp match: only valid for protocol 132 [ 70.467862][ T29] audit: type=1400 audit(1745377830.036:842): avc: denied { read } for pid=4727 comm="syz.2.416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 70.645571][ T4740] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 71.234900][ T29] audit: type=1400 audit(1745377830.846:843): avc: denied { create } for pid=4742 comm="syz.1.423" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 71.254920][ T29] audit: type=1400 audit(1745377830.846:844): avc: denied { bind } for pid=4742 comm="syz.1.423" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 71.426677][ T4754] loop4: detected capacity change from 0 to 1024 [ 71.460841][ T4754] EXT4-fs: Ignoring removed nomblk_io_submit option [ 71.644853][ T4769] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 71.720163][ T4769] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 71.753086][ T29] audit: type=1400 audit(1745377831.096:845): avc: denied { mount } for pid=4742 comm="syz.1.423" name="/" dev="configfs" ino=1191 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 71.775785][ T29] audit: type=1400 audit(1745377831.096:846): avc: denied { setattr } for pid=4742 comm="syz.1.423" name="/" dev="configfs" ino=1191 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 71.801344][ T4754] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.825615][ T4754] EXT4-fs (loop4): shut down requested (0) [ 71.838520][ T4754] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=15 [ 71.847499][ T4754] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=15 [ 71.909808][ T4779] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 72.141714][ T4789] loop3: detected capacity change from 0 to 1024 [ 72.164939][ T4789] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.179585][ T4789] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.217620][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.410041][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.496875][ T4809] loop3: detected capacity change from 0 to 512 [ 72.510194][ T4809] EXT4-fs: Ignoring removed orlov option [ 72.546585][ T4816] loop4: detected capacity change from 0 to 1024 [ 72.555044][ T4809] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #2: block 3: comm syz.3.445: lblock 0 mapped to illegal pblock 3 (length 1) [ 72.571090][ T4809] EXT4-fs warning (device loop3): dx_probe:793: inode #2: lblock 0: comm syz.3.445: error -117 reading directory block [ 72.571980][ T4816] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.584176][ T4809] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 72.605467][ T4816] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.627906][ T4809] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.645568][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.020923][ T4831] EXT4-fs error (device loop3): __ext4_remount:6738: comm syz.3.445: Abort forced by user [ 73.031792][ T4831] EXT4-fs (loop3): Remounting filesystem read-only [ 73.038362][ T4831] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 73.363382][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.411417][ T4840] loop3: detected capacity change from 0 to 1024 [ 73.418534][ T4840] EXT4-fs: Ignoring removed nomblk_io_submit option [ 73.442359][ T4840] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.461255][ T4840] EXT4-fs (loop3): shut down requested (0) [ 73.531809][ T4847] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=15 [ 73.540813][ T4847] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=15 [ 73.581037][ T4852] loop0: detected capacity change from 0 to 512 [ 73.677931][ T4852] EXT4-fs (loop0): blocks per group (71) and clusters per group (20800) inconsistent [ 73.963562][ T4862] loop4: detected capacity change from 0 to 256 [ 73.999902][ T4862] FAT-fs (loop4): IO charset isme=low not found [ 74.286867][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 74.286885][ T29] audit: type=1400 audit(1745377833.866:848): avc: denied { unmount } for pid=3312 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 74.340007][ T4870] xt_TPROXY: Can be used only with -p tcp or -p udp [ 74.435475][ T4880] loop4: detected capacity change from 0 to 1024 [ 74.461193][ T4880] EXT4-fs: Ignoring removed orlov option [ 74.485664][ T4880] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 74.488541][ T4885] loop2: detected capacity change from 0 to 2048 [ 74.551254][ T4885] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.551379][ T4880] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.575117][ T29] audit: type=1400 audit(1745377834.186:849): avc: denied { create } for pid=4884 comm="syz.2.475" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 74.634103][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.693534][ T29] audit: type=1400 audit(1745377834.306:850): avc: denied { write } for pid=4898 comm="syz.2.477" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 74.732483][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.865613][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.999533][ T29] audit: type=1400 audit(1745377834.606:851): avc: denied { read } for pid=4919 comm="syz.4.486" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 75.010063][ T4916] siw: device registration error -23 [ 75.022463][ T29] audit: type=1400 audit(1745377834.606:852): avc: denied { open } for pid=4919 comm="syz.4.486" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 75.073649][ T4925] netlink: 28 bytes leftover after parsing attributes in process `syz.2.488'. [ 75.082712][ T4925] netlink: 12 bytes leftover after parsing attributes in process `syz.2.488'. [ 75.140727][ T4928] netlink: 'syz.2.489': attribute type 4 has an invalid length. [ 75.298005][ T4936] loop0: detected capacity change from 0 to 1024 [ 75.305088][ T4936] EXT4-fs: Ignoring removed nomblk_io_submit option [ 75.332458][ T4936] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.372854][ T4936] EXT4-fs (loop0): shut down requested (0) [ 75.563246][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.787957][ T4953] loop1: detected capacity change from 0 to 1024 [ 75.812628][ T4953] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.834606][ T4953] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 75.846620][ T4953] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 75.890523][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.953226][ T29] audit: type=1400 audit(1745377835.566:853): avc: denied { read } for pid=4958 comm="syz.2.503" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 76.191477][ T4968] loop1: detected capacity change from 0 to 1024 [ 76.210529][ T4968] EXT4-fs: Ignoring removed nomblk_io_submit option [ 76.243204][ T4968] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.250507][ T29] audit: type=1400 audit(1745377835.846:854): avc: denied { write } for pid=4964 comm="syz.4.505" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 76.278346][ T29] audit: type=1400 audit(1745377835.846:855): avc: denied { open } for pid=4964 comm="syz.4.505" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 76.301344][ T29] audit: type=1400 audit(1745377835.856:856): avc: denied { ioctl } for pid=4964 comm="syz.4.505" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x7438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 76.977142][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.058561][ T5010] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 77.090246][ T5006] netlink: 20 bytes leftover after parsing attributes in process `syz.1.518'. [ 77.891120][ T5033] loop3: detected capacity change from 0 to 128 [ 77.898693][ T5033] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 78.061053][ T29] audit: type=1400 audit(1745377837.666:857): avc: denied { execute_no_trans } for pid=5032 comm="syz.3.529" path=2F6D656D66643A202864656C6574656429 dev="hugetlbfs" ino=9175 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 78.192066][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 78.241676][ T5050] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.248936][ T5050] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.265907][ T5052] loop0: detected capacity change from 0 to 164 [ 78.788343][ T37] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 78.935854][ T5067] netlink: 12 bytes leftover after parsing attributes in process `syz.3.543'. [ 78.953449][ T5069] loop1: detected capacity change from 0 to 1024 [ 78.961299][ T5069] EXT4-fs: Ignoring removed nomblk_io_submit option [ 78.982880][ T5069] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.007011][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.029279][ T5073] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 79.038499][ T5073] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 79.190026][ T5082] loop4: detected capacity change from 0 to 1024 [ 79.218822][ T5082] EXT4-fs: Ignoring removed nomblk_io_submit option [ 79.383187][ T5082] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.463180][ T5082] EXT4-fs (loop4): shut down requested (0) [ 79.502341][ T5082] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 79.553845][ T5082] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 79.574913][ T29] audit: type=1400 audit(1745377839.186:858): avc: denied { rmdir } for pid=5081 comm="syz.4.551" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 79.618961][ T29] audit: type=1400 audit(1745377839.226:859): avc: denied { name_bind } for pid=5096 comm="syz.2.556" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 79.654207][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.699619][ T5104] loop0: detected capacity change from 0 to 1024 [ 79.748322][ T29] audit: type=1400 audit(1745377839.326:860): avc: denied { create } for pid=5101 comm="syz.2.557" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 79.767677][ T29] audit: type=1400 audit(1745377839.326:861): avc: denied { ioctl } for pid=5101 comm="syz.2.557" path="socket:[9836]" dev="sockfs" ino=9836 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 79.795820][ T5104] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 79.832949][ T5104] JBD2: no valid journal superblock found [ 79.838751][ T5104] EXT4-fs (loop0): Could not load journal inode [ 80.069052][ T5120] netlink: 368 bytes leftover after parsing attributes in process `syz.0.559'. [ 80.142932][ T5119] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 81.167779][ T5148] loop3: detected capacity change from 0 to 1024 [ 81.177735][ T5148] EXT4-fs: Ignoring removed nomblk_io_submit option [ 81.338111][ T5148] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.352284][ T5148] EXT4-fs (loop3): shut down requested (0) [ 81.360336][ T5148] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=15 [ 81.380579][ T5148] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=15 [ 81.515558][ T5170] netlink: 12 bytes leftover after parsing attributes in process `syz.4.580'. [ 81.636430][ T29] audit: type=1326 audit(1745377841.246:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5177 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16cddde169 code=0x7ffc0000 [ 81.660240][ T29] audit: type=1326 audit(1745377841.246:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5177 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16cddde169 code=0x7ffc0000 [ 81.982907][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.079628][ T5195] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 82.092941][ T29] audit: type=1326 audit(1745377841.316:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5177 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f16cddde169 code=0x7ffc0000 [ 82.116361][ T29] audit: type=1326 audit(1745377841.316:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5177 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16cddde169 code=0x7ffc0000 [ 82.139714][ T29] audit: type=1326 audit(1745377841.316:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5177 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16cddde169 code=0x7ffc0000 [ 82.169880][ T5195] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 82.417000][ T5214] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 82.437533][ T5214] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 82.475263][ T5216] loop4: detected capacity change from 0 to 1024 [ 82.509135][ T5216] EXT4-fs: Ignoring removed nomblk_io_submit option [ 82.553979][ T5216] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.582225][ T5216] EXT4-fs (loop4): shut down requested (0) [ 82.601562][ T5216] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=15 [ 82.621078][ T5216] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=15 [ 82.671642][ T5222] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 83.087539][ T5237] loop0: detected capacity change from 0 to 512 [ 83.140761][ T5237] EXT4-fs: Ignoring removed nobh option [ 83.190440][ T5237] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.603: invalid indirect mapped block 256 (level 2) [ 83.282957][ T5237] EXT4-fs (loop0): 2 truncates cleaned up [ 83.348625][ T5237] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.434334][ T5251] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 83.548596][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.681727][ T5258] loop1: detected capacity change from 0 to 164 [ 83.699199][ T5259] netlink: 12 bytes leftover after parsing attributes in process `syz.3.613'. [ 84.308225][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.428851][ T5282] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 84.608922][ T5295] loop2: detected capacity change from 0 to 1024 [ 84.732053][ T5295] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 84.760841][ T5295] JBD2: no valid journal superblock found [ 84.766616][ T5295] EXT4-fs (loop2): Could not load journal inode [ 84.852602][ T5306] syzkaller0: entered promiscuous mode [ 84.858126][ T5306] syzkaller0: entered allmulticast mode [ 84.983696][ T29] audit: type=1400 audit(1745377844.376:867): avc: denied { mount } for pid=5298 comm="syz.0.628" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 85.005982][ T29] audit: type=1400 audit(1745377844.386:868): avc: denied { remount } for pid=5298 comm="syz.0.628" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 85.026136][ T29] audit: type=1400 audit(1745377844.536:869): avc: denied { unmount } for pid=3301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 85.191507][ T5309] loop1: detected capacity change from 0 to 1024 [ 85.337722][ T5309] EXT4-fs: Ignoring removed orlov option [ 85.550983][ T5309] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 85.751720][ T5309] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.784028][ T5319] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 86.481115][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.496541][ T5326] netlink: 368 bytes leftover after parsing attributes in process `syz.2.626'. [ 86.510994][ T5319] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 86.542471][ T5330] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 86.668770][ T5336] loop2: detected capacity change from 0 to 1024 [ 86.710254][ T5336] EXT4-fs: Ignoring removed nomblk_io_submit option [ 86.754299][ T5336] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.771632][ T5346] netlink: 12 bytes leftover after parsing attributes in process `syz.4.644'. [ 86.819638][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.840639][ T5350] netlink: 12 bytes leftover after parsing attributes in process `syz.1.646'. [ 86.920058][ T5353] netlink: 12 bytes leftover after parsing attributes in process `syz.4.648'. [ 87.071686][ T5366] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 87.136031][ T5373] loop2: detected capacity change from 0 to 1024 [ 87.166331][ T5373] EXT4-fs: Ignoring removed orlov option [ 87.182617][ T5373] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 87.209758][ T5381] loop1: detected capacity change from 0 to 2048 [ 87.232008][ T5373] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.250343][ T5384] loop3: detected capacity change from 0 to 1024 [ 87.273622][ T5384] EXT4-fs: Ignoring removed nomblk_io_submit option [ 87.304104][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.313586][ T5381] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #2: comm syz.1.659: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 87.350705][ T5381] EXT4-fs (loop1): get root inode failed [ 87.356412][ T5381] EXT4-fs (loop1): mount failed [ 87.385310][ T5384] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.476140][ T29] audit: type=1400 audit(1745377847.056:870): avc: denied { rmdir } for pid=5383 comm="syz.3.660" name="file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 87.552899][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.570867][ T5408] ucma_write: process 342 (syz.2.666) changed security contexts after opening file descriptor, this is not allowed. [ 87.607857][ T5410] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 87.714190][ T5420] loop1: detected capacity change from 0 to 1024 [ 87.746184][ T5420] EXT4-fs: Ignoring removed orlov option [ 87.774132][ T5420] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 87.805290][ T5428] loop4: detected capacity change from 0 to 1024 [ 87.825744][ T5420] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.876508][ T5428] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.899032][ T5428] ext4 filesystem being mounted at /146/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 87.915655][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.915728][ T5428] EXT4-fs (loop4): shut down requested (1) [ 87.941618][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.016979][ T5444] netlink: 12 bytes leftover after parsing attributes in process `syz.3.680'. [ 88.063582][ T5447] loop1: detected capacity change from 0 to 1024 [ 88.131012][ T5447] EXT4-fs: Ignoring removed nomblk_io_submit option [ 88.168968][ T5459] loop4: detected capacity change from 0 to 164 [ 88.195651][ T5464] loop3: detected capacity change from 0 to 1024 [ 88.202787][ T5447] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.250102][ T5464] EXT4-fs: Ignoring removed orlov option [ 88.320693][ T5464] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 88.442867][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.503375][ T5464] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.749399][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.975078][ T5488] netlink: 12 bytes leftover after parsing attributes in process `syz.1.697'. [ 89.371807][ T29] audit: type=1400 audit(1745377848.926:871): avc: denied { connect } for pid=5471 comm="syz.0.692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 89.439034][ T5500] netlink: 12 bytes leftover after parsing attributes in process `syz.2.701'. [ 89.594726][ T5506] loop2: detected capacity change from 0 to 1024 [ 89.638725][ T5506] EXT4-fs: Ignoring removed orlov option [ 89.676015][ T5506] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 89.763540][ T5511] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 89.841659][ T5506] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.964659][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.975391][ T5519] loop3: detected capacity change from 0 to 1024 [ 89.992596][ T5519] EXT4-fs: Ignoring removed nomblk_io_submit option [ 90.045437][ T5519] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.201481][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.204662][ T5532] netlink: 12 bytes leftover after parsing attributes in process `syz.4.715'. [ 90.722194][ T5543] loop3: detected capacity change from 0 to 512 [ 90.772460][ T5543] EXT4-fs (loop3): external journal device major/minor numbers have changed [ 90.832654][ T5543] block device autoloading is deprecated and will be removed. [ 90.870431][ T5543] syz.3.716: attempt to access beyond end of device [ 90.870431][ T5543] md185: rw=0, sector=2, nr_sectors = 2 limit=0 [ 90.969582][ T5543] EXT4-fs (loop3): couldn't read superblock of external journal [ 90.974934][ T5548] loop1: detected capacity change from 0 to 1024 [ 91.059757][ T5548] EXT4-fs: Ignoring removed orlov option [ 91.104507][ T5548] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 91.237548][ T5548] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.608107][ T5559] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 91.677987][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.799260][ T5574] netlink: 'syz.0.729': attribute type 3 has an invalid length. [ 91.840664][ T5579] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 91.889485][ T5579] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 91.938328][ T5583] qrtr: Invalid version 24 [ 92.647691][ T5603] loop1: detected capacity change from 0 to 1024 [ 92.693614][ T5603] EXT4-fs: Ignoring removed orlov option [ 92.720282][ T5603] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 92.721275][ T5608] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 92.783795][ T5603] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 92.902102][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.922179][ T5624] netlink: 'syz.3.743': attribute type 3 has an invalid length. [ 92.932013][ T5622] qrtr: Invalid version 24 [ 92.955906][ T29] audit: type=1400 audit(1745377852.566:872): avc: denied { write } for pid=2986 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 92.977486][ T29] audit: type=1400 audit(1745377852.566:873): avc: denied { remove_name } for pid=2986 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 93.000116][ T29] audit: type=1400 audit(1745377852.566:874): avc: denied { rename } for pid=2986 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 93.022399][ T29] audit: type=1400 audit(1745377852.566:875): avc: denied { add_name } for pid=2986 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 93.045235][ T29] audit: type=1400 audit(1745377852.566:876): avc: denied { unlink } for pid=2986 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 93.067711][ T29] audit: type=1400 audit(1745377852.566:877): avc: denied { create } for pid=2986 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 93.094562][ T5628] loop4: detected capacity change from 0 to 1024 [ 93.198538][ T5628] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 93.274421][ T5628] ext4 filesystem being mounted at /164/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 93.429610][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.522818][ T5655] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 93.743214][ T5666] loop4: detected capacity change from 0 to 512 [ 93.780850][ T5666] EXT4-fs (loop4): external journal device major/minor numbers have changed [ 93.818791][ T5666] syz.4.759: attempt to access beyond end of device [ 93.818791][ T5666] md185: rw=0, sector=2, nr_sectors = 2 limit=0 [ 93.883125][ T5666] EXT4-fs (loop4): couldn't read superblock of external journal [ 94.018987][ T5670] netlink: 'syz.4.760': attribute type 3 has an invalid length. [ 94.779384][ T5686] loop4: detected capacity change from 0 to 1024 [ 94.807406][ T5686] EXT4-fs: Ignoring removed orlov option [ 94.835339][ T5686] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 94.880001][ T5686] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.934380][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.100464][ T5708] netlink: 4 bytes leftover after parsing attributes in process `syz.4.770'. [ 95.129953][ T5709] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 95.491392][ T5732] loop4: detected capacity change from 0 to 1024 [ 95.498216][ T5732] EXT4-fs: Ignoring removed orlov option [ 95.570970][ T5732] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 95.686068][ T5743] loop2: detected capacity change from 0 to 2048 [ 95.742408][ T5743] ext4 filesystem being mounted at /164/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.977552][ T5755] loop4: detected capacity change from 0 to 1024 [ 96.010910][ T5755] EXT4-fs: Ignoring removed nomblk_io_submit option [ 96.067248][ T5755] EXT4-fs (loop4): shut down requested (0) [ 96.131278][ T5760] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=15 [ 96.183862][ T5760] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=15 [ 96.288014][ T5751] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 345: padding at end of block bitmap is not set [ 96.334334][ T5751] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 240 with error 117 [ 96.347257][ T5751] EXT4-fs (loop2): This should not happen!! Data will be lost [ 96.347257][ T5751] [ 96.414378][ T5763] loop3: detected capacity change from 0 to 164 [ 96.441991][ T3430] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 256 with max blocks 2048 with error 117 [ 96.454987][ T3430] EXT4-fs (loop2): This should not happen!! Data will be lost [ 96.454987][ T3430] [ 97.047044][ T3685] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2305 with max blocks 1800 with error 28 [ 97.059909][ T3685] EXT4-fs (loop2): This should not happen!! Data will be lost [ 97.059909][ T3685] [ 97.069824][ T3685] EXT4-fs (loop2): Total free blocks count 0 [ 97.075848][ T3685] EXT4-fs (loop2): Free/Dirty block details [ 97.081805][ T3685] EXT4-fs (loop2): free_blocks=0 [ 97.086785][ T3685] EXT4-fs (loop2): dirty_blocks=1808 [ 97.325145][ T5778] netlink: 'syz.3.796': attribute type 3 has an invalid length. [ 98.533848][ T5809] loop0: detected capacity change from 0 to 1024 [ 98.585785][ T5809] EXT4-fs: Ignoring removed nomblk_io_submit option [ 98.652010][ T5809] EXT4-fs mount: 5 callbacks suppressed [ 98.652029][ T5809] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.706190][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.756595][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.766682][ T5825] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 98.809197][ T3286] ================================================================== [ 98.817354][ T3286] BUG: KCSAN: data-race in __dentry_kill / fast_dput [ 98.824100][ T3286] [ 98.826440][ T3286] write to 0xffff88811a2fba90 of 8 bytes by task 3004 on cpu 1: [ 98.834087][ T3286] __dentry_kill+0x13e/0x4c0 [ 98.838693][ T3286] dput+0x5c/0xd0 [ 98.842335][ T3286] step_into+0x226/0x860 [ 98.846596][ T3286] walk_component+0x178/0x240 [ 98.851288][ T3286] path_lookupat+0x103/0x2a0 [ 98.855896][ T3286] filename_lookup+0x2dd/0x340 [ 98.860672][ T3286] do_readlinkat+0x8b/0x210 [ 98.865196][ T3286] __x64_sys_readlink+0x47/0x60 [ 98.870071][ T3286] x64_sys_call+0x2a81/0x2e10 [ 98.874762][ T3286] do_syscall_64+0xc9/0x1a0 [ 98.879277][ T3286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.885202][ T3286] [ 98.887532][ T3286] read to 0xffff88811a2fba90 of 8 bytes by task 3286 on cpu 0: [ 98.895088][ T3286] fast_dput+0x67/0x310 [ 98.899261][ T3286] dput+0x24/0xd0 [ 98.902903][ T3286] do_unlinkat+0x262/0x4f0 [ 98.907329][ T3286] __x64_sys_unlink+0x2e/0x40 [ 98.912012][ T3286] x64_sys_call+0x2358/0x2e10 [ 98.916701][ T3286] do_syscall_64+0xc9/0x1a0 [ 98.921227][ T3286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.927128][ T3286] [ 98.929458][ T3286] value changed: 0xffff8882375917a8 -> 0x0000000000000000 [ 98.936565][ T3286] [ 98.938887][ T3286] Reported by Kernel Concurrency Sanitizer on: [ 98.945070][ T3286] CPU: 0 UID: 0 PID: 3286 Comm: udevd Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(voluntary) [ 98.957066][ T3286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 98.967140][ T3286] ==================================================================