last executing test programs: 1.698980794s ago: executing program 0 (id=4194): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x400448e3, 0x0) r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) 1.673692264s ago: executing program 0 (id=4196): socket$inet6_sctp(0xa, 0x1, 0x84) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x2000081) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) munmap(&(0x7f0000001000/0x1000)=nil, 0x1000) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'}) 1.652072014s ago: executing program 0 (id=4197): symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f0000000180)='./file0\x00') r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18) r2 = memfd_create(&(0x7f0000001040)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1\x8c.?}jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2) write$binfmt_script(r2, &(0x7f0000000300)={'#! ', './file0'}, 0x17) execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) sendmsg$TIPC_NL_MON_PEER_GET(0xffffffffffffffff, 0x0, 0x0) 1.595216485s ago: executing program 0 (id=4199): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x4e) r2 = syz_io_uring_setup(0x10f, &(0x7f0000000700)={0x0, 0x1726f, 0x80, 0x2, 0xfffffffe}, &(0x7f0000000240)=0x0, &(0x7f0000000180)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f000001f500)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r1, 0x0, &(0x7f0000001c00)={0x0, 0x0, 0x0}, 0x0, 0x0, 0x1}) io_uring_enter(r2, 0x47f5, 0x6021, 0x0, 0x0, 0x0) connect$unix(r1, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e) 1.457807277s ago: executing program 0 (id=4214): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000300), 0x4) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x80d0}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) 853.707667ms ago: executing program 2 (id=4228): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18) r2 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000) r3 = fcntl$dupfd(r2, 0x0, r2) pwritev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0}) 853.215807ms ago: executing program 2 (id=4229): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) io_setup(0x6, &(0x7f0000001000)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil) 734.417439ms ago: executing program 0 (id=4230): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x701083, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000580)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000150600000fbf52ee4507000002000000250600000ee60000bf250000000000001f010000000000006507040002000000070700004c0000001f75000000000000bf540000000000000704000004000bffbd350100000000009500000000000000050000000000000095000000000000001f1bd1fe4b3af9c97925711095cc1a3a25b9418ffdc4a1da470a14e4391c3fb600100000a4911fe82664d775cdb9dfc83fa32db39b636c1866b526ffff00005172a74e9afe751664f580a6c5bccf1ef6583e0c1cd1f7fe416b5d6902e7db826e6dffda3aabdc5b5ce08ca4ee6035f1b7dc6b3b4672f7c22efa6d633473cd548789f8ab5a654106888aff6f3eb7e962160dac2c68c044584bb50e9c0952bab14c2c65176c7e40faaea21457d5f2d6f40c4d3390a1e14561cbf0a6ccd15f45c52753e24c6488b23ec9a3261c7706cecfc37b25b382c76631983e053efde84f80c5483d26bfaa66bf477cca77d399c76469551913f98a26fa0363ebb7f861a3d53d4dd6d91f7dcefb0748cd20346878bc0759851cd32ba781d6e62e8eee022be7fb6fff27871a5a7a723e5e330f454f0c568fbfc9b901bd6cc3af8355e5ecf3f74a472c7861beeeba7d5d25208a2e1d4c0b8e4f82ce05ffe1c69aaea312bbb3656c873b26161dccd130823e87d0b411e6fdb2cc4def13ecdf4217b647803c9dbaba0cd1036081842b7fc3a30759c24058ad22001bc2817d4604bc2d49bf41894e61356ddf6d394a397c67321a0dd4ac4082ee583de98e8a89535050054d40a4dbd809d0ce9c444286b5d5a51d933d35714d8ca7fb49b5329107825926fd5caaf4ddd1e81e616fc56e47d30e51cd558d630f665a88da23e96c45a0a4ccd554a92628336eb43de1022d60e5ffe41b6bef61ea28c5ea09a832f9f84b10aa4b6350930b11"], 0x0}, 0x94) close(r1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000009c0)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_devices(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef289a63"], 0xffdd) 421.767524ms ago: executing program 4 (id=4236): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$kcm(0x10, 0x2, 0x0) recvmsg(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f0000000600)=""/235, 0xeb}, {&(0x7f0000000540)=""/167, 0xa7}], 0x3}, 0x0) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="36400000260091"], 0xfe33) 412.708514ms ago: executing program 3 (id=4237): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000480)='mm_page_free\x00', r0, 0x0, 0x2}, 0x18) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1) write$tun(r1, &(0x7f0000000380)=ANY=[], 0xfdef) 343.369975ms ago: executing program 3 (id=4239): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20882, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, @perf_bp={0x0}, 0x0, 0xc8, 0x1, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x4, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x81, 0x81}, 0x48) write$cgroup_subtree(r3, &(0x7f0000000000), 0x15) 327.258725ms ago: executing program 2 (id=4249): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x10, 0x10, 0x0, 0x0, 0x0, 0x0, 0x14, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain) add_key$keyring(&(0x7f00000003c0), &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0, r2) 326.998775ms ago: executing program 3 (id=4250): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) sendmsg$NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f0000002300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x240088c0}, 0x54) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 307.621766ms ago: executing program 4 (id=4241): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x4e) r2 = syz_io_uring_setup(0x10f, &(0x7f0000000700)={0x0, 0x1726f, 0x80, 0x2, 0xfffffffe}, &(0x7f0000000240)=0x0, &(0x7f0000000180)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f000001f500)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r1, 0x0, &(0x7f0000001c00)={0x0, 0x0, 0x0}, 0x0, 0x0, 0x1}) io_uring_enter(r2, 0x47f5, 0x6021, 0x0, 0x0, 0x0) connect$unix(r1, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e) 307.012915ms ago: executing program 2 (id=4242): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="0900000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x8005) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000feffffff0000000000000000850000009b000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b706000000000000850000001700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r2, 0xfeff, 0xe, 0x0, &(0x7f00000002c0)="08800002d30a1d31677b2d0bfa91", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 278.766696ms ago: executing program 3 (id=4244): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10) syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) 220.986447ms ago: executing program 1 (id=4246): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000001c0)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xfffffffb}, 0x48, 0xffffffffffffffff) r3 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff) r4 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc2}, &(0x7f00000002c0)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd780bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138", 0x18}, 0x48, 0xfffffffffffffffe) keyctl$KEYCTL_MOVE(0x4, r4, r3, r3, 0x0) keyctl$KEYCTL_MOVE(0x4, r2, r2, 0x0, 0x0) 220.646436ms ago: executing program 1 (id=4247): r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmmsg(r0, 0x0, 0x0, 0x0) pipe(0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280), 0x20000, 0x0) 219.504497ms ago: executing program 3 (id=4248): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0500000004000000080000000a"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)='%-010d \x00'}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000006687000000000000000000850000007b00000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x43}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80) 207.922007ms ago: executing program 4 (id=4251): r0 = creat(&(0x7f0000000200)='./file1\x00', 0x2) close(r0) r1 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000780)={r2, &(0x7f0000000780), &(0x7f0000000280)=@tcp, 0x1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000001200), 0xa, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 191.636127ms ago: executing program 3 (id=4252): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) recvmmsg(r2, &(0x7f0000005380)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x10001, 0x0) syz_emit_ethernet(0x3a, &(0x7f0000001c00)={@local, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x2, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x18, 0x0, @wg=@data={0x4, 0x2007407, 0xfffffffffffffffd}}}}}}, 0x0) 187.927807ms ago: executing program 4 (id=4253): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r1}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r2, &(0x7f0000000180), 0x40010) 151.142988ms ago: executing program 4 (id=4254): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(r0, 0x1, 0x800000000f, &(0x7f0000000080)=0x7, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0xfffffffe, @empty, 0x7}, 0x1c) r2 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r2, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0258ff000000000000000058000b4824ca945f64009400ffc094010ebc000000000000008000f0fffeff0300000000fff5dd00000010000100090810000c00000000040000", 0x58}], 0x1) 150.039298ms ago: executing program 2 (id=4264): bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10) io_setup(0x3, &(0x7f0000000340)) 79.180519ms ago: executing program 4 (id=4255): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@nobarrier}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0) write(r2, &(0x7f00000001c0)="f14a18f6913026bbc8e195ec033d173c", 0x10) sendfile(r2, r0, 0x0, 0x40001) sendfile(r2, r1, 0x0, 0x7ffff000) 69.081659ms ago: executing program 1 (id=4256): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) r2 = socket(0x10, 0x3, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x8, &(0x7f0000000080)=[{0x0}], 0x1, 0x0, 0x0, 0x5}, 0x2004c000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4040095}, 0x8010) sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0) 55.231199ms ago: executing program 2 (id=4257): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)}, 0x12043) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00') socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'}) 46.38815ms ago: executing program 1 (id=4258): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x5, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_TDLS_MGMT(0xffffffffffffffff, 0x0, 0x4000000) syz_open_procfs(0x0, 0x0) setgid(0x0) 19.69589ms ago: executing program 1 (id=4259): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1809000000000000000000000001000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)=r1}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r0, &(0x7f0000000780)}, 0x20) 0s ago: executing program 1 (id=4260): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r1, 0x0, 0x2000}, 0x18) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c) ioctl$sock_TIOCOUTQ(r2, 0x5411, 0x0) kernel console output (not intermixed with test programs): 244988][ T8050] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 76.253254][ T8050] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 76.276906][ T8050] netdevsim netdevsim2 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 76.285396][ T8050] netdevsim netdevsim2 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 76.293827][ T8050] netdevsim netdevsim2 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 76.302215][ T8050] netdevsim netdevsim2 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 76.317672][ T8058] netlink: 'syz.4.1669': attribute type 5 has an invalid length. [ 76.360415][ T8064] loop4: detected capacity change from 0 to 2048 [ 76.381239][ T8064] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.397803][ T8072] loop0: detected capacity change from 0 to 512 [ 76.419920][ T8072] EXT4-fs: Ignoring removed bh option [ 76.450071][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.484900][ T8072] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 76.494141][ T8072] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 76.504117][ T8072] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 76.515703][ T8072] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 76.526305][ T8072] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.708419][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.758725][ T8089] IPVS: Error connecting to the multicast addr [ 76.836284][ T8093] loop1: detected capacity change from 0 to 1024 [ 76.877450][ T8093] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.898779][ T8093] ext4 filesystem being mounted at /349/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 76.924526][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.484154][ T8111] netlink: 'syz.1.1691': attribute type 12 has an invalid length. [ 77.797220][ T8146] netem: change failed [ 77.894033][ T8158] loop1: detected capacity change from 0 to 512 [ 77.906123][ T8158] EXT4-fs (loop1): orphan cleanup on readonly fs [ 77.917433][ T8158] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1712: bg 0: block 248: padding at end of block bitmap is not set [ 77.939651][ T8158] __quota_error: 252 callbacks suppressed [ 77.939738][ T8158] Quota error (device loop1): write_blk: dquota write failed [ 77.953208][ T8158] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 77.963171][ T8158] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1712: Failed to acquire dquot type 1 [ 77.974968][ T8158] EXT4-fs (loop1): 1 truncate cleaned up [ 77.981215][ T8158] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 77.993236][ T29] audit: type=1400 audit(1753506603.449:10259): avc: denied { write } for pid=8143 comm="syz.2.1706" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 78.013138][ T8158] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 78.049172][ T8158] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 78.057856][ T8165] Quota error (device loop1): do_check_range: Getting block 1536 out of range 0-5 [ 78.083688][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.164584][ T29] audit: type=1400 audit(1753506603.639:10260): avc: denied { getopt } for pid=8168 comm="syz.2.1715" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 78.230630][ T29] audit: type=1400 audit(1753506603.699:10261): avc: granted { setsecparam } for pid=8170 comm="syz.1.1714" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security [ 78.262364][ T8175] ip6gre1: entered promiscuous mode [ 78.267736][ T8175] ip6gre1: entered allmulticast mode [ 78.378971][ T8181] ref_ctr increment failed for inode: 0x78f offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff88811a99c200 [ 78.427747][ T8180] uprobe: syz.2.1719:8180 failed to unregister, leaking uprobe [ 78.468439][ T8183] __nla_validate_parse: 3 callbacks suppressed [ 78.468454][ T8183] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1720'. [ 78.544414][ T8183] erspan0: entered promiscuous mode [ 78.565967][ T8183] macvtap0: entered promiscuous mode [ 78.571546][ T8183] macvtap0: entered allmulticast mode [ 78.576987][ T8183] erspan0: entered allmulticast mode [ 78.665457][ T29] audit: type=1400 audit(1753506604.139:10262): avc: denied { bind } for pid=8190 comm="syz.2.1723" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 78.798887][ T29] audit: type=1400 audit(1753506604.259:10263): avc: denied { setopt } for pid=8196 comm="syz.2.1727" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 79.012727][ T3413] kernel write not supported for file bpf-prog (pid: 3413 comm: kworker/0:3) [ 79.073039][ T29] audit: type=1400 audit(1753506604.539:10264): avc: denied { create } for pid=8212 comm="syz.2.1735" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 79.115782][ T29] audit: type=1400 audit(1753506604.539:10265): avc: denied { connect } for pid=8212 comm="syz.2.1735" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 79.165817][ T8219] SELinux: failed to load policy [ 79.225877][ T8225] loop0: detected capacity change from 0 to 1024 [ 79.255826][ T8225] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.273352][ T8225] ext4 filesystem being mounted at /272/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.318729][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.365881][ T8247] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1749'. [ 79.401511][ T8247] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1749'. [ 79.467088][ T8233] netlink: 'syz.3.1744': attribute type 10 has an invalid length. [ 79.477822][ T8233] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.487679][ T8233] bond0: (slave team0): Enslaving as an active interface with an up link [ 79.537373][ T8260] vhci_hcd: invalid port number 176 [ 79.748620][ T8280] netlink: 'syz.0.1764': attribute type 6 has an invalid length. [ 79.987166][ T8320] netlink: 'syz.1.1781': attribute type 3 has an invalid length. [ 80.021320][ T8328] netlink: 'syz.1.1785': attribute type 1 has an invalid length. [ 80.029156][ T8328] netlink: 'syz.1.1785': attribute type 4 has an invalid length. [ 80.037517][ T8328] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.1785'. [ 80.548267][ T8378] loop0: detected capacity change from 0 to 512 [ 80.567094][ T8378] EXT4-fs (loop0): orphan cleanup on readonly fs [ 80.576551][ T8378] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1808: Failed to acquire dquot type 1 [ 80.598435][ T8378] EXT4-fs (loop0): 1 truncate cleaned up [ 80.607592][ T8378] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 80.628341][ T8389] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1813'. [ 80.691629][ T8394] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1814'. [ 80.840498][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.911447][ T8411] netlink: 264 bytes leftover after parsing attributes in process `syz.2.1821'. [ 80.920689][ T8411] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1821'. [ 81.041155][ T8421] loop1: detected capacity change from 0 to 512 [ 81.690329][ T8481] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8481 comm=syz.3.1851 [ 81.703073][ T8481] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=8481 comm=syz.3.1851 [ 81.848216][ T8495] loop1: detected capacity change from 0 to 512 [ 81.874964][ T8495] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.888814][ T8495] ext4 filesystem being mounted at /393/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.919763][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.027072][ T8512] loop4: detected capacity change from 0 to 512 [ 82.180162][ T8531] loop1: detected capacity change from 0 to 4096 [ 82.210277][ T8531] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.418694][ C1] sd 0:0:1:0: [sda] tag#5979 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 82.429113][ C1] sd 0:0:1:0: [sda] tag#5979 CDB: Read(6) 08 00 00 00 00 00 [ 82.476471][ T8561] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 82.502223][ T8564] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1884'. [ 82.511326][ T8564] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1884'. [ 82.582406][ T8564] netlink: 'syz.2.1884': attribute type 6 has an invalid length. [ 82.619508][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.764649][ T8587] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=8587 comm=syz.2.1893 [ 83.210818][ T29] kauditd_printk_skb: 106 callbacks suppressed [ 83.210833][ T29] audit: type=1400 audit(1753506608.679:10370): avc: denied { write } for pid=8643 comm="syz.1.1908" name="sockstat" dev="proc" ino=4026532504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 83.330581][ T8667] netlink: 'syz.1.1914': attribute type 2 has an invalid length. [ 83.339046][ T8667] netlink: 'syz.1.1914': attribute type 1 has an invalid length. [ 83.346907][ T8667] netlink: 'syz.1.1914': attribute type 2 has an invalid length. [ 83.381588][ T8678] pim6reg: entered allmulticast mode [ 83.388887][ T8678] pim6reg: left allmulticast mode [ 83.568246][ T29] audit: type=1400 audit(1753506609.039:10371): avc: denied { connect } for pid=8717 comm="syz.3.1921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 83.590123][ T29] audit: type=1400 audit(1753506609.039:10372): avc: denied { bind } for pid=8717 comm="syz.3.1921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 83.798428][ T29] audit: type=1326 audit(1753506609.269:10373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8758 comm="syz.3.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 83.822634][ T29] audit: type=1326 audit(1753506609.269:10374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8758 comm="syz.3.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 83.846355][ T29] audit: type=1326 audit(1753506609.269:10375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8758 comm="syz.3.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 83.870551][ T29] audit: type=1326 audit(1753506609.269:10376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8758 comm="syz.3.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 83.895101][ T29] audit: type=1326 audit(1753506609.269:10377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8758 comm="syz.3.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 83.931628][ T29] audit: type=1400 audit(1753506609.399:10378): avc: denied { sqpoll } for pid=8768 comm="syz.3.1933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 83.978204][ T8776] loop0: detected capacity change from 0 to 128 [ 83.991697][ T8776] SELinux: security_context_str_to_sid (s\^(m`dR%]v;hfePiz׺+8x։?=MSg%אVDXڶ}Y_gWT~Lf00000000000000000000000Bx3!/ھ5;Y$]V1{ȉj+4bR}$PZh [ 83.991697][ T8776] ~~= Tݦ҃IUJ3bfAc@ u+INTT[M|zk@IQ1>dS IN'=Y^_G^1M@`aȥqxY_u\ [ 83.991697][ T8776]  [ 83.991697][ T8776] yҟvyhB/ P^i/ފ [ 83.991697][ T8776] Dlڰ{8AOIA:?v0'!ӜB8kp٫] ^6H76$+NJU#/Jm]UGꦴwM`Z^J*PqUdP}K5\a44 f9ݳ ~-V) failed with errno=-22 [ 84.279593][ T29] audit: type=1326 audit(1753506609.749:10379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8805 comm="syz.0.1941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1a50125967 code=0x7ffc0000 [ 84.398741][ T8815] __nla_validate_parse: 4 callbacks suppressed [ 84.398757][ T8815] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1943'. [ 84.603399][ T10] kernel write not supported for file /694/attr/exec (pid: 10 comm: kworker/0:1) [ 84.635830][ T8834] netlink: 'syz.0.1951': attribute type 1 has an invalid length. [ 84.650283][ T8834] 8021q: adding VLAN 0 to HW filter on device bond1 [ 84.682644][ T8840] netlink: 'syz.0.1953': attribute type 21 has an invalid length. [ 84.692396][ T8840] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1953'. [ 84.802323][ T8845] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1955'. [ 84.887433][ T8862] 9pnet_fd: Insufficient options for proto=fd [ 84.905211][ T8864] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1963'. [ 84.922528][ T8866] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1964'. [ 84.967370][ T8874] hub 9-0:1.0: USB hub found [ 84.972135][ T8874] hub 9-0:1.0: 8 ports detected [ 85.009012][ T8876] xt_CT: No such helper "pptp" [ 85.105475][ T8888] netlink: 'syz.0.1972': attribute type 2 has an invalid length. [ 85.113894][ T8888] netlink: 'syz.0.1972': attribute type 1 has an invalid length. [ 85.121865][ T8888] netlink: 'syz.0.1972': attribute type 2 has an invalid length. [ 85.624083][ T8935] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 85.635189][ T8932] IPVS: stopping master sync thread 8935 ... [ 85.696525][ T8939] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1997'. [ 85.724392][ T8939] 0{X: entered promiscuous mode [ 85.729731][ T8939] 0{X: left allmulticast mode [ 85.748316][ T8942] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1997'. [ 85.811137][ T8942] 1{X: renamed from 30{X [ 85.834109][ T8942] 1{X: left promiscuous mode [ 85.839198][ T8942] 1{X: entered allmulticast mode [ 85.846824][ T8942] A link change request failed with some changes committed already. Interface 31{X may have been left with an inconsistent configuration, please check. [ 85.862824][ T8950] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1995'. [ 85.865192][ T8948] loop4: detected capacity change from 0 to 4096 [ 85.871798][ T8950] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1995'. [ 85.887314][ T8950] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1995'. [ 85.896475][ T8950] netlink: 'syz.3.1995': attribute type 6 has an invalid length. [ 85.912897][ T8948] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.028103][ T8966] xt_connbytes: Forcing CT accounting to be enabled [ 86.042550][ T8966] Cannot find set identified by id 0 to match [ 86.278735][ T8976] loop1: detected capacity change from 0 to 128 [ 86.286627][ T8976] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum. Run e2fsck? [ 86.310356][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.582375][ T9022] bridge_slave_1: left allmulticast mode [ 86.588242][ T9022] bridge_slave_1: left promiscuous mode [ 86.594023][ T9022] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.601872][ T9022] : left allmulticast mode [ 86.606709][ T9022] : left promiscuous mode [ 86.611625][ T9022] bridge0: port 1() entered disabled state [ 86.753427][ T9032] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=9032 comm=syz.0.2033 [ 86.965385][ T9049] atomic_op ffff888139ca8528 conn xmit_atomic 0000000000000000 [ 87.088492][ T9064] 0XD: entered promiscuous mode [ 87.094489][ T9064] 0XD: left allmulticast mode [ 87.132412][ T9064] 0{X: renamed from 30XD [ 87.149931][ T9064] 0{X: left promiscuous mode [ 87.155799][ T9064] 0{X: entered allmulticast mode [ 87.167146][ T9064] A link change request failed with some changes committed already. Interface 30{X may have been left with an inconsistent configuration, please check. [ 87.257576][ T9079] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=9079 comm=syz.3.2054 [ 87.500390][ T9104] bridge_slave_1: left allmulticast mode [ 87.506369][ T9104] bridge_slave_1: left promiscuous mode [ 87.512208][ T9104] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.522108][ T9104] bridge_slave_0: left allmulticast mode [ 87.527925][ T9104] bridge_slave_0: left promiscuous mode [ 87.533694][ T9104] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.627981][ T9114] SELinux: failed to load policy [ 87.829272][ T9154] loop4: detected capacity change from 0 to 8192 [ 87.896895][ T9169] validate_nla: 1 callbacks suppressed [ 87.896911][ T9169] netlink: 'syz.3.2097': attribute type 10 has an invalid length. [ 88.035586][ T9188] loop4: detected capacity change from 0 to 164 [ 88.052192][ T9188] rock: directory entry would overflow storage [ 88.058538][ T9188] rock: sig=0x4f50, size=4, remaining=3 [ 88.064132][ T9188] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 88.258418][ T29] kauditd_printk_skb: 151 callbacks suppressed [ 88.258431][ T29] audit: type=1326 audit(1753506613.729:10531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9207 comm="syz.3.2113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 88.289122][ T29] audit: type=1326 audit(1753506613.729:10532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9207 comm="syz.3.2113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 88.313389][ T29] audit: type=1326 audit(1753506613.729:10533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9207 comm="syz.3.2113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 88.336966][ T29] audit: type=1326 audit(1753506613.729:10534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9207 comm="syz.3.2113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 88.360483][ T29] audit: type=1326 audit(1753506613.739:10535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9207 comm="syz.3.2113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 88.403042][ T29] audit: type=1326 audit(1753506613.869:10536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9213 comm="syz.3.2116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 88.426802][ T29] audit: type=1326 audit(1753506613.869:10537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9213 comm="syz.3.2116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 88.450968][ T29] audit: type=1326 audit(1753506613.879:10538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9213 comm="syz.3.2116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 88.474897][ T29] audit: type=1326 audit(1753506613.879:10539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9213 comm="syz.3.2116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 88.498899][ T29] audit: type=1326 audit(1753506613.879:10540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9213 comm="syz.3.2116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 88.826312][ T9232] unsupported nla_type 52263 [ 88.921845][ T9250] futex_wake_op: syz.2.2132 tries to shift op by -1; fix this program [ 88.963111][ T9261] netlink: 'syz.0.2136': attribute type 3 has an invalid length. [ 89.020961][ T9272] loop0: detected capacity change from 0 to 1024 [ 89.034552][ T9272] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.054609][ T9272] ext4 filesystem being mounted at /341/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.095467][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.195943][ T9297] netlink: 'syz.0.2146': attribute type 1 has an invalid length. [ 89.233645][ T9297] 8021q: adding VLAN 0 to HW filter on device bond2 [ 89.283999][ T9297] bond2 (unregistering): Released all slaves [ 89.407917][ T9327] loop4: detected capacity change from 0 to 512 [ 89.442197][ T9327] loop4: detected capacity change from 0 to 4096 [ 89.454488][ T9327] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.468468][ T9327] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 89.477007][ T9327] EXT4-fs (loop4): stripe (248) is not aligned with cluster size (16), stripe is disabled [ 89.488103][ T9327] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 89.507234][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.747506][ T9371] loop0: detected capacity change from 0 to 512 [ 89.774476][ T9371] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 89.805017][ T9371] EXT4-fs (loop0): failed to initialize system zone (-117) [ 89.819744][ T9371] EXT4-fs (loop0): mount failed [ 89.871238][ T9376] loop4: detected capacity change from 0 to 1024 [ 89.880821][ T9376] EXT4-fs: Ignoring removed orlov option [ 89.889418][ T9376] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 89.936508][ T9376] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.976304][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.069611][ T9411] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=9411 comm=syz.4.2200 [ 90.082184][ T9411] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=9411 comm=syz.4.2200 [ 90.194509][ T9427] wg2: entered promiscuous mode [ 90.199419][ T9427] wg2: entered allmulticast mode [ 90.382670][ T9459] x_tables: duplicate underflow at hook 3 [ 90.437468][ T9465] netlink: 'syz.3.2225': attribute type 1 has an invalid length. [ 90.451264][ T9465] 8021q: adding VLAN 0 to HW filter on device bond1 [ 90.466142][ T9465] __nla_validate_parse: 13 callbacks suppressed [ 90.466179][ T9465] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2225'. [ 90.489436][ T9465] bond1 (unregistering): Released all slaves [ 90.567302][ T9477] 9pnet: p9_errstr2errno: server reported unknown error pA; [ 90.599957][ T9480] loop0: detected capacity change from 0 to 1024 [ 90.616236][ T9480] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.628401][ T9480] ext4 filesystem being mounted at /362/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.665060][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.702638][ T9497] futex_wake_op: syz.3.2236 tries to shift op by -1; fix this program [ 90.769086][ T9510] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2242'. [ 90.778230][ T9510] netem: unknown loss type 0 [ 90.782868][ T9510] netem: change failed [ 90.928012][ T9540] netlink: 'syz.1.2253': attribute type 3 has an invalid length. [ 90.971067][ T9552] loop4: detected capacity change from 0 to 512 [ 90.988459][ T9552] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #3: comm syz.4.2259: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0) [ 90.996985][ T9558] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2262'. [ 91.008462][ T9552] EXT4-fs error (device loop4): ext4_quota_enable:7127: comm syz.4.2259: Bad quota inode: 3, type: 0 [ 91.028918][ T9552] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 91.044535][ T9552] EXT4-fs (loop4): mount failed [ 91.281955][ T9591] netlink: 'syz.4.2276': attribute type 10 has an invalid length. [ 91.290718][ T9591] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2276'. [ 91.317464][ T9600] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2278'. [ 91.396400][ T9617] netlink: 566 bytes leftover after parsing attributes in process `syz.1.2286'. [ 91.507652][ T9641] netlink: 'syz.2.2297': attribute type 1 has an invalid length. [ 91.515652][ T9641] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.2297'. [ 91.621567][ T9648] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2300'. [ 91.791509][ T9678] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2314'. [ 91.866936][ T9688] loop0: detected capacity change from 0 to 128 [ 91.910091][ T9688] bio_check_eod: 24742 callbacks suppressed [ 91.910108][ T9688] syz.0.2318: attempt to access beyond end of device [ 91.910108][ T9688] loop0: rw=0, sector=121, nr_sectors = 120 limit=128 [ 91.946163][ T5250] kworker/u8:50: attempt to access beyond end of device [ 91.946163][ T5250] loop0: rw=1, sector=241, nr_sectors = 800 limit=128 [ 92.017406][ T9703] program syz.0.2324 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 92.103331][ T9709] loop0: detected capacity change from 0 to 128 [ 92.141109][ T9709] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 92.153605][ T9709] ext4 filesystem being mounted at /374/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 92.189344][ T3310] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 92.391602][ T9733] loop1: detected capacity change from 0 to 128 [ 92.464919][ T9733] syz.1.2337: attempt to access beyond end of device [ 92.464919][ T9733] loop1: rw=0, sector=121, nr_sectors = 920 limit=128 [ 92.471782][ T9735] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2338'. [ 92.487943][ T9735] netlink: 'syz.2.2338': attribute type 15 has an invalid length. [ 92.504731][ T9735] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 92.513032][ T9735] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 92.521905][ T9735] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 92.530104][ T9735] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 92.540479][ T9735] netlink: 'syz.2.2338': attribute type 15 has an invalid length. [ 92.721968][ T9755] hub 6-0:1.0: USB hub found [ 92.735391][ T9755] hub 6-0:1.0: 8 ports detected [ 92.846484][ T9778] loop1: detected capacity change from 0 to 1024 [ 92.854707][ T9778] EXT4-fs: Ignoring removed orlov option [ 92.861037][ T9778] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 92.885439][ T9778] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 92.902749][ T9788] IPVS: Unknown mcast interface: vcan0 [ 92.930542][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.962929][ T9804] tipc: Failed to remove unknown binding: 66,1,1/0:2814127503/2814127505 [ 92.972078][ T9804] tipc: Failed to remove unknown binding: 66,1,1/0:2814127503/2814127505 [ 93.284282][ T29] kauditd_printk_skb: 225 callbacks suppressed [ 93.284296][ T29] audit: type=1326 audit(1753506618.759:10766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9874 comm="syz.0.2383" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a5012e9a9 code=0x0 [ 93.372717][ T9886] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.392846][ T9886] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 93.470739][ T29] audit: type=1400 audit(1753506618.939:10767): avc: denied { watch_reads } for pid=9897 comm="syz.3.2387" path="/559/file1" dev="tmpfs" ino=2891 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 93.579310][ T9912] netlink: 'syz.3.2389': attribute type 1 has an invalid length. [ 93.595557][ T29] audit: type=1400 audit(1753506619.069:10768): avc: denied { create } for pid=9915 comm="syz.4.2391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 93.629534][ T29] audit: type=1400 audit(1753506619.089:10769): avc: denied { bind } for pid=9915 comm="syz.4.2391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 93.648956][ T29] audit: type=1400 audit(1753506619.089:10770): avc: denied { connect } for pid=9915 comm="syz.4.2391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 93.674555][ T9921] SELinux: ebitmap: truncated map [ 93.696366][ T9921] SELinux: failed to load policy [ 93.736455][ T9936] netlink: 'syz.3.2396': attribute type 6 has an invalid length. [ 93.750609][ T29] audit: type=1400 audit(1753506619.219:10771): avc: denied { setcheckreqprot } for pid=9940 comm="syz.1.2398" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 93.957152][ T29] audit: type=1400 audit(1753506619.429:10772): avc: denied { module_load } for pid=9986 comm="syz.4.2411" path=2F7365637265746D656D202864656C6574656429 dev="secretmem" ino=21747 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=system permissive=1 [ 94.015820][ T29] audit: type=1326 audit(1753506619.479:10773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9996 comm="syz.1.2414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 94.039438][ T29] audit: type=1326 audit(1753506619.489:10774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9996 comm="syz.1.2414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 94.063058][ T29] audit: type=1326 audit(1753506619.489:10775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9996 comm="syz.1.2414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 94.147888][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.155753][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.164197][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.172152][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.180072][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.188077][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.196562][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.204608][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.212355][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.220187][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.228573][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.236345][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.244122][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.251865][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.260448][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.268353][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.276191][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.284552][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.292305][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.300072][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.307897][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.316371][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.324153][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.331958][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.339798][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.348249][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.356137][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.363966][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.371719][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.380075][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.387859][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.395866][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.404281][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.412165][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.419953][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.427770][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.436329][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.444106][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.451854][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.459680][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.467858][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.475655][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.483411][ T23] hid-generic 0000:007F:FFFFFFFE.0003: unknown main item tag 0x0 [ 94.491833][ T23] hid-generic 0000:007F:FFFFFFFE.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 94.506319][T10015] loop1: detected capacity change from 0 to 1024 [ 94.522666][T10015] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 94.534198][T10015] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 94.552841][T10050] can0: slcan on ttyS3. [ 94.562904][T10015] JBD2: no valid journal superblock found [ 94.568711][T10015] EXT4-fs (loop1): Could not load journal inode [ 94.654497][T10050] can0 (unregistered): slcan off ttyS3. [ 94.736497][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x4 [ 94.744923][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x2 [ 94.753282][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 94.761141][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 94.769029][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 94.777418][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 94.785206][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 94.792865][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 94.800911][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 94.809391][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 94.817371][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 94.825180][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 94.832849][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 94.841348][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 94.849143][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 94.856837][ T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 94.865496][ T23] hid-generic 0000:3000000:0000.0004: hidraw0: HID v0.00 Device [sy] on syz0 [ 94.894625][T10104] loop1: detected capacity change from 0 to 1024 [ 94.901429][T10104] EXT4-fs: Ignoring removed oldalloc option [ 94.907609][T10104] EXT4-fs: Ignoring removed bh option [ 94.935310][T10104] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.067823][T10104] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.2441: Allocating blocks 1-17 which overlap fs metadata [ 95.090103][T10109] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.2441: Allocating blocks 1-17 which overlap fs metadata [ 95.175633][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.298746][T10134] 8021q: adding VLAN 0 to HW filter on device bond1 [ 95.340039][T10134] bond1 (unregistering): Released all slaves [ 95.400455][T10146] pimreg: entered allmulticast mode [ 95.424740][T10146] pimreg: left allmulticast mode [ 95.432680][T10151] sd 0:0:1:0: device reset [ 95.457862][T10156] loop0: detected capacity change from 0 to 512 [ 95.466939][T10156] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 95.485882][T10156] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.499130][T10156] ext4 filesystem being mounted at /395/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.524325][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.588669][T10177] __nla_validate_parse: 11 callbacks suppressed [ 95.588684][T10177] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2472'. [ 95.609962][T10177] 8021q: adding VLAN 0 to HW filter on device bond1 [ 95.626838][T10177] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2472'. [ 95.674782][T10177] bond1 (unregistering): Released all slaves [ 95.924692][T10196] loop1: detected capacity change from 0 to 512 [ 95.989039][T10210] netlink: 'syz.2.2485': attribute type 4 has an invalid length. [ 95.996893][T10210] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2485'. [ 96.034107][T10196] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #3: comm syz.1.2479: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0) [ 96.077299][T10196] EXT4-fs error (device loop1): ext4_quota_enable:7127: comm syz.1.2479: Bad quota inode: 3, type: 0 [ 96.095784][T10196] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 96.115329][T10196] EXT4-fs (loop1): mount failed [ 96.264905][T10239] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2499'. [ 96.275388][T10242] netlink: 'syz.0.2497': attribute type 4 has an invalid length. [ 96.354394][T10253] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10253 comm=syz.2.2505 [ 96.369474][T10259] loop4: detected capacity change from 0 to 1024 [ 96.378391][T10259] EXT4-fs: Ignoring removed orlov option [ 96.384703][T10259] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 96.416178][T10259] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.440642][T10271] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2512'. [ 96.466761][T10271] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.479668][T10271] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2512'. [ 96.489429][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.533397][T10271] bond0 (unregistering): Released all slaves [ 96.546863][T10278] SELinux: failed to load policy [ 96.623527][T10282] loop4: detected capacity change from 0 to 1024 [ 96.641128][T10282] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.752340][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.901837][T10313] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2529'. [ 96.918839][T10313] 8021q: adding VLAN 0 to HW filter on device bond2 [ 96.933545][T10313] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2529'. [ 96.945246][T10313] bond2 (unregistering): Released all slaves [ 96.958915][T10316] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2531'. [ 97.030071][T10331] loop1: detected capacity change from 0 to 1024 [ 97.044719][T10331] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.060872][T10331] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.2537: Abort forced by user [ 97.071237][T10331] EXT4-fs (loop1): Remounting filesystem read-only [ 97.077901][T10331] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 97.096230][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.104816][T10337] loop0: detected capacity change from 0 to 1024 [ 97.112576][T10337] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 97.124198][T10337] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 97.129265][T10339] loop1: detected capacity change from 0 to 512 [ 97.135850][T10337] JBD2: no valid journal superblock found [ 97.140754][T10339] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 97.146040][T10337] EXT4-fs (loop0): Could not load journal inode [ 97.165700][T10339] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.179306][T10339] ext4 filesystem being mounted at /512/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.211266][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.238737][T10348] loop1: detected capacity change from 0 to 512 [ 97.246547][T10348] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 97.259092][T10348] EXT4-fs (loop1): 1 truncate cleaned up [ 97.265495][T10348] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.288977][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.880089][T10365] loop4: detected capacity change from 0 to 512 [ 97.890291][T10365] EXT4-fs (loop4): too many log groups per flexible block group [ 97.890404][T10365] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 97.890425][T10365] EXT4-fs (loop4): mount failed [ 97.977120][T10373] loop4: detected capacity change from 0 to 1024 [ 97.984980][T10373] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 97.985002][T10373] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 97.985518][T10373] JBD2: no valid journal superblock found [ 97.985526][T10373] EXT4-fs (loop4): Could not load journal inode [ 98.482094][T10425] vlan2: entered allmulticast mode [ 98.531206][ T29] kauditd_printk_skb: 143 callbacks suppressed [ 98.531253][ T29] audit: type=1326 audit(1753506623.999:10919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10432 comm="syz.2.2581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabf122e9a9 code=0x7ffc0000 [ 98.565636][ T29] audit: type=1326 audit(1753506623.999:10920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10432 comm="syz.2.2581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabf122e9a9 code=0x7ffc0000 [ 98.589412][ T29] audit: type=1326 audit(1753506624.029:10921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10432 comm="syz.2.2581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fabf122e9a9 code=0x7ffc0000 [ 98.613194][ T29] audit: type=1326 audit(1753506624.029:10922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10432 comm="syz.2.2581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fabf122e9e3 code=0x7ffc0000 [ 98.636681][ T29] audit: type=1326 audit(1753506624.039:10923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10432 comm="syz.2.2581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fabf122d45f code=0x7ffc0000 [ 98.660087][ T29] audit: type=1326 audit(1753506624.039:10924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10432 comm="syz.2.2581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fabf122ea37 code=0x7ffc0000 [ 98.683720][ T29] audit: type=1326 audit(1753506624.039:10925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10432 comm="syz.2.2581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fabf122d310 code=0x7ffc0000 [ 98.709733][ T29] audit: type=1326 audit(1753506624.039:10926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10432 comm="syz.2.2581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fabf122d60a code=0x7ffc0000 [ 98.733329][ T29] audit: type=1326 audit(1753506624.039:10927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10432 comm="syz.2.2581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabf122e9a9 code=0x7ffc0000 [ 98.756925][ T29] audit: type=1326 audit(1753506624.039:10928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10432 comm="syz.2.2581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabf122e9a9 code=0x7ffc0000 [ 98.929883][T10457] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2591'. [ 99.129475][T10472] can0: slcan on ttyS3. [ 99.194039][T10472] can0 (unregistered): slcan off ttyS3. [ 99.216064][T10472] Falling back ldisc for ttyS3. [ 99.224050][T10489] netlink: 'syz.2.2604': attribute type 10 has an invalid length. [ 99.232310][T10489] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 99.256040][T10492] loop1: detected capacity change from 0 to 512 [ 99.268595][T10489] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 99.279545][T10489] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link [ 99.292464][T10474] loop4: detected capacity change from 0 to 8192 [ 99.305118][T10492] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.331150][T10492] ext4 filesystem being mounted at /517/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 99.370625][T10492] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.2606: corrupted inode contents [ 99.446785][T10492] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.2606: mark_inode_dirty error [ 99.460468][T10492] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.2606: corrupted inode contents [ 99.512278][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.572960][T10541] loop1: detected capacity change from 0 to 164 [ 99.592764][T10541] syz.1.2623: attempt to access beyond end of device [ 99.592764][T10541] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 99.607612][T10541] syz.1.2623: attempt to access beyond end of device [ 99.607612][T10541] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 99.668817][T10560] netlink: 'syz.2.2634': attribute type 1 has an invalid length. [ 99.789257][T10586] loop0: detected capacity change from 0 to 164 [ 99.815867][T10586] syz.0.2646: attempt to access beyond end of device [ 99.815867][T10586] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 99.841344][T10586] syz.0.2646: attempt to access beyond end of device [ 99.841344][T10586] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 99.869601][T10593] netlink: 'syz.1.2650': attribute type 4 has an invalid length. [ 99.895274][T10593] netlink: 'syz.1.2650': attribute type 4 has an invalid length. [ 100.040697][T10630] loop4: detected capacity change from 0 to 764 [ 100.065468][T10630] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 100.257379][T10669] can0: slcan on ttyS3. [ 100.334005][T10669] can0 (unregistered): slcan off ttyS3. [ 100.339907][T10669] Falling back ldisc for ttyS3. [ 100.626187][T10742] vhci_hcd: invalid port number 23 [ 100.631383][T10742] vhci_hcd: default hub control req: a306 v0000 i0017 l0 [ 100.836691][T10787] __nla_validate_parse: 5 callbacks suppressed [ 100.836709][T10787] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2683'. [ 100.857200][T10775] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2683'. [ 101.038423][T10815] team_slave_0: entered promiscuous mode [ 101.044175][T10815] team_slave_1: entered promiscuous mode [ 101.052445][T10815] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 101.075514][T10815] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 101.150443][T10819] loop1: detected capacity change from 0 to 8192 [ 101.330635][T10842] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10842 comm=syz.3.2702 [ 101.480103][T10860] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2704'. [ 101.521944][T10852] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2704'. [ 101.668638][T10879] serio: Serial port ptm0 [ 101.768089][T10889] loop1: detected capacity change from 0 to 2048 [ 101.813690][T10889] loop1: p1 < > p4 [ 101.818382][T10889] loop1: p4 size 8388608 extends beyond EOD, truncated [ 101.971123][T10930] netlink: 7 bytes leftover after parsing attributes in process `syz.1.2726'. [ 101.988401][T10930] netlink: 7 bytes leftover after parsing attributes in process `syz.1.2726'. [ 102.070353][T10934] loop0: detected capacity change from 0 to 8192 [ 102.190629][T10959] netlink: 'syz.0.2740': attribute type 10 has an invalid length. [ 102.228959][T10963] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2732'. [ 102.253637][T10959] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.269924][T10959] bond0: (slave team0): Enslaving as an active interface with an up link [ 102.469734][T10986] loop0: detected capacity change from 0 to 128 [ 102.502307][T10986] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 102.524079][T10986] ext4 filesystem being mounted at /447/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 102.639188][ T3310] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 102.722575][T11010] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2739'. [ 102.744093][T11012] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 102.758097][T11010] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check. [ 102.851020][T11024] loop0: detected capacity change from 0 to 512 [ 102.873225][T11024] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 102.927619][T11024] EXT4-fs (loop0): 1 truncate cleaned up [ 102.934648][T11024] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.979081][T11024] sg_write: data in/out 11329/120 bytes for SCSI command 0x0-- guessing data in; [ 102.979081][T11024] program syz.0.2743 not setting count and/or reply_len properly [ 103.008292][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.125514][T11060] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.2746'. [ 103.157307][T11050] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.2746'. [ 103.288646][T11086] loop0: detected capacity change from 0 to 256 [ 103.412142][T11102] 9pnet_fd: Insufficient options for proto=fd [ 103.544134][T11127] loop0: detected capacity change from 0 to 512 [ 103.563569][T11132] loop4: detected capacity change from 0 to 1024 [ 103.583062][T11132] EXT4-fs: Ignoring removed bh option [ 103.608467][T11127] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 103.623245][T11132] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 103.641181][T11127] EXT4-fs (loop0): 1 truncate cleaned up [ 103.651422][T11127] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.667434][T11132] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.709139][ T29] kauditd_printk_skb: 133 callbacks suppressed [ 103.709154][ T29] audit: type=1400 audit(1753506629.179:11062): avc: denied { rename } for pid=11130 comm="syz.4.2769" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 103.754783][T11132] EXT4-fs error (device loop4): ext4_check_all_de:659: inode #12: block 7: comm syz.4.2769: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0 [ 103.797502][T11153] loop1: detected capacity change from 0 to 512 [ 103.806218][T11153] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 103.816936][T11132] EXT4-fs (loop4): Remounting filesystem read-only [ 103.827006][T11153] EXT4-fs (loop1): 1 truncate cleaned up [ 103.833145][T11153] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.846498][T11158] netlink: 'syz.2.2776': attribute type 10 has an invalid length. [ 103.849380][T11153] sg_write: data in/out 11329/120 bytes for SCSI command 0x0-- guessing data in; [ 103.849380][T11153] program syz.1.2774 not setting count and/or reply_len properly [ 103.863436][T11158] dummy0: entered promiscuous mode [ 103.888100][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.897761][T11158] bond0: (slave dummy0): Releasing backup interface [ 103.899551][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.905694][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.930658][T11158] bridge0: port 3(dummy0) entered blocking state [ 103.937191][T11158] bridge0: port 3(dummy0) entered disabled state [ 103.966962][ T29] audit: type=1326 audit(1753506629.439:11063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11164 comm="syz.1.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 103.991423][ T29] audit: type=1326 audit(1753506629.439:11064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11164 comm="syz.1.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 104.015630][ T29] audit: type=1326 audit(1753506629.439:11065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11164 comm="syz.1.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 104.039487][ T29] audit: type=1326 audit(1753506629.439:11066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11164 comm="syz.1.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 104.063803][ T29] audit: type=1326 audit(1753506629.439:11067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11164 comm="syz.1.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 104.087529][ T29] audit: type=1326 audit(1753506629.439:11068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11164 comm="syz.1.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 104.111580][ T29] audit: type=1326 audit(1753506629.439:11069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11164 comm="syz.1.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 104.135704][ T29] audit: type=1326 audit(1753506629.439:11070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11164 comm="syz.1.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 104.159346][ T29] audit: type=1326 audit(1753506629.439:11071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11164 comm="syz.1.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 104.225059][T11179] xt_hashlimit: size too large, truncated to 1048576 [ 104.356288][T11197] loop4: detected capacity change from 0 to 512 [ 104.366023][T11197] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 104.375934][T11197] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities [ 104.402120][T11197] netlink: zone id is out of range [ 104.407738][T11197] netlink: zone id is out of range [ 104.412854][T11197] netlink: zone id is out of range [ 104.418081][T11197] netlink: zone id is out of range [ 104.423929][T11197] netlink: zone id is out of range [ 104.429171][T11197] netlink: zone id is out of range [ 104.434324][T11197] netlink: zone id is out of range [ 104.439493][T11197] netlink: zone id is out of range [ 104.444633][T11197] netlink: zone id is out of range [ 104.492887][T11201] loop0: detected capacity change from 0 to 8192 [ 104.534248][T11201] loop0: p2 p3 p4 [ 104.539046][T11201] loop0: p2 start 2936012800 is beyond EOD, truncated [ 104.546006][T11201] loop0: p3 start 1912602624 is beyond EOD, truncated [ 104.552796][T11201] loop0: p4 size 656640 extends beyond EOD, truncated [ 104.601830][T11219] loop4: detected capacity change from 0 to 164 [ 104.611252][T11219] syz.4.2801: attempt to access beyond end of device [ 104.611252][T11219] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 104.625444][T11219] syz.4.2801: attempt to access beyond end of device [ 104.625444][T11219] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 104.668403][T11226] sd 0:0:1:0: device reset [ 104.772815][T11250] netlink: 'syz.2.2815': attribute type 10 has an invalid length. [ 104.781730][T11250] bridge0: port 3(dummy0) entered blocking state [ 104.788325][T11250] bridge0: port 3(dummy0) entered forwarding state [ 104.880437][T11260] netlink: 'syz.4.2820': attribute type 1 has an invalid length. [ 105.162284][T11308] 0X: renamed from caif0 [ 105.169550][T11308] 0X: entered allmulticast mode [ 106.020571][T11440] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 106.044145][T11434] loop4: detected capacity change from 0 to 512 [ 106.050701][T11434] EXT4-fs: Ignoring removed nobh option [ 106.067856][T11444] xt_hashlimit: size too large, truncated to 1048576 [ 106.085801][T11434] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #3: comm syz.4.2898: corrupted inode contents [ 106.124975][T11434] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #3: comm syz.4.2898: mark_inode_dirty error [ 106.154352][T11434] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #3: comm syz.4.2898: corrupted inode contents [ 106.178873][T11434] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.2898: mark_inode_dirty error [ 106.211662][T11434] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2898: Failed to acquire dquot type 0 [ 106.246913][T11434] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2898: corrupted inode contents [ 106.275618][T11434] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #16: comm syz.4.2898: mark_inode_dirty error [ 106.300923][T11434] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2898: corrupted inode contents [ 106.315271][T11434] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.2898: mark_inode_dirty error [ 106.347159][T11434] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2898: corrupted inode contents [ 106.364750][T11434] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 106.394506][T11434] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2898: corrupted inode contents [ 106.420155][T11434] EXT4-fs error (device loop4): ext4_truncate:4597: inode #16: comm syz.4.2898: mark_inode_dirty error [ 106.441409][T11434] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 106.456179][T11434] EXT4-fs (loop4): 1 truncate cleaned up [ 106.462340][T11434] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.477094][T11462] __nla_validate_parse: 8 callbacks suppressed [ 106.477128][T11462] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2908'. [ 106.500881][T11464] xt_NFQUEUE: number of total queues is 0 [ 106.547317][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.864821][T11506] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2929'. [ 106.903710][T11506] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2929'. [ 107.009429][T11521] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2936'. [ 107.089205][T11535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2942'. [ 107.100794][T11537] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2943'. [ 107.100801][T11535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2942'. [ 107.120268][T11539] netlink: 100 bytes leftover after parsing attributes in process `syz.2.2944'. [ 107.275313][T11568] syz_tun: entered allmulticast mode [ 107.286578][T11568] syz_tun: left allmulticast mode [ 107.600730][T11624] loop1: detected capacity change from 0 to 512 [ 107.619837][T11624] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.624733][T11635] loop0: detected capacity change from 0 to 164 [ 107.641847][T11635] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 107.663945][T11624] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 107.681428][T11635] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 107.705528][T11635] rock: directory entry would overflow storage [ 107.711555][T11624] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 33 with error 28 [ 107.711707][T11635] rock: sig=0x4f50, size=4, remaining=3 [ 107.711721][T11635] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 107.737729][T11624] EXT4-fs (loop1): This should not happen!! Data will be lost [ 107.737729][T11624] [ 107.747411][T11624] EXT4-fs (loop1): Total free blocks count 0 [ 107.754220][T11624] EXT4-fs (loop1): Free/Dirty block details [ 107.760128][T11624] EXT4-fs (loop1): free_blocks=65280 [ 107.765605][T11624] EXT4-fs (loop1): dirty_blocks=33 [ 107.770755][T11624] EXT4-fs (loop1): Block reservation details [ 107.776799][T11624] EXT4-fs (loop1): i_reserved_data_blocks=33 [ 107.835324][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.875649][T11680] rdma_op ffff888109759180 conn xmit_rdma 0000000000000000 [ 107.911085][T11689] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2980'. [ 107.936816][T11689] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 107.945587][T11689] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 107.954312][T11689] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 107.963044][T11689] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 107.976979][T11689] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2980'. [ 108.079097][T11715] loop0: detected capacity change from 0 to 2048 [ 108.123997][T11715] loop0: p1 < > p4 [ 108.137259][T11715] loop0: p4 size 8388608 extends beyond EOD, truncated [ 108.206597][T11739] loop0: detected capacity change from 0 to 256 [ 108.247545][T11739] FAT-fs (loop0): Directory bread(block 64) failed [ 108.263073][T11739] FAT-fs (loop0): Directory bread(block 65) failed [ 108.285511][T11739] FAT-fs (loop0): Directory bread(block 66) failed [ 108.306540][T11739] FAT-fs (loop0): Directory bread(block 67) failed [ 108.323088][T11739] FAT-fs (loop0): Directory bread(block 68) failed [ 108.364598][T11739] FAT-fs (loop0): Directory bread(block 69) failed [ 108.372608][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.380201][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.380468][T11739] FAT-fs (loop0): Directory bread(block 70) failed [ 108.395273][T11739] FAT-fs (loop0): Directory bread(block 71) failed [ 108.402224][T11739] FAT-fs (loop0): Directory bread(block 72) failed [ 108.408937][T11739] FAT-fs (loop0): Directory bread(block 73) failed [ 108.422522][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.430206][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.437658][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.445918][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.453596][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.461015][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.468490][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.476650][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.484167][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.491625][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.521200][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.528751][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.536899][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.544344][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.551881][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.559374][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.567463][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.574906][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.582309][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.589770][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.597713][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.605220][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.612722][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.620155][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.628307][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 108.636268][ T36] hid-generic 0000:0000:0000.0005: hidraw0: HID v10.00 Device [syz0] on syz1 [ 108.883019][T11826] team1: entered promiscuous mode [ 108.889544][T11826] team1: entered allmulticast mode [ 108.960982][ T29] kauditd_printk_skb: 136 callbacks suppressed [ 108.960997][ T29] audit: type=1400 audit(108.933:11206): avc: denied { setopt } for pid=11836 comm="syz.0.3024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 109.047845][T11849] IPVS: Error connecting to the multicast addr [ 109.065587][ T29] audit: type=1400 audit(109.033:11207): avc: denied { write } for pid=11840 comm="syz.1.3026" path="socket:[25640]" dev="sockfs" ino=25640 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 109.113656][ T29] audit: type=1400 audit(109.093:11208): avc: denied { read } for pid=11840 comm="syz.1.3026" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 109.333799][ T29] audit: type=1400 audit(109.313:11209): avc: denied { read } for pid=11873 comm="syz.0.3041" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 109.357819][ T29] audit: type=1400 audit(109.313:11210): avc: denied { open } for pid=11873 comm="syz.0.3041" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 109.382071][ T29] audit: type=1400 audit(109.313:11211): avc: denied { ioctl } for pid=11873 comm="syz.0.3041" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 109.759389][T11906] pimreg: entered allmulticast mode [ 109.789509][T11906] pimreg: left allmulticast mode [ 109.844580][ T29] audit: type=1326 audit(109.803:11212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11914 comm="syz.0.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5012e9a9 code=0x7ffc0000 [ 109.867822][ T29] audit: type=1326 audit(109.803:11213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11914 comm="syz.0.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a5012e9a9 code=0x7ffc0000 [ 109.890942][ T29] audit: type=1326 audit(109.803:11214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11914 comm="syz.0.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5012e9a9 code=0x7ffc0000 [ 109.914023][ T29] audit: type=1326 audit(109.803:11215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11914 comm="syz.0.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a5012e9a9 code=0x7ffc0000 [ 109.981239][T11921] netlink: 'syz.1.3062': attribute type 21 has an invalid length. [ 110.167027][T11941] netlink: 'syz.0.3072': attribute type 39 has an invalid length. [ 111.112265][T11989] SELinux: failed to load policy [ 111.195107][T12008] loop1: detected capacity change from 0 to 128 [ 111.202935][T12008] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 111.227848][T12008] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 111.515573][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x1 [ 111.523049][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.530708][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.538227][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.545687][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.553278][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.560758][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x4 [ 111.568191][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.575605][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.583050][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.590591][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x2 [ 111.598280][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.605699][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.613112][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x4 [ 111.620604][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.628070][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.635485][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x2 [ 111.642963][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.650442][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.657856][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.665364][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.672779][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.680294][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.687725][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.695173][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.702660][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.710097][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.717535][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.724927][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.732343][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.739768][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.747148][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.754540][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.761927][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.769375][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.776823][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.784256][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.791630][ T3413] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 111.800427][ T3413] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz0] on syz1 [ 112.078763][T12085] loop4: detected capacity change from 0 to 512 [ 112.086373][T12085] EXT4-fs: Ignoring removed bh option [ 112.092078][T12085] ext3: Unknown parameter 'nouser_xattr' [ 112.412675][T12107] __nla_validate_parse: 9 callbacks suppressed [ 112.412692][T12107] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3142'. [ 112.432096][T12107] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 112.440366][T12107] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 112.449413][T12107] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 112.457707][T12107] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 112.466954][T12107] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3142'. [ 112.508052][T12101] loop4: detected capacity change from 0 to 512 [ 112.525680][T12101] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.539707][T12101] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.601054][T12124] syzkaller0: entered allmulticast mode [ 112.607445][T12124] syzkaller0: entered promiscuous mode [ 112.615671][T12124] syzkaller0 (unregistering): left allmulticast mode [ 112.622396][T12124] syzkaller0 (unregistering): left promiscuous mode [ 112.827810][T12153] netlink: 'syz.3.3170': attribute type 1 has an invalid length. [ 113.954449][T12280] netem: incorrect ge model size [ 113.959499][T12280] netem: change failed [ 113.972619][ T29] kauditd_printk_skb: 191 callbacks suppressed [ 113.972639][ T29] audit: type=1400 audit(113.943:11407): avc: denied { create } for pid=12283 comm="syz.2.3162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 113.999039][ T29] audit: type=1326 audit(113.963:11408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12279 comm="syz.3.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 114.023043][ T29] audit: type=1326 audit(113.963:11409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12279 comm="syz.3.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 114.047106][ T29] audit: type=1326 audit(113.963:11410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12279 comm="syz.3.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 114.066127][T12289] netlink: 'syz.4.3165': attribute type 13 has an invalid length. [ 114.070282][ T29] audit: type=1326 audit(113.963:11411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12279 comm="syz.3.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 114.101534][ T29] audit: type=1326 audit(113.963:11412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12279 comm="syz.3.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 114.125138][ T29] audit: type=1326 audit(113.963:11413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12279 comm="syz.3.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=196 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 114.148446][ T29] audit: type=1326 audit(113.963:11414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12279 comm="syz.3.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 114.172132][ T29] audit: type=1326 audit(113.963:11415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12279 comm="syz.3.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dcd5ae9a9 code=0x7ffc0000 [ 114.195608][ T29] audit: type=1400 audit(113.963:11416): avc: denied { connect } for pid=12283 comm="syz.2.3162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 114.280064][T12289] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 114.289103][T12289] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 114.298030][T12289] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 114.307024][T12289] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 114.317341][T12303] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3174'. [ 114.327294][T12289] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 20000 - 0 [ 114.327702][T12303] netlink: 312 bytes leftover after parsing attributes in process `syz.3.3174'. [ 114.336422][T12289] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 20000 - 0 [ 114.336452][T12289] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 20000 - 0 [ 114.345744][T12303] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3174'. [ 114.374013][T12289] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 20000 - 0 [ 114.390192][T12305] pimreg: entered allmulticast mode [ 114.400230][T12307] pimreg: left allmulticast mode [ 114.549300][T12337] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3188'. [ 114.575091][T12337] bond3: entered promiscuous mode [ 114.580184][T12337] bond3: entered allmulticast mode [ 114.588929][T12337] 8021q: adding VLAN 0 to HW filter on device bond3 [ 114.613541][T12344] netlink: 'syz.3.3191': attribute type 13 has an invalid length. [ 114.659410][T12344] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 114.667934][T12344] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 114.676380][T12344] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 114.684913][T12344] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 114.693995][T12350] uprobe: syz.2.3193:12350 failed to unregister, leaking uprobe [ 114.838732][T12380] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3207'. [ 115.022885][T12376] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 115.031563][T12376] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 115.570968][T12396] netlink: 'syz.1.3211': attribute type 13 has an invalid length. [ 115.712542][T12396] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 115.726427][T12396] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 115.754789][T12396] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.763432][T12396] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.772007][T12396] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.780375][T12396] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.796701][T12410] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 116.179067][T12447] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3234'. [ 116.480561][T12473] netlink: 'syz.3.3246': attribute type 14 has an invalid length. [ 116.490137][T12473] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (11) [ 116.509821][T12473] netlink: 'syz.3.3246': attribute type 14 has an invalid length. [ 116.539383][T12473] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (11) [ 116.740580][T12489] loop1: detected capacity change from 0 to 2048 [ 116.849118][T12491] netlink: 'syz.0.3255': attribute type 13 has an invalid length. [ 116.857679][T12489] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.885397][T12491] gretap0: refused to change device tx_queue_len [ 116.892613][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.921033][T12491] net_ratelimit: 66 callbacks suppressed [ 116.921051][T12491] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 117.855781][T12562] xt_TPROXY: Can be used only with -p tcp or -p udp [ 118.042021][T12579] netlink: 'syz.0.3292': attribute type 13 has an invalid length. [ 118.090753][T12579] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.098055][T12579] bridge0: port 1(bridge_slave_0) entered disabled state [ 118.142394][T12579] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 118.188230][T12579] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.197266][T12579] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.206179][T12579] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.215068][T12579] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.234991][T12579] erspan0: left allmulticast mode [ 118.245204][T12579] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 118.254237][T12579] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 118.263613][T12579] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 118.272533][T12579] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 118.367843][T12608] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 118.393045][T12610] tipc: Started in network mode [ 118.398128][T12610] tipc: Node identity ac14140f, cluster identity 4711 [ 118.406883][T12610] tipc: New replicast peer: 255.255.255.83 [ 118.412835][T12610] tipc: Enabled bearer , priority 10 [ 118.468868][T12622] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3311'. [ 118.754722][T12672] vhci_hcd: default hub control req: 800f v0000 i0000 l31125 [ 119.000287][ T29] kauditd_printk_skb: 157 callbacks suppressed [ 119.000413][ T29] audit: type=1400 audit(631.974:11574): avc: denied { write } for pid=12712 comm="syz.0.3355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 119.069407][T12723] rdma_op ffff88814ce31180 conn xmit_rdma 0000000000000000 [ 119.117321][T12734] netlink: 'syz.2.3365': attribute type 13 has an invalid length. [ 119.141158][ T29] audit: type=1400 audit(632.104:11575): avc: denied { block_suspend } for pid=12724 comm="syz.3.3361" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 119.387911][T12734] bridge0: port 3(dummy0) entered disabled state [ 119.394432][T12734] bridge0: port 2(bridge_slave_1) entered disabled state [ 119.401645][T12734] bridge0: port 1(bridge_slave_0) entered disabled state [ 119.414734][ T3413] tipc: Node number set to 2886997007 [ 119.433504][T12734] team_slave_0: left promiscuous mode [ 119.439048][T12734] team_slave_1: left promiscuous mode [ 119.635463][ T29] audit: type=1326 audit(632.604:11576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12747 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 119.658658][ T29] audit: type=1326 audit(632.604:11577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12747 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 119.723357][ T29] audit: type=1326 audit(632.614:11578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12747 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 119.746421][ T29] audit: type=1326 audit(632.614:11579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12747 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 119.769471][ T29] audit: type=1326 audit(632.644:11580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12747 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 119.792453][ T29] audit: type=1326 audit(632.644:11581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12747 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 119.815538][ T29] audit: type=1326 audit(632.644:11582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12747 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 119.838526][ T29] audit: type=1326 audit(632.644:11583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12747 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa51fe9a9 code=0x7ffc0000 [ 120.026189][T12734] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 120.222267][T12734] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.230760][T12734] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.239201][T12734] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.247654][T12734] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.295646][T12734] netdevsim netdevsim2 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 120.304082][T12734] netdevsim netdevsim2 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 120.312492][T12734] netdevsim netdevsim2 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 120.320896][T12734] netdevsim netdevsim2 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 120.479400][T12805] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 120.640011][T12836] netlink: 'syz.2.3403': attribute type 10 has an invalid length. [ 120.648568][T12836] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3403'. [ 120.810641][T12856] vlan2: entered allmulticast mode [ 120.997862][T12885] pimreg: entered allmulticast mode [ 121.005440][T12885] pimreg: left allmulticast mode [ 121.166085][T12915] SELinux: failed to load policy [ 121.410987][T12962] wg2: left promiscuous mode [ 121.435934][T12962] macvtap0: left promiscuous mode [ 121.470714][T12974] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3467'. [ 121.511769][T12979] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12979 comm=syz.4.3469 [ 121.542078][T12983] netlink: 'syz.0.3471': attribute type 13 has an invalid length. [ 121.729784][T13003] loop4: detected capacity change from 0 to 2048 [ 121.891563][T13010] netlink: 3529 bytes leftover after parsing attributes in process `syz.3.3483'. [ 122.733126][T13089] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3517'. [ 123.409481][T13101] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3524'. [ 123.437004][T13101] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3524'. [ 123.457666][T13101] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3524'. [ 123.467090][T13101] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3524'. [ 123.551020][T13113] SELinux: Context is not valid (left unmapped). [ 123.958942][T13156] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13156 comm=syz.2.3549 [ 123.973458][T13156] netlink: 'syz.2.3549': attribute type 1 has an invalid length. [ 124.013240][ T29] kauditd_printk_skb: 200 callbacks suppressed [ 124.013255][ T29] audit: type=1326 audit(636.974:11784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13158 comm="syz.0.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5012e9a9 code=0x7ffc0000 [ 124.042657][ T29] audit: type=1326 audit(636.974:11785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13158 comm="syz.0.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5012e9a9 code=0x7ffc0000 [ 124.065844][ T29] audit: type=1326 audit(636.974:11786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13158 comm="syz.0.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7f1a5012e9a9 code=0x7ffc0000 [ 124.088920][ T29] audit: type=1326 audit(636.974:11787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13158 comm="syz.0.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5012e9a9 code=0x7ffc0000 [ 124.112078][ T29] audit: type=1326 audit(636.974:11788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13158 comm="syz.0.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a5012e9a9 code=0x7ffc0000 [ 124.135156][ T29] audit: type=1326 audit(636.974:11789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13158 comm="syz.0.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5012e9a9 code=0x7ffc0000 [ 124.158418][ T29] audit: type=1326 audit(636.974:11790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13158 comm="syz.0.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5012e9a9 code=0x7ffc0000 [ 124.181580][ T29] audit: type=1326 audit(636.974:11791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13158 comm="syz.0.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a5012e9a9 code=0x7ffc0000 [ 124.204833][ T29] audit: type=1326 audit(636.974:11792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13158 comm="syz.0.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5012e9a9 code=0x7ffc0000 [ 124.227816][ T29] audit: type=1326 audit(636.974:11793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13158 comm="syz.0.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5012e9a9 code=0x7ffc0000 [ 124.263643][T13163] bond1: (slave bridge2): making interface the new active one [ 124.271531][T13163] bond1: (slave bridge2): Enslaving as an active interface with an up link [ 124.416588][T13176] sch_tbf: burst 3298 is lower than device lo mtu (11337746) ! [ 124.451351][T13183] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3561'. [ 124.465954][T13183] team1: entered promiscuous mode [ 124.471289][T13183] team1: entered allmulticast mode [ 125.029291][T13237] loop4: detected capacity change from 0 to 2048 [ 125.065551][T13237] loop4: p3 p4 < > [ 125.086364][T13237] loop4: p3 size 57344 extends beyond EOD, truncated [ 125.116650][T13242] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3589'. [ 125.133366][T13243] atomic_op ffff88811aa77928 conn xmit_atomic 0000000000000000 [ 125.250507][T13246] loop4: detected capacity change from 0 to 8192 [ 125.277303][T13254] netlink: 'syz.0.3594': attribute type 1 has an invalid length. [ 125.285122][T13254] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3594'. [ 125.533461][T13273] netlink: 'syz.2.3604': attribute type 1 has an invalid length. [ 125.590652][T13285] rdma_op ffff88814ede1180 conn xmit_rdma 0000000000000000 [ 125.674091][T13300] rdma_op ffff88814ee10180 conn xmit_rdma 0000000000000000 [ 125.845672][T13327] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3628'. [ 125.889341][T13331] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 125.900386][T13331] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 126.212903][T13360] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=13360 comm=syz.4.3643 [ 126.444310][T13378] loop1: detected capacity change from 0 to 8192 [ 126.826335][T13418] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3669'. [ 126.871010][T13428] loop1: detected capacity change from 0 to 512 [ 126.877866][T13428] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 126.896420][T13428] EXT4-fs (loop1): 1 truncate cleaned up [ 126.910158][T13428] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.995579][T13446] netlink: 'syz.0.3678': attribute type 10 has an invalid length. [ 127.004192][T13446] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 127.011946][T13446] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 127.014763][T13444] netlink: 'syz.2.3677': attribute type 4 has an invalid length. [ 127.040553][T13446] netlink: 'syz.0.3678': attribute type 10 has an invalid length. [ 127.040709][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.049042][T13446] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3678'. [ 127.066551][T13446] batadv0: entered promiscuous mode [ 127.071762][T13446] batadv0: entered allmulticast mode [ 127.079505][T13446] bond0: (slave batadv0): Releasing backup interface [ 127.087704][T13446] bridge0: port 3(batadv0) entered blocking state [ 127.094492][T13446] bridge0: port 3(batadv0) entered disabled state [ 127.397296][T13498] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=13498 comm=syz.0.3699 [ 127.450573][T13502] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 127.534320][ T5251] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 127.543632][ T5251] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 127.745864][T13526] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3713'. [ 127.874895][T13548] pim6reg1: entered promiscuous mode [ 127.880310][T13548] pim6reg1: entered allmulticast mode [ 128.108802][T13567] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3733'. [ 128.118417][T13567] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3733'. [ 128.130620][T13567] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 128.139512][T13567] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 128.148676][T13567] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 128.157391][T13567] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 128.185335][T13571] netlink: 14528 bytes leftover after parsing attributes in process `syz.0.3735'. [ 128.210370][T13576] netlink: 'syz.1.3737': attribute type 1 has an invalid length. [ 128.231459][T13576] bond0: (slave gretap0): making interface the new active one [ 128.241000][T13576] bond0: (slave gretap0): Enslaving as an active interface with an up link [ 128.478053][T13625] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13625 comm=syz.2.3758 [ 128.651431][T13662] smc: net device bond0 applied user defined pnetid SYZ0 [ 128.659726][T13662] smc: net device bond0 erased user defined pnetid SYZ0 [ 128.684153][T13666] openvswitch: netlink: Message has 6 unknown bytes. [ 128.756740][T13680] loop4: detected capacity change from 0 to 1024 [ 128.763762][T13680] EXT4-fs: Ignoring removed i_version option [ 128.770358][T13680] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 128.783934][T13680] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.3784: Invalid block bitmap block 0 in block_group 0 [ 128.807287][T13680] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.3784: Failed to acquire dquot type 0 [ 128.823739][T13680] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.3784: Freeing blocks not in datazone - block = 0, count = 4096 [ 128.885764][T13680] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.3784: Invalid inode bitmap blk 0 in block_group 0 [ 128.913627][ T5251] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:51: Failed to release dquot type 0 [ 128.913865][T13680] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem [ 128.953118][T13680] EXT4-fs (loop4): 1 orphan inode deleted [ 128.959737][T13680] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.989235][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.998928][ T5251] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:51: Failed to release dquot type 0 [ 129.055714][ T29] kauditd_printk_skb: 303 callbacks suppressed [ 129.055729][ T29] audit: type=1400 audit(642.034:12093): avc: denied { setopt } for pid=13701 comm="syz.1.3793" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 129.130673][ T29] audit: type=1326 audit(642.104:12094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13708 comm="syz.4.3796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb856e9a9 code=0x7ffc0000 [ 129.156538][ T29] audit: type=1326 audit(642.134:12095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13708 comm="syz.4.3796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb856e9a9 code=0x7ffc0000 [ 129.180843][ T29] audit: type=1326 audit(642.134:12096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13708 comm="syz.4.3796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb856e9a9 code=0x7ffc0000 [ 129.203928][ T29] audit: type=1326 audit(642.134:12097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13708 comm="syz.4.3796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb856e9a9 code=0x7ffc0000 [ 129.227196][ T29] audit: type=1326 audit(642.134:12098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13708 comm="syz.4.3796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb856e9a9 code=0x7ffc0000 [ 129.250200][ T29] audit: type=1326 audit(642.134:12099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13708 comm="syz.4.3796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb856e9a9 code=0x7ffc0000 [ 129.273324][ T29] audit: type=1326 audit(642.134:12100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13708 comm="syz.4.3796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb856e9a9 code=0x7ffc0000 [ 129.296312][ T29] audit: type=1326 audit(642.134:12101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13708 comm="syz.4.3796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb856e9a9 code=0x7ffc0000 [ 129.319331][ T29] audit: type=1326 audit(642.134:12102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13708 comm="syz.4.3796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb856e9a9 code=0x7ffc0000 [ 129.386193][T13717] loop1: detected capacity change from 0 to 512 [ 129.394267][T13717] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.434472][T13720] loop4: detected capacity change from 0 to 1024 [ 129.441242][T13720] EXT4-fs: Ignoring removed oldalloc option [ 129.447721][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.463084][T13722] __nla_validate_parse: 10 callbacks suppressed [ 129.463096][T13722] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3802'. [ 129.464682][T13720] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.500305][T13726] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3803'. [ 129.525583][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.051113][T13747] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3812'. [ 130.114578][T13747] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3812'. [ 130.212764][T13753] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3814'. [ 130.221784][T13753] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3814'. [ 130.252826][T13753] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 130.261160][T13753] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 130.269486][T13753] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 130.277760][T13753] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 130.494185][T13759] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3817'. [ 130.817997][T13777] netlink: 'syz.2.3826': attribute type 10 has an invalid length. [ 130.840706][T13777] dummy0: left promiscuous mode [ 130.845732][T13777] bridge0: port 3(dummy0) entered disabled state [ 130.866553][T13777] team0: Port device dummy0 added [ 130.881065][T13777] netlink: 'syz.2.3826': attribute type 10 has an invalid length. [ 130.903104][T13777] team0: Port device dummy0 removed [ 130.913481][T13777] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 131.045185][T13795] netlink: 'syz.4.3834': attribute type 1 has an invalid length. [ 131.097532][T13795] bond4: (slave gretap1): making interface the new active one [ 131.169473][T13795] bond4: (slave gretap1): Enslaving as an active interface with an up link [ 131.195483][T13800] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 131.211833][T13800] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 131.266199][T13808] sch_tbf: burst 0 is lower than device lo mtu (18) ! [ 131.310605][T13812] IPVS: Error connecting to the multicast addr [ 131.433446][T13823] netlink: 5 bytes leftover after parsing attributes in process `syz.0.3846'. [ 131.442531][T13823] 0XD: renamed from gretap0 [ 131.449400][T13823] 0XD: entered allmulticast mode [ 131.450582][T13821] 9pnet: Could not find request transport: r [ 131.462192][T13823] A link change request failed with some changes committed already. Interface 30XD may have been left with an inconsistent configuration, please check. [ 131.542573][T13830] netlink: 33912 bytes leftover after parsing attributes in process `syz.4.3849'. [ 131.686369][T13836] loop4: detected capacity change from 0 to 512 [ 131.694614][T13836] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 131.758176][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.024651][T13885] SELinux: Context system_u:object_r:var_t:s0 is not valid (left unmapped). [ 132.271317][T13918] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3888'. [ 132.407241][T13936] 9pnet_fd: Insufficient options for proto=fd [ 132.417455][T13938] netlink: 'syz.1.3898': attribute type 3 has an invalid length. [ 132.590863][T13953] loop1: detected capacity change from 0 to 1024 [ 132.597636][T13953] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 132.608216][T13953] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 132.691841][T13965] netlink: 'syz.1.3909': attribute type 21 has an invalid length. [ 132.834403][T13982] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 132.894067][T13988] vhci_hcd: default hub control req: 800f v0000 i0000 l31125 [ 133.062933][T14014] loop4: detected capacity change from 0 to 1024 [ 133.076253][T14014] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.109731][T14014] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.3933: Allocating blocks 449-513 which overlap fs metadata [ 133.134314][T14013] EXT4-fs (loop4): pa ffff8881069e1700: logic 48, phys. 177, len 21 [ 133.142439][T14013] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4 [ 133.175891][T14023] IPVS: Error connecting to the multicast addr [ 133.199786][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.355187][T14044] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 133.391243][T14049] 9pnet_virtio: no channels available for device 127.0.0.1 [ 133.463742][ T36] IPVS: starting estimator thread 0... [ 133.568348][T14065] IPVS: using max 2832 ests per chain, 141600 per kthread [ 133.647919][T14103] loop1: detected capacity change from 0 to 2048 [ 134.132699][T14164] futex_wake_op: syz.2.3994 tries to shift op by -1; fix this program [ 134.158363][ T29] kauditd_printk_skb: 471 callbacks suppressed [ 134.158377][ T29] audit: type=1400 audit(647.134:12574): avc: denied { name_bind } for pid=14165 comm="syz.2.3995" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 134.255607][ T29] audit: type=1326 audit(647.234:12575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14173 comm="syz.3.3998" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5dcd5ae9a9 code=0x0 [ 134.494269][T14195] loop1: detected capacity change from 0 to 1024 [ 134.504745][T14195] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 134.537556][T14195] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.4007: Allocating blocks 449-513 which overlap fs metadata [ 134.564016][T14194] EXT4-fs (loop1): pa ffff8881069fd1c0: logic 48, phys. 177, len 21 [ 134.572072][T14194] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4 [ 134.596252][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.621174][T14199] loop1: detected capacity change from 0 to 764 [ 134.628729][T14199] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 134.638678][ T29] audit: type=1400 audit(647.614:12576): avc: denied { mount } for pid=14198 comm="syz.1.4008" name="/" dev="loop1" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 134.661476][T14199] Symlink component flag not implemented [ 134.670307][T14199] Symlink component flag not implemented (7) [ 134.686207][ T29] audit: type=1400 audit(647.664:12577): avc: denied { unmount } for pid=3301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 134.715341][ T29] audit: type=1400 audit(647.694:12578): avc: denied { bind } for pid=14200 comm="syz.1.4009" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 134.735737][ T29] audit: type=1400 audit(647.694:12579): avc: denied { setopt } for pid=14200 comm="syz.1.4009" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 134.879755][ T29] audit: type=1400 audit(647.854:12580): avc: denied { write } for pid=14210 comm="syz.4.4013" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 134.879822][T14211] __nla_validate_parse: 10 callbacks suppressed [ 134.879833][T14211] netlink: 68 bytes leftover after parsing attributes in process `syz.4.4013'. [ 134.915217][ T29] audit: type=1400 audit(647.854:12581): avc: denied { nlmsg_write } for pid=14210 comm="syz.4.4013" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 135.034585][T14180] syz.0.4001 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 135.049218][T14180] CPU: 0 UID: 0 PID: 14180 Comm: syz.0.4001 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(voluntary) [ 135.049249][T14180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 135.049261][T14180] Call Trace: [ 135.049266][T14180] [ 135.049273][T14180] __dump_stack+0x1d/0x30 [ 135.049310][T14180] dump_stack_lvl+0xe8/0x140 [ 135.049329][T14180] dump_stack+0x15/0x1b [ 135.049346][T14180] dump_header+0x81/0x220 [ 135.049407][T14180] oom_kill_process+0x334/0x3f0 [ 135.049444][T14180] out_of_memory+0x979/0xb80 [ 135.049522][T14180] try_charge_memcg+0x5e6/0x9e0 [ 135.049563][T14180] obj_cgroup_charge_pages+0xa6/0x150 [ 135.049591][T14180] __memcg_kmem_charge_page+0x9f/0x170 [ 135.049656][T14180] __alloc_frozen_pages_noprof+0x188/0x360 [ 135.049715][T14180] alloc_pages_mpol+0xb3/0x250 [ 135.049743][T14180] alloc_pages_noprof+0x90/0x130 [ 135.049771][T14180] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 135.049829][T14180] __kvmalloc_node_noprof+0x30f/0x4e0 [ 135.049865][T14180] ? ip_set_alloc+0x1f/0x30 [ 135.049894][T14180] ? ip_set_alloc+0x1f/0x30 [ 135.049999][T14180] ? __kmalloc_cache_noprof+0x189/0x320 [ 135.050095][T14180] ip_set_alloc+0x1f/0x30 [ 135.050182][T14180] hash_netiface_create+0x282/0x740 [ 135.050263][T14180] ? __pfx_hash_netiface_create+0x10/0x10 [ 135.050295][T14180] ip_set_create+0x3c9/0x960 [ 135.050332][T14180] ? __nla_parse+0x40/0x60 [ 135.050370][T14180] nfnetlink_rcv_msg+0x4c6/0x590 [ 135.050407][T14180] ? selinux_capable+0x1f9/0x270 [ 135.050513][T14180] netlink_rcv_skb+0x123/0x220 [ 135.050550][T14180] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 135.050596][T14180] nfnetlink_rcv+0x16b/0x1690 [ 135.050622][T14180] ? sched_clock+0x3f/0x60 [ 135.050652][T14180] ? trace_clock_local+0x3f/0x60 [ 135.050706][T14180] ? __rb_reserve_next+0x43e/0x6f0 [ 135.050743][T14180] ? rb_commit+0x3e9/0x420 [ 135.050807][T14180] ? ring_buffer_unlock_commit+0x324/0x370 [ 135.050829][T14180] ? trace_buffer_unlock_commit_regs+0x111/0x310 [ 135.050891][T14180] ? trace_event_buffer_commit+0x196/0x5d0 [ 135.050917][T14180] ? should_fail_ex+0x30/0x280 [ 135.050947][T14180] ? selinux_nlmsg_lookup+0x99/0x890 [ 135.051049][T14180] ? selinux_netlink_send+0x59f/0x5f0 [ 135.051151][T14180] ? __rcu_read_unlock+0x34/0x70 [ 135.051172][T14180] ? __netlink_lookup+0x266/0x2a0 [ 135.051254][T14180] netlink_unicast+0x5a8/0x680 [ 135.051289][T14180] netlink_sendmsg+0x58b/0x6b0 [ 135.051310][T14180] ? __pfx_netlink_sendmsg+0x10/0x10 [ 135.051376][T14180] __sock_sendmsg+0x142/0x180 [ 135.051424][T14180] ____sys_sendmsg+0x31e/0x4e0 [ 135.051528][T14180] ___sys_sendmsg+0x17b/0x1d0 [ 135.051662][T14180] __x64_sys_sendmsg+0xd4/0x160 [ 135.051682][T14180] x64_sys_call+0x2999/0x2fb0 [ 135.051766][T14180] do_syscall_64+0xd2/0x200 [ 135.051786][T14180] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 135.051814][T14180] ? clear_bhb_loop+0x40/0x90 [ 135.051888][T14180] ? clear_bhb_loop+0x40/0x90 [ 135.051910][T14180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.051934][T14180] RIP: 0033:0x7f1a5012e9a9 [ 135.051949][T14180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.051966][T14180] RSP: 002b:00007f1a4e797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 135.052011][T14180] RAX: ffffffffffffffda RBX: 00007f1a50355fa0 RCX: 00007f1a5012e9a9 [ 135.052072][T14180] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000006 [ 135.052084][T14180] RBP: 00007f1a501b0d69 R08: 0000000000000000 R09: 0000000000000000 [ 135.052096][T14180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 135.052107][T14180] R13: 0000000000000000 R14: 00007f1a50355fa0 R15: 00007ffc19f86cb8 [ 135.052122][T14180] [ 135.052128][T14180] memory: usage 307200kB, limit 307200kB, failcnt 396 [ 135.423289][T14180] memory+swap: usage 307556kB, limit 9007199254740988kB, failcnt 0 [ 135.431239][T14180] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0 [ 135.438549][T14180] Memory cgroup stats for /syz0: [ 135.438778][T14180] cache 0 [ 135.446701][T14180] rss 0 [ 135.449468][T14180] shmem 0 [ 135.452396][T14180] mapped_file 0 [ 135.455883][T14180] dirty 0 [ 135.458838][T14180] writeback 0 [ 135.462232][T14180] workingset_refault_anon 580 [ 135.466999][T14180] workingset_refault_file 310 [ 135.471739][T14180] swap 364544 [ 135.475373][T14180] swapcached 8192 [ 135.479024][T14180] pgpgin 136020 [ 135.482482][T14180] pgpgout 136018 [ 135.486059][T14180] pgfault 185693 [ 135.489628][T14180] pgmajfault 149 [ 135.493153][T14180] inactive_anon 8192 [ 135.497105][T14180] active_anon 0 [ 135.500890][T14180] inactive_file 0 [ 135.504526][T14180] active_file 0 [ 135.507969][T14180] unevictable 0 [ 135.511406][T14180] hierarchical_memory_limit 314572800 [ 135.516781][T14180] hierarchical_memsw_limit 9223372036854771712 [ 135.522985][T14180] total_cache 0 [ 135.526552][T14180] total_rss 0 [ 135.529855][T14180] total_shmem 0 [ 135.533368][T14180] total_mapped_file 0 [ 135.537342][T14180] total_dirty 0 [ 135.540788][T14180] total_writeback 0 [ 135.544608][T14180] total_workingset_refault_anon 580 [ 135.549803][T14180] total_workingset_refault_file 310 [ 135.554998][T14180] total_swap 364544 [ 135.558788][T14180] total_swapcached 8192 [ 135.562922][T14180] total_pgpgin 136020 [ 135.566927][T14180] total_pgpgout 136018 [ 135.570993][T14180] total_pgfault 185693 [ 135.575056][T14180] total_pgmajfault 149 [ 135.579148][T14180] total_inactive_anon 8192 [ 135.583582][T14180] total_active_anon 0 [ 135.587563][T14180] total_inactive_file 0 [ 135.591710][T14180] total_active_file 0 [ 135.595770][T14180] total_unevictable 0 [ 135.599740][T14180] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.4001,pid=14179,uid=0 [ 135.614515][T14180] Memory cgroup out of memory: Killed process 14179 (syz.0.4001) total-vm:95676kB, anon-rss:944kB, file-rss:22188kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 135.633225][ T29] audit: type=1400 audit(648.614:12582): avc: denied { connect } for pid=14222 comm="syz.1.4018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 135.684942][T14227] netlink: 532 bytes leftover after parsing attributes in process `syz.1.4020'. [ 135.717542][ T29] audit: type=1400 audit(648.694:12583): avc: denied { create } for pid=14228 comm="syz.4.4021" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 135.868651][T14239] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4025'. [ 136.245549][T14304] loop1: detected capacity change from 0 to 1024 [ 136.264870][T14304] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 136.295573][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.332344][T14316] ipip1: entered promiscuous mode [ 136.527030][T14350] loop1: detected capacity change from 0 to 512 [ 136.534593][T14351] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2051 sclass=netlink_route_socket pid=14351 comm=syz.2.4069 [ 136.549718][T14350] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.4073: Failed to acquire dquot type 1 [ 136.567960][T14350] EXT4-fs (loop1): 1 truncate cleaned up [ 136.574218][T14355] loop4: detected capacity change from 0 to 1024 [ 136.581019][T14350] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.582627][T14355] EXT4-fs: Ignoring removed nobh option [ 136.599709][T14355] EXT4-fs: Ignoring removed bh option [ 136.622706][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.637409][T14355] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.681406][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.783004][T14382] loop1: detected capacity change from 0 to 512 [ 136.790139][T14382] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 136.801583][T14382] EXT4-fs (loop1): 1 truncate cleaned up [ 136.807611][T14382] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 136.876838][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.417188][T14422] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4100'. [ 137.720577][T14442] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4109'. [ 137.836999][T14461] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4119'. [ 137.846055][T14461] netlink: 'syz.0.4119': attribute type 7 has an invalid length. [ 137.853788][T14461] netlink: 'syz.0.4119': attribute type 8 has an invalid length. [ 137.861513][T14461] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4119'. [ 137.896636][T14469] loop1: detected capacity change from 0 to 2048 [ 137.917354][T14475] sch_tbf: burst 0 is lower than device lo mtu (82) ! [ 137.963794][T14469] loop1: p1 < > p4 [ 137.969842][T14469] loop1: p4 size 8388608 extends beyond EOD, truncated [ 137.983138][T14479] syzkaller1: entered promiscuous mode [ 137.988815][T14479] syzkaller1: entered allmulticast mode [ 138.081454][T14484] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4127'. [ 138.164609][T14488] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4130'. [ 138.173641][T14488] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4130'. [ 138.203071][T14488] netlink: 'syz.3.4130': attribute type 6 has an invalid length. [ 139.124554][T14615] syzkaller0: entered promiscuous mode [ 139.130128][T14615] syzkaller0: entered allmulticast mode [ 139.240766][T14635] netlink: 'syz.2.4193': attribute type 12 has an invalid length. [ 139.264581][ T29] kauditd_printk_skb: 191 callbacks suppressed [ 139.264596][ T29] audit: type=1400 audit(652.244:12773): avc: denied { ioctl } for pid=14634 comm="syz.0.4194" path="socket:[33155]" dev="sockfs" ino=33155 ioctlcmd=0x48e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 139.404077][T14657] netlink: 'syz.1.4203': attribute type 3 has an invalid length. [ 139.542655][T14681] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 139.606747][T14681] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 139.641865][T14693] sch_tbf: burst 0 is lower than device lo mtu (82) ! [ 139.666472][T14681] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 139.710745][ T29] audit: type=1326 audit(652.684:12774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14698 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fabf1225967 code=0x7ffc0000 [ 139.733719][ T29] audit: type=1326 audit(652.684:12775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14698 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fabf11cab89 code=0x7ffc0000 [ 139.756830][ T29] audit: type=1326 audit(652.684:12776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14698 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fabf1225967 code=0x7ffc0000 [ 139.779745][ T29] audit: type=1326 audit(652.684:12777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14698 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fabf11cab89 code=0x7ffc0000 [ 139.802693][ T29] audit: type=1326 audit(652.684:12778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14698 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabf122e9a9 code=0x7ffc0000 [ 139.825897][ T29] audit: type=1400 audit(652.684:12779): avc: denied { ioctl } for pid=14699 comm="syz.1.4222" path="socket:[32731]" dev="sockfs" ino=32731 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 139.850347][ T29] audit: type=1326 audit(652.784:12780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14698 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fabf122e9a9 code=0x7ffc0000 [ 139.873521][ T29] audit: type=1326 audit(652.784:12781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14698 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabf122e9a9 code=0x7ffc0000 [ 139.896555][ T29] audit: type=1326 audit(652.784:12782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14698 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabf122e9a9 code=0x7ffc0000 [ 139.944740][T14681] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 140.022519][T14681] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 140.042786][T14681] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 140.070550][T14681] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 140.108054][T14681] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 140.523964][T14725] xt_hashlimit: max too large, truncated to 1048576 [ 140.550369][T14731] cgroup: Unknown subsys name 'cpuset' [ 140.624753][T14743] __nla_validate_parse: 10 callbacks suppressed [ 140.624772][T14743] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.4236'. [ 140.642681][T14733] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.4236'. [ 140.862537][T14780] loop4: detected capacity change from 0 to 1024 [ 140.869715][T14780] EXT4-fs: Ignoring removed oldalloc option [ 140.875914][T14780] EXT4-fs: Ignoring removed bh option [ 140.884914][T14780] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.131756][T14780] ================================================================== [ 141.139898][T14780] BUG: KCSAN: data-race in __writeback_single_inode / generic_buffers_fsync_noflush [ 141.149299][T14780] [ 141.151642][T14780] read-write to 0xffff88811a010a50 of 4 bytes by task 14791 on cpu 0: [ 141.159817][T14780] __writeback_single_inode+0x1e3/0x7c0 [ 141.165384][T14780] writeback_single_inode+0x167/0x3e0 [ 141.170867][T14780] sync_inode_metadata+0x5b/0x90 [ 141.175825][T14780] generic_buffers_fsync_noflush+0xd9/0x120 [ 141.181744][T14780] ext4_sync_file+0x1ab/0x690 [ 141.186439][T14780] vfs_fsync_range+0x10a/0x130 [ 141.191228][T14780] ext4_buffered_write_iter+0x34f/0x3c0 [ 141.196784][T14780] ext4_file_write_iter+0x383/0xf00 [ 141.201996][T14780] iter_file_splice_write+0x5ef/0x970 [ 141.202102][T14791] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.4255: Allocating blocks 1-17 which overlap fs metadata [ 141.207372][T14780] direct_splice_actor+0x153/0x2a0 [ 141.207402][T14780] splice_direct_to_actor+0x30f/0x680 [ 141.231415][T14780] do_splice_direct+0xda/0x150 [ 141.236172][T14780] do_sendfile+0x380/0x650 [ 141.240595][T14780] __x64_sys_sendfile64+0x105/0x150 [ 141.245778][T14780] x64_sys_call+0xb39/0x2fb0 [ 141.250350][T14780] do_syscall_64+0xd2/0x200 [ 141.254834][T14780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.260707][T14780] [ 141.263013][T14780] read to 0xffff88811a010a50 of 4 bytes by task 14780 on cpu 1: [ 141.270644][T14780] generic_buffers_fsync_noflush+0x80/0x120 [ 141.276541][T14780] ext4_sync_file+0x1ab/0x690 [ 141.281201][T14780] vfs_fsync_range+0x10a/0x130 [ 141.285957][T14780] ext4_buffered_write_iter+0x34f/0x3c0 [ 141.291487][T14780] ext4_file_write_iter+0x383/0xf00 [ 141.296669][T14780] iter_file_splice_write+0x5ef/0x970 [ 141.302033][T14780] direct_splice_actor+0x153/0x2a0 [ 141.307153][T14780] splice_direct_to_actor+0x30f/0x680 [ 141.312517][T14780] do_splice_direct+0xda/0x150 [ 141.317358][T14780] do_sendfile+0x380/0x650 [ 141.321761][T14780] __x64_sys_sendfile64+0x105/0x150 [ 141.326967][T14780] x64_sys_call+0xb39/0x2fb0 [ 141.331544][T14780] do_syscall_64+0xd2/0x200 [ 141.336036][T14780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.341916][T14780] [ 141.344221][T14780] value changed: 0x00000022 -> 0x00000000 [ 141.350040][T14780] [ 141.352349][T14780] Reported by Kernel Concurrency Sanitizer on: [ 141.358483][T14780] CPU: 1 UID: 0 PID: 14780 Comm: syz.4.4255 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(voluntary) [ 141.370968][T14780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 141.381015][T14780] ================================================================== [ 141.392196][T14780] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.4255: Allocating blocks 1-17 which overlap fs metadata [ 141.407680][T14780] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.4255: Allocating blocks 1-17 which overlap fs metadata [ 141.463051][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.