last executing test programs: 1m4.601923944s ago: executing program 2 (id=1908): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ftruncate(r0, 0x8008976) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) fstat(r0, &(0x7f00000010c0)) 1m4.249946831s ago: executing program 2 (id=1916): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0xa, 0x4, 0x8, 0xd}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x1, 0x6, 0x400, 0x9, 0x1}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xf}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1m4.169382613s ago: executing program 2 (id=1921): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000540)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRES16, @ANYRES32=0x0, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000dc0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GET(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000540)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000fbfbdf25270000000e0001006e655f64657673696d0000000f0002006e657464657673696d3000001c0053"], 0x50}, 0x1, 0x0, 0x0, 0x24040011}, 0x0) 1m4.124812473s ago: executing program 2 (id=1923): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x56e, &(0x7f0000000640)="$eJzs3U9sHFcZAPBvdh0ndU1dm1pqysGBRLh/FNvtSk4NB8IBDhT1UiRUqRysZGMHr2Nju6I2F/fGiQoJBKiiasQBCSRiiQNwqChIHJAIEgIhLNRKIA78aQHhHggBjGZ3NtnYs2bBjhcyv5+02TdvnvO9t5vvafe9iSeAwjqR/pFE9EfE1YgYaBze2uBE4+kblY3ZK5WN2SS2t5/6U1Jvd7myMdts2vy5uyNiPSLuj4jvX4g4d2R33OXVtbnpWq26lB2Pr8wvji+vrp2+OD89U52pXqpUHp+anJw6MznxH4wm2fPsRxffGPrF7JMzL4/8/ekz81/5YxJn6+OOHeM4SHk96kkizt6OYF1QTscTEX0dth+uvvDKbe4SHfrc0OZ4+t7dFxGn6vk/EOX6uxnxvpee+ctAvPd6u5+9uvnS7w6zrwDAwdlOHd37NHBnKkX63T8pjUVEo1wqjY01vsPfF32l2sLyyiMXFp69dL6xRnBvHClduFirTmRrBffGkSQ9frRevnn82I7jSkQMRsSny3fVj8fOLdTOH+pMBzT1R7z+zU+c6717R/7/ttzIf+DOleb/z37w7e+m5bfK3e4NcJjS/P/aW/NPhPyHwpH/UFzyH4pL/kNxyX8oLvkPxSX/objkPxSX/Ifikv9QXK35L/2hmAZHXt1MImL9PXfVH6ne7FzOr+0B7iDb24n/5A8F5bM/FFdPtzsAdI3v+MDevzk74li7E4sH3xfgcJS63QGga0aP2/+DorL+D8Vl/R+Ky2d8wPo/FI/1fyiu/jb3/3pby727JiLinoj4UfnI0ea9voD/X/0Rr7949VvPRJR+n2Sf/0cHTvVPv/Ha91rb9SZ/rW8R9EbEJ1986gvPTa+sLD2a1v/5Rv3KF7P6x7o1GqATzTxt5jFQXMura3PTtVp1SUFBoXCF5jxwubIx23wc1tzzwsMRb76/cRFCGvdK9mic7cnWJo/V9yj7tpJbrlVIDmDv8jOnI9afj4j788afZPc7b+x89G2Vd8V/e/acPo5n6ydpm+EO45fv2V/8B1rij7TEf0eH8Tc/0mHD22Tw692N//Ivs9d/oqcn7/Xf77UxQ//m/BNf3WeAffrNr7sb/9RId+N/fiHi1XT+mcjLv1Kaljd2PnfOP/0t10n/tz41enP+u7Jr/ivdmP/Kbea/Ex3G+eHT1Y/l1Zd/HPHm8xEP5MZvxjtWj9W3VdoV/2TL/PPgHvH/8OGfzuXVn30tYvtyxGjkx2+NNb4yvzi+vLp2+uL89Ex1pnqpUnl8anJy6szkxHh9jXq8uVK925PXhz+QV3/yy43x97WJ3xx/u9d/e48xt1r70sf735lT/5PjjfgPnsx//4ey+I3Xv2dX/Hdlz+m/k39k1/Kmba5FxNGs/qGI+M4rgw/n9etD1xvxz7cZf+mW+LvH/0iH4//sr/75bF79cx/s8C8AAA5U+6WBbvcMAAA4aIex09jtMQL5+rZ6o3UbOFlv2VdYv7mvkNZfy/YXyusRf8v2GNL6h7JdsrScu9EA/M8ZXnv3z7vdBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICiW15dm5uu1apLy93uCXDY/hUAAP//T2kBHQ==") open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]}) 1m4.008726725s ago: executing program 2 (id=1928): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=[@in={0x2, 0x4e23, @rand_addr=0x64010180}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={r2, 0x7, 0x401, 0x5, 0x9, 0x7}, &(0x7f0000000500)=0x14) 1m3.693312571s ago: executing program 2 (id=1938): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x7a05, 0x1700) splice(r0, 0x0, r1, &(0x7f00000002c0)=0x87ffffe, 0x6, 0x0) 1m3.623819783s ago: executing program 32 (id=1938): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x7a05, 0x1700) splice(r0, 0x0, r1, &(0x7f00000002c0)=0x87ffffe, 0x6, 0x0) 54.411268771s ago: executing program 3 (id=2273): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r1, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20) syz_emit_ethernet(0xbe, &(0x7f0000000100)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x1, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @broadcast, @empty}, {0x4e24, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x1, "65a252e7cb7a5918c004a9971a46afced2c32642b1ec9fe34818d8ccd82041b7", "c930713c550e74ee13c2638ac75b2a9666efd31a34fce4498df8105d8bd8ed283a220c3a9becd8a70d3607ea8270d351", "ae12e16b560f2f8ac4ca3e745ce285f12f6e8719e7f1e7f286a68f76", {"980aa8fb8f80d69f1fb587086447e93e", "55e824bb69e833bd36300b088233545a"}}}}}}}, 0x0) 54.327732612s ago: executing program 3 (id=2281): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn") openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x100) preadv2(r0, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000000180)=""/36, 0x24}], 0x2, 0x0, 0x0, 0x0) 54.038447748s ago: executing program 3 (id=2286): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffb}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) close(r1) 53.888664731s ago: executing program 3 (id=2290): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x56e, &(0x7f0000000640)="$eJzs3U9sHFcZAPBvdh0ndU1dm1pqysGBRLh/FNvtSk4NB8IBDhT1UiRUqRysZGMHr2Nju6I2F/fGiQoJBKiiasQBCSRiiQNwqChIHJAIEgIhLNRKIA78aQHhHggBjGZ3NtnYs2bBjhcyv5+02TdvnvO9t5vvafe9iSeAwjqR/pFE9EfE1YgYaBze2uBE4+kblY3ZK5WN2SS2t5/6U1Jvd7myMdts2vy5uyNiPSLuj4jvX4g4d2R33OXVtbnpWq26lB2Pr8wvji+vrp2+OD89U52pXqpUHp+anJw6MznxH4wm2fPsRxffGPrF7JMzL4/8/ekz81/5YxJn6+OOHeM4SHk96kkizt6OYF1QTscTEX0dth+uvvDKbe4SHfrc0OZ4+t7dFxGn6vk/EOX6uxnxvpee+ctAvPd6u5+9uvnS7w6zrwDAwdlOHd37NHBnKkX63T8pjUVEo1wqjY01vsPfF32l2sLyyiMXFp69dL6xRnBvHClduFirTmRrBffGkSQ9frRevnn82I7jSkQMRsSny3fVj8fOLdTOH+pMBzT1R7z+zU+c6717R/7/ttzIf+DOleb/z37w7e+m5bfK3e4NcJjS/P/aW/NPhPyHwpH/UFzyH4pL/kNxyX8oLvkPxSX/objkPxSX/Ifikv9QXK35L/2hmAZHXt1MImL9PXfVH6ne7FzOr+0B7iDb24n/5A8F5bM/FFdPtzsAdI3v+MDevzk74li7E4sH3xfgcJS63QGga0aP2/+DorL+D8Vl/R+Ky2d8wPo/FI/1fyiu/jb3/3pby727JiLinoj4UfnI0ea9voD/X/0Rr7949VvPRJR+n2Sf/0cHTvVPv/Ha91rb9SZ/rW8R9EbEJ1986gvPTa+sLD2a1v/5Rv3KF7P6x7o1GqATzTxt5jFQXMura3PTtVp1SUFBoXCF5jxwubIx23wc1tzzwsMRb76/cRFCGvdK9mic7cnWJo/V9yj7tpJbrlVIDmDv8jOnI9afj4j788afZPc7b+x89G2Vd8V/e/acPo5n6ydpm+EO45fv2V/8B1rij7TEf0eH8Tc/0mHD22Tw692N//Ivs9d/oqcn7/Xf77UxQ//m/BNf3WeAffrNr7sb/9RId+N/fiHi1XT+mcjLv1Kaljd2PnfOP/0t10n/tz41enP+u7Jr/ivdmP/Kbea/Ex3G+eHT1Y/l1Zd/HPHm8xEP5MZvxjtWj9W3VdoV/2TL/PPgHvH/8OGfzuXVn30tYvtyxGjkx2+NNb4yvzi+vLp2+uL89Ex1pnqpUnl8anJy6szkxHh9jXq8uVK925PXhz+QV3/yy43x97WJ3xx/u9d/e48xt1r70sf735lT/5PjjfgPnsx//4ey+I3Xv2dX/Hdlz+m/k39k1/Kmba5FxNGs/qGI+M4rgw/n9etD1xvxz7cZf+mW+LvH/0iH4//sr/75bF79cx/s8C8AAA5U+6WBbvcMAAA4aIex09jtMQL5+rZ6o3UbOFlv2VdYv7mvkNZfy/YXyusRf8v2GNL6h7JdsrScu9EA/M8ZXnv3z7vdBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICiW15dm5uu1apLy93uCXDY/hUAAP//T2kBHQ==") open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]}) 53.652267665s ago: executing program 3 (id=2307): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") 53.334308461s ago: executing program 3 (id=2328): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90) getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000) 53.315643271s ago: executing program 33 (id=2328): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90) getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000) 17.014949872s ago: executing program 6 (id=3945): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000580)=@generic={&(0x7f0000000540)='./file0\x00', r1}, 0x18) 16.992340662s ago: executing program 6 (id=3947): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r0}, 0x10) setitimer(0x0, 0x0, 0x0) 16.962350363s ago: executing program 6 (id=3949): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), r1) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000240)={'wg0\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="e0100000", @ANYRES16=r2, @ANYBLOB="0500000000000000000001000000060006004e240000901008809005008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b24000100000000000000000000000000000000000000000000000000000000000000000024000200fcbefe9641719404cc5c9ab2766dd4793e367b0ea55e65e2e3416ac9d4e68841240002001171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec24000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691cb40409807c000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200e00000010500030000000000f4000080060001000a00000014000200fc0000000000000000000000000000000500030001000000060001000a00000014000200fc0200000000000000000000000000010500030000000000060001000200000008000200e00000020500030003000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414bb0500030001000000060001000200000008000200ac1414bb0500030000000000060001000a00000014000200000000000000000000000000000000010500030002000000060001000a00000014000200fc0200000000000000000000000000000500030003000000340000800600010002000000080002000a0101010500030004000000060001000200000008000200ac1414aa050003000300000064000080060001000a00000014000200200100000000000000000000000000000500030002000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff010000000000000000000000000001050003000200000094000080060001000200000008000200ac1e00010500030002000000060001000200000008000200e00000010500030002000000060001000a00000014000200fc0000000000000000000000000000000500030002000000060001000200000008000200000000000500030003000000060001000a00000014000200fe80000000000000000000000000000e050003000000000040000080060001000a00000014000200fc0200000000000000000000000000000500030002000000060001000200000008000200ac1414aa050003000000000064000080060001000a00000014000200200100000000000000000000000000020500030001000000060001000a00000014000200fc02000000000000000000000000000105000300020000000600010002000000080002000a010100050003000200000070000080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000a00000014000200000000000000000000000000000000000500030002000000060001000a0000001400020000000000000000000000000000000001050003000000000000010080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000200000008000200000000000500030003000000060001000200000008000200640101000500030002000000060001000200000008000200640101010500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8000000000000000000000000000bb05000300020000000600010002000000080002007f0000010500030002000000060001000a00000014000200fc0200000000000000000000000000010500030003000000060001000200000008000200640101010500030001000000240002005da952055e5857d673cddd36909746c80efa3ff95c317de1063db32bc80a0b3e1803008024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39220600050005000000e802098058000080060001000200000008000200ac1e00010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200ffffffff05000300010000007c000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414bb0500030002000000060001000a000000140002000000000000000000000000000000000105000300020000000600010002000000080002000a0101010500030003000000f4000080060001000a0000001400020000000000000000000000ffffac1414aa0500030003000000060001000200000008000200ac1414aa05000300000000000600010002000000080002000a01010205000300020000000600010002000000080002007f00000105000300000000000600010002000000080002000a0101010500030003000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc01000000000000000000000000000005000300010000000600010002000000080002000a0101000500030000000000060001000200000008000200ac1e0101050003000200000094000080060001000a00000014000200fc0200000000000000000000000000010500030002000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200e00000010500030002000000060001000200000008000200ac1414bb0500030001000000060001000200000008000200ffffffff050003000200000088000080060001000a00000014000200fe8000000000000000000000000000aa0500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8800000000000000000000000001010500030002000000060001000a00000014000200ff02000000000000000000000000000105000300020000007c000080200004000a004e2100000006fc0100000000000000000000000000010400000008000a000100000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000300000024000200379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a549780000800800030001000000080003000400000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e22000000000000000000000000e4060080dc020980f4000080060001000a00000014000200000000000000000000000000000000000500030002000000060001000a00000014000200fc0000000000000000000000000000000500030001000000060001000200000008000200ffffffff050003000100000006d4e23d7500000008000200ac1e00010500030001000000060001000200000008000200e000000105000300020000000600010002000000080002007f0000010500030002000000060001000a00000014000200000000000000000000000000000000010500030001000000060001000a00000014000200fc010000000000000000000000000001050003000300000034000080060001000200000008000200640101000500030001000000060001000200000008000200ac1414bb050003000200000000010080060001000a00000014000200200100000000000000000000000000010500030000000000060001000200000008000200e000000205000300020000000600010002000000080002006401010005000300020000000600010002000000080002007f00000105000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ffffffff0500030000000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc0100000000000000000000000000010500030000000000940000800600010002000000080002006401010005000300010000000600010002000000080002006401010205000300000000000600010002000000080002007f0000010500030003000000060001000200000008000200e00000020500030003000000060001000200000008000200ac1414120500030002000000060001000200000008000200ac14142d05000300020000001c000080060001000200000008000200ffffffff05000300030000000800030002000000200004000a004e2000000005fc010000000000000000000000000001000000009403098094000080060001000a0000001400020000000000000000000000ffffac1414bb0500030003000000060001000a00000014000200fe8800000000000000000000000000010500030002000000060001000a00000014000200ff0100000000000000000000000000010500030003000000060001000a00000014000200fe880000000000000000000000000101050003000100000064000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414bb0500030001000000060001000a0000001400020000000000000000000000ffffe00000020500030003000000f4000080060001000200000008000200000000000500030001000000060001000a00000014000200000000000000000000000000000000010500030003000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe80000000000000000000000000003e05000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200ff0200000000000000000000000000010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200e0000001050003000000000058000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414410500030010000000060001000200000008000200ac1e00010500030001000000f4000080060001000200000008000200640101000500030002000000060001000a00000014000200200100000000000000000000000000000500030000000000060001000a00000014000200fc0200000000000000000000000000010500030003000000060001000a00000014000200fe8000000000000000000000000000aa0500030003000000060001000200000008000200ac1414aa0500030000000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414270500030000000000060001000a0000001400020020010000000000000000000000000002050003000100000058000080060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe8000000000000000000000000000140500030000000000060001000200000008000200e0000001050003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b240002000f1b8b82264208ab1a2dce776c03b9f348f500ef8e7606466943f5ba2ae2881e0c0000800800030006000000060006004e24000008000100", @ANYRES32=r3, @ANYBLOB="240003"], 0x10e0}}, 0x0) 16.919845484s ago: executing program 6 (id=3951): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000007b00)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00') 16.881873144s ago: executing program 6 (id=3952): perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x10c, &(0x7f0000000400)={0x0, 0xa430, 0x400, 0x0, 0x8b}, &(0x7f0000000240)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_WRITEV={0x2, 0x8, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 16.317298595s ago: executing program 6 (id=3989): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xf, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='setgroups\x00') close_range(r2, 0xffffffffffffffff, 0x0) 16.278952036s ago: executing program 34 (id=3989): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xf, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='setgroups\x00') close_range(r2, 0xffffffffffffffff, 0x0) 8.906335278s ago: executing program 1 (id=4292): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4080) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) unshare(0x22020600) recvmsg$kcm(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) 8.766396631s ago: executing program 1 (id=4308): r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_VLAN(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r2, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0) 8.723338782s ago: executing program 1 (id=4299): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb8000) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x7ff}, 0x94) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3) 8.058836215s ago: executing program 1 (id=4322): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000007b00)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00') 7.978455266s ago: executing program 1 (id=4326): r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$USBDEVFS_REAPURBNDELAY(r1, 0x4004550d, 0x0) 7.499969095s ago: executing program 1 (id=4343): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r0}, 0x10) ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x301, 0x0, 0xe0, 0x101, 0x0}) keyctl$clear(0x3, 0xfffffffffffffffd) 7.474312936s ago: executing program 35 (id=4343): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r0}, 0x10) ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x301, 0x0, 0xe0, 0x101, 0x0}) keyctl$clear(0x3, 0xfffffffffffffffd) 1.06898635s ago: executing program 0 (id=4609): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x94) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)='cpuset.mem_hardwall\x00', 0x2, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000080)) 1.04192139s ago: executing program 0 (id=4611): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)={0x3c, r2, 0x1b, 0x0, 0x3, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x3ff}, @ETHTOOL_A_LINKMODES_OURS={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x3c}}, 0x0) 1.02172753s ago: executing program 0 (id=4612): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0) 986.961231ms ago: executing program 0 (id=4616): bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x151a, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x2}, 0x100b38, 0x6, 0x20, 0x6, 0x8, 0xd, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r0, &(0x7f0000000880)=[{&(0x7f0000000440)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{0x0, 0x300}, {&(0x7f0000000300)="359cb6", 0x3}], 0x2, &(0x7f0000000000)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c000400"/44, @ANYRES32=0x0], 0x30}], 0x1, 0x0) 896.337343ms ago: executing program 0 (id=4621): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="480000001400030400000000000000000a3f0000", @ANYRES32=r1, @ANYBLOB="14000200ff2300000000000000000000000000011400060000000000060000000000000000000000080008000004"], 0x48}}, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000100)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7a, r1}) 885.441173ms ago: executing program 0 (id=4623): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0) write$binfmt_aout(r1, &(0x7f0000000400)=ANY=[], 0xff2e) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000080)={0x0, 0x7, 0x5, 0x3835cb32, 0x1, "e31500"}) 495.987281ms ago: executing program 5 (id=4645): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1) sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x2c, r2, 0x6a98047402e98331, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x0) 464.152401ms ago: executing program 5 (id=4647): bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000005c0)={0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f0000001340)={&(0x7f0000000b40)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000001200)=ANY=[@ANYBLOB='(\x00\x00'], 0x28}, 0x0) 419.311752ms ago: executing program 5 (id=4651): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000340), 0xa00, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x20000023896) ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000000)=0x8001) 386.200683ms ago: executing program 5 (id=4653): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x40, &(0x7f00000001c0)={[{@resgid}, {@barrier}, {@dioread_nolock}, {@quota}]}, 0xfe, 0x595, &(0x7f0000000240)="$eJzs3T1sG1UcAPD/ne1+BlIkkAB1qACpSFWdpB9QmNoVUalSByQWiBw3quLEUZxAE2VI9wrRAQHqUjYYGEEMDIiFkZUFxIxU0QikpgMY2T4nab6alDpu699PuuTevXP+7935/3x3uosD6FlHGj/SiBci4kIS0b+qLh9Z5ZHWekuL86W7i/OlJOr1i38mkUTEncX5Unv9JPt9MCIWIuL5iPixEHEsXR+3Njs3NlyplKey8sD0+ORAbXbu+OXx4dHyaHni5OtvnD5z6vTQiaHVL7tbX10q7Kyv1367/tG1n9+6ef2rrw8vlD4ZTuJs9GV1q/vxMLW2SSHOrll+qhPBuijpdgN4ILkszxup9Fz0Ry7y94wBq9U3qwAeS/W9EXWgRyXyH3pU+zigcf7bnnbz+OPWudYJSCPuUja1avKtaxOxr3lucuCvJLse0dI43zy0mw3libRwNSIG8/n17/8ke/89uMGH0UA66odzrR21fv+ny+NPbDD+9LWvnf5P7fFvad34txI/t8n4d2GbMf559/fPN41/NeLFDeMny/GTDeKnEfH+NuPfeOe7M5vV1b+IOBobx29L1l4fTrLK1vXhgUuXK+XB1s8NY3x/9PCbW/X/wCbxW9ds9zU/Zjba/pPb7P+3P33z0sIW8V99eev9v9H23x8RH28ZNbc898ydL9/ebK1bV5PbjaOAne7/xrKb9+t45rWzR37d5qoAAAAAAAAAAMAOpM172ZK0GHub5b5I02Kx9Qzvs3EgrVRr08cuVWcmRlr3vB2KQtq+06q/VU4a5aHsftx2+cSa8sn27Ui5/c1ysVStjHS15wAAAAAAAAAAAAAAAAAAAPDoOLj8/H/rfwH8nWs+/7/266qBJ1W+2w0Aukb+Q++6N/+TrrUD2H07+vyv93euIcBuqzv+h94l/6F3yX/oXfIfepf8h94l/6F3yX8AAAAAAAAAAAAAAAAAAAAAAAAAAOiIC+fPN6b63cX5UqM8kp+dGat+cHykXBsrjs+UiqXq1GRxtFodrZSLper4/f5eUq1ODsbEzJWB6XJteqA2O/feeHVmov2douVCx3sEAAAAAAAAAAAAAAAAAAAAj5++5pSkxYhIm/NpWixGPBURh6KQXLpcKQ9GxNMR8UuusLdRHup2owEAAAAAAAAAAAAAAAAAAOAJU5udGxuuVMpTPTKT38nKEbHwcJvR+IsrS/ZkO+E+rypkq20jRC4iHontbOZxn+nioAQAAAAAAAAAAAAAAAAAAD1q5aHf7b7i3842CAAAAAAAAAAAAAAAAAAAAHpS+kcSEY3paP8rfWtr9yRLuebviPjwxsVPrwxPT08NNZbfXl4+/Vm2/EQ32g9sVztP23kMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArKjNzo0NVyrlqQ7OdLuPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/ivwAAAP//4krRMA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0) pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0) r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) sendfile(r1, r1, 0x0, 0x800000009) 385.785723ms ago: executing program 7 (id=4654): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0x4000, 0x8, 0xc1}) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00') preadv(r0, &(0x7f00000005c0)=[{&(0x7f0000000280)=""/196, 0xc4}], 0x1, 0x8, 0xffffffff) 327.654954ms ago: executing program 7 (id=4656): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x9, 0x3, 0x8, 0x4, 0x2}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000d80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d380012"], 0xc4}}, 0x20050890) 310.113244ms ago: executing program 4 (id=4658): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000340)=ANY=[@ANYBLOB="000202"], 0x18) 292.397254ms ago: executing program 7 (id=4659): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a300000000014000780050015000000000008001240000000000d000300686173683a6e657400000000050005000a000000050004"], 0x5c}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0) 292.293205ms ago: executing program 4 (id=4660): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x4, 0xc}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='kfree\x00', r2}, 0x18) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c000380"], 0xfc}}, 0x0) 245.017796ms ago: executing program 8 (id=4661): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]}) statfs(&(0x7f0000000040)='./file0\x00', 0x0) 203.299386ms ago: executing program 7 (id=4662): bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000180)="c1dfb080cd21d308098ee68886dd", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 182.787326ms ago: executing program 4 (id=4663): r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)='a', 0x1}], 0x1, 0x0, 0x0, 0x44}], 0x1, 0x0) setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000400)={0x98, 0x20, 0x6, 0xd, 0x0, 0x2, 0x0, 0x7, 0x4, 0x0, 0x0, 0x2, 0x4, 0x3}, 0xe) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="300000000000000084000000010000000000000004"], 0x30}], 0x1, 0x0) recvmsg$unix(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) 181.968876ms ago: executing program 5 (id=4664): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/uevent_helper', 0x42, 0x0) pwritev(r2, &(0x7f0000000500)=[{0x0}, {&(0x7f0000000200)="9cc4", 0x2}], 0x2, 0xffffff01, 0x2) 165.459017ms ago: executing program 4 (id=4665): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000060000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18) bpf$PROG_LOAD(0x5, 0x0, 0x0) faccessat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x5) 123.335218ms ago: executing program 8 (id=4666): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x401, 0xfffffffe, 0x0, 0xffffffff}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f0000000640)='GPL\x00', 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x8000000000000000}, 0x18) close(r0) 123.019768ms ago: executing program 4 (id=4667): syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x1, 0xbaf, &(0x7f0000002f00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5mm6cwcE38/eHPe97wn8zxPTmfOe2BOA/jHms5+pBGHIuJsEjFZ359GxFC1NxKxWTvu/t3L81lLolJ5+7ckkoi4d/fyfOO1kvp2vD4YiYibryXx749a466ubyzPlcullfr46Nr5S0dX1zdeWTo/d650rnThxOyrJ2ZPzs52sdbbl9774pkf3nj+6vWPZ978/MB3SZyOifpccx3dMh3TW3+TZoWImOt2sJwM1OtprjMp5JgQAAAdpU1ruP/GZAzEw8XbZHz7Y67JAQAAAF1RGYioAAAAAPtc4v4fAAAA9rnG9wDu3b0832j5fiOhv+6ciYipWv2N55trM4XYrG5HYjAixn5Povmx1qT2a09tOov09felrEWPnkPuZPNKRPx/u/OfVOufqj7F3Vp/GhEzXYg//ch4L9V/ugvxn6z+4S5EBICIG2dqF7LW61+6tf6Jba5/hW2uXbuR9/W/sf6737L+e1j/QJv131s7jHH4wUs32801r//e/eTnhSx+tn2qop7AnSsRhwvb1Z9s1Z+0qf/sDmOMz9++1m4uqz+rt9H6XX/lesSR6mqutf6GpNP/T3R0calcmqn93Ob11092jt98/rOWxW/cC/RDdv7HYnfn/9IOY0z979dD7eYeX3/6y1DyTrU3VN/z4dza2sqxiKHk9db9xzvn0jim8RpZ/S8+1/n9v1392WfCZv3vkP3ruVLfZuOrj8QcP3L8q93X31tZ/Qu7PP+f7jDGl99ce7/dXN71AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALA3pBExEUla3OqnabEYMR4R/4mxtHxxde3lxYsfXFjI5iKmYjBdXCqXZiJisjZOsvGxav/h+Pgj49mIOBgRn02OVsfF+YvlhbyLBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYMt4RExEkhYjIo2IPybTtFjMOysAAACg66byTgAAAADoOff/AAAAsP+13P8X/jIa6WcuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7EsHn71xK4mIzVOj1ZYZqs8N5poZ0Gvpzg4b63UeQP8N5J0AkJtCU79SqVRyTAXoM/f4QPKY+ZG2M8NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv68XDt24lUTE5qnRassM1ecGc80M6LU07wSA3Ax0mkweuwPYwwp5JwDkxj0+UFvZP6jUtM6PtP3N4aeOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDeMVFtSVqMiLTaT9NiMeJfETEVg8niUrk0ExEHIuKnycHhbHws76QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoutX1jeW5crm0oqOj08XOaPQt1mj9zdzmmOH2Ux06OX8wAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQi9X1jeW5crm0spp3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDeVtc3lufK5dJKDzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DAAA///6CAm5") sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000000200)=@abs={0x1, 0x0, 0x4e22}, 0x6e) bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 122.742778ms ago: executing program 8 (id=4668): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b05d25a806f8c6394f91a24fc6007020f", 0x17}], 0x1, 0x0, 0x0, 0x400300}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33) 119.708998ms ago: executing program 7 (id=4669): openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) close(0xffffffffffffffff) r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0xe00000, 0x4) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000001a0001970000ff7f0000000080000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\b\x00', @ANYRES32=r0], 0x24}}, 0x0) 110.278898ms ago: executing program 5 (id=4670): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10) io_setup(0x3, &(0x7f0000000340)) 78.416648ms ago: executing program 7 (id=4671): r0 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0) flock(r0, 0x2) r1 = open(&(0x7f0000000300)='.\x00', 0x100000, 0x0) flock(r1, 0x1) flock(r0, 0x5) 78.105499ms ago: executing program 8 (id=4672): r0 = syz_io_uring_setup(0x6d3b, &(0x7f0000000340)={0x0, 0xa7f6, 0x10100, 0x3, 0x3cd}, &(0x7f0000000000), &(0x7f0000000040)) io_uring_enter(r0, 0x780, 0x0, 0xc, 0x0, 0x0) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500), 0x0, 0x2}, 0x38) r1 = io_uring_setup(0x25f5, &(0x7f00000000c0)={0x0, 0xc63b, 0x0, 0x0, 0x1}) io_uring_enter(r1, 0x0, 0x2, 0xf, &(0x7f0000000000), 0x18) 48.758419ms ago: executing program 8 (id=4673): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000040)=0x30, 0x5e) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) r1 = epoll_create(0x7fff) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x4}) 28.54736ms ago: executing program 4 (id=4674): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10) r2 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$selinux_access(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="73797374656d1f7557657865637f742073797374656d5f753aff3a73302030"], 0x56) 0s ago: executing program 8 (id=4675): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f00000004c0)={@val, @void, @eth={@random="ad65d0fc00", @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x1, 0x2, 0x14, 0x64, 0x0, 0x1, 0x11, 0x0, @rand_addr=0x64010102, @empty=0xe0000001}, {0x4e22, 0x4e21, 0xc, 0x0, @gue={{0x1, 0x0, 0x1, 0xff, 0x0, @void}}}}}}}}, 0x32) kernel console output (not intermixed with test programs): x7fffffff) [ 97.684110][ T9288] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2563'. [ 97.684196][ T9290] ip6gre0: Caught tx_queue_len zero misconfig [ 97.711868][ T9294] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 97.717351][ T9290] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 97.765339][ T9302] loop0: detected capacity change from 0 to 1024 [ 97.780451][ T9302] EXT4-fs: Ignoring removed orlov option [ 97.786305][ T9302] EXT4-fs: Ignoring removed nomblk_io_submit option [ 97.841125][ T9308] loop4: detected capacity change from 0 to 512 [ 97.881114][ T9308] EXT4-fs warning (device loop4): ext4_xattr_inode_get:556: inode #11: comm syz.4.2570: EA inode hash validation failed [ 97.916156][ T9308] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.2570: corrupted inode contents [ 97.928758][ T9308] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #15: comm syz.4.2570: mark_inode_dirty error [ 97.943439][ T9308] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.2570: corrupted inode contents [ 97.958205][ T9308] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #15: comm syz.4.2570: mark_inode_dirty error [ 97.970403][ T9308] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #15: comm syz.4.2570: mark inode dirty (error -117) [ 97.984888][ T9308] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117) [ 97.995387][ T9308] EXT4-fs (loop4): 1 orphan inode deleted [ 98.018427][ T9310] loop5: detected capacity change from 0 to 2048 [ 98.050063][ T9326] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2577'. [ 98.066431][ T9310] loop5: p2 p3 p7 [ 98.072178][ T9326] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2577'. [ 98.081888][ T9326] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2577'. [ 98.091158][ T9326] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2577'. [ 98.100207][ T9322] loop4: detected capacity change from 0 to 4096 [ 98.449927][ T9355] loop0: detected capacity change from 0 to 1024 [ 98.655308][ T9375] loop6: detected capacity change from 0 to 1024 [ 98.693922][ T9375] EXT4-fs: Ignoring removed i_version option [ 98.700013][ T9375] EXT4-fs: Ignoring removed orlov option [ 98.713289][ T9375] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 98.835125][ T9389] loop6: detected capacity change from 0 to 764 [ 98.925353][ T9399] loop4: detected capacity change from 0 to 512 [ 98.965800][ T9402] loop5: detected capacity change from 0 to 512 [ 98.997195][ T9399] ext4 filesystem being mounted at /547/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 99.013835][ T9402] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 99.028999][ T9402] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 99.142891][ T9420] loop5: detected capacity change from 0 to 512 [ 99.149561][ T9420] EXT4-fs: Ignoring removed mblk_io_submit option [ 99.183488][ T9426] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=9426 comm=syz.0.2621 [ 99.196095][ T9426] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=9426 comm=syz.0.2621 [ 99.209099][ T9420] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 99.249648][ T9420] EXT4-fs (loop5): 1 truncate cleaned up [ 99.416166][ T9437] loop6: detected capacity change from 0 to 1024 [ 99.425599][ T9437] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 99.514012][ T9451] 9pnet: p9_errstr2errno: server reported unknown error @c [ 99.540036][ T9455] netlink: 4380 bytes leftover after parsing attributes in process `syz.4.2633'. [ 99.553200][ T9455] netlink: 4380 bytes leftover after parsing attributes in process `syz.4.2633'. [ 99.592461][ T9459] syzkaller1: entered promiscuous mode [ 99.598001][ T9459] syzkaller1: entered allmulticast mode [ 99.758409][ T9491] loop6: detected capacity change from 0 to 512 [ 99.781181][ T9491] EXT4-fs: Ignoring removed mblk_io_submit option [ 99.788348][ T9491] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 99.810636][ T9491] EXT4-fs (loop6): 1 truncate cleaned up [ 99.885362][ T9505] loop6: detected capacity change from 0 to 2048 [ 99.938771][ T8759] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set [ 99.978217][ T8759] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 100.222822][ T9559] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2681'. [ 100.250085][ T9562] netlink: 'syz.4.2682': attribute type 13 has an invalid length. [ 100.262741][ T9562] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 100.274142][ T9562] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 100.282207][ T9562] gretap1: entered promiscuous mode [ 100.287651][ T9562] gretap1: entered allmulticast mode [ 100.580071][ T9582] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 100.693102][ T9592] loop5: detected capacity change from 0 to 1024 [ 100.700958][ T9592] EXT4-fs: Ignoring removed bh option [ 100.706807][ T9592] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 100.746858][ T9584] loop4: detected capacity change from 0 to 8192 [ 100.801211][ T9597] netlink: 2 bytes leftover after parsing attributes in process `syz.5.2699'. [ 100.832545][ T9603] ALSA: seq fatal error: cannot create timer (-22) [ 100.938836][ T9611] veth0: entered promiscuous mode [ 100.951306][ T9611] veth0: left promiscuous mode [ 101.007201][ T9625] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2712'. [ 101.094602][ T9641] loop4: detected capacity change from 0 to 512 [ 101.119151][ T9641] ext4 filesystem being mounted at /587/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 101.215312][ T9661] loop5: detected capacity change from 0 to 128 [ 101.227729][ T9663] netlink: 16 bytes leftover after parsing attributes in process `+}[@'. [ 101.261589][ T9661] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 101.270423][ T9665] loop4: detected capacity change from 0 to 512 [ 101.276793][ T9661] System zones: 1-3, 19-19, 35-36 [ 101.283813][ T9665] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 101.294892][ T9661] ext4 filesystem being mounted at /124/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 101.300870][ T9665] EXT4-fs (loop4): 1 truncate cleaned up [ 101.332907][ T9661] EXT4-fs warning (device loop5): verify_group_input:137: Cannot add at group 33554438 (only 1 groups) [ 101.436734][ T9686] netlink: 'syz.4.2739': attribute type 1 has an invalid length. [ 101.444819][ T9686] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2739'. [ 101.721580][ T9730] loop4: detected capacity change from 0 to 512 [ 101.969666][ T9764] hub 9-0:1.0: USB hub found [ 101.980282][ T9764] hub 9-0:1.0: 8 ports detected [ 102.012834][ T9767] IPv6: NLM_F_CREATE should be specified when creating new route [ 102.025311][ T9769] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 102.042356][ T9769] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2788'. [ 102.085047][ T29] kauditd_printk_skb: 158 callbacks suppressed [ 102.085066][ T29] audit: type=1326 audit(1759298086.478:2251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.6.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 102.126978][ T29] audit: type=1326 audit(1759298086.478:2252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.6.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 102.150454][ T29] audit: type=1326 audit(1759298086.516:2253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.6.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 102.173982][ T29] audit: type=1326 audit(1759298086.516:2254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.6.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 102.197730][ T29] audit: type=1326 audit(1759298086.516:2255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.6.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 102.221265][ T29] audit: type=1326 audit(1759298086.516:2256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.6.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 102.244822][ T29] audit: type=1326 audit(1759298086.516:2257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.6.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 102.268256][ T29] audit: type=1326 audit(1759298086.516:2258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.6.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 102.291711][ T29] audit: type=1326 audit(1759298086.516:2259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.6.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 102.315271][ T29] audit: type=1326 audit(1759298086.516:2260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.6.2779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 102.351530][ T9776] syz.1.2780: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 102.366365][ T9776] CPU: 0 UID: 0 PID: 9776 Comm: syz.1.2780 Not tainted syzkaller #0 PREEMPT(voluntary) [ 102.366392][ T9776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 102.366405][ T9776] Call Trace: [ 102.366413][ T9776] [ 102.366421][ T9776] __dump_stack+0x1d/0x30 [ 102.366442][ T9776] dump_stack_lvl+0xe8/0x140 [ 102.366537][ T9776] dump_stack+0x15/0x1b [ 102.366610][ T9776] warn_alloc+0x12b/0x1a0 [ 102.366663][ T9776] ? __pfx_min_vruntime_cb_rotate+0x10/0x10 [ 102.366706][ T9776] __vmalloc_node_range_noprof+0x9c/0xe00 [ 102.366742][ T9776] ? probe_sched_wakeup+0x85/0xa0 [ 102.366780][ T9776] ? ttwu_do_activate+0x1d0/0x210 [ 102.366905][ T9776] ? __rcu_read_unlock+0x4f/0x70 [ 102.366936][ T9776] ? avc_has_perm_noaudit+0x1b1/0x200 [ 102.366959][ T9776] ? should_fail_ex+0x30/0x280 [ 102.366979][ T9776] ? xskq_create+0x36/0xe0 [ 102.367014][ T9776] vmalloc_user_noprof+0x7d/0xb0 [ 102.367048][ T9776] ? xskq_create+0x80/0xe0 [ 102.367143][ T9776] xskq_create+0x80/0xe0 [ 102.367160][ T9776] xsk_init_queue+0x95/0xf0 [ 102.367192][ T9776] xsk_setsockopt+0x3f5/0x640 [ 102.367308][ T9776] ? __pfx_xsk_setsockopt+0x10/0x10 [ 102.367420][ T9776] __sys_setsockopt+0x181/0x200 [ 102.367443][ T9776] __x64_sys_setsockopt+0x64/0x80 [ 102.367542][ T9776] x64_sys_call+0x20ec/0x3000 [ 102.367637][ T9776] do_syscall_64+0xd2/0x200 [ 102.367677][ T9776] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 102.367713][ T9776] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 102.367751][ T9776] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.367875][ T9776] RIP: 0033:0x7ff29ee0eec9 [ 102.367920][ T9776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 102.367938][ T9776] RSP: 002b:00007ff29d877038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 102.367960][ T9776] RAX: ffffffffffffffda RBX: 00007ff29f065fa0 RCX: 00007ff29ee0eec9 [ 102.368005][ T9776] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006 [ 102.368032][ T9776] RBP: 00007ff29ee91f91 R08: 0000000000000004 R09: 0000000000000000 [ 102.368049][ T9776] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 102.368065][ T9776] R13: 00007ff29f066038 R14: 00007ff29f065fa0 R15: 00007fffd941d608 [ 102.368090][ T9776] [ 102.400062][ T9780] openvswitch: netlink: Message has 6 unknown bytes. [ 102.403180][ T9776] Mem-Info: [ 102.605114][ T9776] active_anon:50875 inactive_anon:23 isolated_anon:0 [ 102.605114][ T9776] active_file:21024 inactive_file:2304 isolated_file:0 [ 102.605114][ T9776] unevictable:0 dirty:236 writeback:0 [ 102.605114][ T9776] slab_reclaimable:3417 slab_unreclaimable:21602 [ 102.605114][ T9776] mapped:29962 shmem:46677 pagetables:1464 [ 102.605114][ T9776] sec_pagetables:0 bounce:0 [ 102.605114][ T9776] kernel_misc_reclaimable:0 [ 102.605114][ T9776] free:1799194 free_pcp:41008 free_cma:0 [ 102.650645][ T9776] Node 0 active_anon:188884kB inactive_anon:92kB active_file:84096kB inactive_file:9216kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:119848kB dirty:944kB writeback:0kB shmem:171976kB kernel_stack:3744kB pagetables:5856kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 102.678228][ T9776] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 102.707236][ T9776] lowmem_reserve[]: 0 2883 7862 7862 [ 102.712791][ T9776] Node 0 DMA32 free:2949212kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952744kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:3532kB free_cma:0kB [ 102.743161][ T9776] lowmem_reserve[]: 0 0 4978 4978 [ 102.748231][ T9776] Node 0 Normal free:4232204kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:159420kB inactive_anon:92kB active_file:84096kB inactive_file:9216kB unevictable:0kB writepending:944kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:204312kB local_pcp:141556kB free_cma:0kB [ 102.780616][ T9776] lowmem_reserve[]: 0 0 0 0 [ 102.785232][ T9776] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 102.797976][ T9776] Node 0 DMA32: 3*4kB (M) 4*8kB (M) 5*16kB (M) 3*32kB (M) 2*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949212kB [ 102.814330][ T9776] Node 0 Normal: 396*4kB (UME) 104*8kB (U) 34*16kB (U) 15*32kB (UM) 16*64kB (UM) 10*128kB (U) 7*256kB (UME) 7*512kB (U) 16*1024kB (UME) 25*2048kB (UM) 1014*4096kB (UM) = 4232048kB [ 102.832387][ T9776] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 102.841724][ T9776] 54623 total pagecache pages [ 102.846432][ T9776] 67 pages in swap cache [ 102.850742][ T9776] Free swap = 124728kB [ 102.854943][ T9776] Total swap = 124996kB [ 102.859353][ T9776] 2097051 pages RAM [ 102.863332][ T9776] 0 pages HighMem/MovableOnly [ 102.868194][ T9776] 80465 pages reserved [ 103.044705][ T9803] raw_sendmsg: syz.5.2795 forgot to set AF_INET. Fix it! [ 103.111702][ T9809] syzkaller1: entered promiscuous mode [ 103.117297][ T9809] syzkaller1: entered allmulticast mode [ 103.263703][ T9837] program syz.4.2812 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 103.343647][ T8392] IPVS: starting estimator thread 0... [ 103.361704][ T9833] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 103.447271][ T9845] IPVS: using max 1968 ests per chain, 98400 per kthread [ 103.964673][ T9961] lo: Caught tx_queue_len zero misconfig [ 103.970388][ T9961] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2873'. [ 104.106249][ T9984] loop5: detected capacity change from 0 to 512 [ 104.114078][ T9984] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 104.127391][ T9984] EXT4-fs (loop5): 1 truncate cleaned up [ 104.134629][ T9984] EXT4-fs mount: 77 callbacks suppressed [ 104.134647][ T9984] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.173691][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.265004][T10002] loop6: detected capacity change from 0 to 512 [ 104.283778][T10002] EXT4-fs error (device loop6): ext4_acquire_dquot:6943: comm syz.6.2891: Failed to acquire dquot type 1 [ 104.298626][T10002] EXT4-fs (loop6): 1 truncate cleaned up [ 104.305548][T10002] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.330620][T10002] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 104.332118][T10013] loop4: detected capacity change from 0 to 512 [ 104.347883][T10013] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 104.363940][T10002] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000. [ 104.372390][T10013] EXT4-fs (loop4): 1 truncate cleaned up [ 104.378552][T10013] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.438038][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.458595][T10017] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 104.465428][ T8759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.474206][ T8380] lo speed is unknown, defaulting to 1000 [ 104.537855][T10021] loop4: detected capacity change from 0 to 512 [ 104.563140][T10021] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 104.575412][T10027] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 104.646081][T10034] tipc: Started in network mode [ 104.651002][T10034] tipc: Node identity 7f000001, cluster identity 4711 [ 104.665284][T10034] tipc: Enabled bearer , priority 10 [ 104.730848][T10043] syzkaller1: entered promiscuous mode [ 104.736362][T10043] syzkaller1: entered allmulticast mode [ 104.760209][T10045] program syz.6.2908 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 104.770584][T10045] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 104.803129][T10049] loop6: detected capacity change from 0 to 1024 [ 104.822541][T10049] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.890565][T10049] EXT4-fs error (device loop6): mb_free_blocks:2017: group 0, inode 18: block 177:freeing already freed block (bit 11); block bitmap corrupt. [ 104.921334][ T8759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.463396][T10151] netlink: 197276 bytes leftover after parsing attributes in process `syz.4.2933'. [ 105.734680][ T8393] tipc: Node number set to 2130706433 [ 105.862190][T10221] SELinux: failed to load policy [ 106.102194][T10261] loop6: detected capacity change from 0 to 512 [ 106.121804][T10261] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 106.154470][T10261] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 106.194671][T10275] 9pnet_fd: Insufficient options for proto=fd [ 106.203681][ T8759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 106.374466][T10304] SELinux: security policydb version 17 (MLS) not backwards compatible [ 106.383699][T10304] SELinux: failed to load policy [ 106.446866][T10312] SELinux: policydb version 4376 does not match my version range 15-35 [ 106.455440][T10312] SELinux: failed to load policy [ 106.587717][T10330] loop4: detected capacity change from 0 to 128 [ 106.646603][T10341] loop4: detected capacity change from 0 to 512 [ 106.662989][T10341] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 106.678081][T10341] EXT4-fs warning (device loop4): dx_probe:837: inode #2: comm syz.4.2992: Unimplemented hash flags: 0x0001 [ 106.689838][T10341] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.2992: Corrupt directory, running e2fsck is recommended [ 106.704421][T10341] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.2992: path /677/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0 [ 106.784605][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.059522][T10396] loop4: detected capacity change from 0 to 512 [ 107.069502][T10396] EXT4-fs: Ignoring removed oldalloc option [ 107.101048][T10396] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 107.135077][T10396] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.3017: invalid indirect mapped block 4294967295 (level 0) [ 107.150894][T10411] loop5: detected capacity change from 0 to 512 [ 107.179317][T10396] EXT4-fs (loop4): Remounting filesystem read-only [ 107.186277][T10411] EXT4-fs warning (device loop5): ext4_xattr_inode_get:556: inode #11: comm syz.5.3022: EA inode hash validation failed [ 107.200264][T10396] EXT4-fs (loop4): 1 orphan inode deleted [ 107.206077][T10396] EXT4-fs (loop4): 1 truncate cleaned up [ 107.225113][T10396] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.245539][T10411] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.3022: corrupted inode contents [ 107.274911][T10411] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #15: comm syz.5.3022: mark_inode_dirty error [ 107.286589][T10411] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.3022: corrupted inode contents [ 107.305421][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.315183][T10411] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #15: comm syz.5.3022: mark_inode_dirty error [ 107.341743][T10411] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #15: comm syz.5.3022: mark inode dirty (error -117) [ 107.367686][T10411] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117) [ 107.394468][T10411] EXT4-fs (loop5): 1 orphan inode deleted [ 107.400669][T10411] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.443585][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.463808][T10420] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3026'. [ 107.494244][T10420] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3026'. [ 107.531075][T10420] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3026'. [ 107.551947][T10420] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3026'. [ 107.604531][T10430] loop5: detected capacity change from 0 to 1024 [ 107.619767][T10430] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.663354][T10436] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 107.717197][T10442] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3032'. [ 107.846048][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.976502][ T29] kauditd_printk_skb: 241 callbacks suppressed [ 107.976521][ T29] audit: type=1326 audit(1759298347.985:2500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10453 comm="syz.4.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e166eec9 code=0x7ffc0000 [ 108.020165][ T29] audit: type=1326 audit(1759298348.023:2501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10453 comm="syz.4.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e166eec9 code=0x7ffc0000 [ 108.062226][ T29] audit: type=1326 audit(1759298348.032:2502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10453 comm="syz.4.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f28e166eec9 code=0x7ffc0000 [ 108.086083][ T29] audit: type=1326 audit(1759298348.032:2503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10453 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e166eec9 code=0x7ffc0000 [ 108.109986][ T29] audit: type=1326 audit(1759298348.032:2504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10453 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e166eec9 code=0x7ffc0000 [ 108.133706][ T29] audit: type=1326 audit(1759298348.032:2505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10453 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f28e166eec9 code=0x7ffc0000 [ 108.157314][ T29] audit: type=1326 audit(1759298348.032:2506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10453 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e166eec9 code=0x7ffc0000 [ 108.181168][ T29] audit: type=1326 audit(1759298348.032:2507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10453 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e166eec9 code=0x7ffc0000 [ 108.205115][ T29] audit: type=1326 audit(1759298348.032:2508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10453 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f28e166eec9 code=0x7ffc0000 [ 108.228809][ T29] audit: type=1326 audit(1759298348.060:2509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10453 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e166eec9 code=0x7ffc0000 [ 108.290150][T10460] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10460 comm=syz.4.3043 [ 108.302760][T10460] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=10460 comm=syz.4.3043 [ 108.318078][T10464] loop5: detected capacity change from 0 to 512 [ 108.327001][T10456] loop6: detected capacity change from 0 to 1024 [ 108.334737][T10456] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 108.344628][T10456] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 108.347694][T10464] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3044: bg 0: block 393: padding at end of block bitmap is not set [ 108.355729][T10456] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 108.369226][T10464] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 108.387276][T10456] EXT4-fs error (device loop6): ext4_get_journal_inode:5806: inode #5: comm +}[@: unexpected bad inode w/o EXT4_IGET_BAD [ 108.388500][T10464] EXT4-fs (loop5): 2 truncates cleaned up [ 108.401853][T10456] EXT4-fs (loop6): no journal found [ 108.406789][T10464] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.411503][T10456] EXT4-fs (loop6): can't get journal size [ 108.433008][T10456] EXT4-fs (loop6): too many log groups per flexible block group [ 108.442263][T10456] EXT4-fs (loop6): failed to initialize mballoc (-12) [ 108.449091][T10456] EXT4-fs (loop6): mount failed [ 108.465612][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.477001][T10468] netlink: 2 bytes leftover after parsing attributes in process `syz.4.3046'. [ 108.537103][T10471] loop5: detected capacity change from 0 to 512 [ 108.546135][T10476] ALSA: seq fatal error: cannot create timer (-22) [ 108.546496][T10471] EXT4-fs: Ignoring removed mblk_io_submit option [ 108.552770][T10478] veth0: entered promiscuous mode [ 108.566157][T10471] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 108.587876][T10478] veth0: left promiscuous mode [ 108.609772][T10471] EXT4-fs (loop5): 1 truncate cleaned up [ 108.618305][T10471] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.644948][T10482] SELinux: failed to load policy [ 108.679321][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.768132][T10510] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 108.790693][T10511] loop4: detected capacity change from 0 to 128 [ 108.797821][T10511] EXT4-fs: Ignoring removed nobh option [ 108.807987][T10511] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 108.828282][T10511] ext4 filesystem being mounted at /694/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 108.842911][T10518] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3066'. [ 108.851855][T10518] netlink: 'syz.0.3066': attribute type 2 has an invalid length. [ 108.933936][ T3302] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 108.971531][T10536] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3077'. [ 109.004963][T10540] loop6: detected capacity change from 0 to 512 [ 109.031780][T10540] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.045526][T10540] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 109.080573][ T8759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.247273][T10582] netlink: 'syz.4.3097': attribute type 10 has an invalid length. [ 109.320989][T10584] loop4: detected capacity change from 0 to 8192 [ 109.369737][T10584] loop4: p1 p2 p4 [ 109.373678][T10584] loop4: p1 size 65536 extends beyond EOD, truncated [ 109.387557][T10584] loop4: p2 start 861536256 is beyond EOD, truncated [ 109.394498][T10584] loop4: p4 size 65536 extends beyond EOD, truncated [ 109.867727][T10598] hub 9-0:1.0: USB hub found [ 109.872650][T10598] hub 9-0:1.0: 8 ports detected [ 110.260811][T10612] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 110.270375][T10612] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3120'. [ 110.372457][T10624] pimreg: entered allmulticast mode [ 110.376217][T10624] pimreg: left allmulticast mode [ 110.497907][T10626] loop5: detected capacity change from 0 to 8192 [ 110.499244][T10626] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 110.505911][T10626] FAT-fs (loop5): error, clusters badly computed (1 != 0) [ 110.528758][T10626] FAT-fs (loop5): Filesystem has been set read-only [ 110.604641][T10641] IPv6: NLM_F_CREATE should be specified when creating new route [ 110.932990][T10679] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3151'. [ 110.961245][T10679] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3151'. [ 111.018596][T10687] netdevsim netdevsim5: Direct firmware load for ./file0/file1 failed with error -2 [ 111.049773][T10689] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3147'. [ 111.058795][T10689] netlink: 'syz.6.3147': attribute type 20 has an invalid length. [ 111.066625][T10689] netlink: 'syz.6.3147': attribute type 21 has an invalid length. [ 111.132996][T10698] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3152'. [ 111.189073][T10706] loop6: detected capacity change from 0 to 2048 [ 111.211932][T10706] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.436137][T10726] loop5: detected capacity change from 0 to 128 [ 111.467397][T10726] FAT-fs (loop5): Directory bread(block 32) failed [ 111.496465][T10732] syzkaller1: entered promiscuous mode [ 111.502048][T10732] syzkaller1: entered allmulticast mode [ 111.507468][T10726] FAT-fs (loop5): Directory bread(block 33) failed [ 111.515091][ T8759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.527412][T10726] FAT-fs (loop5): Directory bread(block 34) failed [ 111.549516][T10735] netlink: 108 bytes leftover after parsing attributes in process `syz.6.3168'. [ 111.558700][T10735] netlink: 108 bytes leftover after parsing attributes in process `syz.6.3168'. [ 111.567913][T10735] netlink: 108 bytes leftover after parsing attributes in process `syz.6.3168'. [ 111.589877][T10735] netlink: 108 bytes leftover after parsing attributes in process `syz.6.3168'. [ 111.591481][T10726] FAT-fs (loop5): Directory bread(block 35) failed [ 111.599075][T10735] netlink: 108 bytes leftover after parsing attributes in process `syz.6.3168'. [ 111.611130][T10726] FAT-fs (loop5): Directory bread(block 36) failed [ 111.614670][T10735] netlink: 108 bytes leftover after parsing attributes in process `syz.6.3168'. [ 111.621318][T10726] FAT-fs (loop5): Directory bread(block 37) failed [ 111.637138][T10726] FAT-fs (loop5): Directory bread(block 38) failed [ 111.643758][T10726] FAT-fs (loop5): Directory bread(block 39) failed [ 111.661294][T10726] FAT-fs (loop5): Directory bread(block 40) failed [ 111.677304][T10726] FAT-fs (loop5): Directory bread(block 41) failed [ 111.774808][T10755] : renamed from bond0 [ 111.796722][T10726] bio_check_eod: 102 callbacks suppressed [ 111.796741][T10726] syz.5.3164: attempt to access beyond end of device [ 111.796741][T10726] loop5: rw=524288, sector=4108, nr_sectors = 4 limit=128 [ 111.856632][T10763] team0: Port device team_slave_0 removed [ 111.862594][T10766] loop4: detected capacity change from 0 to 2048 [ 111.864021][T10726] syz.5.3164: attempt to access beyond end of device [ 111.864021][T10726] loop5: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 111.911007][T10726] syz.5.3164: attempt to access beyond end of device [ 111.911007][T10726] loop5: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 111.918756][T10766] loop4: p2 p3 p7 [ 111.926150][T10726] syz.5.3164: attempt to access beyond end of device [ 111.926150][T10726] loop5: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 111.997357][T10726] syz.5.3164: attempt to access beyond end of device [ 111.997357][T10726] loop5: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 112.013260][T10726] syz.5.3164: attempt to access beyond end of device [ 112.013260][T10726] loop5: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 112.033119][T10726] syz.5.3164: attempt to access beyond end of device [ 112.033119][T10726] loop5: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 112.070608][T10726] syz.5.3164: attempt to access beyond end of device [ 112.070608][T10726] loop5: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 112.088722][T10726] syz.5.3164: attempt to access beyond end of device [ 112.088722][T10726] loop5: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 112.104008][T10726] syz.5.3164: attempt to access beyond end of device [ 112.104008][T10726] loop5: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 112.163078][T10787] hub 6-0:1.0: USB hub found [ 112.174669][T10787] hub 6-0:1.0: 8 ports detected [ 112.440304][T10815] loop6: detected capacity change from 0 to 1024 [ 112.459388][T10815] EXT4-fs: Ignoring removed orlov option [ 112.465125][T10815] EXT4-fs: Ignoring removed nomblk_io_submit option [ 112.533866][T10815] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 112.596276][T10827] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 112.688900][ T8759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.902425][T10863] netlink: 'syz.6.3228': attribute type 2 has an invalid length. [ 112.910251][T10863] netlink: 'syz.6.3228': attribute type 1 has an invalid length. [ 113.121125][T10884] loop6: detected capacity change from 0 to 512 [ 113.128148][T10884] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 113.157149][T10884] EXT4-fs (loop6): 1 truncate cleaned up [ 113.163385][T10884] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.247704][ T8759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.305621][T10892] erspan0: left promiscuous mode [ 113.325486][ T29] kauditd_printk_skb: 331 callbacks suppressed [ 113.325501][ T29] audit: type=1400 audit(1759298352.999:2841): avc: denied { setopt } for pid=10895 comm="syz.6.3240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 113.405437][T10892] 8021q: adding VLAN 0 to HW filter on device  [ 113.436901][T10892] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.467761][T10892] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 113.486482][T10903] bond_slave_0: Caught tx_queue_len zero misconfig [ 113.515958][ T29] audit: type=1400 audit(1759298353.167:2842): avc: denied { name_bind } for pid=10904 comm="syz.5.3245" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 113.607303][ T29] audit: type=1326 audit(1759298353.252:2843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10907 comm="syz.6.3246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 113.656250][ T29] audit: type=1326 audit(1759298353.252:2844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10907 comm="syz.6.3246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 113.679785][ T29] audit: type=1326 audit(1759298353.252:2845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10907 comm="syz.6.3246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 113.703344][ T29] audit: type=1326 audit(1759298353.252:2846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10907 comm="syz.6.3246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 113.727160][ T29] audit: type=1326 audit(1759298353.252:2847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10907 comm="syz.6.3246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53fcfeec9 code=0x7ffc0000 [ 113.903699][ T29] audit: type=1400 audit(1759298353.392:2848): avc: denied { open } for pid=10912 comm="syz.1.3250" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 113.923195][ T29] audit: type=1400 audit(1759298353.392:2849): avc: denied { kernel } for pid=10912 comm="syz.1.3250" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 113.942789][ T29] audit: type=1400 audit(1759298353.392:2850): avc: denied { read } for pid=10912 comm="syz.1.3250" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 114.175402][T10952] loop9: detected capacity change from 0 to 7 [ 114.186377][T10952] Buffer I/O error on dev loop9, logical block 0, async page read [ 114.202829][T10951] IPVS: Error connecting to the multicast addr [ 114.210037][T10952] Buffer I/O error on dev loop9, logical block 0, async page read [ 114.218002][T10952] loop9: unable to read partition table [ 114.249425][T10952] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 114.249425][T10952] ) failed (rc=-5) [ 114.488414][T10986] loop5: detected capacity change from 0 to 1024 [ 114.529465][T10994] sd 0:0:1:0: device reset [ 114.535893][T10995] IPv6: Can't replace route, no match found [ 114.555606][T10986] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 114.641555][T10986] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 18: block 177:freeing already freed block (bit 11); block bitmap corrupt. [ 114.704321][T11014] random: crng reseeded on system resumption [ 114.730769][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.792075][ T8392] IPVS: starting estimator thread 0... [ 114.817007][T11027] netlink: 'syz.5.3303': attribute type 11 has an invalid length. [ 114.894602][T11039] SELinux: failed to load policy [ 114.903179][T11037] vhci_hcd: invalid port number 61 [ 114.908846][T11023] IPVS: using max 1872 ests per chain, 93600 per kthread [ 115.214473][T11077] loop5: detected capacity change from 0 to 128 [ 115.249844][T11077] Buffer I/O error on dev loop5, logical block 79, lost async page write [ 115.268732][T11077] Buffer I/O error on dev loop5, logical block 80, lost async page write [ 115.288949][T11077] Buffer I/O error on dev loop5, logical block 83, lost async page write [ 115.297651][T11077] Buffer I/O error on dev loop5, logical block 84, lost async page write [ 115.309276][T11077] Buffer I/O error on dev loop5, logical block 103, lost async page write [ 115.328511][T11077] Buffer I/O error on dev loop5, logical block 104, lost async page write [ 115.339773][T11077] Buffer I/O error on dev loop5, logical block 107, lost async page write [ 115.356115][T11077] Buffer I/O error on dev loop5, logical block 108, lost async page write [ 115.367249][T11092] netlink: zone id is out of range [ 115.381488][T11092] netlink: zone id is out of range [ 115.398965][T11092] netlink: zone id is out of range [ 115.404150][T11092] netlink: zone id is out of range [ 115.409344][T11092] netlink: zone id is out of range [ 115.414548][T11092] netlink: zone id is out of range [ 115.419697][T11092] netlink: zone id is out of range [ 115.425060][T11092] netlink: zone id is out of range [ 115.430299][T11092] netlink: zone id is out of range [ 115.842186][T11137] loop4: detected capacity change from 0 to 1024 [ 115.857844][T11137] EXT4-fs error (device loop4): ext4_acquire_dquot:6943: comm syz.4.3356: Failed to acquire dquot type 0 [ 115.878147][T11137] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 115.903996][T11137] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #13: comm syz.4.3356: corrupted inode contents [ 115.957291][T11137] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #13: comm syz.4.3356: mark_inode_dirty error [ 115.999967][T11137] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #13: comm syz.4.3356: corrupted inode contents [ 116.050448][T11158] unsupported nlmsg_type 40 [ 116.090804][T11137] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #13: comm syz.4.3356: mark_inode_dirty error [ 116.091233][T11160] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 116.102364][T11137] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #13: comm syz.4.3356: corrupted inode contents [ 116.109444][T11160] IPv6: NLM_F_CREATE should be set when creating new route [ 116.109459][T11160] IPv6: NLM_F_CREATE should be set when creating new route [ 116.110283][T11160] ------------[ cut here ]------------ [ 116.132017][T11137] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 116.136230][T11160] WARNING: CPU: 0 PID: 11160 at drivers/net/netdevsim/fib.c:831 nsim_fib_event_nb+0xc41/0xcb0 [ 116.160855][T11160] Modules linked in: [ 116.164772][T11160] CPU: 0 UID: 0 PID: 11160 Comm: syz.0.3366 Not tainted syzkaller #0 PREEMPT(voluntary) [ 116.164827][T11137] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #13: comm syz.4.3356: corrupted inode contents [ 116.174674][T11160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 116.196948][T11160] RIP: 0010:nsim_fib_event_nb+0xc41/0xcb0 [ 116.202826][T11160] Code: cb 10 fe be 01 00 00 00 4c 8b 74 24 18 49 8d 7e 2c e8 73 55 a7 fe 4c 8b 2c 24 48 8b 6c 24 10 e9 93 f6 ff ff e8 80 cb 10 fe 90 <0f> 0b 90 e9 5a fc ff ff e8 72 cb 10 fe e9 a5 f9 ff ff e8 68 cb 10 [ 116.222548][T11160] RSP: 0018:ffffc9000121f618 EFLAGS: 00010287 [ 116.228852][T11160] RAX: ffffffff834673e0 RBX: 0000000000000000 RCX: 0000000000080000 [ 116.237046][T11160] RDX: ffffc900021f2000 RSI: 0000000000021b70 RDI: 0000000000021b71 [ 116.245109][T11160] RBP: 0000000000000001 R08: 00018881195fec1f R09: 0000000000000000 [ 116.253144][T11160] R10: ffff88812f2710d0 R11: 0000000000000002 R12: ffffc9000121f718 [ 116.261204][T11160] R13: ffff888119065c00 R14: ffff8881195fec18 R15: 0000000000000001 [ 116.269331][T11160] FS: 00007f2ffd4176c0(0000) GS:ffff8882aee37000(0000) knlGS:0000000000000000 [ 116.278768][T11160] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.285401][T11160] CR2: 0000000000000000 CR3: 0000000111032000 CR4: 00000000003506f0 [ 116.293585][T11160] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 116.301639][T11160] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 116.309672][T11160] Call Trace: [ 116.312967][T11160] [ 116.315911][T11160] ? __pfx_nsim_fib_event_nb+0x10/0x10 [ 116.321477][T11160] atomic_notifier_call_chain+0x76/0x1c0 [ 116.327309][T11160] call_fib_notifiers+0x65/0xa0 [ 116.332227][T11160] call_fib6_notifiers+0x30/0x40 [ 116.337235][T11160] call_fib6_multipath_entry_notifiers+0x94/0xc0 [ 116.343758][T11160] inet6_rtm_newroute+0xaf1/0x1020 [ 116.349378][T11160] ? __pfx_inet6_rtm_newroute+0x10/0x10 [ 116.353154][T11137] EXT4-fs error (device loop4): ext4_truncate:4666: inode #13: comm syz.4.3356: mark_inode_dirty error [ 116.355365][T11160] rtnetlink_rcv_msg+0x5fb/0x6d0 [ 116.371297][T11160] netlink_rcv_skb+0x123/0x220 [ 116.376193][T11160] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 116.381706][T11160] rtnetlink_rcv+0x1c/0x30 [ 116.383339][T11137] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 116.386257][T11160] netlink_unicast+0x5bd/0x690 [ 116.399908][T11160] netlink_sendmsg+0x58b/0x6b0 [ 116.404936][T11160] ? __pfx_netlink_sendmsg+0x10/0x10 [ 116.410449][T11160] __sock_sendmsg+0x142/0x180 [ 116.415192][T11160] ____sys_sendmsg+0x31e/0x4e0 [ 116.420062][T11160] ___sys_sendmsg+0x17b/0x1d0 [ 116.424803][T11160] __x64_sys_sendmsg+0xd4/0x160 [ 116.429819][T11160] x64_sys_call+0x191e/0x3000 [ 116.434626][T11160] do_syscall_64+0xd2/0x200 [ 116.439261][T11160] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 116.445396][T11160] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 116.451305][T11160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.457437][T11160] RIP: 0033:0x7f2ffe9aeec9 [ 116.461889][T11160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.481578][T11160] RSP: 002b:00007f2ffd417038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 116.490140][T11160] RAX: ffffffffffffffda RBX: 00007f2ffec05fa0 RCX: 00007f2ffe9aeec9 [ 116.498140][T11160] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003 [ 116.506245][T11160] RBP: 00007f2ffea31f91 R08: 0000000000000000 R09: 0000000000000000 [ 116.509684][T11137] EXT4-fs (loop4): 1 truncate cleaned up [ 116.514317][T11160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 116.514337][T11160] R13: 00007f2ffec06038 R14: 00007f2ffec05fa0 R15: 00007ffe1ca58838 [ 116.514365][T11160] [ 116.523128][T11137] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.528376][T11160] ---[ end trace 0000000000000000 ]--- [ 116.539251][T11137] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.610855][T11181] SELinux: policydb version -1008808486 does not match my version range 15-35 [ 116.620738][T11181] SELinux: failed to load policy [ 116.698947][T11191] netlink: 'syz.6.3379': attribute type 1 has an invalid length. [ 116.873543][T11224] loop6: detected capacity change from 0 to 512 [ 116.903390][T11229] netlink: 'syz.4.3397': attribute type 1 has an invalid length. [ 116.911648][T11224] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 116.947054][T11224] EXT4-fs (loop6): 1 truncate cleaned up [ 116.953497][T11224] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 117.052823][ T8759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.282839][T11279] 9pnet: p9_errstr2errno: server reported unknown error @c [ 117.478899][T11305] loop5: detected capacity change from 0 to 512 [ 117.485713][T11301] __nla_validate_parse: 9 callbacks suppressed [ 117.485728][T11301] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3429'. [ 117.496462][T11305] EXT4-fs: Ignoring removed bh option [ 117.525160][T11305] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 117.541693][T11305] EXT4-fs (loop5): 1 truncate cleaned up [ 117.548004][T11305] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.615819][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.643327][T11318] IPv6: NLM_F_CREATE should be specified when creating new route [ 117.721444][T11325] loop4: detected capacity change from 0 to 256 [ 117.729203][T11325] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 117.750942][T11325] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 117.870191][T11338] netlink: 'syz.5.3446': attribute type 10 has an invalid length. [ 117.923784][T11342] loop4: detected capacity change from 0 to 512 [ 117.955797][T11342] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 117.964163][T11342] EXT4-fs (loop4): orphan cleanup on readonly fs [ 117.998500][T11342] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.3448: corrupted inode contents [ 118.035147][T11342] EXT4-fs (loop4): Remounting filesystem read-only [ 118.050160][T11342] EXT4-fs (loop4): 1 truncate cleaned up [ 118.056486][ T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 118.067122][ T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 118.092864][ T37] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started [ 118.103639][T11342] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 118.168978][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.297900][T11358] loop4: detected capacity change from 0 to 1024 [ 118.307338][T11358] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 118.317115][T11358] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 118.345157][T11358] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 118.357375][T11358] EXT4-fs error (device loop4): ext4_get_journal_inode:5806: inode #5: comm +}[@: unexpected bad inode w/o EXT4_IGET_BAD [ 118.370327][T11358] EXT4-fs (loop4): no journal found [ 118.375640][T11358] EXT4-fs (loop4): can't get journal size [ 118.385303][T11358] EXT4-fs (loop4): too many log groups per flexible block group [ 118.393349][T11358] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 118.400383][T11358] EXT4-fs (loop4): mount failed [ 118.401616][T11366] netlink: 'syz.5.3456': attribute type 1 has an invalid length. [ 118.420846][T11369] loop6: detected capacity change from 0 to 512 [ 118.469777][T11369] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 118.494773][T11369] ext4 filesystem being mounted at /219/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 118.562933][ T8759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.592981][T11384] (unnamed net_device) (uninitialized): option fail_over_mac: invalid value (15) [ 119.073525][ T29] kauditd_printk_skb: 269 callbacks suppressed [ 119.073543][ T29] audit: type=1400 audit(1759298358.368:3112): avc: denied { read write } for pid=11403 comm="syz.1.3470" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 119.108739][ T29] audit: type=1400 audit(1759298358.368:3113): avc: denied { open } for pid=11403 comm="syz.1.3470" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 119.133566][ T29] audit: type=1400 audit(1759298358.368:3114): avc: denied { ioctl } for pid=11403 comm="syz.1.3470" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 119.213511][ T29] audit: type=1326 audit(1759298358.499:3115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11411 comm="syz.5.3486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 119.237144][ T29] audit: type=1326 audit(1759298358.499:3116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11411 comm="syz.5.3486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 119.260703][ T29] audit: type=1326 audit(1759298358.499:3117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11411 comm="syz.5.3486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 119.343262][ T29] audit: type=1326 audit(1759298358.611:3118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11425 comm="syz.5.3479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 119.366871][ T29] audit: type=1326 audit(1759298358.611:3119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11425 comm="syz.5.3479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 119.423087][ T29] audit: type=1326 audit(1759298358.677:3120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11425 comm="syz.5.3479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 119.446867][ T29] audit: type=1326 audit(1759298358.677:3121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11425 comm="syz.5.3479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 119.536495][T11434] netdevsim netdevsim1: Direct firmware load for ./file0/file1 failed with error -2 [ 119.669340][T11464] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3500'. [ 119.678470][T11464] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3500'. [ 119.727375][T11466] syzkaller1: entered promiscuous mode [ 119.733039][T11466] syzkaller1: entered allmulticast mode [ 119.987133][T11495] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3514'. [ 120.245484][T11540] netlink: 108 bytes leftover after parsing attributes in process `syz.0.3537'. [ 120.254649][T11540] netlink: 108 bytes leftover after parsing attributes in process `syz.0.3537'. [ 120.263778][T11540] netlink: 108 bytes leftover after parsing attributes in process `syz.0.3537'. [ 120.282884][T11540] netlink: 108 bytes leftover after parsing attributes in process `syz.0.3537'. [ 120.292231][T11540] netlink: 108 bytes leftover after parsing attributes in process `syz.0.3537'. [ 120.301298][T11540] netlink: 108 bytes leftover after parsing attributes in process `syz.0.3537'. [ 120.492858][T11572] netlink: 'syz.0.3552': attribute type 3 has an invalid length. [ 120.547776][T11577] loop6: detected capacity change from 0 to 128 [ 120.584826][T11582] syz.6.3556: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 120.599455][T11582] CPU: 1 UID: 0 PID: 11582 Comm: syz.6.3556 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 120.599485][T11582] Tainted: [W]=WARN [ 120.599491][T11582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 120.599503][T11582] Call Trace: [ 120.599509][T11582] [ 120.599580][T11582] __dump_stack+0x1d/0x30 [ 120.599599][T11582] dump_stack_lvl+0xe8/0x140 [ 120.599617][T11582] dump_stack+0x15/0x1b [ 120.599631][T11582] warn_alloc+0x12b/0x1a0 [ 120.599700][T11582] ? audit_log_end+0x23d/0x250 [ 120.599717][T11582] ? kmem_cache_free+0xdf/0x300 [ 120.599738][T11582] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 120.599868][T11582] __vmalloc_node_range_noprof+0x9c/0xe00 [ 120.599937][T11582] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 120.599979][T11582] ? __rcu_read_unlock+0x4f/0x70 [ 120.600000][T11582] ? __perf_event_task_sched_in+0xa5b/0xac0 [ 120.600027][T11582] ? perf_cgroup_switch+0x10c/0x480 [ 120.600051][T11582] ? update_load_avg+0x1da/0x820 [ 120.600171][T11582] ? __list_add_valid_or_report+0x38/0xe0 [ 120.600201][T11582] ? should_fail_ex+0x30/0x280 [ 120.600220][T11582] ? xskq_create+0x36/0xe0 [ 120.600238][T11582] vmalloc_user_noprof+0x7d/0xb0 [ 120.600309][T11582] ? xskq_create+0x80/0xe0 [ 120.600325][T11582] xskq_create+0x80/0xe0 [ 120.600355][T11582] xsk_init_queue+0x95/0xf0 [ 120.600444][T11582] xsk_setsockopt+0x3f5/0x640 [ 120.600484][T11582] ? __pfx_xsk_setsockopt+0x10/0x10 [ 120.600519][T11582] __sys_setsockopt+0x181/0x200 [ 120.600616][T11582] __x64_sys_setsockopt+0x64/0x80 [ 120.600708][T11582] x64_sys_call+0x20ec/0x3000 [ 120.600728][T11582] do_syscall_64+0xd2/0x200 [ 120.600760][T11582] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 120.600784][T11582] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 120.600810][T11582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.600831][T11582] RIP: 0033:0x7fd53fcfeec9 [ 120.600912][T11582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.600930][T11582] RSP: 002b:00007fd53e767038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 120.600947][T11582] RAX: ffffffffffffffda RBX: 00007fd53ff55fa0 RCX: 00007fd53fcfeec9 [ 120.600958][T11582] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006 [ 120.600969][T11582] RBP: 00007fd53fd81f91 R08: 0000000000000004 R09: 0000000000000000 [ 120.600982][T11582] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 120.600999][T11582] R13: 00007fd53ff56038 R14: 00007fd53ff55fa0 R15: 00007ffd75a0c348 [ 120.601041][T11582] [ 120.601125][T11582] Mem-Info: [ 120.816569][T11585] loop5: detected capacity change from 0 to 512 [ 120.819702][T11582] active_anon:56182 inactive_anon:25 isolated_anon:0 [ 120.819702][T11582] active_file:12959 inactive_file:12564 isolated_file:0 [ 120.819702][T11582] unevictable:0 dirty:185 writeback:0 [ 120.819702][T11582] slab_reclaimable:3490 slab_unreclaimable:21733 [ 120.819702][T11582] mapped:28978 shmem:51937 pagetables:1498 [ 120.819702][T11582] sec_pagetables:0 bounce:0 [ 120.819702][T11582] kernel_misc_reclaimable:0 [ 120.819702][T11582] free:1812118 free_pcp:20306 free_cma:0 [ 120.892513][T11585] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.909445][T11582] Node 0 active_anon:224728kB inactive_anon:100kB active_file:51836kB inactive_file:50256kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:115912kB dirty:740kB writeback:0kB shmem:207748kB kernel_stack:3760kB pagetables:6224kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 120.924415][T11585] ext4 filesystem being mounted at /303/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 120.949689][T11582] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 120.949780][T11582] lowmem_reserve[]: 0 2883 7862 7862 [ 120.994233][T11582] Node 0 DMA32 free:2949212kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952744kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB [ 121.024304][T11582] lowmem_reserve[]: 0 0 4978 4978 [ 121.029409][T11582] Node 0 Normal free:4283900kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:224844kB inactive_anon:100kB active_file:51836kB inactive_file:50256kB unevictable:0kB writepending:740kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:77204kB local_pcp:21504kB free_cma:0kB [ 121.061723][T11582] lowmem_reserve[]: 0 0 0 0 [ 121.066475][T11582] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 121.079252][T11582] Node 0 DMA32: 3*4kB (M) 4*8kB (M) 5*16kB (M) 3*32kB (M) 2*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949212kB [ 121.095460][T11582] Node 0 Normal: 90*4kB (UE) 525*8kB (UM) 246*16kB (UE) 157*32kB (UE) 81*64kB (UE) 52*128kB (UE) 43*256kB (UME) 32*512kB (U) 26*1024kB (UME) 33*2048kB (UM) 1010*4096kB (UM) = 4283920kB [ 121.113998][T11582] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 121.123333][T11582] 77505 total pagecache pages [ 121.128132][T11582] 69 pages in swap cache [ 121.132393][T11582] Free swap = 124720kB [ 121.136545][T11582] Total swap = 124996kB [ 121.140715][T11582] 2097051 pages RAM [ 121.144562][T11582] 0 pages HighMem/MovableOnly [ 121.149225][T11582] 80465 pages reserved [ 121.161191][T11594] binfmt_misc: register: failed to install interpreter file ./file2 [ 121.181072][T11585] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.3558: corrupted inode contents [ 121.198732][T11585] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #2: comm syz.5.3558: mark_inode_dirty error [ 121.232959][T11600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 121.243260][T11600] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 121.253724][T11585] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.3558: corrupted inode contents [ 121.293655][T11608] : renamed from bond0 (while UP) [ 121.310377][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.387197][T11627] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 121.444625][T11635] loop4: detected capacity change from 0 to 512 [ 121.477915][T11637] loop6: detected capacity change from 0 to 2048 [ 121.489167][T11635] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 121.502770][T11637] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.511942][T11635] EXT4-fs (loop4): 1 truncate cleaned up [ 121.518261][T11637] EXT4-fs error (device loop6): ext4_free_inode:354: comm syz.6.3582: bit already cleared for inode 15 [ 121.521187][T11635] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 121.561344][ T8759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.572182][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.651390][T11656] hub 6-0:1.0: USB hub found [ 121.665603][T11656] hub 6-0:1.0: 8 ports detected [ 121.769826][T11663] team0: Port device team_slave_0 removed [ 121.871545][T11682] loop5: detected capacity change from 0 to 512 [ 121.895004][T11682] FAT-fs (loop5): error, corrupted directory (invalid entries) [ 122.223217][T11735] netlink: 'syz.5.3626': attribute type 2 has an invalid length. [ 122.231064][T11735] netlink: 'syz.5.3626': attribute type 1 has an invalid length. [ 122.306907][T11740] net_ratelimit: 2 callbacks suppressed [ 122.306918][T11740] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 122.328192][T11742] netlink: 'syz.6.3630': attribute type 29 has an invalid length. [ 122.349377][T11742] netlink: 'syz.6.3630': attribute type 29 has an invalid length. [ 122.393324][T11749] atomic_op ffff8881024ab528 conn xmit_atomic 0000000000000000 [ 122.664661][T11791] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 122.768106][T11805] rdma_op ffff8881024ab180 conn xmit_rdma 0000000000000000 [ 123.069353][T11843] loop4: detected capacity change from 0 to 512 [ 123.074907][T11842] syzkaller1: entered promiscuous mode [ 123.081190][T11842] syzkaller1: entered allmulticast mode [ 123.140437][T11843] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.3678: bad orphan inode 11862016 [ 123.153821][T11843] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 123.193100][T11843] ext4 filesystem being mounted at /793/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 123.253003][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 123.362480][T11888] loop4: detected capacity change from 0 to 512 [ 123.407563][T11888] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 123.429202][T11896] loop6: detected capacity change from 0 to 512 [ 123.437153][T11888] EXT4-fs (loop4): 1 truncate cleaned up [ 123.443285][T11896] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 123.452847][T11888] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.508800][ T31] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 123.528712][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.595669][T11910] netlink: 'syz.0.3710': attribute type 11 has an invalid length. [ 123.603638][T11910] __nla_validate_parse: 9 callbacks suppressed [ 123.603653][T11910] netlink: 43 bytes leftover after parsing attributes in process `syz.0.3710'. [ 123.622212][T11911] loop4: detected capacity change from 0 to 512 [ 123.644386][T11911] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 123.662743][T11911] ext4 filesystem being mounted at /796/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 123.740965][T11925] netlink: 'syz.0.3715': attribute type 3 has an invalid length. [ 123.748795][T11925] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3715'. [ 123.773926][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 123.788949][T11928] SELinux: security policydb version 17 (MLS) not backwards compatible [ 123.813052][T11928] SELinux: failed to load policy [ 123.927344][T11949] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 123.986975][T11955] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 123.996831][T11955] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 124.005958][T11955] netlink: 'syz.0.3728': attribute type 1 has an invalid length. [ 124.013762][T11955] netlink: 216 bytes leftover after parsing attributes in process `syz.0.3728'. [ 124.184747][T11973] loop5: detected capacity change from 0 to 1024 [ 124.204232][T11975] netlink: 'syz.1.3740': attribute type 21 has an invalid length. [ 124.213973][T11975] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3740'. [ 124.224937][T11973] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 124.262887][T11973] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt. [ 124.291097][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.432187][T12000] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 124.441265][ T29] kauditd_printk_skb: 395 callbacks suppressed [ 124.441284][ T29] audit: type=1400 audit(1759298363.382:3517): avc: denied { lock } for pid=12001 comm="syz.4.3751" path="socket:[31677]" dev="sockfs" ino=31677 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 124.484983][T12000] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 124.498665][T12004] loop4: detected capacity change from 0 to 128 [ 124.510489][T12004] bio_check_eod: 2950 callbacks suppressed [ 124.510502][T12004] syz.4.3752: attempt to access beyond end of device [ 124.510502][T12004] loop4: rw=2049, sector=154, nr_sectors = 6 limit=128 [ 124.534901][T12004] syz.4.3752: attempt to access beyond end of device [ 124.534901][T12004] loop4: rw=2049, sector=158, nr_sectors = 2 limit=128 [ 124.548412][T12004] buffer_io_error: 16 callbacks suppressed [ 124.548426][T12004] Buffer I/O error on dev loop4, logical block 79, lost async page write [ 124.549642][ T29] audit: type=1326 audit(1759298363.475:3518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11991 comm="syz.1.3746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7ff29ee0eec9 code=0x7ffc0000 [ 124.554478][T12004] syz.4.3752: attempt to access beyond end of device [ 124.554478][T12004] loop4: rw=2049, sector=160, nr_sectors = 2 limit=128 [ 124.600026][T12004] Buffer I/O error on dev loop4, logical block 80, lost async page write [ 124.614386][ T29] audit: type=1326 audit(1759298363.560:3519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11989 comm="syz.1.3746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff29edaaf79 code=0x7ffc0000 [ 124.637910][ T29] audit: type=1326 audit(1759298363.560:3520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11989 comm="syz.1.3746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff29ee0eec9 code=0x7ffc0000 [ 124.671322][T12004] syz.4.3752: attempt to access beyond end of device [ 124.671322][T12004] loop4: rw=2049, sector=162, nr_sectors = 6 limit=128 [ 124.678850][ T29] audit: type=1326 audit(1759298363.560:3521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11989 comm="syz.1.3746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff29ee0eec9 code=0x7ffc0000 [ 124.719588][T12004] syz.4.3752: attempt to access beyond end of device [ 124.719588][T12004] loop4: rw=2049, sector=166, nr_sectors = 2 limit=128 [ 124.733128][T12004] Buffer I/O error on dev loop4, logical block 83, lost async page write [ 124.744279][T12004] syz.4.3752: attempt to access beyond end of device [ 124.744279][T12004] loop4: rw=2049, sector=168, nr_sectors = 2 limit=128 [ 124.757908][T12004] Buffer I/O error on dev loop4, logical block 84, lost async page write [ 124.767636][T12004] syz.4.3752: attempt to access beyond end of device [ 124.767636][T12004] loop4: rw=2049, sector=170, nr_sectors = 16 limit=128 [ 124.782019][T12004] syz.4.3752: attempt to access beyond end of device [ 124.782019][T12004] loop4: rw=2049, sector=202, nr_sectors = 6 limit=128 [ 124.798448][T12004] syz.4.3752: attempt to access beyond end of device [ 124.798448][T12004] loop4: rw=2049, sector=206, nr_sectors = 2 limit=128 [ 124.812136][T12004] Buffer I/O error on dev loop4, logical block 103, lost async page write [ 124.823239][T12004] syz.4.3752: attempt to access beyond end of device [ 124.823239][T12004] loop4: rw=2049, sector=208, nr_sectors = 2 limit=128 [ 124.836918][T12004] Buffer I/O error on dev loop4, logical block 104, lost async page write [ 124.851280][T12004] Buffer I/O error on dev loop4, logical block 107, lost async page write [ 124.861070][T12004] Buffer I/O error on dev loop4, logical block 108, lost async page write [ 124.870535][T12004] Buffer I/O error on dev loop4, logical block 119, lost async page write [ 124.879497][T12004] Buffer I/O error on dev loop4, logical block 120, lost async page write [ 124.913583][ T29] audit: type=1326 audit(1759298363.822:3522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12022 comm="syz.0.3761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ffe9aeec9 code=0x7ffc0000 [ 124.937227][ T29] audit: type=1326 audit(1759298363.822:3523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12022 comm="syz.0.3761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ffe9aeec9 code=0x7ffc0000 [ 124.961060][ T29] audit: type=1326 audit(1759298363.822:3524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12022 comm="syz.0.3761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ffe9aeec9 code=0x7ffc0000 [ 124.971069][T12015] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3757'. [ 124.984748][ T29] audit: type=1326 audit(1759298363.822:3525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12022 comm="syz.0.3761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ffe9aeec9 code=0x7ffc0000 [ 125.017450][ T29] audit: type=1326 audit(1759298363.822:3526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12022 comm="syz.0.3761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ffe9aeec9 code=0x7ffc0000 [ 125.292891][T12071] binfmt_misc: register: failed to install interpreter file ./file2 [ 125.303700][T12073] netlink: 'syz.6.3783': attribute type 1 has an invalid length. [ 125.357806][T12084] loop7: detected capacity change from 0 to 7 [ 125.472393][T12102] netlink: 152 bytes leftover after parsing attributes in process `syz.6.3799'. [ 125.495402][T12104] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 125.506051][T12102] .`: renamed from  (while UP) [ 125.558681][ C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 125.646747][T12123] netlink: 64535 bytes leftover after parsing attributes in process `syz.6.3808'. [ 125.690654][T12125] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 125.690654][T12125] program syz.0.3810 not setting count and/or reply_len properly [ 125.809931][T12148] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3821'. [ 125.819117][T12148] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3821'. [ 125.848533][T12154] batadv_slave_0: entered promiscuous mode [ 125.860784][T12153] batadv_slave_0: left promiscuous mode [ 125.899089][T12162] syzkaller1: entered promiscuous mode [ 125.904627][T12162] syzkaller1: entered allmulticast mode [ 125.925230][ T9] hid_parser_main: 29 callbacks suppressed [ 125.925252][ T9] hid-generic 0003:0004:0000.0008: unknown main item tag 0x0 [ 125.938634][ T9] hid-generic 0003:0004:0000.0008: unknown main item tag 0x0 [ 125.946134][ T9] hid-generic 0003:0004:0000.0008: unknown main item tag 0x0 [ 125.954223][ T9] hid-generic 0003:0004:0000.0008: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 126.079097][T12189] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=12189 comm=syz.4.3840 [ 126.163720][T12201] SELinux: policydb version 280 does not match my version range 15-35 [ 126.172437][T12201] SELinux: failed to load policy [ 126.298775][T12216] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3853'. [ 126.816538][T12246] SELinux: policydb version -1008808486 does not match my version range 15-35 [ 126.825634][T12246] SELinux: failed to load policy [ 126.999850][T12266] loop6: detected capacity change from 0 to 512 [ 127.019213][T12266] EXT4-fs: Ignoring removed bh option [ 127.030565][T12266] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 127.050128][T12269] IPVS: stopping master sync thread 12274 ... [ 127.053798][T12275] 9pnet: p9_errstr2errno: server reported unknown error @c [ 127.056680][T12274] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 127.063914][T12266] EXT4-fs (loop6): 1 truncate cleaned up [ 127.080623][T12266] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.115959][ T8759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.167032][T12283] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 127.195168][T12286] loop5: detected capacity change from 0 to 1024 [ 127.203683][T12286] EXT4-fs: Ignoring removed orlov option [ 127.209474][T12286] EXT4-fs: Ignoring removed nomblk_io_submit option [ 127.229536][T12292] validate_nla: 1 callbacks suppressed [ 127.229553][T12292] netlink: 'syz.6.3886': attribute type 1 has an invalid length. [ 127.262014][T12286] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.460162][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.982079][T12348] syzkaller1: entered promiscuous mode [ 127.987623][T12348] syzkaller1: entered allmulticast mode [ 128.077034][T12359] IPVS: Unknown mcast interface: [ 128.101830][T12361] loop4: detected capacity change from 0 to 1024 [ 128.108681][T12361] EXT4-fs: Ignoring removed nobh option [ 128.116091][T12361] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 128.132909][T12363] netlink: 'syz.0.3916': attribute type 4 has an invalid length. [ 128.144338][T12361] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #11: comm syz.4.3914: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 128.153893][T12363] .`: renamed from  (while UP) [ 128.184168][T12361] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.3914: couldn't read orphan inode 11 (err -117) [ 128.212614][T12368] loop6: detected capacity change from 0 to 512 [ 128.220419][T12361] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.235171][T12361] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.3914: Invalid block bitmap block 0 in block_group 0 [ 128.250552][T12361] EXT4-fs error (device loop4): ext4_acquire_dquot:6943: comm syz.4.3914: Failed to acquire dquot type 0 [ 128.271888][T12368] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.299242][T12368] ext4 filesystem being mounted at /319/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 128.516680][T12406] netlink: 'syz.6.3938': attribute type 1 has an invalid length. [ 128.643459][T12420] 9p: Unknown access argument : -22 [ 128.861230][T12446] loop5: detected capacity change from 0 to 1764 [ 128.935160][T12452] loop4: detected capacity change from 0 to 4096 [ 128.942843][T12452] EXT4-fs: test_dummy_encryption option not supported [ 128.984627][T12466] loop5: detected capacity change from 0 to 128 [ 129.212653][T12494] __nla_validate_parse: 3 callbacks suppressed [ 129.212670][T12494] netlink: 7 bytes leftover after parsing attributes in process `+}[@'. [ 129.236260][T12494] netlink: 7 bytes leftover after parsing attributes in process `+}[@'. [ 129.409886][T12513] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3992'. [ 129.584811][T12515] lo speed is unknown, defaulting to 1000 [ 129.753118][T12515] chnl_net:caif_netlink_parms(): no params data found [ 129.788844][ T29] kauditd_printk_skb: 197 callbacks suppressed [ 129.788863][ T29] audit: type=1400 audit(1759298368.396:3722): avc: denied { tracepoint } for pid=12550 comm="syz.0.4004" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 129.790506][T12555] loop4: detected capacity change from 0 to 128 [ 129.831893][ T29] audit: type=1326 audit(1759298368.433:3723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12557 comm="syz.5.4006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 129.835772][T12555] FAT-fs (loop4): bogus sectors per cluster 0 [ 129.861588][T12555] FAT-fs (loop4): Can't find a valid FAT filesystem [ 129.887854][T12555] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4005'. [ 129.912835][T12515] bridge0: port 1(bridge_slave_0) entered blocking state [ 129.920168][T12515] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.951557][ T29] audit: type=1400 audit(1759298368.433:3724): avc: denied { mounton } for pid=12553 comm="syz.4.4005" path="/867/file0" dev="tmpfs" ino=4485 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 129.974856][ T29] audit: type=1326 audit(1759298368.461:3725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12557 comm="syz.5.4006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 129.998852][ T29] audit: type=1326 audit(1759298368.461:3726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12557 comm="syz.5.4006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 130.022576][ T29] audit: type=1326 audit(1759298368.461:3727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12557 comm="syz.5.4006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 130.046479][ T29] audit: type=1400 audit(1759298368.489:3728): avc: denied { create } for pid=12553 comm="syz.4.4005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 130.066884][ T29] audit: type=1400 audit(1759298368.489:3729): avc: denied { write } for pid=12553 comm="syz.4.4005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 130.087200][ T29] audit: type=1400 audit(1759298368.489:3730): avc: denied { nlmsg_write } for pid=12553 comm="syz.4.4005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 130.119935][T12515] bridge_slave_0: entered allmulticast mode [ 130.126454][T12515] bridge_slave_0: entered promiscuous mode [ 130.133172][T12515] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.140294][T12515] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.150876][T12515] bridge_slave_1: entered allmulticast mode [ 130.157640][T12515] bridge_slave_1: entered promiscuous mode [ 130.180483][ T29] audit: type=1400 audit(1759298368.760:3731): avc: denied { create } for pid=12567 comm="syz.1.4011" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 130.183964][T12566] binfmt_misc: register: failed to install interpreter file ./file2 [ 130.212579][T12515] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 130.222580][T12563] netlink: 'syz.4.4010': attribute type 2 has an invalid length. [ 130.230490][T12563] netlink: 'syz.4.4010': attribute type 1 has an invalid length. [ 130.238273][T12563] netlink: 144412 bytes leftover after parsing attributes in process `syz.4.4010'. [ 130.273532][T12515] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 130.296229][T12515] team0: Port device team_slave_0 added [ 130.305494][T12515] team0: Port device team_slave_1 added [ 130.376208][T12515] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 130.383396][T12515] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.409619][T12515] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 130.444320][T12515] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 130.451338][T12515] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.477462][T12515] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 130.520192][T12515] hsr_slave_0: entered promiscuous mode [ 130.529856][T12515] hsr_slave_1: entered promiscuous mode [ 130.535806][T12515] debugfs: 'hsr0' already exists in 'hsr' [ 130.541620][T12515] Cannot create hsr debugfs directory [ 130.671740][T12595] hub 9-0:1.0: USB hub found [ 130.681122][T12601] loop5: detected capacity change from 0 to 512 [ 130.690401][T12515] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 130.697365][T12595] hub 9-0:1.0: 8 ports detected [ 130.706519][T12515] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 130.713763][T12601] EXT4-fs: Ignoring removed oldalloc option [ 130.726197][T12515] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 130.751542][T12515] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 130.758636][T12601] EXT4-fs (loop5): 1 truncate cleaned up [ 130.781676][T12515] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.788868][T12515] bridge0: port 2(bridge_slave_1) entered forwarding state [ 130.796202][T12515] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.803351][T12515] bridge0: port 1(bridge_slave_0) entered forwarding state [ 130.834761][T12515] 8021q: adding VLAN 0 to HW filter on device bond0 [ 130.849897][ T31] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.881104][ T31] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.915882][T12515] 8021q: adding VLAN 0 to HW filter on device team0 [ 130.935213][T12618] netlink: 'syz.0.4033': attribute type 10 has an invalid length. [ 130.949831][ T1640] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.957048][ T1640] bridge0: port 1(bridge_slave_0) entered forwarding state [ 130.990653][ T3426] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.997868][ T3426] bridge0: port 2(bridge_slave_1) entered forwarding state [ 131.019799][T12633] loop4: detected capacity change from 0 to 128 [ 131.075595][T12633] FAT-fs (loop4): bogus sectors per cluster 0 [ 131.081749][T12633] FAT-fs (loop4): Can't find a valid FAT filesystem [ 131.124958][T12515] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 131.199868][T12652] syzkaller1: entered promiscuous mode [ 131.205434][T12652] syzkaller1: entered allmulticast mode [ 131.324439][T12670] netlink: 'syz.1.4050': attribute type 1 has an invalid length. [ 131.332315][T12670] netlink: 199820 bytes leftover after parsing attributes in process `syz.1.4050'. [ 131.344159][T12675] netlink: '+}[@': attribute type 6 has an invalid length. [ 131.404135][T12515] veth0_vlan: entered promiscuous mode [ 131.428856][T12515] veth1_vlan: entered promiscuous mode [ 131.473253][T12693] rdma_op ffff888123bea580 conn xmit_rdma 0000000000000000 [ 131.480352][T12515] veth0_macvtap: entered promiscuous mode [ 131.495712][T12515] veth1_macvtap: entered promiscuous mode [ 131.527185][T12515] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 131.542071][T12515] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 131.566857][ T165] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.593142][ T165] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.602381][T12706] netlink: 'syz.5.4066': attribute type 21 has an invalid length. [ 131.609952][ T165] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.621542][ T1640] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.638095][T12706] netlink: 156 bytes leftover after parsing attributes in process `syz.5.4066'. [ 131.647239][T12706] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4066'. [ 131.721041][T12713] hub 6-0:1.0: USB hub found [ 131.727661][T12713] hub 6-0:1.0: 8 ports detected [ 131.773049][T12731] random: crng reseeded on system resumption [ 131.902239][T12749] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 132.084240][T12781] IPv6: Can't replace route, no match found [ 132.144577][ T8380] IPVS: starting estimator thread 0... [ 132.247272][T12794] IPVS: using max 2544 ests per chain, 127200 per kthread [ 132.281845][T12812] loop7: detected capacity change from 0 to 512 [ 132.323988][T12812] EXT4-fs error (device loop7): ext4_orphan_get:1418: comm syz.7.4116: bad orphan inode 11862016 [ 132.348786][T12812] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 132.418840][T12822] vhci_hcd: invalid port number 61 [ 132.444072][T12826] SELinux: Context 9p is not valid (left unmapped). [ 132.583079][T12840] loop7: detected capacity change from 0 to 1024 [ 132.768364][ T8372] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x4 [ 132.776158][ T8372] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x2 [ 132.785598][T12862] netlink: zone id is out of range [ 132.790753][T12862] netlink: zone id is out of range [ 132.800089][T12862] netlink: zone id is out of range [ 132.805339][T12862] netlink: zone id is out of range [ 132.811075][ T8372] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x3 [ 132.819706][ T8372] hid-generic 0000:3000000:0000.0009: hidraw0: HID v0.00 Device [sy] on syz0 [ 132.833716][T12862] netlink: zone id is out of range [ 132.842700][T12862] netlink: zone id is out of range [ 132.852578][T12862] netlink: zone id is out of range [ 132.877480][T12862] netlink: zone id is out of range [ 132.883823][T12862] netlink: zone id is out of range [ 132.893658][T12867] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 133.093158][T12889] loop4: detected capacity change from 0 to 512 [ 133.114991][T12893] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 133.123136][T12889] ext4 filesystem being mounted at /896/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 133.154610][T12889] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 133.172028][T12893] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 133.230203][T12889] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2 with error 28 [ 133.242586][T12889] EXT4-fs (loop4): This should not happen!! Data will be lost [ 133.242586][T12889] [ 133.252382][T12889] EXT4-fs (loop4): Total free blocks count 0 [ 133.258380][T12889] EXT4-fs (loop4): Free/Dirty block details [ 133.264330][T12889] EXT4-fs (loop4): free_blocks=65280 [ 133.269717][T12889] EXT4-fs (loop4): dirty_blocks=2 [ 133.274792][T12889] EXT4-fs (loop4): Block reservation details [ 133.280797][T12889] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 133.300963][T12899] batadv1: entered promiscuous mode [ 133.336321][T12903] netlink: 'syz.4.4157': attribute type 21 has an invalid length. [ 133.349177][T12903] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4157'. [ 133.479755][T12921] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27 sclass=netlink_route_socket pid=12921 comm=syz.0.4166 [ 133.585950][T12931] vhci_hcd: invalid port number 96 [ 133.591113][T12931] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 133.684261][T12954] macvtap0: refused to change device tx_queue_len [ 134.057774][T13016] loop5: detected capacity change from 0 to 128 [ 134.080505][T13016] ext4 filesystem being mounted at /440/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 134.309801][T13047] loop4: detected capacity change from 0 to 512 [ 134.319251][T13048] netlink: 64535 bytes leftover after parsing attributes in process `syz.5.4224'. [ 134.329363][T13047] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.4225: casefold flag without casefold feature [ 134.365862][T13047] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4225: couldn't read orphan inode 15 (err -117) [ 134.461766][T13061] bridge0: entered allmulticast mode [ 135.047505][T13073] lo speed is unknown, defaulting to 1000 [ 135.144546][ T29] kauditd_printk_skb: 221 callbacks suppressed [ 135.144561][ T29] audit: type=1400 audit(1759298629.398:3953): avc: denied { read write } for pid=3306 comm="syz-executor" name="loop0" dev="devtmpfs" ino=726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 135.174184][ T29] audit: type=1400 audit(1759298629.398:3954): avc: denied { open } for pid=3306 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 135.197348][ T29] audit: type=1400 audit(1759298629.398:3955): avc: denied { ioctl } for pid=3306 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=726 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 135.224312][ T29] audit: type=1326 audit(1759298629.473:3956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13087 comm="syz.5.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 135.248154][ T29] audit: type=1326 audit(1759298629.473:3957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13087 comm="syz.5.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 135.271731][ T29] audit: type=1326 audit(1759298629.473:3958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13087 comm="syz.5.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 135.323751][ T29] audit: type=1400 audit(1759298629.566:3959): avc: denied { write } for pid=13090 comm="syz.7.4245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 135.372810][ T29] audit: type=1326 audit(1759298629.566:3960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13087 comm="syz.5.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 135.396492][ T29] audit: type=1326 audit(1759298629.566:3961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13087 comm="syz.5.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaaf6eec9 code=0x7ffc0000 [ 135.458483][ T29] audit: type=1326 audit(1759298629.678:3962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13098 comm="syz.0.4248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ffe9aeec9 code=0x7ffc0000 [ 135.616109][T13111] SELinux: policydb version -1076681676 does not match my version range 15-35 [ 135.636041][T13111] SELinux: failed to load policy [ 135.801849][T13123] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 135.823176][T13123] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 135.832335][T13123] netlink: 'syz.7.4260': attribute type 1 has an invalid length. [ 135.840205][T13123] __nla_validate_parse: 2 callbacks suppressed [ 135.840259][T13123] netlink: 216 bytes leftover after parsing attributes in process `syz.7.4260'. [ 135.902882][T13137] serio: Serial port ttyS3 [ 136.015713][T13157] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 136.015713][T13157] program syz.4.4274 not setting count and/or reply_len properly [ 136.081640][T13167] loop0: detected capacity change from 0 to 512 [ 136.088926][T13167] EXT4-fs: Ignoring removed nobh option [ 136.099191][T13167] ext4 filesystem being mounted at /915/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 136.430904][T13192] loop7: detected capacity change from 0 to 1024 [ 136.437593][T13192] EXT4-fs: Ignoring removed orlov option [ 136.443558][T13192] EXT4-fs: Ignoring removed nomblk_io_submit option [ 136.460950][T13192] EXT4-fs mount: 16 callbacks suppressed [ 136.460965][T13192] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 136.612291][T12515] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.628650][T13200] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4301'. [ 136.698317][T13205] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=13205 comm=syz.0.4290 [ 136.760844][T13209] loop7: detected capacity change from 0 to 512 [ 136.803307][T13209] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.817395][T13209] ext4 filesystem being mounted at /39/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.871563][T12515] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.289558][T13247] loop0: detected capacity change from 0 to 512 [ 137.312902][T13247] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 137.325353][T13247] EXT4-fs (loop0): orphan cleanup on readonly fs [ 137.339607][T13247] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.4311: corrupted inode contents [ 137.374129][T13247] EXT4-fs (loop0): Remounting filesystem read-only [ 137.386598][T13247] EXT4-fs (loop0): 1 truncate cleaned up [ 137.398492][ T165] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 137.409321][ T165] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 137.427950][ T165] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started [ 137.438868][T13247] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 137.468207][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.528280][T13265] 9p: Unknown access argument : -22 [ 137.594017][T13270] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 137.612968][T13270] vhci_hcd: default hub control req: 2314 v0008 i0002 l0 [ 137.628821][T13272] futex_wake_op: syz.0.4324 tries to shift op by -1; fix this program [ 137.663282][T13278] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4327'. [ 137.672402][T13278] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4327'. [ 137.824800][T13293] loop5: detected capacity change from 0 to 2048 [ 137.852246][T13293] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.875681][T13301] serio: Serial port ttyS3 [ 137.956733][T13304] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 137.977396][T13304] vhci_hcd: default hub control req: 2314 v0008 i0002 l0 [ 138.007519][T13308] futex_wake_op: syz.4.4338 tries to shift op by -1; fix this program [ 138.098166][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.160581][T13320] loop0: detected capacity change from 0 to 2048 [ 138.190108][T13320] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 138.281618][T13326] lo speed is unknown, defaulting to 1000 [ 138.377985][T13326] chnl_net:caif_netlink_parms(): no params data found [ 138.398325][T13347] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4349'. [ 138.407402][T13347] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4349'. [ 138.416536][T13347] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4349'. [ 138.464046][T13326] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.471200][T13326] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.478630][T13326] bridge_slave_0: entered allmulticast mode [ 138.485498][T13326] bridge_slave_0: entered promiscuous mode [ 138.492861][T13326] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.499964][T13326] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.507398][T13326] bridge_slave_1: entered allmulticast mode [ 138.514223][T13326] bridge_slave_1: entered promiscuous mode [ 138.516213][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.541836][T13326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 138.556043][T13326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 138.583404][T13326] team0: Port device team_slave_0 added [ 138.591251][T13326] team0: Port device team_slave_1 added [ 138.611458][T13326] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 138.611475][T13326] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.611511][T13326] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 138.612250][T13326] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 138.663039][T13326] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.663079][T13326] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 138.710100][T13326] hsr_slave_0: entered promiscuous mode [ 138.710774][T13326] hsr_slave_1: entered promiscuous mode [ 138.711137][T13326] debugfs: 'hsr0' already exists in 'hsr' [ 138.711152][T13326] Cannot create hsr debugfs directory [ 138.795472][T13368] loop0: detected capacity change from 0 to 4096 [ 138.804417][T13368] EXT4-fs: test_dummy_encryption option not supported [ 138.823576][T13326] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 138.832779][T13326] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 138.842559][T13326] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 138.852112][T13326] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 138.871940][T13326] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.879191][T13326] bridge0: port 2(bridge_slave_1) entered forwarding state [ 138.886641][T13326] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.893793][T13326] bridge0: port 1(bridge_slave_0) entered forwarding state [ 138.906500][T13380] loop7: detected capacity change from 0 to 764 [ 138.914073][T13380] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 138.928208][T13326] 8021q: adding VLAN 0 to HW filter on device bond0 [ 138.942361][T13380] Symlink component flag not implemented [ 138.948451][T13380] Symlink component flag not implemented (7) [ 138.948712][ T31] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.974812][ T31] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.993747][T13326] 8021q: adding VLAN 0 to HW filter on device team0 [ 139.005276][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.012399][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 139.028095][ T1640] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.035252][ T1640] bridge0: port 2(bridge_slave_1) entered forwarding state [ 139.043587][T13389] netlink: 7 bytes leftover after parsing attributes in process `+}[@'. [ 139.052759][T13389] netlink: 7 bytes leftover after parsing attributes in process `+}[@'. [ 139.096055][T13326] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 139.216855][T13326] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 139.490748][T13326] veth0_vlan: entered promiscuous mode [ 139.518111][T13326] veth1_vlan: entered promiscuous mode [ 139.552808][T13326] veth0_macvtap: entered promiscuous mode [ 139.559135][T13447] loop5: detected capacity change from 0 to 128 [ 139.566487][T13447] FAT-fs (loop5): bogus sectors per cluster 0 [ 139.572708][T13447] FAT-fs (loop5): Can't find a valid FAT filesystem [ 139.581313][T13326] veth1_macvtap: entered promiscuous mode [ 139.594924][T13447] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4387'. [ 139.605346][T13326] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 139.614252][T13326] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 139.639394][ T3426] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.671083][ T3426] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.700352][ T3426] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.719192][ T3426] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.733720][T13456] loop5: detected capacity change from 0 to 128 [ 139.754067][T13456] FAT-fs (loop5): bogus sectors per cluster 0 [ 139.760203][T13456] FAT-fs (loop5): Can't find a valid FAT filesystem [ 139.808445][T13466] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 139.808654][T13464] IPVS: stopping master sync thread 13466 ... [ 139.830928][T13467] loop8: detected capacity change from 0 to 512 [ 139.877459][T13467] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.917151][T13467] ext4 filesystem being mounted at /1/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 139.973131][T13467] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.4396: corrupted inode contents [ 140.007025][T13467] EXT4-fs error (device loop8): ext4_dirty_inode:6538: inode #2: comm syz.8.4396: mark_inode_dirty error [ 140.035197][T13467] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.4396: corrupted inode contents [ 140.094486][T13326] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.114186][T13490] loop5: detected capacity change from 0 to 1024 [ 140.159149][T13490] EXT4-fs: Ignoring removed orlov option [ 140.164943][T13490] EXT4-fs: Ignoring removed nomblk_io_submit option [ 140.197352][T13503] netlink: 'syz.7.4409': attribute type 1 has an invalid length. [ 140.209891][T13490] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 140.222892][T13502] loop0: detected capacity change from 0 to 1024 [ 140.233110][T13502] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (58532!=20869) [ 140.254581][T13502] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002] [ 140.263041][T13502] EXT4-fs (loop0): failed to initialize system zone (-117) [ 140.273830][T13502] EXT4-fs (loop0): mount failed [ 140.367637][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.450561][T13534] loop7: detected capacity change from 0 to 512 [ 140.461419][T13534] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 140.483336][T13534] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.496281][T13534] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 140.519026][T12515] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.537246][ T29] kauditd_printk_skb: 182 callbacks suppressed [ 140.537265][ T29] audit: type=1326 audit(1759298634.449:4139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13543 comm="syz.7.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7442d2eec9 code=0x7ffc0000 [ 140.567649][ T29] audit: type=1326 audit(1759298634.449:4140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13543 comm="syz.7.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7442d2eec9 code=0x7ffc0000 [ 140.573412][T13542] hub 6-0:1.0: USB hub found [ 140.591528][ T29] audit: type=1326 audit(1759298634.458:4141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13543 comm="syz.7.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f7442d2eec9 code=0x7ffc0000 [ 140.619919][ T29] audit: type=1326 audit(1759298634.458:4142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13543 comm="syz.7.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7442d2eec9 code=0x7ffc0000 [ 140.619967][T13542] hub 6-0:1.0: 8 ports detected [ 140.648410][ T29] audit: type=1326 audit(1759298634.477:4143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13543 comm="syz.7.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7442d2eec9 code=0x7ffc0000 [ 140.694929][ T29] audit: type=1400 audit(1759298634.599:4144): avc: denied { bind } for pid=13545 comm="syz.5.4429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 140.719041][ T29] audit: type=1400 audit(1759298634.599:4145): avc: denied { listen } for pid=13545 comm="syz.5.4429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 140.761978][T13555] SELinux: policydb version 4376 does not match my version range 15-35 [ 140.777546][T13548] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=13548 comm=syz.0.4428 [ 140.792507][T13555] SELinux: failed to load policy [ 140.798880][ T29] audit: type=1400 audit(1759298634.683:4146): avc: denied { create } for pid=13558 comm="syz.5.4434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 140.819332][ T29] audit: type=1400 audit(1759298634.711:4147): avc: denied { setopt } for pid=13558 comm="syz.5.4434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 140.861919][T13561] batadv_slave_1: entered promiscuous mode [ 140.868860][T13560] batadv_slave_1: left promiscuous mode [ 140.914071][T13569] netlink: 'syz.0.4448': attribute type 21 has an invalid length. [ 140.936192][T13573] random: crng reseeded on system resumption [ 141.022232][ T29] audit: type=1400 audit(1759298634.898:4148): avc: denied { name_connect } for pid=13586 comm="syz.7.4445" dest=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1 [ 141.048972][T13591] loop5: detected capacity change from 0 to 512 [ 141.072402][T13591] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.4450: bad orphan inode 11862016 [ 141.120186][T13591] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 141.133176][T13591] ext4 filesystem being mounted at /497/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 141.192938][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 141.234435][T13620] loop8: detected capacity change from 0 to 1024 [ 141.244466][T13618] loop7: detected capacity change from 0 to 2048 [ 141.256636][T13622] netlink: 'syz.5.4457': attribute type 6 has an invalid length. [ 141.265937][T13620] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.291989][T13618] loop7: p1 < > p4 [ 141.308478][T13618] loop7: p4 size 8388608 extends beyond EOD, truncated [ 141.347107][T13620] EXT4-fs error (device loop8): mb_free_blocks:2017: group 0, inode 18: block 177:freeing already freed block (bit 11); block bitmap corrupt. [ 141.397935][T13326] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.531917][T13656] net_ratelimit: 2 callbacks suppressed [ 141.532018][T13656] netlink: zone id is out of range [ 141.545187][T13658] loop4: detected capacity change from 0 to 1024 [ 141.552192][T13658] EXT4-fs: Ignoring removed nomblk_io_submit option [ 141.566695][T13656] netlink: zone id is out of range [ 141.579085][T13658] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.579911][T13656] netlink: zone id is out of range [ 141.596453][T13656] netlink: zone id is out of range [ 141.601819][T13656] netlink: zone id is out of range [ 141.608412][T13656] netlink: zone id is out of range [ 141.613617][T13656] netlink: zone id is out of range [ 141.618770][T13656] netlink: zone id is out of range [ 141.624145][T13656] netlink: zone id is out of range [ 141.629275][T13656] netlink: zone id is out of range [ 141.649513][T13662] ipvlan2: entered promiscuous mode [ 141.683998][T13662] bridge0: port 3(ipvlan2) entered blocking state [ 141.690532][T13662] bridge0: port 3(ipvlan2) entered disabled state [ 141.698378][T13668] loop8: detected capacity change from 0 to 128 [ 141.706900][T13662] ipvlan2: entered allmulticast mode [ 141.712324][T13662] bridge0: entered allmulticast mode [ 141.718148][T13662] ipvlan2: left allmulticast mode [ 141.723301][T13662] bridge0: left allmulticast mode [ 141.727167][T13668] FAT-fs (loop8): Directory bread(block 32) failed [ 141.737065][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.750044][T13668] FAT-fs (loop8): Directory bread(block 33) failed [ 141.756779][T13668] FAT-fs (loop8): Directory bread(block 34) failed [ 141.764058][T13668] FAT-fs (loop8): Directory bread(block 35) failed [ 141.775940][T13668] FAT-fs (loop8): Directory bread(block 36) failed [ 141.782564][T13668] FAT-fs (loop8): Directory bread(block 37) failed [ 141.814673][T13668] FAT-fs (loop8): Directory bread(block 38) failed [ 141.832708][T13668] FAT-fs (loop8): Directory bread(block 39) failed [ 141.842253][T13668] FAT-fs (loop8): Directory bread(block 40) failed [ 141.855210][T13668] FAT-fs (loop8): Directory bread(block 41) failed [ 141.948727][T13668] bio_check_eod: 27 callbacks suppressed [ 141.948747][T13668] syz.8.4481: attempt to access beyond end of device [ 141.948747][T13668] loop8: rw=524288, sector=4108, nr_sectors = 4 limit=128 [ 141.972395][T13668] syz.8.4481: attempt to access beyond end of device [ 141.972395][T13668] loop8: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 141.989381][T13668] syz.8.4481: attempt to access beyond end of device [ 141.989381][T13668] loop8: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 142.003252][T13668] syz.8.4481: attempt to access beyond end of device [ 142.003252][T13668] loop8: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 142.018395][T13668] syz.8.4481: attempt to access beyond end of device [ 142.018395][T13668] loop8: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 142.032087][T13668] syz.8.4481: attempt to access beyond end of device [ 142.032087][T13668] loop8: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 142.045774][T13668] syz.8.4481: attempt to access beyond end of device [ 142.045774][T13668] loop8: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 142.059392][T13668] syz.8.4481: attempt to access beyond end of device [ 142.059392][T13668] loop8: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 142.073075][T13668] syz.8.4481: attempt to access beyond end of device [ 142.073075][T13668] loop8: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 142.098450][T13668] syz.8.4481: attempt to access beyond end of device [ 142.098450][T13668] loop8: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 142.132509][T13699] loop5: detected capacity change from 0 to 512 [ 142.168462][T13699] EXT4-fs: Ignoring removed bh option [ 142.192094][T13699] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.211899][T13699] ext4 filesystem being mounted at /504/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 142.254145][T13710] __nla_validate_parse: 3 callbacks suppressed [ 142.254167][T13710] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4499'. [ 142.272090][T13699] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.363738][T13719] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4505'. [ 142.395801][T13724] loop4: detected capacity change from 0 to 512 [ 142.407421][T13724] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 142.440495][T13724] EXT4-fs (loop4): 1 truncate cleaned up [ 142.463094][T13724] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.478553][ T8393] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x4 [ 142.486342][ T8393] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x2 [ 142.508980][ T8393] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x3 [ 142.536238][ T8393] hid-generic 0000:3000000:0000.000A: hidraw0: HID v0.00 Device [sy] on syz0 [ 142.562528][T13724] EXT4-fs error (device loop4): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.4.4506: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 142.599422][T13736] loop0: detected capacity change from 0 to 512 [ 142.632948][T13724] EXT4-fs (loop4): Remounting filesystem read-only [ 142.639695][T13724] EXT4-fs warning (device loop4): ext4_rename_delete:3731: inode #2: comm syz.4.4506: Deleting old file: nlink 5, error=-117 [ 142.674799][T13736] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.687423][T13742] netlink: 'syz.5.4514': attribute type 10 has an invalid length. [ 142.695922][T13736] ext4 filesystem being mounted at /970/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.709270][T13742] team0: Port device dummy0 added [ 142.721016][T13742] netlink: 'syz.5.4514': attribute type 10 has an invalid length. [ 142.726231][T13736] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 142.745703][T13742] team0: Port device dummy0 removed [ 142.746051][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.753196][T13742] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 142.761674][T13736] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2 with error 28 [ 142.780828][T13736] EXT4-fs (loop0): This should not happen!! Data will be lost [ 142.780828][T13736] [ 142.790525][T13736] EXT4-fs (loop0): Total free blocks count 0 [ 142.796535][T13736] EXT4-fs (loop0): Free/Dirty block details [ 142.802587][T13736] EXT4-fs (loop0): free_blocks=65280 [ 142.807887][T13736] EXT4-fs (loop0): dirty_blocks=2 [ 142.812971][T13736] EXT4-fs (loop0): Block reservation details [ 142.818989][T13736] EXT4-fs (loop0): i_reserved_data_blocks=2 [ 142.881420][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.891959][T13757] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4522'. [ 143.606816][T13832] netlink: 'syz.5.4553': attribute type 5 has an invalid length. [ 143.688705][T13836] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4555'. [ 143.821501][ T8394] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x4 [ 143.829346][ T8394] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x2 [ 143.838866][ T8394] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0 [ 143.846636][ T8394] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0 [ 143.854337][ T8394] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0 [ 143.862243][ T8394] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0 [ 143.870012][ T8394] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0 [ 143.880055][ T8394] hid-generic 0000:3000000:0000.000B: hidraw0: HID v0.00 Device [sy] on syz0 [ 143.912426][T13868] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4569'. [ 143.958960][T13875] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4573'. [ 144.050254][T13878] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4575'. [ 144.062633][T13878] IPVS: Error connecting to the multicast addr [ 144.143862][T13887] netlink: 76 bytes leftover after parsing attributes in process `syz.0.4578'. [ 144.244026][T13901] netlink: 'syz.0.4585': attribute type 4 has an invalid length. [ 144.251797][T13901] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4585'. [ 144.281341][T13906] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4587'. [ 144.294167][T13906] gretap0: entered promiscuous mode [ 144.301578][T13906] macsec2: entered promiscuous mode [ 144.307086][T13906] macsec2: entered allmulticast mode [ 144.312459][T13906] gretap0: entered allmulticast mode [ 144.321779][T13906] gretap0: left allmulticast mode [ 144.327050][T13906] gretap0: left promiscuous mode [ 144.455100][T13930] tipc: Enabling of bearer rejected, media not registered [ 144.508054][T13938] loop5: detected capacity change from 0 to 1024 [ 144.520827][T13938] EXT4-fs: Ignoring removed i_version option [ 144.526972][T13938] EXT4-fs: Ignoring removed nobh option [ 144.576808][T13938] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 144.633507][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.668237][T13968] netlink: 'syz.8.4617': attribute type 6 has an invalid length. [ 144.706086][T13971] binfmt_misc: register: failed to install interpreter file ./file0 [ 144.737423][T13977] batadv_slave_1: entered promiscuous mode [ 144.757222][T13977] macsec1: entered promiscuous mode [ 144.762585][T13977] macsec1: entered allmulticast mode [ 144.768134][T13977] batadv_slave_1: entered allmulticast mode [ 144.778937][T13977] batadv_slave_1: left allmulticast mode [ 144.784694][T13977] batadv_slave_1: left promiscuous mode [ 144.933140][T14000] atomic_op ffff888132d23528 conn xmit_atomic 0000000000000000 [ 144.982298][T14012] loop5: detected capacity change from 0 to 256 [ 145.043602][T14012] FAT-fs (loop5): codepage cp1255 not found [ 145.052304][T14020] loop4: detected capacity change from 0 to 512 [ 145.087307][T14020] EXT4-fs: Ignoring removed orlov option [ 145.093708][T14020] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 145.110540][T14020] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 145.120473][T14020] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.4641: corrupted in-inode xattr: e_value size too large [ 145.152274][T14020] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4641: couldn't read orphan inode 15 (err -117) [ 145.180748][T14020] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.231952][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.257980][T14044] loop5: detected capacity change from 0 to 1024 [ 145.280680][T14044] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 145.310076][T14044] ext4 filesystem being mounted at /546/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 145.342976][T14044] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 145.360683][T14044] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28 [ 145.373173][T14044] EXT4-fs (loop5): This should not happen!! Data will be lost [ 145.373173][T14044] [ 145.383106][T14044] EXT4-fs (loop5): Total free blocks count 0 [ 145.389248][T14044] EXT4-fs (loop5): Free/Dirty block details [ 145.395309][T14044] EXT4-fs (loop5): free_blocks=4293918720 [ 145.401236][T14044] EXT4-fs (loop5): dirty_blocks=64 [ 145.406444][T14044] EXT4-fs (loop5): Block reservation details [ 145.412678][T14044] EXT4-fs (loop5): i_reserved_data_blocks=4 [ 145.453785][ T7833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.538459][T14077] loop4: detected capacity change from 0 to 4096 [ 145.556199][T14077] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 145.584986][ T3302] ================================================================== [ 145.593149][ T3302] BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked [ 145.600568][ T3302] [ 145.602920][ T3302] read-write to 0xffff888100686b50 of 8 bytes by interrupt on cpu 1: [ 145.611443][ T3302] __xa_clear_mark+0xf5/0x1e0 [ 145.616159][ T3302] __folio_end_writeback+0x177/0x470 [ 145.621466][ T3302] folio_end_writeback+0x71/0x3d0 [ 145.626518][ T3302] end_buffer_async_write+0x156/0x1f0 [ 145.631927][ T3302] end_bio_bh_io_sync+0x76/0xa0 [ 145.636815][ T3302] bio_endio+0x37e/0x420 [ 145.641079][ T3302] blk_update_request+0x336/0x730 [ 145.646135][ T3302] blk_mq_end_request+0x26/0x50 [ 145.651012][ T3302] lo_complete_rq+0x98/0x140 [ 145.655619][ T3302] blk_done_softirq+0x77/0xb0 [ 145.660317][ T3302] handle_softirqs+0xba/0x290 [ 145.665005][ T3302] run_ksoftirqd+0x1c/0x30 [ 145.669434][ T3302] smpboot_thread_fn+0x328/0x530 [ 145.674378][ T3302] kthread+0x489/0x510 [ 145.678460][ T3302] ret_from_fork+0x11f/0x1b0 [ 145.683061][ T3302] ret_from_fork_asm+0x1a/0x30 [ 145.687861][ T3302] [ 145.690198][ T3302] read to 0xffff888100686b50 of 8 bytes by task 3302 on cpu 0: [ 145.697830][ T3302] xas_find_marked+0x218/0x620 [ 145.702618][ T3302] find_get_entry+0x5d/0x380 [ 145.707225][ T3302] filemap_get_folios_tag+0x92/0x210 [ 145.712536][ T3302] filemap_write_and_wait_range+0x1d3/0x340 [ 145.718446][ T3302] sync_blockdev+0x35/0x50 [ 145.722876][ T3302] sync_filesystem+0x162/0x190 [ 145.727660][ T3302] generic_shutdown_super+0x44/0x210 [ 145.732991][ T3302] kill_block_super+0x2a/0x70 [ 145.737691][ T3302] ext4_kill_sb+0x42/0x80 [ 145.742039][ T3302] deactivate_locked_super+0x75/0x1c0 [ 145.747428][ T3302] deactivate_super+0x97/0xa0 [ 145.752123][ T3302] cleanup_mnt+0x269/0x2e0 [ 145.756548][ T3302] __cleanup_mnt+0x19/0x20 [ 145.760971][ T3302] task_work_run+0x12e/0x1a0 [ 145.765576][ T3302] exit_to_user_mode_loop+0xe1/0xf0 [ 145.770814][ T3302] do_syscall_64+0x1d6/0x200 [ 145.775432][ T3302] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.781333][ T3302] [ 145.783659][ T3302] value changed: 0x0002000000010030 -> 0x0000000000000000 [ 145.790771][ T3302] [ 145.793096][ T3302] Reported by Kernel Concurrency Sanitizer on: [ 145.799299][ T3302] CPU: 0 UID: 0 PID: 3302 Comm: syz-executor Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 145.810856][ T3302] Tainted: [W]=WARN [ 145.814662][ T3302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 145.824723][ T3302] ================================================================== [ 145.836189][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.