last executing test programs: 1.330602184s ago: executing program 0 (id=858): unshare(0x42000000) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01080000000000000000010000000900010073797a300000000048000000030a0102000000000000000001000000080007006e6174000900030073796031000000000900010073797a3000000000140004800800024000000000080001"], 0x90}}, 0x0) 1.281973049s ago: executing program 4 (id=861): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r2, 0x3) 1.281516959s ago: executing program 4 (id=862): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r3}]}, 0x20}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newlink={0x20, 0x10, 0x437, 0xa00, 0x0, {0x0, 0x0, 0x0, r3, 0x192}}, 0x20}}, 0x0) 1.172671559s ago: executing program 4 (id=868): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000b9000000850000002d0000009500"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000014c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000140)='8', 0x1}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="24000000000000000100000001000000", @ANYRES32=r1], 0x28}}], 0x1, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0x39000, 0x0) 1.171922049s ago: executing program 0 (id=869): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x47f9, 0x1f, 0x0, 0x0, 0x0) r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read(r3, &(0x7f00000019c0)=""/4107, 0x100b) 1.126083044s ago: executing program 4 (id=870): r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @my=0x0}, 0x10) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 355.426437ms ago: executing program 1 (id=899): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000080)={@in6={{0xa, 0x4e20, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0x0, 0x0, 0x3, 0x0, "9ecf3315567f14d56a87d1b2cc409e2a652dbbf6c50480937c6fa85af81bc6fc54b71f03985ac33e31d612d976920300000000000000503621ec6679995d916cb4361795dd7dbae51d07384b7c2e6949"}, 0xd8) 355.223067ms ago: executing program 2 (id=900): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="2c0000003b00090000000000cd00000001000000180003"], 0x2c}}, 0x0) 320.50644ms ago: executing program 0 (id=890): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00, 0x0, 0x8001}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x40}}, 0x0) 320.22272ms ago: executing program 1 (id=891): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_pidfd_open(r0, 0x0) waitid$P_PIDFD(0x3, r1, 0x0, 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') preadv(r2, &(0x7f0000000340)=[{&(0x7f0000000180)=""/109, 0x6d}], 0x1, 0x0, 0x0) 248.476187ms ago: executing program 4 (id=893): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_MPP(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="9fab000000000000000005"], 0x20}}, 0x0) 247.934387ms ago: executing program 3 (id=894): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a0000000600010034"], 0x1c}}, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), r1) socket(0x10, 0x3, 0x0) 247.607897ms ago: executing program 2 (id=895): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="200000000f14010000000000000000000d0045"], 0x20}, 0x1, 0x0, 0x0, 0x91}, 0x0) 247.306157ms ago: executing program 1 (id=896): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1, 0x2000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000480)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x3000006, &(0x7f0000000040)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000}}, {@abort}, {@block_validity}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@nobh}, {@block_validity}, {@orlov}, {@user_xattr}, {@init_itable_val={'init_itable', 0x3d, 0x400}}]}, 0x1, 0x556, &(0x7f0000001100)="$eJzs3d1rW+UfAPDvSdu9/37rYAwVkcIunMyltvVlghfzUnQ40PsZ2rMymi6jScdaB24X7sYbGYKIA/Fe770c/gP+FQMtDBlFL7ypnPSky9akybL0ZebzgbM9zzknfc4353yfPCdPQgIYWGPZP4WIFyPi6yTiaNO24cg3jq3vt/rwxnS2JLG29smfSST5usb+Sf7/4bzyQkT8+mXE6cLmdqtLy3OlcjldyOvjtfmr49Wl5TOX50uz6Wx6ZXJq6uxbU5PvvvN232J97cLf331874OzX51c/fbnlWN3kjgXR/JtzXE8g5vNlbEYy5+TkTj3xI4TfWhsL0l2+wDoyVCe5yOR9QFHYyjPeuC/74uIWAMGVCL/YUA1xgGNe/s+3Qc/Nx68v34DtDn+4fX3RuJA/d7o0Gry2J1Rdr872of2szZ++ePunWyJ/r0PAdDRzVsRK0PDw5v7vyTv/3r3Rhf7PNmG/g92zr1s/PN6q/FPYWP8Ey3GP4db5G4vOud/YaUPzbSVjf/eazn+3Zi0Gh3Ka/+rj/lGkkuXy2nWt/0/Ik7FyP6svtV8ztnV+2vttjWP/7Ila78xFsyPY2V4/+OPmSnVSs8Sc7MHtyJeajn+TTbOf9Li/GfPx4Uu2ziR3n2l3bbO8W+vtR8jXm15/h/NaCVbz0+O16+H8cZVsdlft0/81q793Y4/O/+Hto5/NGmer60+fRs/HPgnbbet1+t/X/JpvbwvX3e9VKstTETsSz7avH7y0WMb9cb+WfynTm7d/7W6/g9GxGddxn/7+E8v9x7/9srin3mq8//0hfsffv59u/a7O/9v1kun8jXd9H/dHuCzPHcAAAAAAACw1xQi4kgkheJGuVAoFtc/33E8DhXKlWrt9KXK4pWZqH9XdjRGCo2Z7qNNn4eYyD8P26hPPlGfiohjEfHN0MF6vThdKc/sdvAAAAAAAAAAAAAAAAAAAACwRxxu8/3/zO9Du310wLbzk98wuDrmfz9+6QnYk7z+w+CS/zC45D8MLvkPg0v+w+DqkP/JTh0HsPO8/sPgkv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQVxfOn8+WtdWHN6az+sy1pcW5yrUzM2l1rji/OF2crixcLc5WKrPltDhdme/098qVytWJyVi8Pl5Lq7Xx6tLyxfnK4pXaxcvzpdn0YjqyI1EBAAAAAAAAAAAAAAAAAADA86W6tDxXKpfTBQWFngrDe+MwFPpc2O2eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe+TcAAP//Z7w5Vw==") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4203c, &(0x7f00000003c0)=ANY=[@ANYRES64, @ANYRES8, @ANYRESHEX, @ANYRESDEC, @ANYRES32, @ANYRESDEC, @ANYRESDEC, @ANYRES8=0x0, @ANYRES8, @ANYRES64], 0x0, 0x0, &(0x7f0000000000)) 233.752118ms ago: executing program 4 (id=897): timer_create(0x0, &(0x7f0000000100)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000180)) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) recvmmsg(r0, &(0x7f0000000600), 0x204083acb88ff8b, 0x2, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f00000002c0)=0x0) timer_settime(r1, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x1c9c380}}, 0x0) 190.382582ms ago: executing program 3 (id=898): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000040)=0x8000, 0x4) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000001600)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0) recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) 189.546142ms ago: executing program 2 (id=902): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='mpol=interleave=static,mpol=d']) 136.867098ms ago: executing program 3 (id=903): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x3) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) syz_emit_ethernet(0x10e, &(0x7f0000000240)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x2, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x67, 0x2, 0x0, 0x0, 0x0, {[@sack_perm={0x4, 0x2}, @sack_perm={0x4, 0x2}, @mptcp=@mp_fclose={0x1e, 0x0, 0x4, 0x0, 0x5}, @mptcp=@mp_fclose={0x1e, 0xc, 0x9, 0x0, 0xd}, @exp_fastopen={0xfe, 0xb, 0xf989, "25bd4f4c980a4c"}, @nop]}}}}}}}, 0x0) 136.045418ms ago: executing program 1 (id=904): mkdir(&(0x7f0000000040)='./file0\x00', 0xa8) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)={0x15, 0x65, 0xffff, 0x0, 0x8, '9P2000.u'}, 0x15) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180"], 0x15) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_client}], [], 0x6b}}) 135.740858ms ago: executing program 2 (id=905): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20) mq_unlink(0x0) 135.373358ms ago: executing program 3 (id=906): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]}) ioprio_get$pid(0x2, 0x0) 135.123258ms ago: executing program 2 (id=907): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x1ff}, 0x0, 0xf5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) unshare(0x2a020400) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000002c0)={r0, 0x0, &(0x7f0000000340)=""/107}, 0x20) 127.686549ms ago: executing program 0 (id=908): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil) brk(0x20001000) 78.614833ms ago: executing program 3 (id=909): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) socket$packet(0x11, 0xa, 0x300) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6f94f90424fc600e0005000a000200053582c137153e3704000880fc0b09000300", 0x33fe0}], 0x1}, 0x0) syz_emit_ethernet(0x7a, &(0x7f00000003c0)=ANY=[], 0x0) 77.930063ms ago: executing program 1 (id=910): r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20) writev(r0, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2) 77.433383ms ago: executing program 2 (id=911): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)={0x0, 0xea60}) 77.066923ms ago: executing program 0 (id=912): unshare(0x22020600) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) syz_clone(0x10eb22b000, 0x0, 0x0, 0x0, 0x0, 0x0) 76.691943ms ago: executing program 3 (id=913): syz_emit_ethernet(0x66, &(0x7f0000000180)={@local, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x1, 0x5, 0x58, 0x68, 0x0, 0x1, 0x2f, 0x0, @private=0xa010102, @local}, {{0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}, {0x1}, {0x8, 0x88be, 0x4, {{0x7, 0x1, 0x2, 0x2, 0x1, 0x2, 0x3, 0x8}}}, {0x8, 0x22eb, 0x3, {{0x1, 0x2, 0x9, 0x3, 0x0, 0x1, 0x0, 0xbb}, 0x2, {0x7, 0x4, 0x3, 0x9, 0x0, 0x1, 0x3, 0x0, 0x1}}}, {0x8, 0x6558, 0x3}}}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000140)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x8016, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, @local, @loopback}}}}, 0xfdef) 588.59µs ago: executing program 1 (id=914): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 0s ago: executing program 0 (id=915): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001280)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48) kernel console output (not intermixed with test programs): [ 29.439869][ T3315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 29.461064][ T3324] team0: Port device team_slave_1 added [ 29.468816][ T3319] hsr_slave_0: entered promiscuous mode [ 29.474757][ T3319] hsr_slave_1: entered promiscuous mode [ 29.482758][ T3315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 29.497697][ T3316] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 29.504650][ T3316] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 29.530593][ T3316] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 29.561863][ T3316] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 29.568921][ T3316] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 29.594974][ T3316] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 29.618188][ T3315] team0: Port device team_slave_0 added [ 29.626301][ T3323] hsr_slave_0: entered promiscuous mode [ 29.632302][ T3323] hsr_slave_1: entered promiscuous mode [ 29.638349][ T3323] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 29.645983][ T3323] Cannot create hsr debugfs directory [ 29.657898][ T3324] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 29.664866][ T3324] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 29.690872][ T3324] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 29.707310][ T3315] team0: Port device team_slave_1 added [ 29.722951][ T3324] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 29.729999][ T3324] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 29.755971][ T3324] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 29.784191][ T3316] hsr_slave_0: entered promiscuous mode [ 29.790352][ T3316] hsr_slave_1: entered promiscuous mode [ 29.796462][ T3316] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 29.804013][ T3316] Cannot create hsr debugfs directory [ 29.816127][ T3315] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 29.823175][ T3315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 29.849140][ T3315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 29.876990][ T3315] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 29.883956][ T3315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 29.909919][ T3315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 29.935995][ T3324] hsr_slave_0: entered promiscuous mode [ 29.942141][ T3324] hsr_slave_1: entered promiscuous mode [ 29.948078][ T3324] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 29.955709][ T3324] Cannot create hsr debugfs directory [ 29.983928][ T3315] hsr_slave_0: entered promiscuous mode [ 29.990022][ T3315] hsr_slave_1: entered promiscuous mode [ 29.996115][ T3315] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 30.003664][ T3315] Cannot create hsr debugfs directory [ 30.155293][ T3319] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 30.167756][ T3319] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 30.182136][ T3319] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 30.193517][ T3319] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 30.210170][ T3323] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 30.220455][ T3323] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 30.231398][ T3323] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 30.240256][ T3323] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 30.273357][ T3316] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 30.284839][ T3316] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 30.294283][ T3316] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 30.318541][ T3316] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 30.340874][ T3324] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 30.354152][ T3324] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 30.363695][ T3324] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 30.374487][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.381993][ T3324] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 30.422503][ T3315] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 30.432492][ T3319] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.442572][ T3315] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 30.451904][ T3315] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 30.461919][ T3315] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 30.474605][ T3323] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.486716][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.493783][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.517812][ T1569] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.524885][ T1569] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.541613][ T3323] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.576695][ T3316] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.591754][ T1569] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.598892][ T1569] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.618167][ T3316] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.633109][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.640283][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.666488][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.673621][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.690379][ T3324] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.699836][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.706938][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.719287][ T3315] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.739282][ T3323] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 30.754381][ T3315] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.767783][ T3324] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.788876][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.796002][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.804976][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.812140][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.832826][ T3324] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 30.848529][ T3319] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 30.858150][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.865267][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.874959][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.882020][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.917451][ T3323] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 30.998357][ T3324] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 31.054947][ T3315] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 31.092048][ T3316] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 31.123466][ T3319] veth0_vlan: entered promiscuous mode [ 31.140884][ T3323] veth0_vlan: entered promiscuous mode [ 31.157434][ T3319] veth1_vlan: entered promiscuous mode [ 31.188883][ T3319] veth0_macvtap: entered promiscuous mode [ 31.197625][ T3323] veth1_vlan: entered promiscuous mode [ 31.230096][ T3319] veth1_macvtap: entered promiscuous mode [ 31.238427][ T3324] veth0_vlan: entered promiscuous mode [ 31.252597][ T3319] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 31.262496][ T3316] veth0_vlan: entered promiscuous mode [ 31.269872][ T3324] veth1_vlan: entered promiscuous mode [ 31.286203][ T3319] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 31.294691][ T3319] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.303510][ T3319] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.312266][ T3319] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.320996][ T3319] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.334166][ T3316] veth1_vlan: entered promiscuous mode [ 31.355441][ T3323] veth0_macvtap: entered promiscuous mode [ 31.370992][ T3315] veth0_vlan: entered promiscuous mode [ 31.371903][ T29] kauditd_printk_skb: 18 callbacks suppressed [ 31.371918][ T29] audit: type=1400 audit(1730742199.788:110): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/root/syzkaller.VKYABv/syz-tmp" dev="sda1" ino=1944 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 31.382465][ T3315] veth1_vlan: entered promiscuous mode [ 31.389277][ T29] audit: type=1400 audit(1730742199.798:111): avc: denied { mount } for pid=3319 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 31.413175][ T3323] veth1_macvtap: entered promiscuous mode [ 31.434656][ T29] audit: type=1400 audit(1730742199.798:112): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/root/syzkaller.VKYABv/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 31.447963][ T3323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.465628][ T29] audit: type=1400 audit(1730742199.798:113): avc: denied { mount } for pid=3319 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 31.476055][ T3323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.478659][ T3323] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 31.497956][ T29] audit: type=1400 audit(1730742199.798:114): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/root/syzkaller.VKYABv/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 31.511583][ T3316] veth0_macvtap: entered promiscuous mode [ 31.514984][ T29] audit: type=1400 audit(1730742199.808:115): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/root/syzkaller.VKYABv/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=4026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 31.548053][ T3324] veth0_macvtap: entered promiscuous mode [ 31.574909][ T29] audit: type=1400 audit(1730742199.808:116): avc: denied { unmount } for pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 31.583218][ T3324] veth1_macvtap: entered promiscuous mode [ 31.617941][ T29] audit: type=1400 audit(1730742200.038:117): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=502 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 31.619114][ T3316] veth1_macvtap: entered promiscuous mode [ 31.649363][ T3323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.659975][ T3323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.671247][ T3323] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 31.680207][ T3319] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 31.699665][ T3324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.710482][ T3324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.720403][ T3324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.730839][ T3324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.741592][ T3324] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 31.750332][ T3323] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.759200][ T3323] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.767964][ T3323] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.776762][ T3323] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.791320][ T3315] veth0_macvtap: entered promiscuous mode [ 31.801176][ T3324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.803953][ T29] audit: type=1400 audit(1730742200.218:118): avc: denied { read write } for pid=3319 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 31.811654][ T3324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.835799][ T29] audit: type=1400 audit(1730742200.218:119): avc: denied { open } for pid=3319 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 31.845534][ T3324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.880148][ T3324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.890979][ T3324] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 31.899997][ T3324] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.908774][ T3324] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.917573][ T3324] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.926300][ T3324] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.947530][ T3315] veth1_macvtap: entered promiscuous mode [ 31.954603][ T3316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.965098][ T3316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.974944][ T3316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.985475][ T3316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.995337][ T3316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 32.005830][ T3316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 32.016832][ T3316] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 32.033019][ T3316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 32.043571][ T3316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 32.053431][ T3316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 32.063894][ T3316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 32.073738][ T3316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 32.084223][ T3316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 32.095645][ T3316] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 32.110335][ T3315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 32.120874][ T3315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 32.130765][ T3315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 32.141207][ T3315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 32.151109][ T3315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 32.161609][ T3315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 32.171506][ T3315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 32.182103][ T3315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 32.193863][ T3315] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 32.215845][ T3316] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.224625][ T3316] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.233501][ T3316] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.242283][ T3316] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.254947][ T3315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 32.265463][ T3315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 32.275379][ T3315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 32.285973][ T3315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 32.295923][ T3315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 32.306411][ T3315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 32.316252][ T3315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 32.326703][ T3315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 32.337959][ T3315] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 32.356591][ T3315] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.365401][ T3315] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.374169][ T3315] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.382994][ T3315] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.533309][ T3478] syz.0.11 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 32.671565][ T3501] loop0: detected capacity change from 0 to 256 [ 32.817366][ T3392] kernel write not supported for file bpf-prog (pid: 3392 comm: kworker/1:3) [ 32.861913][ T3518] process '+}[@' launched '/dev/fd/5' with NULL argv: empty string added [ 32.888003][ T3523] loop3: detected capacity change from 0 to 128 [ 32.943051][ T3521] netlink: 116 bytes leftover after parsing attributes in process `syz.0.31'. [ 32.954571][ T3529] loop4: detected capacity change from 0 to 512 [ 32.983022][ T3529] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.006035][ T3529] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 33.029214][ T3539] loop3: detected capacity change from 0 to 128 [ 33.063844][ T3529] syz.4.33 (3529) used greatest stack depth: 10336 bytes left [ 33.064340][ T3539] syz.3.36: attempt to access beyond end of device [ 33.064340][ T3539] loop3: rw=0, sector=121, nr_sectors = 119 limit=128 [ 33.094941][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.154631][ T50] kworker/u8:3: attempt to access beyond end of device [ 33.154631][ T50] loop3: rw=1, sector=241, nr_sectors = 800 limit=128 [ 33.171172][ T3530] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 33.175051][ T3545] SELinux: failed to load policy [ 33.209733][ T3018] udevd[3018]: worker [3308] terminated by signal 33 (Unknown signal 33) [ 33.222813][ T3018] udevd[3018]: worker [3308] failed while handling '/devices/virtual/block/loop3' [ 33.238489][ T3530] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 33.241208][ T3550] loop3: detected capacity change from 0 to 512 [ 33.251588][ T3554] loop0: detected capacity change from 0 to 512 [ 33.259293][ T3550] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 33.272425][ T3550] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 33.297079][ T3550] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 33.323560][ T3550] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 33.329123][ T3554] EXT4-fs error (device loop0): ext4_orphan_get:1414: comm syz.0.44: bad orphan inode 13 [ 33.349905][ T3550] EXT4-fs (loop3): 1 truncate cleaned up [ 33.356553][ T3550] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.378079][ T3554] ext4_test_bit(bit=12, block=4) = 1 [ 33.383470][ T3554] is_bad_inode(inode)=0 [ 33.387693][ T3554] NEXT_ORPHAN(inode)=0 [ 33.391764][ T3554] max_ino=32 [ 33.394964][ T3554] i_nlink=1 [ 33.398756][ T3554] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 33.419956][ T3554] EXT4-fs warning (device loop0): dx_probe:833: inode #2: comm syz.0.44: Unrecognised inode hash code 20 [ 33.431307][ T3554] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.44: Corrupt directory, running e2fsck is recommended [ 33.444360][ T3554] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.44: corrupted in-inode xattr: e_value out of bounds [ 33.469383][ T3554] EXT4-fs warning (device loop0): dx_probe:833: inode #2: comm syz.0.44: Unrecognised inode hash code 20 [ 33.480718][ T3554] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.44: Corrupt directory, running e2fsck is recommended [ 33.494551][ T3554] EXT4-fs warning (device loop0): dx_probe:833: inode #2: comm syz.0.44: Unrecognised inode hash code 20 [ 33.497536][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.506034][ T3554] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.44: Corrupt directory, running e2fsck is recommended [ 33.528758][ T3554] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.44: corrupted in-inode xattr: e_value out of bounds [ 33.543749][ T3565] cgroup: Unknown subsys name 'cpuset' [ 33.567458][ T3554] EXT4-fs warning (device loop0): dx_probe:833: inode #2: comm syz.0.44: Unrecognised inode hash code 20 [ 33.579074][ T3554] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.44: Corrupt directory, running e2fsck is recommended [ 33.604819][ T3554] EXT4-fs warning (device loop0): dx_probe:833: inode #2: comm syz.0.44: Unrecognised inode hash code 20 [ 33.616290][ T3554] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.44: Corrupt directory, running e2fsck is recommended [ 33.653381][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.712050][ T3578] loop3: detected capacity change from 0 to 512 [ 33.727511][ T3578] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 33.770209][ T3587] loop4: detected capacity change from 0 to 764 [ 33.786159][ T3578] EXT4-fs (loop3): 1 truncate cleaned up [ 33.801786][ T3578] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.828675][ T3591] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 33.868164][ T3593] Symlink component flag not implemented [ 33.881680][ T3593] Symlink component flag not implemented (101) [ 33.957983][ T3598] loop0: detected capacity change from 0 to 512 [ 34.036338][ T3598] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 34.060531][ T3602] loop2: detected capacity change from 0 to 128 [ 34.077765][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.098726][ T3598] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 34.202895][ T3598] Process accounting resumed [ 34.211727][ T3607] loop3: detected capacity change from 0 to 512 [ 34.229780][ T3602] syz.2.62: attempt to access beyond end of device [ 34.229780][ T3602] loop2: rw=0, sector=121, nr_sectors = 119 limit=128 [ 34.264762][ T3598] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 34.294621][ T3607] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 34.307587][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.314569][ T3607] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 34.401693][ T3621] xt_CT: You must specify a L4 protocol and not use inversions on it [ 34.449018][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.459136][ T50] kworker/u8:3: attempt to access beyond end of device [ 34.459136][ T50] loop2: rw=1, sector=241, nr_sectors = 800 limit=128 [ 34.594880][ T3586] syz.4.58 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 34.605880][ T3586] CPU: 1 UID: 0 PID: 3586 Comm: syz.4.58 Not tainted 6.12.0-rc6-syzkaller #0 [ 34.612348][ T3638] loop0: detected capacity change from 0 to 512 [ 34.614655][ T3586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 34.614673][ T3586] Call Trace: [ 34.614682][ T3586] [ 34.637401][ T3586] dump_stack_lvl+0xf2/0x150 [ 34.642045][ T3586] dump_stack+0x15/0x20 [ 34.644414][ T3638] EXT4-fs: Ignoring removed bh option [ 34.646213][ T3586] dump_header+0x83/0x2d0 [ 34.656056][ T3586] oom_kill_process+0x341/0x4c0 [ 34.660950][ T3586] out_of_memory+0x9af/0xbe0 [ 34.665593][ T3586] ? css_next_descendant_pre+0x11c/0x140 [ 34.668557][ T3638] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 34.671369][ T3586] mem_cgroup_out_of_memory+0x13e/0x190 [ 34.685119][ T3586] try_charge_memcg+0x51b/0x810 [ 34.690107][ T3586] charge_memcg+0x50/0xc0 [ 34.694535][ T3586] mem_cgroup_swapin_charge_folio+0xd0/0x150 [ 34.699458][ T3638] EXT4-fs (loop0): 1 truncate cleaned up [ 34.700599][ T3586] __read_swap_cache_async+0x236/0x480 [ 34.711749][ T3586] swap_cluster_readahead+0x276/0x3f0 [ 34.712414][ T3638] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 34.717181][ T3586] swapin_readahead+0xe4/0x6f0 [ 34.717224][ T3586] ? __filemap_get_folio+0x420/0x5b0 [ 34.717334][ T3586] ? __lruvec_stat_mod_folio+0xdb/0x120 [ 34.717367][ T3586] ? swap_cache_get_folio+0x77/0x210 [ 34.717401][ T3586] do_swap_page+0x31e/0x2550 [ 34.754935][ T3586] ? cgroup_rstat_updated+0x99/0x550 [ 34.760264][ T3586] ? __rcu_read_lock+0x36/0x50 [ 34.765201][ T3586] ? __pfx_default_wake_function+0x10/0x10 [ 34.771140][ T3586] handle_mm_fault+0x8c5/0x2aa0 [ 34.776110][ T3586] exc_page_fault+0x3b9/0x650 [ 34.780831][ T3586] asm_exc_page_fault+0x26/0x30 [ 34.785815][ T3586] RIP: 0033:0x7fcd2f6e1afc [ 34.790271][ T3586] Code: 72 64 0f 1f 40 00 69 3d b6 3b e1 00 e8 03 00 00 48 8d 1d 97 44 2e 00 e8 82 cb 12 00 eb 0c 48 81 c3 d8 00 00 00 48 39 dd 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 d8 00 00 [ 34.809952][ T3586] RSP: 002b:00007ffcf2810a00 EFLAGS: 00010202 [ 34.816224][ T3586] RAX: 0000000000000000 RBX: 00007fcd2f9c5f80 RCX: 0000000000000000 [ 34.824226][ T3586] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555558769808 [ 34.832286][ T3586] RBP: 00007fcd2f9c7a80 R08: 0000000000000000 R09: 7fffffffffffffff [ 34.840293][ T3586] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000008716 [ 34.848289][ T3586] R13: 00007ffcf2810b00 R14: 0000000000000032 R15: ffffffffffffffff [ 34.856383][ T3586] [ 34.859863][ T3586] memory: usage 307200kB, limit 307200kB, failcnt 116 [ 34.866801][ T3586] memory+swap: usage 307768kB, limit 9007199254740988kB, failcnt 0 [ 34.868385][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.874756][ T3586] kmem: usage 307056kB, limit 9007199254740988kB, failcnt 0 [ 34.874773][ T3586] Memory cgroup stats for /syz4: [ 34.891917][ T3586] cache 139264 [ 34.900468][ T3586] rss 0 [ 34.903275][ T3586] shmem 0 [ 34.906263][ T3586] mapped_file 139264 [ 34.910175][ T3586] dirty 139264 [ 34.913628][ T3586] writeback 4096 [ 34.917393][ T3586] workingset_refault_anon 24 [ 34.922068][ T3586] workingset_refault_file 27 [ 34.923482][ T3666] capability: warning: `syz.3.70' uses 32-bit capabilities (legacy support in use) [ 34.926679][ T3586] swap 581632 [ 34.926689][ T3586] swapcached 8192 [ 34.926698][ T3586] pgpgin 959 [ 34.926707][ T3586] pgpgout 923 [ 34.949458][ T3586] pgfault 1851 [ 34.952845][ T3586] pgmajfault 9 [ 34.956335][ T3586] inactive_anon 8192 [ 34.960230][ T3586] active_anon 0 [ 34.963698][ T3586] inactive_file 139264 [ 34.967890][ T3586] active_file 0 [ 34.971453][ T3586] unevictable 0 [ 34.974962][ T3586] hierarchical_memory_limit 314572800 [ 34.980509][ T3586] hierarchical_memsw_limit 9223372036854771712 [ 34.986732][ T3586] total_cache 139264 [ 34.990679][ T3586] total_rss 0 [ 34.993978][ T3586] total_shmem 0 [ 34.997662][ T3586] total_mapped_file 139264 [ 35.002282][ T3586] total_dirty 139264 [ 35.006237][ T3586] total_writeback 4096 [ 35.010323][ T3586] total_workingset_refault_anon 24 [ 35.015567][ T3586] total_workingset_refault_file 27 [ 35.020712][ T3586] total_swap 581632 [ 35.024555][ T3586] total_swapcached 8192 [ 35.028750][ T3586] total_pgpgin 959 [ 35.032485][ T3586] total_pgpgout 923 [ 35.036481][ T3586] total_pgfault 1851 [ 35.040463][ T3586] total_pgmajfault 9 [ 35.044369][ T3586] total_inactive_anon 8192 [ 35.048835][ T3586] total_active_anon 0 [ 35.052878][ T3586] total_inactive_file 139264 [ 35.057571][ T3586] total_active_file 0 [ 35.061580][ T3586] total_unevictable 0 [ 35.065710][ T3586] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.58,pid=3586,uid=0 [ 35.080234][ T3586] Memory cgroup out of memory: Killed process 3586 (syz.4.58) total-vm:89168kB, anon-rss:612kB, file-rss:16000kB, shmem-rss:0kB, UID:0 pgtables:104kB oom_score_adj:1000 [ 35.215916][ T3681] loop1: detected capacity change from 0 to 512 [ 35.285237][ T3586] syz.4.58 (3586) used greatest stack depth: 10024 bytes left [ 35.347465][ T3681] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 35.463810][ T3587] syz.4.58 (3587) used greatest stack depth: 7280 bytes left [ 35.535228][ T9] IPVS: starting estimator thread 0... [ 35.588196][ T3755] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 35.645231][ T3735] IPVS: using max 2304 ests per chain, 115200 per kthread [ 35.657091][ T3681] EXT4-fs (loop1): 1 truncate cleaned up [ 35.663443][ T3681] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 35.725648][ T3770] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 35.791163][ T3780] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 35.842387][ T3794] loop3: detected capacity change from 0 to 512 [ 35.853802][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 35.857001][ T3794] ======================================================= [ 35.857001][ T3794] WARNING: The mand mount option has been deprecated and [ 35.857001][ T3794] and is ignored by this kernel. Remove the mand [ 35.857001][ T3794] option from the mount to silence this warning. [ 35.857001][ T3794] ======================================================= [ 35.902604][ T3794] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 35.928786][ T3794] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e12c, mo2=0002] [ 35.956147][ T3794] System zones: 1-12 [ 35.960222][ T3794] EXT4-fs (loop3): orphan cleanup on readonly fs [ 35.978668][ T3794] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.100: invalid indirect mapped block 12 (level 1) [ 36.087886][ T3794] EXT4-fs (loop3): Remounting filesystem read-only [ 36.094502][ T3794] EXT4-fs (loop3): 1 truncate cleaned up [ 36.110824][ T3794] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 36.127310][ T3794] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 36.131432][ T3832] loop1: detected capacity change from 0 to 764 [ 36.135961][ T3794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 36.175232][ T3391] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 36.185961][ T9] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 36.279173][ T3841] loop4: detected capacity change from 0 to 512 [ 36.287918][ T3844] Symlink component flag not implemented [ 36.293676][ T3844] Symlink component flag not implemented (101) [ 36.305949][ T3841] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 36.357844][ T3841] EXT4-fs (loop4): 1 truncate cleaned up [ 36.373916][ T3841] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 36.469206][ T3852] loop0: detected capacity change from 0 to 128 [ 36.476440][ T3843] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 36.493413][ T3843] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 36.504933][ T29] kauditd_printk_skb: 194 callbacks suppressed [ 36.504950][ T29] audit: type=1400 audit(1730742204.918:314): avc: denied { name_bind } for pid=3851 comm="syz.2.107" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 36.539347][ T3852] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 36.569310][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.623618][ T3852] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 36.654656][ T3857] netlink: 16 bytes leftover after parsing attributes in process `syz.2.109'. [ 36.663710][ T3857] netlink: 16 bytes leftover after parsing attributes in process `syz.2.109'. [ 36.683426][ T3852] ext2 filesystem being mounted at /31/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 36.728507][ T29] audit: type=1400 audit(1730742205.148:315): avc: denied { create } for pid=3860 comm="syz.4.110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 36.748825][ T3323] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 36.760607][ T29] audit: type=1400 audit(1730742205.148:316): avc: denied { write } for pid=3850 comm="syz.0.106" path="/31/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 36.826257][ T29] audit: type=1400 audit(1730742205.148:317): avc: denied { link } for pid=3850 comm="syz.0.106" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 36.869236][ T29] audit: type=1400 audit(1730742205.168:318): avc: denied { bind } for pid=3860 comm="syz.4.110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 36.888652][ T29] audit: type=1400 audit(1730742205.168:319): avc: denied { name_bind } for pid=3860 comm="syz.4.110" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 36.910602][ T29] audit: type=1400 audit(1730742205.168:320): avc: denied { node_bind } for pid=3860 comm="syz.4.110" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 [ 36.932134][ T29] audit: type=1400 audit(1730742205.168:321): avc: denied { write } for pid=3860 comm="syz.4.110" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 36.953392][ T29] audit: type=1400 audit(1730742205.168:322): avc: denied { connect } for pid=3860 comm="syz.4.110" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 36.974838][ T29] audit: type=1400 audit(1730742205.168:323): avc: denied { name_connect } for pid=3860 comm="syz.4.110" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 37.033206][ T3870] SELinux: Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped). [ 37.221072][ T3882] loop2: detected capacity change from 0 to 512 [ 37.230539][ T3882] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 37.324833][ T3882] EXT4-fs (loop2): 1 truncate cleaned up [ 37.341357][ T3882] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 37.535708][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.554147][ T3903] mmap: +}[@ (3903) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 37.604155][ T3913] loop2: detected capacity change from 0 to 512 [ 37.634564][ T3913] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.129: corrupted in-inode xattr: invalid ea_ino [ 37.657751][ T3913] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.129: couldn't read orphan inode 15 (err -117) [ 37.724347][ T3913] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 37.732924][ T3931] loop3: detected capacity change from 0 to 764 [ 37.799735][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.823565][ T3939] Symlink component flag not implemented [ 37.837765][ T3939] Symlink component flag not implemented (101) [ 37.877622][ T3942] loop4: detected capacity change from 0 to 512 [ 37.933441][ T3942] EXT4-fs error (device loop4): ext4_orphan_get:1388: inode #17: comm syz.4.139: iget: bogus i_mode (0) [ 37.966283][ T3942] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.139: couldn't read orphan inode 17 (err -117) [ 38.001547][ T3942] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 38.021522][ T3948] loop2: detected capacity change from 0 to 764 [ 38.042910][ T3948] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 38.054648][ T3942] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.139: bg 0: block 7: invalid block bitmap [ 38.128342][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.409781][ T3963] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 38.409781][ T3963] program syz.4.148 not setting count and/or reply_len properly [ 38.588976][ T3976] syz.2.153[3976] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 38.589041][ T3976] syz.2.153[3976] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 38.602800][ T3975] netlink: 28 bytes leftover after parsing attributes in process `syz.0.154'. [ 38.623183][ T3975] netlink: 'syz.0.154': attribute type 7 has an invalid length. [ 38.631196][ T3975] netlink: 'syz.0.154': attribute type 8 has an invalid length. [ 38.638921][ T3975] netlink: 4 bytes leftover after parsing attributes in process `syz.0.154'. [ 38.652369][ T3976] syz.2.153[3976] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 38.719672][ T3975] erspan0: entered promiscuous mode [ 38.737592][ T3975] batadv_slave_1: entered promiscuous mode [ 38.743928][ T3975] gretap0: entered promiscuous mode [ 38.774015][ T3985] veth0_vlan: entered allmulticast mode [ 38.822973][ T3985] veth0_vlan: left promiscuous mode [ 38.853353][ T3985] veth0_vlan: entered promiscuous mode [ 38.906793][ T3998] loop4: detected capacity change from 0 to 256 [ 38.949166][ T4003] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 38.960382][ T3998] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 38.976759][ T3999] loop2: detected capacity change from 0 to 2048 [ 39.053615][ T3999] Alternate GPT is invalid, using primary GPT. [ 39.060157][ T3999] loop2: p2 p3 p7 [ 39.081191][ T4012] netlink: 8 bytes leftover after parsing attributes in process `syz.3.170'. [ 39.144069][ T3018] Alternate GPT is invalid, using primary GPT. [ 39.150590][ T3018] loop2: p2 p3 p7 [ 39.172565][ T3555] udevd[3555]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 39.185653][ T3493] udevd[3493]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory [ 39.199608][ T3390] udevd[3390]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 39.266448][ T3493] udevd[3493]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 39.266537][ T3556] udevd[3556]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory [ 39.298110][ T3555] udevd[3555]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 39.312714][ T4031] Illegal XDP return value 4294967294 on prog (id 126) dev N/A, expect packet loss! [ 39.474662][ T4047] loop2: detected capacity change from 0 to 764 [ 39.539601][ T4053] Symlink component flag not implemented [ 39.579966][ T4053] Symlink component flag not implemented (101) [ 39.672711][ T4062] IPv6: NLM_F_CREATE should be specified when creating new route [ 39.763313][ T4068] loop1: detected capacity change from 0 to 512 [ 39.802827][ T4071] netlink: 8 bytes leftover after parsing attributes in process `syz.0.195'. [ 39.841759][ T4068] EXT4-fs: Ignoring removed oldalloc option [ 39.852692][ T4068] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 39.875517][ T4068] EXT4-fs (loop1): 1 truncate cleaned up [ 39.897690][ T4068] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.009577][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.026775][ T4083] 9pnet_fd: Insufficient options for proto=fd [ 40.656512][ T4124] netlink: 132 bytes leftover after parsing attributes in process `syz.4.219'. [ 40.681641][ T4124] netlink: 'syz.4.219': attribute type 10 has an invalid length. [ 40.740274][ T4124] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 40.791879][ T4132] loop2: detected capacity change from 0 to 128 [ 40.816192][ T4132] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 40.843932][ T4132] ext4 filesystem being mounted at /38/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 40.940526][ T3319] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 41.017918][ T4149] loop4: detected capacity change from 0 to 764 [ 41.056847][ T4151] loop2: detected capacity change from 0 to 512 [ 41.096934][ T4151] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 41.104990][ T4151] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 41.117234][ T4153] Symlink component flag not implemented [ 41.122928][ T4153] Symlink component flag not implemented (101) [ 41.258099][ T4151] EXT4-fs (loop2): 1 truncate cleaned up [ 41.264413][ T4151] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.306370][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.401313][ T4156] IPVS: Error joining to the multicast group [ 41.827171][ T29] kauditd_printk_skb: 88 callbacks suppressed [ 41.827189][ T29] audit: type=1400 audit(1730742210.248:412): avc: denied { read write } for pid=4166 comm="syz.3.238" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 41.878254][ T3391] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 41.886370][ T4167] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 41.905014][ T3391] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 41.916943][ T4167] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 41.928494][ T29] audit: type=1400 audit(1730742210.288:413): avc: denied { open } for pid=4166 comm="syz.3.238" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 41.951715][ T29] audit: type=1326 audit(1730742210.288:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 41.975039][ T29] audit: type=1326 audit(1730742210.288:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 41.998274][ T29] audit: type=1326 audit(1730742210.288:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 42.021565][ T29] audit: type=1326 audit(1730742210.288:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 42.044841][ T29] audit: type=1326 audit(1730742210.288:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 42.068160][ T29] audit: type=1326 audit(1730742210.288:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 42.091455][ T29] audit: type=1326 audit(1730742210.288:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 42.115137][ T29] audit: type=1326 audit(1730742210.288:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 42.200964][ T4185] x_tables: ip6_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT [ 42.329731][ T4205] raw_sendmsg: syz.1.248 forgot to set AF_INET. Fix it! [ 42.339774][ T4201] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 0 [ 42.385832][ T4210] netlink: 44 bytes leftover after parsing attributes in process `syz.4.256'. [ 42.418640][ T4216] loop4: detected capacity change from 0 to 764 [ 42.499413][ T4227] Symlink component flag not implemented [ 42.506843][ T4226] netlink: 28 bytes leftover after parsing attributes in process `syz.2.263'. [ 42.515979][ T4227] Symlink component flag not implemented (101) [ 42.545474][ T4231] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 42.556983][ T4231] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 42.709368][ T4243] netem: change failed [ 42.714227][ T4245] loop3: detected capacity change from 0 to 512 [ 42.721023][ T4245] EXT4-fs: Ignoring removed nobh option [ 42.727029][ T4245] EXT4-fs: quotafile must be on filesystem root [ 42.823640][ T4257] loop3: detected capacity change from 0 to 512 [ 42.833531][ T4257] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 42.842706][ T4257] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 42.860112][ T4257] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 42.870917][ T4257] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 42.887298][ T4257] System zones: 0-2, 18-18, 34-34 [ 42.904570][ T4257] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1138: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 42.924041][ T4257] EXT4-fs (loop3): 1 truncate cleaned up [ 42.932941][ T4257] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 42.981406][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.106778][ T4274] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22 [ 43.115009][ T4274] netdevsim netdevsim3: Direct firmware load for . failed with error -22 [ 43.199254][ T4290] loop1: detected capacity change from 0 to 2048 [ 43.248191][ T4290] loop1: p1 < > p4 [ 43.298356][ T4290] loop1: p4 size 8388608 extends beyond EOD, truncated [ 43.317888][ T4300] loop3: detected capacity change from 0 to 128 [ 43.365731][ T3018] loop1: p1 < > p4 [ 43.371534][ T4300] syz.3.297: attempt to access beyond end of device [ 43.371534][ T4300] loop3: rw=2049, sector=145, nr_sectors = 1 limit=128 [ 43.385204][ T3018] loop1: p4 size 8388608 extends beyond EOD, truncated [ 43.411695][ T3555] udevd[3555]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 43.434010][ T3390] udevd[3390]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 43.459536][ T3555] udevd[3555]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 43.470858][ T3390] udevd[3390]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 43.624013][ T4315] wireguard0: entered promiscuous mode [ 43.629603][ T4315] wireguard0: entered allmulticast mode [ 43.859147][ T3391] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 43.870248][ T3391] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 44.100076][ T4359] loop1: detected capacity change from 0 to 8192 [ 44.297248][ T4367] netlink: 4 bytes leftover after parsing attributes in process `syz.1.324'. [ 44.321880][ T4367] netlink: 72 bytes leftover after parsing attributes in process `syz.1.324'. [ 44.330881][ T4367] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check. [ 44.369338][ T4369] syz.3.325[4369] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 44.369475][ T4369] syz.3.325[4369] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 44.411095][ T4371] loop1: detected capacity change from 0 to 512 [ 44.429185][ T4369] syz.3.325[4369] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 44.469510][ T4371] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.498290][ T4371] ext4 filesystem being mounted at /53/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 44.616918][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.805664][ T4391] netlink: 36 bytes leftover after parsing attributes in process `syz.4.334'. [ 44.814708][ T4391] netlink: 36 bytes leftover after parsing attributes in process `syz.4.334'. [ 44.848902][ T4391] netlink: 36 bytes leftover after parsing attributes in process `syz.4.334'. [ 44.898103][ T4391] netlink: 36 bytes leftover after parsing attributes in process `syz.4.334'. [ 44.907071][ T4391] netlink: 36 bytes leftover after parsing attributes in process `syz.4.334'. [ 44.931678][ T4391] netlink: 36 bytes leftover after parsing attributes in process `syz.4.334'. [ 44.978790][ T4405] loop1: detected capacity change from 0 to 164 [ 44.994396][ T4391] netlink: 36 bytes leftover after parsing attributes in process `syz.4.334'. [ 45.003367][ T4391] netlink: 36 bytes leftover after parsing attributes in process `syz.4.334'. [ 45.034912][ T4410] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 45.187759][ T4429] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 45.231309][ T4433] loop0: detected capacity change from 0 to 256 [ 45.278950][ T4433] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 45.363634][ T4453] loop3: detected capacity change from 0 to 512 [ 45.373896][ T4453] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.361: corrupted in-inode xattr: invalid ea_ino [ 45.392625][ T4453] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.361: couldn't read orphan inode 15 (err -117) [ 45.401989][ T4458] loop0: detected capacity change from 0 to 764 [ 45.422950][ T4460] loop4: detected capacity change from 0 to 1024 [ 45.430143][ T4453] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.504963][ T4463] Symlink component flag not implemented [ 45.520758][ T4463] Symlink component flag not implemented (101) [ 45.536215][ T4467] syz.1.366[4467] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 45.536333][ T4467] syz.1.366[4467] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 45.561255][ T4467] syz.1.366[4467] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 45.580506][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.706817][ T4474] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0) [ 45.741225][ T4474] SELinux: failed to load policy [ 45.805791][ T4476] loop3: detected capacity change from 0 to 2048 [ 45.829489][ T4476] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 45.855858][ T4476] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 45.911262][ T4476] EXT4-fs (loop3): Remounting filesystem read-only [ 45.918857][ T4476] EXT4-fs (loop3): error restoring inline_data for inode -- potential data loss! (inode 18, error -5) [ 45.948554][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.009687][ T4491] loop1: detected capacity change from 0 to 512 [ 46.037438][ T4491] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.376: bg 0: block 248: padding at end of block bitmap is not set [ 46.057433][ T4491] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.376: Failed to acquire dquot type 1 [ 46.069275][ T4491] EXT4-fs (loop1): 1 truncate cleaned up [ 46.075370][ T4491] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.088236][ T4491] ext4 filesystem being mounted at /69/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 46.109263][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.190296][ T4505] loop3: detected capacity change from 0 to 512 [ 46.219384][ T4505] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.262216][ T4457] syz.0.362 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 46.266810][ T4505] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 46.273161][ T4457] CPU: 1 UID: 0 PID: 4457 Comm: syz.0.362 Not tainted 6.12.0-rc6-syzkaller #0 [ 46.292476][ T4457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 46.302576][ T4457] Call Trace: [ 46.305864][ T4457] [ 46.308799][ T4457] dump_stack_lvl+0xf2/0x150 [ 46.313420][ T4457] dump_stack+0x15/0x20 [ 46.317587][ T4457] dump_header+0x83/0x2d0 [ 46.321944][ T4457] oom_kill_process+0x341/0x4c0 [ 46.326891][ T4457] out_of_memory+0x9af/0xbe0 [ 46.331517][ T4457] ? css_next_descendant_pre+0x11c/0x140 [ 46.337168][ T4457] mem_cgroup_out_of_memory+0x13e/0x190 [ 46.342831][ T4457] try_charge_memcg+0x51b/0x810 [ 46.347699][ T4457] charge_memcg+0x50/0xc0 [ 46.352130][ T4457] mem_cgroup_swapin_charge_folio+0xd0/0x150 [ 46.358146][ T4457] __read_swap_cache_async+0x236/0x480 [ 46.363871][ T4457] swap_cluster_readahead+0x276/0x3f0 [ 46.369333][ T4457] swapin_readahead+0xe4/0x6f0 [ 46.374199][ T4457] ? __filemap_get_folio+0x420/0x5b0 [ 46.379567][ T4457] ? swap_cache_get_folio+0x77/0x210 [ 46.384942][ T4457] do_swap_page+0x31e/0x2550 [ 46.389616][ T4457] ? cgroup_rstat_updated+0x99/0x550 [ 46.394920][ T4457] ? __rcu_read_lock+0x36/0x50 [ 46.399829][ T4457] ? __pfx_default_wake_function+0x10/0x10 [ 46.405709][ T4457] handle_mm_fault+0x8c5/0x2aa0 [ 46.410583][ T4457] exc_page_fault+0x3b9/0x650 [ 46.415282][ T4457] asm_exc_page_fault+0x26/0x30 [ 46.420231][ T4457] RIP: 0033:0x7f3d9edb1b2e [ 46.424650][ T4457] Code: 0c 85 c0 74 e7 48 89 df 48 81 c3 d8 00 00 00 e8 18 ed ff ff 48 39 dd 75 df 0f 1f 00 8b 05 66 5f 2e 00 85 c0 0f 8e 35 fd ff ff cd e3 fe ff 49 39 c4 73 a0 48 8d 1d 41 44 2e 00 83 3d 46 5f 2e [ 46.444322][ T4457] RSP: 002b:00007ffe55581d20 EFLAGS: 00010202 [ 46.450459][ T4457] RAX: 0000000000000001 RBX: 00007f3d9f097a80 RCX: 0000000000000000 [ 46.458440][ T4457] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555856d8808 [ 46.466416][ T4457] RBP: 00007f3d9f097a80 R08: 0000000000000000 R09: 7fffffffffffffff [ 46.474499][ T4457] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000b486 [ 46.482530][ T4457] R13: 00007ffe55581e20 R14: 0000000000000032 R15: ffffffffffffffff [ 46.490543][ T4457] [ 46.493800][ T4457] memory: usage 307200kB, limit 307200kB, failcnt 96 [ 46.501236][ T4457] memory+swap: usage 307772kB, limit 9007199254740988kB, failcnt 0 [ 46.509729][ T4457] kmem: usage 307100kB, limit 9007199254740988kB, failcnt 0 [ 46.517176][ T4457] Memory cgroup stats for /syz0: [ 46.540641][ T4457] cache 98304 [ 46.548989][ T4457] rss 0 [ 46.551848][ T4457] shmem 0 [ 46.554804][ T4457] mapped_file 98304 [ 46.558818][ T4457] dirty 98304 [ 46.562124][ T4457] writeback 0 [ 46.565548][ T4457] workingset_refault_anon 71 [ 46.570154][ T4457] workingset_refault_file 30 [ 46.574752][ T4457] swap 585728 [ 46.578166][ T4457] swapcached 4096 [ 46.581801][ T4457] pgpgin 8263 [ 46.585138][ T4457] pgpgout 8238 [ 46.588525][ T4457] pgfault 17145 [ 46.591984][ T4457] pgmajfault 49 [ 46.595550][ T4457] inactive_anon 0 [ 46.599235][ T4457] active_anon 4096 [ 46.603005][ T4457] inactive_file 0 [ 46.606694][ T4457] active_file 98304 [ 46.610700][ T4457] unevictable 0 [ 46.613895][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.614337][ T4457] hierarchical_memory_limit 314572800 [ 46.628645][ T4457] hierarchical_memsw_limit 9223372036854771712 [ 46.634892][ T4457] total_cache 98304 [ 46.638768][ T4457] total_rss 0 [ 46.642124][ T4457] total_shmem 0 [ 46.645635][ T4457] total_mapped_file 98304 [ 46.649978][ T4457] total_dirty 98304 [ 46.653849][ T4457] total_writeback 0 [ 46.657712][ T4457] total_workingset_refault_anon 71 [ 46.662831][ T4457] total_workingset_refault_file 30 [ 46.667961][ T4457] total_swap 585728 [ 46.671773][ T4457] total_swapcached 4096 [ 46.676043][ T4457] total_pgpgin 8263 [ 46.679857][ T4457] total_pgpgout 8238 [ 46.683774][ T4457] total_pgfault 17145 [ 46.687776][ T4457] total_pgmajfault 49 [ 46.691772][ T4457] total_inactive_anon 0 [ 46.695965][ T4457] total_active_anon 4096 [ 46.700279][ T4457] total_inactive_file 0 [ 46.704423][ T4457] total_active_file 98304 [ 46.708801][ T4457] total_unevictable 0 [ 46.712788][ T4457] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.362,pid=4457,uid=0 [ 46.727378][ T4457] Memory cgroup out of memory: Killed process 4457 (syz.0.362) total-vm:89168kB, anon-rss:612kB, file-rss:15808kB, shmem-rss:0kB, UID:0 pgtables:112kB oom_score_adj:1000 [ 46.844058][ T29] kauditd_printk_skb: 219 callbacks suppressed [ 46.844073][ T29] audit: type=1326 audit(1730742215.258:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.2.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 46.873707][ T29] audit: type=1326 audit(1730742215.258:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.2.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 46.907079][ T29] audit: type=1326 audit(1730742215.318:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.2.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 46.930428][ T29] audit: type=1326 audit(1730742215.318:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.2.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 46.953697][ T29] audit: type=1326 audit(1730742215.318:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.2.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 46.981473][ T4538] loop3: detected capacity change from 0 to 512 [ 46.990111][ T4538] EXT4-fs error (device loop3): ext4_get_branch:178: inode #13: block 1024: comm syz.3.396: invalid block [ 47.001775][ T4538] EXT4-fs (loop3): Remounting filesystem read-only [ 47.013975][ T29] audit: type=1326 audit(1730742215.398:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.2.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 47.037859][ T29] audit: type=1326 audit(1730742215.408:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.2.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 47.061572][ T29] audit: type=1326 audit(1730742215.408:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.2.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 47.084932][ T29] audit: type=1326 audit(1730742215.408:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.2.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 47.108342][ T29] audit: type=1326 audit(1730742215.408:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.2.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 47.131567][ T4538] EXT4-fs (loop3): 1 truncate cleaned up [ 47.131962][ T4538] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.153596][ T4538] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 47.163626][ T4538] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.239464][ T4480] Cannot find add_set index 0 as target [ 47.295008][ T4547] netlink: 'syz.1.399': attribute type 7 has an invalid length. [ 47.302779][ T4547] netlink: 'syz.1.399': attribute type 8 has an invalid length. [ 47.318801][ T4551] loop0: detected capacity change from 0 to 512 [ 47.329686][ T4551] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 47.373521][ T4551] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.401: bg 0: block 64: padding at end of block bitmap is not set [ 47.393649][ T4551] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.401: Failed to acquire dquot type 0 [ 47.406972][ T4551] EXT4-fs (loop0): 1 truncate cleaned up [ 47.421138][ T4551] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.462390][ T4570] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 47.480997][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.587622][ T4582] loop0: detected capacity change from 0 to 2048 [ 47.634604][ T4582] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.675865][ T4598] smc: net device bond0 applied user defined pnetid SYZ0 [ 47.693311][ T4598] smc: net device bond0 erased user defined pnetid SYZ0 [ 47.717539][ T4582] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none. [ 47.738683][ T4582] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 47.789885][ T4582] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 47.802251][ T4582] EXT4-fs (loop0): This should not happen!! Data will be lost [ 47.802251][ T4582] [ 47.812074][ T4582] EXT4-fs (loop0): Total free blocks count 0 [ 47.818198][ T4582] EXT4-fs (loop0): Free/Dirty block details [ 47.824258][ T4582] EXT4-fs (loop0): free_blocks=2415919104 [ 47.830130][ T4582] EXT4-fs (loop0): dirty_blocks=16 [ 47.835455][ T4582] EXT4-fs (loop0): Block reservation details [ 47.841450][ T4582] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 47.861901][ T4604] EXT4-fs: Ignoring removed orlov option [ 47.890154][ T4607] loop1: detected capacity change from 0 to 256 [ 47.896782][ T4609] random: crng reseeded on system resumption [ 47.914284][ T4607] FAT-fs (loop1): Directory bread(block 64) failed [ 47.921846][ T4607] FAT-fs (loop1): Directory bread(block 65) failed [ 47.929551][ T4607] FAT-fs (loop1): Directory bread(block 66) failed [ 47.938246][ T4607] FAT-fs (loop1): Directory bread(block 67) failed [ 47.944796][ T4607] FAT-fs (loop1): Directory bread(block 68) failed [ 47.952449][ T4607] FAT-fs (loop1): Directory bread(block 69) failed [ 47.959444][ T4607] FAT-fs (loop1): Directory bread(block 70) failed [ 47.967086][ T4607] FAT-fs (loop1): Directory bread(block 71) failed [ 47.975024][ T4607] FAT-fs (loop1): Directory bread(block 72) failed [ 47.981854][ T4607] FAT-fs (loop1): Directory bread(block 73) failed [ 48.002757][ T4607] syz.1.424: attempt to access beyond end of device [ 48.002757][ T4607] loop1: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 48.040513][ T4613] loop4: detected capacity change from 0 to 512 [ 48.045223][ T4607] syz.1.424: attempt to access beyond end of device [ 48.045223][ T4607] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 48.060796][ T4615] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 48.073614][ T4615] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 48.094112][ T4613] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.107922][ T4613] ext4 filesystem being mounted at /77/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 48.121140][ T4613] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #2: comm syz.4.428: corrupted inode contents [ 48.133781][ T4613] EXT4-fs error (device loop4): ext4_dirty_inode:5984: inode #2: comm syz.4.428: mark_inode_dirty error [ 48.145391][ T4613] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #2: comm syz.4.428: corrupted inode contents [ 48.157573][ T4613] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.428: mark_inode_dirty error [ 48.196578][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.678796][ T4659] loop0: detected capacity change from 0 to 512 [ 48.694775][ T4659] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 48.760178][ T4669] loop2: detected capacity change from 0 to 512 [ 48.799081][ T4669] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 48.814561][ T4665] loop3: detected capacity change from 0 to 256 [ 48.879072][ T4679] loop1: detected capacity change from 0 to 512 [ 48.887314][ T4669] EXT4-fs warning (device loop2): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 48.892253][ T4665] FAT-fs (loop3): Directory bread(block 64) failed [ 48.909313][ T4665] FAT-fs (loop3): Directory bread(block 65) failed [ 48.919981][ T4665] FAT-fs (loop3): Directory bread(block 66) failed [ 48.927823][ T4665] FAT-fs (loop3): Directory bread(block 67) failed [ 48.934714][ T4665] FAT-fs (loop3): Directory bread(block 68) failed [ 48.941363][ T4665] FAT-fs (loop3): Directory bread(block 69) failed [ 48.947962][ T4679] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 48.959997][ T4665] FAT-fs (loop3): Directory bread(block 70) failed [ 48.970910][ T4665] FAT-fs (loop3): Directory bread(block 71) failed [ 48.973751][ T3319] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 48.980417][ T4665] FAT-fs (loop3): Directory bread(block 72) failed [ 48.993074][ T4665] FAT-fs (loop3): Directory bread(block 73) failed [ 49.009441][ T4665] syz.3.451: attempt to access beyond end of device [ 49.009441][ T4665] loop3: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 49.025411][ T4665] syz.3.451: attempt to access beyond end of device [ 49.025411][ T4665] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 49.027972][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.046104][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.053767][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.059886][ T4692] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 49.061240][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.076391][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.083792][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.085047][ T4679] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.456: bg 0: block 248: padding at end of block bitmap is not set [ 49.091203][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.091232][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.107172][ T4679] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.456: Failed to acquire dquot type 1 [ 49.112787][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.121232][ T4679] EXT4-fs (loop1): 1 truncate cleaned up [ 49.131722][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.139378][ T4679] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.144610][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.152042][ T4679] ext4 filesystem being mounted at /91/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 49.164390][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.189537][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.197109][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.204781][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.212229][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.219728][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.227179][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.234575][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.242002][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.249430][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.256887][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.264296][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.271724][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.279163][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.286775][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.294171][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.301611][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.309137][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.316573][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.323971][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.331428][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.338875][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.346286][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.353675][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.361127][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.368562][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.375969][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.383378][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.390834][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.398277][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.405752][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.413229][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 49.423362][ T35] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz0] on syz0 [ 49.433806][ T4687] __nla_validate_parse: 12 callbacks suppressed [ 49.433825][ T4687] netlink: 87 bytes leftover after parsing attributes in process `syz.4.461'. [ 49.475514][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.486594][ T36] EXT4-fs error (device loop1): ext4_release_dquot:6902: comm kworker/u8:2: Failed to release dquot type 1 [ 49.656287][ C0] hrtimer: interrupt took 29911 ns [ 49.800846][ T4745] netlink: 'syz.1.485': attribute type 10 has an invalid length. [ 49.813616][ T4745] veth0_macvtap: left promiscuous mode [ 49.833588][ T4745] veth0_macvtap: entered promiscuous mode [ 49.842227][ T4745] team0: Device macvtap0 failed to register rx_handler [ 49.849508][ T4745] veth0_macvtap: left promiscuous mode [ 50.088337][ T4779] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 50.105879][ T4783] syz.2.504[4783] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.105950][ T4783] syz.2.504[4783] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.125065][ T4783] syz.2.504[4783] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.130018][ T4779] vhci_hcd: invalid port number 23 [ 50.308549][ T4803] loop0: detected capacity change from 0 to 2048 [ 50.353473][ T4803] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 50.431816][ T4803] EXT4-fs: Ignoring removed orlov option [ 50.442253][ T9] kernel write not supported for file /234/attr/current (pid: 9 comm: kworker/0:1) [ 50.462710][ T4803] EXT4-fs (loop0): can't enable nombcache during remount [ 50.521745][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.650911][ T4840] xt_hashlimit: max too large, truncated to 1048576 [ 50.658681][ T4840] Cannot find set identified by id 0 to match [ 50.766960][ T4848] loop1: detected capacity change from 0 to 8192 [ 50.775888][ T4848] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 50.960710][ T4869] loop1: detected capacity change from 0 to 128 [ 50.979887][ T4869] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 51.077354][ T4875] loop3: detected capacity change from 0 to 764 [ 51.161241][ T4889] loop3: detected capacity change from 0 to 2048 [ 51.188038][ T4888] loop1: detected capacity change from 0 to 8192 [ 51.210989][ T4893] loop4: detected capacity change from 0 to 512 [ 51.212910][ T4889] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.232778][ T4893] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.553: bg 0: block 35: padding at end of block bitmap is not set [ 51.257035][ T4888] loop1: p1 p2 p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 [ 51.257529][ T4888] loop1: p1 size 108986237 extends beyond EOD, truncated [ 51.359512][ T4893] EXT4-fs (loop4): Remounting filesystem read-only [ 51.359629][ T4888] loop1: p2 size 520093696 extends beyond EOD, truncated [ 51.366481][ T4893] EXT4-fs (loop4): 1 truncate cleaned up [ 51.380239][ T4888] loop1: p3 size 131072 extends beyond EOD, truncated [ 51.387490][ T4893] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.399992][ T4893] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 51.407087][ T4893] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.425401][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.436893][ T4888] loop1: p5 size 108986237 extends beyond EOD, truncated [ 51.450324][ T4888] loop1: p6 size 520093696 extends beyond EOD, truncated [ 51.461514][ T4898] bond0: entered promiscuous mode [ 51.464284][ T4896] syz.0.555 uses obsolete (PF_INET,SOCK_PACKET) [ 51.466673][ T4898] bond_slave_0: entered promiscuous mode [ 51.474342][ T4888] loop1: p7 size 108986237 extends beyond EOD, [ 51.478629][ T4898] bond_slave_1: entered promiscuous mode [ 51.490584][ T4888] truncated [ 51.504568][ T4888] loop1: p8 size 520093696 extends beyond EOD, truncated [ 51.525452][ T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 51.536281][ T4888] loop1: p9 size 108986237 extends beyond EOD, truncated [ 51.544154][ T3745] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 51.555235][ T4888] loop1: p10 size 520093696 extends beyond EOD, truncated [ 51.564543][ T4888] loop1: p11 size 108986237 extends beyond EOD, truncated [ 51.574992][ T4906] loop5: detected capacity change from 0 to 16384 [ 51.583331][ T4888] loop1: p12 size 520093696 extends beyond EOD, truncated [ 51.593731][ T4888] loop1: p13 size 108986237 extends beyond EOD, truncated [ 51.603717][ T4888] loop1: p14 size 520093696 extends beyond EOD, truncated [ 51.611608][ T4888] loop1: p15 size 108986237 extends beyond EOD, truncated [ 51.620771][ T4888] loop1: p16 size 520093696 extends beyond EOD, truncated [ 51.628574][ T4906] loop5: detected capacity change from 16384 to 16320 [ 51.628831][ T4888] loop1: p17 size 108986237 extends beyond EOD, truncated [ 51.647418][ T4888] loop1: p18 size 520093696 extends beyond EOD, truncated [ 51.660346][ T4888] loop1: p19 size 108986237 extends beyond EOD, truncated [ 51.671009][ T4888] loop1: p20 size 520093696 extends beyond EOD, truncated [ 51.682410][ T4888] loop1: p21 size 108986237 extends beyond EOD, truncated [ 51.701795][ T4888] loop1: p22 size 520093696 extends beyond EOD, truncated [ 51.711052][ T4888] loop1: p23 size 108986237 extends beyond EOD, truncated [ 51.734193][ T4888] loop1: p24 size 520093696 extends beyond EOD, truncated [ 51.742306][ T4888] loop1: p25 size 108986237 extends beyond EOD, truncated [ 51.762398][ T4888] loop1: p26 size 520093696 extends beyond EOD, truncated [ 51.774295][ T4888] loop1: p27 size 108986237 extends beyond EOD, truncated [ 51.784502][ T4888] loop1: p28 size 520093696 extends beyond EOD, truncated [ 51.801195][ T4888] loop1: p29 size 108986237 extends beyond EOD, truncated [ 51.823168][ T4888] loop1: p30 size 520093696 extends beyond EOD, truncated [ 51.852715][ T4888] loop1: p31 size 108986237 extends beyond EOD, truncated [ 51.880078][ T4888] loop1: p32 size 520093696 extends beyond EOD, truncated [ 51.887021][ T4940] IPVS: length: 196 != 8 [ 51.891782][ T4888] loop1: p33 size 108986237 extends beyond EOD, truncated [ 51.893256][ T29] kauditd_printk_skb: 247 callbacks suppressed [ 51.893272][ T29] audit: type=1400 audit(1730742220.308:890): avc: denied { create } for pid=4936 comm="syz.2.572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 51.901506][ T4940] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 51.925391][ T29] audit: type=1400 audit(1730742220.328:891): avc: denied { write } for pid=4936 comm="syz.2.572" path="socket:[8321]" dev="sockfs" ino=8321 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 51.932561][ T4940] IPv6: NLM_F_CREATE should be set when creating new route [ 51.942222][ T4888] loop1: p34 size 520093696 extends beyond EOD, [ 51.956553][ T29] audit: type=1400 audit(1730742220.328:892): avc: denied { nlmsg_read } for pid=4936 comm="syz.2.572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 51.963689][ T4888] truncated [ 51.997659][ T4888] loop1: p35 size 108986237 extends beyond EOD, truncated [ 52.011364][ T29] audit: type=1400 audit(1730742220.428:893): avc: denied { create } for pid=4942 comm="syz.4.577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 52.033345][ T29] audit: type=1400 audit(1730742220.438:894): avc: denied { write } for pid=4942 comm="syz.4.577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 52.056777][ T4888] loop1: p36 size 520093696 extends beyond EOD, truncated [ 52.067359][ T29] audit: type=1326 audit(1730742220.488:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4947 comm="syz.2.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 52.092743][ T4888] loop1: p37 size 108986237 extends beyond EOD, truncated [ 52.109670][ T29] audit: type=1326 audit(1730742220.488:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4947 comm="syz.2.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 52.133027][ T29] audit: type=1326 audit(1730742220.488:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4947 comm="syz.2.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 52.144699][ T4888] loop1: p38 size 520093696 extends beyond EOD, truncated [ 52.156497][ T29] audit: type=1326 audit(1730742220.508:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4947 comm="syz.2.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 52.187331][ T4888] loop1: p39 size 108986237 extends beyond EOD, truncated [ 52.201491][ T4888] loop1: p40 size 520093696 extends beyond EOD, truncated [ 52.216827][ T29] audit: type=1400 audit(1730742220.638:899): avc: denied { bind } for pid=4950 comm="syz.2.581" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 52.217657][ T4888] loop1: p41 size 108986237 extends beyond EOD, truncated [ 52.237266][ T4951] rdma_op ffff888127b60d80 conn xmit_rdma 0000000000000000 [ 52.245861][ T4888] loop1: p42 size 520093696 extends beyond EOD, truncated [ 52.260433][ T4888] loop1: p43 size 108986237 extends beyond EOD, truncated [ 52.260884][ T4956] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 52.279301][ T4888] loop1: p44 size 520093696 extends beyond EOD, truncated [ 52.291211][ T4888] loop1: p45 size 108986237 extends beyond EOD, truncated [ 52.299403][ T4888] loop1: p46 size 520093696 extends beyond EOD, truncated [ 52.318136][ T4888] loop1: p47 size 108986237 extends beyond EOD, truncated [ 52.332098][ T4962] syz.3.586[4962] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.332294][ T4962] syz.3.586[4962] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.344144][ T4888] loop1: p48 size 520093696 extends beyond EOD, truncated [ 52.363989][ T4962] syz.3.586[4962] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.368099][ T4888] loop1: p49 size 108986237 extends beyond EOD, truncated [ 52.386784][ T35] IPVS: starting estimator thread 0... [ 52.396206][ T4966] loop4: detected capacity change from 0 to 1024 [ 52.406869][ T4888] loop1: p50 size 520093696 extends beyond EOD, truncated [ 52.427438][ T4966] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.452388][ T4966] ext4 filesystem being mounted at /128/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 52.481471][ T4888] loop1: p51 size 108986237 extends beyond EOD, truncated [ 52.507094][ T4888] loop1: p52 size 520093696 extends beyond EOD, truncated [ 52.514386][ T4964] IPVS: using max 2304 ests per chain, 115200 per kthread [ 52.549982][ T4888] loop1: p53 size 108986237 extends beyond EOD, truncated [ 52.564420][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.566671][ T4985] loop2: detected capacity change from 0 to 128 [ 52.582366][ T4888] loop1: p54 size 520093696 extends beyond EOD, truncated [ 52.590790][ T4985] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 52.603315][ T4888] loop1: p55 size 108986237 extends beyond EOD, truncated [ 52.611792][ T4985] ext4 filesystem being mounted at /119/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 52.645596][ T4888] loop1: p56 size 520093696 extends beyond EOD, truncated [ 52.662949][ T4888] loop1: p57 size 108986237 extends beyond EOD, truncated [ 52.704574][ T35] hid-generic 0000:0000:0000.0003: item fetching failed at offset 0/1 [ 52.707586][ T4888] loop1: p58 size 520093696 extends beyond EOD, truncated [ 52.720553][ T35] hid-generic 0000:0000:0000.0003: probe with driver hid-generic failed with error -22 [ 52.720726][ T4888] loop1: p59 size 108986237 extends beyond EOD, truncated [ 52.736744][ T3319] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 52.748735][ T4888] loop1: p60 size 520093696 extends beyond EOD, truncated [ 52.785563][ T4888] loop1: p61 size 108986237 extends beyond EOD, truncated [ 52.819343][ T4888] loop1: p62 size 520093696 extends beyond EOD, truncated [ 52.839888][ T4888] loop1: p63 size 108986237 extends beyond EOD, truncated [ 52.863141][ T4888] loop1: p64 size 520093696 extends beyond EOD, truncated [ 52.871179][ T4888] loop1: p65 size 108986237 extends beyond EOD, truncated [ 52.879656][ T4888] loop1: p66 size 520093696 extends beyond EOD, truncated [ 52.888373][ T4888] loop1: p67 size 108986237 extends beyond EOD, truncated [ 52.902653][ T4888] loop1: p68 size 520093696 extends beyond EOD, truncated [ 52.916070][ T4888] loop1: p69 size 108986237 extends beyond EOD, truncated [ 52.932823][ T4888] loop1: p70 size 520093696 extends beyond EOD, truncated [ 52.941741][ T4888] loop1: p71 size 108986237 extends beyond EOD, truncated [ 52.951304][ T4888] loop1: p72 size 520093696 extends beyond EOD, truncated [ 52.962425][ T4888] loop1: p73 size 108986237 extends beyond EOD, truncated [ 52.970412][ T4888] loop1: p74 size 520093696 extends beyond EOD, truncated [ 52.980067][ T4888] loop1: p75 size 108986237 extends beyond EOD, truncated [ 53.007638][ T4888] loop1: p76 size 520093696 extends beyond EOD, truncated [ 53.017041][ T4888] loop1: p77 size 108986237 extends beyond EOD, truncated [ 53.024907][ T4888] loop1: p78 size 520093696 extends beyond EOD, truncated [ 53.032639][ T4888] loop1: p79 size 108986237 extends beyond EOD, truncated [ 53.042799][ T4888] loop1: p79 could not be added: -ENOMEM [ 53.048606][ T4888] loop1: p80 size 520093696 extends beyond EOD, truncated [ 53.059434][ T4888] loop1: p81 size 108986237 extends beyond EOD, truncated [ 53.068581][ T4888] loop1: p82 size 520093696 extends beyond EOD, truncated [ 53.078574][ T4888] loop1: p83 size 108986237 extends beyond EOD, truncated [ 53.086569][ T4888] loop1: p84 size 520093696 extends beyond EOD, truncated [ 53.094204][ T4888] loop1: p85 size 108986237 extends beyond EOD, truncated [ 53.103100][ T4888] loop1: p86 size 520093696 extends beyond EOD, truncated [ 53.117763][ T4888] loop1: p87 size 108986237 extends beyond EOD, truncated [ 53.127059][ T4888] loop1: p88 size 520093696 extends beyond EOD, truncated [ 53.142671][ T4888] loop1: p89 size 108986237 extends beyond EOD, truncated [ 53.150413][ T4888] loop1: p90 size 520093696 extends beyond EOD, truncated [ 53.158382][ T5031] netlink: 'syz.0.616': attribute type 10 has an invalid length. [ 53.164963][ T4888] loop1: p91 size 108986237 extends beyond EOD, truncated [ 53.175468][ T4888] loop1: p92 size 520093696 extends beyond EOD, truncated [ 53.176322][ T5031] team0: Device hsr_slave_0 failed to register rx_handler [ 53.183116][ T4888] loop1: p93 size 108986237 extends beyond EOD, truncated [ 53.197651][ T4888] loop1: p94 size 520093696 extends beyond EOD, truncated [ 53.213122][ T4888] loop1: p95 size 108986237 extends beyond EOD, truncated [ 53.229653][ T4888] loop1: p96 size 520093696 extends beyond EOD, truncated [ 53.245539][ T4888] loop1: p97 size 108986237 extends beyond EOD, truncated [ 53.255010][ T4888] loop1: p98 size 520093696 extends beyond EOD, truncated [ 53.262879][ T4888] loop1: p99 size 108986237 extends beyond EOD, truncated [ 53.273265][ T4888] loop1: p100 size 520093696 extends beyond EOD, truncated [ 53.282273][ T4888] loop1: p101 size 108986237 extends beyond EOD, truncated [ 53.282790][ T5039] loop0: detected capacity change from 0 to 164 [ 53.297756][ T5039] Unable to read rock-ridge attributes [ 53.301419][ T4888] loop1: p102 size 520093696 extends beyond EOD, truncated [ 53.303798][ T5039] Unable to read rock-ridge attributes [ 53.311585][ T4888] loop1: p103 size 108986237 extends beyond EOD, truncated [ 53.339704][ T4888] loop1: p104 size 520093696 extends beyond EOD, truncated [ 53.386492][ T4888] loop1: p105 size 108986237 extends beyond EOD, truncated [ 53.405765][ T4888] loop1: p106 size 520093696 extends beyond EOD, truncated [ 53.418180][ T4888] loop1: p107 size 108986237 extends beyond EOD, truncated [ 53.432507][ T4888] loop1: p108 size 520093696 extends beyond EOD, truncated [ 53.440762][ T4888] loop1: p109 size 108986237 extends beyond EOD, truncated [ 53.449149][ T4888] loop1: p110 size 520093696 extends beyond EOD, truncated [ 53.456994][ T4888] loop1: p111 size 108986237 extends beyond EOD, truncated [ 53.471203][ T4888] loop1: p112 size 520093696 extends beyond EOD, truncated [ 53.479675][ T4888] loop1: p113 size 108986237 extends beyond EOD, truncated [ 53.487908][ T4888] loop1: p114 size 520093696 extends beyond EOD, truncated [ 53.495963][ T4888] loop1: p115 size 108986237 extends beyond EOD, truncated [ 53.504179][ T4888] loop1: p116 size 520093696 extends beyond EOD, truncated [ 53.512319][ T4888] loop1: p117 size 108986237 extends beyond EOD, truncated [ 53.522772][ T4888] loop1: p118 size 520093696 extends beyond EOD, truncated [ 53.537422][ T4888] loop1: p119 size 108986237 extends beyond EOD, truncated [ 53.546070][ T4888] loop1: p120 size 520093696 extends beyond EOD, truncated [ 53.561907][ T4888] loop1: p121 size 108986237 extends beyond EOD, truncated [ 53.573638][ T5059] loop0: detected capacity change from 0 to 512 [ 53.581503][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 53.593329][ T5059] SELinux: security_context_str_to_sid (system_u) failed with errno=-22 [ 53.606704][ T4888] loop1: p122 size 520093696 extends beyond EOD, truncated [ 53.622365][ T4888] loop1: p123 size 108986237 extends beyond EOD, truncated [ 53.640113][ T5063] Zero length message leads to an empty skb [ 53.646411][ T4888] loop1: p124 size 520093696 extends beyond EOD, truncated [ 53.658474][ T4888] loop1: p125 size 108986237 extends beyond EOD, truncated [ 53.686370][ T4888] loop1: p126 size 520093696 extends beyond EOD, truncated [ 53.699141][ T4888] loop1: p127 size 108986237 extends beyond EOD, truncated [ 53.708221][ T4888] loop1: p128 size 520093696 extends beyond EOD, truncated [ 53.724318][ T5069] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 53.760363][ T4888] loop1: p129 size 108986237 extends beyond EOD, truncated [ 53.805343][ T4888] loop1: p130 size 520093696 extends beyond EOD, truncated [ 53.824360][ T4888] loop1: p131 size 108986237 extends beyond EOD, truncated [ 53.832537][ T4888] loop1: p132 size 520093696 extends beyond EOD, truncated [ 53.849655][ T4888] loop1: p133 size 108986237 extends beyond EOD, truncated [ 53.866582][ T4888] loop1: p134 size 520093696 extends beyond EOD, truncated [ 53.875952][ T4888] loop1: p135 size 108986237 extends beyond EOD, truncated [ 53.883366][ T5086] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5086 comm=syz.3.641 [ 53.896196][ T4888] loop1: p136 size 520093696 extends beyond EOD, truncated [ 53.896952][ T5090] 9pnet: p9_errstr2errno: server reported unknown error [ 53.912037][ T4888] loop1: p137 size 108986237 extends beyond EOD, truncated [ 53.925274][ T4888] loop1: p138 size 520093696 extends beyond EOD, truncated [ 53.937874][ T4888] loop1: p139 size 108986237 extends beyond EOD, truncated [ 53.952435][ T5094] serio: Serial port ptm0 [ 53.965548][ T4888] loop1: p140 size 520093696 extends beyond EOD, truncated [ 53.983979][ T4888] loop1: p141 size 108986237 extends beyond EOD, truncated [ 53.997455][ T4888] loop1: p142 size 520093696 extends beyond EOD, truncated [ 54.011745][ T4888] loop1: p143 size 108986237 extends beyond EOD, truncated [ 54.044879][ T4888] loop1: p144 size 520093696 extends beyond EOD, truncated [ 54.062180][ T4888] loop1: p145 size 108986237 extends beyond EOD, truncated [ 54.076106][ T4888] loop1: p146 size 520093696 extends beyond EOD, truncated [ 54.088490][ T4888] loop1: p147 size 108986237 extends beyond EOD, truncated [ 54.098815][ T4888] loop1: p148 size 520093696 extends beyond EOD, truncated [ 54.117235][ T4888] loop1: p149 size 108986237 extends beyond EOD, truncated [ 54.133487][ T4888] loop1: p150 size 520093696 extends beyond EOD, truncated [ 54.165430][ T5122] syz.4.659[5122] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 54.165507][ T5122] syz.4.659[5122] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 54.169048][ T4888] loop1: p151 size 108986237 extends beyond EOD, [ 54.182543][ T5122] syz.4.659[5122] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 54.188190][ T4888] truncated [ 54.214802][ T4888] loop1: p152 size 520093696 extends beyond EOD, truncated [ 54.223191][ T4888] loop1: p153 size 108986237 extends beyond EOD, truncated [ 54.231338][ T4888] loop1: p154 size 520093696 extends beyond EOD, truncated [ 54.239437][ T4888] loop1: p155 size 108986237 extends beyond EOD, truncated [ 54.259521][ T4888] loop1: p156 size 520093696 extends beyond EOD, truncated [ 54.261753][ T5122] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 ! [ 54.267819][ T4888] loop1: p157 size 108986237 extends beyond EOD, truncated [ 54.295377][ T4888] loop1: p158 size 520093696 extends beyond EOD, truncated [ 54.306706][ T4888] loop1: p159 size 108986237 extends beyond EOD, truncated [ 54.309994][ T5131] netlink: 40 bytes leftover after parsing attributes in process `syz.4.663'. [ 54.314643][ T4888] loop1: p160 size 520093696 extends beyond EOD, truncated [ 54.343105][ T4888] loop1: p161 size 108986237 extends beyond EOD, truncated [ 54.357783][ T4888] loop1: p162 size 520093696 extends beyond EOD, truncated [ 54.363860][ T5136] netlink: 'syz.2.666': attribute type 4 has an invalid length. [ 54.365292][ T5133] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 54.391890][ T5137] loop4: detected capacity change from 0 to 512 [ 54.393881][ T4888] loop1: p163 size 108986237 extends beyond EOD, truncated [ 54.408525][ T5137] SELinux: security_context_str_to_sid (system_u) failed with errno=-22 [ 54.413970][ T4888] loop1: p164 size 520093696 extends beyond EOD, truncated [ 54.424795][ T4888] loop1: p165 size 108986237 extends beyond EOD, truncated [ 54.438412][ T4888] loop1: p166 size 520093696 extends beyond EOD, truncated [ 54.443319][ T5141] netlink: 'syz.3.668': attribute type 10 has an invalid length. [ 54.455077][ T4888] loop1: p167 size 108986237 extends beyond EOD, truncated [ 54.470701][ T4888] loop1: p168 size 520093696 extends beyond EOD, truncated [ 54.483062][ T4888] loop1: p169 size 108986237 extends beyond EOD, truncated [ 54.487364][ T5141] dummy0: entered promiscuous mode [ 54.492045][ T4888] loop1: p170 size 520093696 extends beyond EOD, truncated [ 54.503894][ T5141] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 54.506731][ T4888] loop1: p171 size 108986237 extends beyond EOD, truncated [ 54.523613][ T4888] loop1: p172 size 520093696 extends beyond EOD, truncated [ 54.532140][ T4888] loop1: p173 size 108986237 extends beyond EOD, truncated [ 54.541401][ T4888] loop1: p174 size 520093696 extends beyond EOD, truncated [ 54.549729][ T4888] loop1: p175 size 108986237 extends beyond EOD, truncated [ 54.558256][ T4888] loop1: p176 size 520093696 extends beyond EOD, truncated [ 54.566515][ T4888] loop1: p177 size 108986237 extends beyond EOD, truncated [ 54.574557][ T4888] loop1: p178 size 520093696 extends beyond EOD, truncated [ 54.582752][ T4888] loop1: p179 size 108986237 extends beyond EOD, truncated [ 54.590649][ T4888] loop1: p180 size 520093696 extends beyond EOD, truncated [ 54.600822][ T4888] loop1: p181 size 108986237 extends beyond EOD, truncated [ 54.608956][ T4888] loop1: p182 size 520093696 extends beyond EOD, truncated [ 54.622282][ T4888] loop1: p183 size 108986237 extends beyond EOD, truncated [ 54.630763][ T4888] loop1: p184 size 520093696 extends beyond EOD, truncated [ 54.640814][ T4888] loop1: p185 size 108986237 extends beyond EOD, truncated [ 54.648910][ T4888] loop1: p186 size 520093696 extends beyond EOD, truncated [ 54.657221][ T4888] loop1: p187 size 108986237 extends beyond EOD, truncated [ 54.668584][ T4888] loop1: p188 size 520093696 extends beyond EOD, truncated [ 54.677072][ T4888] loop1: p189 size 108986237 extends beyond EOD, truncated [ 54.685322][ T4888] loop1: p190 size 520093696 extends beyond EOD, truncated [ 54.693504][ T4888] loop1: p191 size 108986237 extends beyond EOD, truncated [ 54.701984][ T4888] loop1: p192 size 520093696 extends beyond EOD, truncated [ 54.710108][ T4888] loop1: p193 size 108986237 extends beyond EOD, truncated [ 54.722864][ T4888] loop1: p194 size 520093696 extends beyond EOD, truncated [ 54.735674][ T4888] loop1: p195 size 108986237 extends beyond EOD, truncated [ 54.736620][ T4888] loop1: p196 size 520093696 extends beyond EOD, truncated [ 54.739314][ T4888] loop1: p197 size 108986237 extends beyond EOD, truncated [ 54.740393][ T4888] loop1: p198 size 520093696 extends beyond EOD, truncated [ 54.743054][ T4888] loop1: p199 size 108986237 extends beyond EOD, truncated [ 54.784737][ T4888] loop1: p200 size 520093696 extends beyond EOD, truncated [ 54.793231][ T4888] loop1: p201 size 108986237 extends beyond EOD, truncated [ 54.801929][ T4888] loop1: p202 size 520093696 extends beyond EOD, truncated [ 54.813322][ T4888] loop1: p203 size 108986237 extends beyond EOD, truncated [ 54.821202][ T4888] loop1: p204 size 520093696 extends beyond EOD, truncated [ 54.830247][ T4888] loop1: p205 size 108986237 extends beyond EOD, truncated [ 54.838189][ T4888] loop1: p206 size 520093696 extends beyond EOD, truncated [ 54.846736][ T4888] loop1: p207 size 108986237 extends beyond EOD, truncated [ 54.854742][ T4888] loop1: p208 size 520093696 extends beyond EOD, truncated [ 54.862495][ T4888] loop1: p209 size 108986237 extends beyond EOD, truncated [ 54.872158][ T4888] loop1: p210 size 520093696 extends beyond EOD, truncated [ 54.882509][ T4888] loop1: p211 size 108986237 extends beyond EOD, truncated [ 54.894056][ T4888] loop1: p212 size 520093696 extends beyond EOD, truncated [ 54.902045][ T4888] loop1: p213 size 108986237 extends beyond EOD, truncated [ 54.909934][ T4888] loop1: p214 size 520093696 extends beyond EOD, truncated [ 54.917871][ T4888] loop1: p215 size 108986237 extends beyond EOD, truncated [ 54.926922][ T4888] loop1: p216 size 520093696 extends beyond EOD, truncated [ 54.934734][ T4888] loop1: p217 size 108986237 extends beyond EOD, truncated [ 54.942851][ T4888] loop1: p218 size 520093696 extends beyond EOD, truncated [ 54.951177][ T4888] loop1: p219 size 108986237 extends beyond EOD, truncated [ 54.959067][ T4888] loop1: p220 size 520093696 extends beyond EOD, truncated [ 54.968811][ T4888] loop1: p221 size 108986237 extends beyond EOD, truncated [ 54.976862][ T4888] loop1: p222 size 520093696 extends beyond EOD, truncated [ 54.984783][ T4888] loop1: p223 size 108986237 extends beyond EOD, truncated [ 54.993330][ T4888] loop1: p224 size 520093696 extends beyond EOD, truncated [ 55.001203][ T4888] loop1: p225 size 108986237 extends beyond EOD, truncated [ 55.010809][ T4888] loop1: p226 size 520093696 extends beyond EOD, truncated [ 55.011380][ T4888] loop1: p227 size 108986237 extends beyond EOD, truncated [ 55.026608][ T4888] loop1: p228 size 520093696 extends beyond EOD, truncated [ 55.034499][ T4888] loop1: p229 size 108986237 extends beyond EOD, truncated [ 55.047289][ T4888] loop1: p230 size 520093696 extends beyond EOD, truncated [ 55.065349][ T4888] loop1: p231 size 108986237 extends beyond EOD, truncated [ 55.079423][ T4888] loop1: p232 size 520093696 extends beyond EOD, truncated [ 55.087712][ T4888] loop1: p233 size 108986237 extends beyond EOD, truncated [ 55.088456][ T4888] loop1: p234 size 520093696 extends beyond EOD, truncated [ 55.089271][ T4888] loop1: p235 size 108986237 extends beyond EOD, truncated [ 55.090152][ T4888] loop1: p236 size 520093696 extends beyond EOD, truncated [ 55.123670][ T4888] loop1: p237 size 108986237 extends beyond EOD, truncated [ 55.134189][ T4888] loop1: p238 size 520093696 extends beyond EOD, truncated [ 55.143981][ T4888] loop1: p239 size 108986237 extends beyond EOD, truncated [ 55.155144][ T4888] loop1: p240 size 520093696 extends beyond EOD, truncated [ 55.165387][ T4888] loop1: p241 size 108986237 extends beyond EOD, truncated [ 55.174071][ T4888] loop1: p242 size 520093696 extends beyond EOD, truncated [ 55.182509][ T4888] loop1: p243 size 108986237 extends beyond EOD, truncated [ 55.190935][ T4888] loop1: p244 size 520093696 extends beyond EOD, truncated [ 55.199093][ T4888] loop1: p245 size 108986237 extends beyond EOD, truncated [ 55.207965][ T4888] loop1: p246 size 520093696 extends beyond EOD, truncated [ 55.208637][ T4888] loop1: p247 size 108986237 extends beyond EOD, truncated [ 55.209314][ T4888] loop1: p248 size 520093696 extends beyond EOD, truncated [ 55.223972][ T4888] loop1: p249 size 108986237 extends beyond EOD, truncated [ 55.239056][ T4888] loop1: p250 size 520093696 extends beyond EOD, truncated [ 55.247777][ T4888] loop1: p251 size 108986237 extends beyond EOD, truncated [ 55.262950][ T4888] loop1: p252 size 520093696 extends beyond EOD, truncated [ 55.270987][ T4888] loop1: p253 size 108986237 extends beyond EOD, truncated [ 55.281790][ T4888] loop1: p254 size 520093696 extends beyond EOD, truncated [ 55.291708][ T4888] loop1: p255 size 108986237 extends beyond EOD, truncated [ 55.332771][ T3390] udevd[3390]: failed to send result of seq 8040 to main daemon: Connection refused [ 55.333504][ T3493] udevd[3493]: failed to send result of seq 8041 to main daemon: Transport endpoint is not connected [ 55.348391][ T4037] udevd[4037]: failed to send result of seq 8064 to main daemon: Transport endpoint is not connected [ 55.415510][ T5194] pim6reg: entered allmulticast mode [ 55.430083][ T5194] pim6reg: left allmulticast mode [ 55.571457][ T5215] loop1: detected capacity change from 0 to 512 [ 55.598649][ T5215] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.611286][ T5215] ext4 filesystem being mounted at /117/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 55.653409][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.740395][ T5240] loop1: detected capacity change from 0 to 512 [ 55.801273][ T5240] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 55.828041][ T5240] EXT4-fs (loop1): Errors on filesystem, clearing orphan list. [ 55.854164][ T5240] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.910400][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.023775][ T5274] syz.3.703[5274] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 56.079583][ T5281] netlink: 28 bytes leftover after parsing attributes in process `syz.3.705'. [ 56.400952][ T5304] loop0: detected capacity change from 0 to 1024 [ 56.421957][ T5304] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 56.440528][ T5304] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 56.495086][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.019012][ T5341] loop0: detected capacity change from 0 to 1024 [ 57.026474][ T5341] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 57.038047][ T5341] JBD2: no valid journal superblock found [ 57.043878][ T5341] EXT4-fs (loop0): Could not load journal inode [ 57.110910][ T29] kauditd_printk_skb: 148 callbacks suppressed [ 57.110925][ T29] audit: type=1400 audit(1730742225.528:1048): avc: denied { execute } for pid=5346 comm="syz.0.732" path=2F6D656D66643A59FFFF202864656C6574656429 dev="hugetlbfs" ino=8971 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 57.275778][ T5154] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 57.275828][ T5167] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 57.362480][ T5368] dvmrp1: entered allmulticast mode [ 57.371684][ T29] audit: type=1400 audit(1730742225.788:1049): avc: denied { cpu } for pid=5365 comm="syz.4.741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 57.372454][ T5368] dvmrp1: left allmulticast mode [ 57.401060][ T29] audit: type=1400 audit(1730742225.818:1050): avc: denied { read } for pid=5365 comm="syz.4.741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 57.445510][ T5373] loop4: detected capacity change from 0 to 128 [ 57.483300][ T5373] FAT-fs (loop4): Directory bread(block 32) failed [ 57.489505][ T29] audit: type=1400 audit(1730742225.888:1051): avc: denied { bind } for pid=5371 comm="syz.2.745" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 57.490482][ T5373] FAT-fs (loop4): Directory bread(block 33) failed [ 57.509999][ T29] audit: type=1400 audit(1730742225.888:1052): avc: denied { node_bind } for pid=5371 comm="syz.2.745" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 57.520969][ T5373] FAT-fs (loop4): Directory bread(block 34) failed [ 57.560178][ T29] audit: type=1326 audit(1730742225.968:1053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5379 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f99dda856e7 code=0x7ffc0000 [ 57.572505][ T5373] FAT-fs (loop4): Directory bread(block 35) failed [ 57.583602][ T29] audit: type=1326 audit(1730742225.968:1054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5379 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f99dda2a099 code=0x7ffc0000 [ 57.600925][ T5373] FAT-fs (loop4): Directory bread(block 36) failed [ 57.613521][ T29] audit: type=1326 audit(1730742225.968:1055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5379 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f99dda856e7 code=0x7ffc0000 [ 57.636560][ T5373] FAT-fs (loop4): Directory bread(block 37) failed [ 57.643520][ T29] audit: type=1326 audit(1730742225.968:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5379 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f99dda2a099 code=0x7ffc0000 [ 57.652160][ T5373] FAT-fs (loop4): Directory bread(block 38) failed [ 57.673389][ T29] audit: type=1326 audit(1730742225.968:1057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5379 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99dda8e719 code=0x7ffc0000 [ 57.681078][ T5373] FAT-fs (loop4): Directory bread(block 39) failed [ 57.724585][ T5373] FAT-fs (loop4): Directory bread(block 40) failed [ 57.738151][ T5373] FAT-fs (loop4): Directory bread(block 41) failed [ 57.756555][ T5385] syz.3.751[5385] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 57.880214][ T5395] loop3: detected capacity change from 0 to 2048 [ 57.899298][ T5373] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 57.907013][ T5373] FAT-fs (loop4): Filesystem has been set read-only [ 57.928816][ T5399] batadv0: entered promiscuous mode [ 57.982768][ T5405] loop4: detected capacity change from 0 to 512 [ 57.989689][ T5411] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5411 comm=syz.2.761 [ 58.002900][ T5411] netlink: 'syz.2.761': attribute type 1 has an invalid length. [ 58.011677][ T5395] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 58.020751][ T5411] 8021q: adding VLAN 0 to HW filter on device bond1 [ 58.039758][ T5405] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.053929][ T5405] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 58.076839][ T5411] bond1: (slave ip6gretap1): making interface the new active one [ 58.085465][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.096617][ T5411] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 58.103277][ T5420] loop1: detected capacity change from 0 to 1024 [ 58.107478][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.161956][ T5432] netlink: 196 bytes leftover after parsing attributes in process `\'. [ 58.172141][ T5420] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 58.233592][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.259062][ T5442] loop1: detected capacity change from 0 to 512 [ 58.276379][ T5442] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 58.303037][ T5442] EXT4-fs (loop1): 1 truncate cleaned up [ 58.311891][ T5453] ALSA: seq fatal error: cannot create timer (-22) [ 58.313178][ T5442] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.362199][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.432457][ T5467] loop2: detected capacity change from 0 to 1024 [ 58.440735][ T5467] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 58.455508][ T5472] loop0: detected capacity change from 0 to 512 [ 58.455563][ T5467] JBD2: no valid journal superblock found [ 58.467624][ T5467] EXT4-fs (loop2): Could not load journal inode [ 58.474216][ T5472] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 58.488743][ T5472] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 58.503600][ T5472] EXT4-fs (loop0): 1 truncate cleaned up [ 58.515682][ T5472] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.540515][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.556260][ T3395] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 58.606025][ T5490] loop2: detected capacity change from 0 to 512 [ 58.613821][ T5490] EXT4-fs (loop2): orphan cleanup on readonly fs [ 58.621926][ T5490] EXT4-fs warning (device loop2): ext4_enable_quotas:7097: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 58.637255][ T5490] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 58.644105][ T5490] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #13: comm syz.2.795: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 58.662245][ T5490] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.795: couldn't read orphan inode 13 (err -117) [ 58.674789][ T5490] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 58.690385][ T5490] EXT4-fs error (device loop2): ext4_lookup:1817: inode #2: comm syz.2.795: deleted inode referenced: 12 [ 58.709912][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.741414][ T5499] 9pnet: p9_errstr2errno: server reported unknown error @΂(QhQI [ 58.831841][ T5507] loop2: detected capacity change from 0 to 512 [ 58.840148][ T5507] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.802: corrupted in-inode xattr: invalid ea_ino [ 58.854064][ T5507] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.802: couldn't read orphan inode 15 (err -117) [ 58.925322][ C1] dccp_v4_rcv: dropped packet with invalid checksum [ 58.932519][ C1] dccp_v4_rcv: dropped packet with invalid checksum [ 58.939681][ C0] dccp_v4_rcv: dropped packet with invalid checksum [ 58.946603][ C0] dccp_v4_rcv: dropped packet with invalid checksum [ 58.953306][ C0] dccp_v4_rcv: dropped packet with invalid checksum [ 58.960132][ C0] dccp_v4_rcv: dropped packet with invalid checksum [ 58.966906][ C1] dccp_v4_rcv: dropped packet with invalid checksum [ 58.973926][ C1] dccp_v4_rcv: dropped packet with invalid checksum [ 58.981060][ C1] dccp_v4_rcv: dropped packet with invalid checksum [ 58.989323][ C1] dccp_v4_rcv: dropped packet with invalid checksum [ 59.041148][ T5525] netlink: 4 bytes leftover after parsing attributes in process `syz.0.808'. [ 59.084596][ T5532] loop2: detected capacity change from 0 to 512 [ 59.097161][ T5534] 9pnet: p9_errstr2errno: server reported unknown error [ 59.114202][ T5532] ext4 filesystem being mounted at /158/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 59.160473][ T5546] vlan4: entered promiscuous mode [ 59.165646][ T5546] vlan4: entered allmulticast mode [ 59.171406][ T5546] bridge0: port 3(vlan4) entered blocking state [ 59.177846][ T5546] bridge0: port 3(vlan4) entered disabled state [ 59.206639][ T3391] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 59.255887][ T5551] loop2: detected capacity change from 0 to 512 [ 59.274530][ T5553] smc: net device bond0 applied user defined pnetid SYZ0 [ 59.283109][ T5553] smc: net device bond0 erased user defined pnetid SYZ0 [ 59.294254][ T5551] ext4 filesystem being mounted at /160/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 59.335381][ T5561] netlink: 4 bytes leftover after parsing attributes in process `syz.3.824'. [ 59.373294][ T5568] loop3: detected capacity change from 0 to 512 [ 59.388863][ T5571] 9pnet: p9_errstr2errno: server reported unknown error [ 59.399731][ T5569] loop2: detected capacity change from 0 to 1024 [ 59.406725][ T5569] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 59.419429][ T5568] ext4 filesystem being mounted at /175/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 59.483965][ T5582] vlan2: entered promiscuous mode [ 59.489160][ T5582] vlan2: entered allmulticast mode [ 59.494715][ T5582] bridge0: port 3(vlan2) entered blocking state [ 59.501184][ T5582] bridge0: port 3(vlan2) entered disabled state [ 59.512219][ T5584] loop4: detected capacity change from 0 to 2048 [ 59.546335][ T5584] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 59.567674][ T5584] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 22 with error 28 [ 59.580133][ T5584] EXT4-fs (loop4): This should not happen!! Data will be lost [ 59.580133][ T5584] [ 59.589936][ T5584] EXT4-fs (loop4): Total free blocks count 0 [ 59.596124][ T5584] EXT4-fs (loop4): Free/Dirty block details [ 59.602169][ T5584] EXT4-fs (loop4): free_blocks=2415919104 [ 59.607947][ T5584] EXT4-fs (loop4): dirty_blocks=32 [ 59.613077][ T5584] EXT4-fs (loop4): Block reservation details [ 59.619197][ T5584] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 59.625845][ T5588] netlink: 'syz.2.834': attribute type 3 has an invalid length. [ 59.633600][ T5588] netlink: 'syz.2.834': attribute type 3 has an invalid length. [ 59.651402][ T5588] netlink: 16 bytes leftover after parsing attributes in process `syz.2.834'. [ 59.656231][ T164] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 59.672539][ T164] EXT4-fs (loop4): This should not happen!! Data will be lost [ 59.672539][ T164] [ 59.711097][ T5594] loop4: detected capacity change from 0 to 2048 [ 59.763946][ T5598] batman_adv: batadv0: Adding interface: macvtap1 [ 59.770550][ T5598] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.786016][ T5594] loop4: unable to read partition table [ 59.796052][ T5598] batman_adv: batadv0: Not using interface macvtap1 (retrying later): interface not active [ 59.804037][ T5594] loop4: partition table beyond EOD, truncated [ 59.818082][ T5594] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 59.841845][ T5607] loop1: detected capacity change from 0 to 512 [ 59.872698][ T5607] ext4 filesystem being mounted at /142/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 59.926898][ T5611] loop3: detected capacity change from 0 to 164 [ 59.938512][ T5611] syz.3.843: attempt to access beyond end of device [ 59.938512][ T5611] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 59.959098][ T5611] syz.3.843: attempt to access beyond end of device [ 59.959098][ T5611] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 59.960655][ T5617] 9pnet: p9_errstr2errno: server reported unknown error [ 60.123023][ T5647] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 60.144900][ T5647] batadv_slave_0: entered promiscuous mode [ 60.243003][ T5660] 9pnet: p9_errstr2errno: server reported unknown error [ 60.469816][ T5683] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 60.544900][ T5691] pim6reg1: entered promiscuous mode [ 60.550314][ T5691] pim6reg1: entered allmulticast mode [ 60.943633][ T5697] 9pnet: p9_errstr2errno: server reported unknown error [ 60.960059][ T5699] netlink: 'syz.1.884': attribute type 10 has an invalid length. [ 60.968525][ T5699] geneve1: entered promiscuous mode [ 60.986391][ T5699] bond0: (slave geneve1): Enslaving as an active interface with an up link [ 60.998256][ T5705] x_tables: unsorted underflow at hook 2 [ 61.068061][ T5715] loop3: detected capacity change from 0 to 512 [ 61.077566][ T5715] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.901: bg 0: block 393: padding at end of block bitmap is not set [ 61.092721][ T5715] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 61.102940][ T5715] EXT4-fs (loop3): 2 truncates cleaned up [ 61.144926][ T5723] netlink: 12 bytes leftover after parsing attributes in process `syz.4.893'. [ 61.185450][ T5727] loop1: detected capacity change from 0 to 1024 [ 61.192227][ T5727] EXT4-fs: Ignoring removed nobh option [ 61.197946][ T5727] EXT4-fs: Ignoring removed orlov option [ 61.209565][ T5727] ext4: Unknown parameter '0xffffffffffffffff184467440737095516151844674407370955161518446744073709551615' [ 61.240469][ T5738] tmpfs: Bad value for 'mpol' [ 61.307251][ T5753] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.909'. [ 61.344089][ T5760] syzkaller1: entered promiscuous mode [ 61.349662][ T5760] syzkaller1: entered allmulticast mode [ 61.412878][ T5763] ================================================================== [ 61.421017][ T5763] BUG: KCSAN: data-race in pcpu_alloc_noprof / pcpu_free_area [ 61.428525][ T5763] [ 61.430886][ T5763] read-write to 0xffffffff88be03ac of 4 bytes by task 5765 on cpu 1: [ 61.438978][ T5763] pcpu_free_area+0x4dc/0x570 [ 61.443678][ T5763] free_percpu+0x1c6/0xb30 [ 61.448124][ T5763] array_map_free+0x28b/0x300 [ 61.452845][ T5763] bpf_map_free+0x49/0x70 [ 61.457280][ T5763] map_create+0xb10/0xb70 [ 61.461706][ T5763] __sys_bpf+0x667/0x7a0 [ 61.465976][ T5763] __x64_sys_bpf+0x43/0x50 [ 61.470432][ T5763] x64_sys_call+0x2625/0x2d60 [ 61.475130][ T5763] do_syscall_64+0xc9/0x1c0 [ 61.479651][ T5763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.485567][ T5763] [ 61.487891][ T5763] read to 0xffffffff88be03ac of 4 bytes by task 5763 on cpu 0: [ 61.495454][ T5763] pcpu_alloc_noprof+0x9b6/0x10a0 [ 61.500518][ T5763] bpf_map_alloc_percpu+0xad/0x210 [ 61.505651][ T5763] prealloc_init+0x19f/0x470 [ 61.510256][ T5763] htab_map_alloc+0x630/0x8e0 [ 61.514954][ T5763] map_create+0x850/0xb70 [ 61.519293][ T5763] __sys_bpf+0x667/0x7a0 [ 61.523547][ T5763] __x64_sys_bpf+0x43/0x50 [ 61.527984][ T5763] x64_sys_call+0x2625/0x2d60 [ 61.532674][ T5763] do_syscall_64+0xc9/0x1c0 [ 61.537190][ T5763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.543194][ T5763] [ 61.545522][ T5763] value changed: 0x0000005e -> 0x00000072 [ 61.551242][ T5763] [ 61.553568][ T5763] Reported by Kernel Concurrency Sanitizer on: [ 61.559729][ T5763] CPU: 0 UID: 0 PID: 5763 Comm: syz.1.914 Not tainted 6.12.0-rc6-syzkaller #0 [ 61.568597][ T5763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 61.578690][ T5763] ================================================================== [ 62.396289][ T5259] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 63.036314][ T5259] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 68.155551][ T5259] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 68.795574][ T5259] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration