last executing test programs: 1m11.560236219s ago: executing program 0 (id=914): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="02000000040000000700000002"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000240)='sys_enter\x00', r1}, 0x18) statx(0xffffffffffffffff, 0x0, 0x1000, 0x10, 0x0) 1m11.511071891s ago: executing program 0 (id=915): gettid() timer_create(0x0, 0x0, &(0x7f0000bbdffc)) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x2, 0x1, &(0x7f0000000180)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 1m11.445959553s ago: executing program 0 (id=920): unshare(0x62040200) syz_usb_disconnect(0xffffffffffffffff) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10) 1m10.662505798s ago: executing program 0 (id=942): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x1c, r1, 0x331, 0x2000, 0x40000000, {0x8}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400400c}, 0x0) 1m10.586097391s ago: executing program 0 (id=944): mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) mount$bpf(0x0, &(0x7f0000000ac0)='./file0/../file0\x00', 0x0, 0x44000, 0x0) 1m10.581731282s ago: executing program 0 (id=946): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f000000c300)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x4000000}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4}]}], {0x14}}, 0x64}}, 0x0) 55.547719932s ago: executing program 32 (id=946): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f000000c300)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x4000000}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4}]}], {0x14}}, 0x64}}, 0x0) 43.273151585s ago: executing program 2 (id=2077): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x9d}, 0x18) keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000003580)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0xffffffffffffffff}], 0x9, 0x0) 43.232146787s ago: executing program 2 (id=2079): bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xb}, 0x18) setxattr$trusted_overlay_upper(0x0, &(0x7f00000001c0), 0x0, 0x835, 0x0) 43.176354069s ago: executing program 2 (id=2083): r0 = syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x0, 0x13100}, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x5, &(0x7f0000000200)={0x77359400}, 0x1, 0x4}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f0000000140)={0x5, r0, 0x1c, {0x9, 0x1}, 0x6}, 0x1) 43.115669132s ago: executing program 2 (id=2087): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x4) 43.081339853s ago: executing program 2 (id=2089): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a30000000060a0b04000000000000fdc598ae000018000480"], 0x58}}, 0x0) sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000000000000000000000b00000008000300000000000c0001"], 0x28}}, 0x0) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="140100001f000504000000000000000004"], 0x114}], 0x1}, 0x0) 42.814199695s ago: executing program 2 (id=2105): r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000140)=0x3, 0x20) sendmsg$tipc(r0, &(0x7f0000000240)={&(0x7f00000000c0)=@id, 0x10, 0x0}, 0x0) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 42.814114544s ago: executing program 33 (id=2105): r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000140)=0x3, 0x20) sendmsg$tipc(r0, &(0x7f0000000240)={&(0x7f00000000c0)=@id, 0x10, 0x0}, 0x0) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 1.343722392s ago: executing program 1 (id=4428): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r1, 0x0, 0x4ab}, 0x18) syz_usb_connect$printer(0x5, 0x2d, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0xff, 0x3f0, 0x4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x3, 0x50, 0xe0, [{{0x9, 0x4, 0x0, 0x5, 0x2, 0x7, 0x1, 0x3, 0xb7, "", {{{0x9, 0x5, 0x1, 0x2, 0x8, 0x8, 0x3, 0x8}}}}}]}}]}}, 0x0) 800.375175ms ago: executing program 1 (id=4467): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0) sendmsg$NLBL_MGMT_C_ADD(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_DOMAIN={0xa, 0x1, ':[*-}\x00'}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @remote}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000) 748.808377ms ago: executing program 1 (id=4471): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18) move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x262) 678.2697ms ago: executing program 1 (id=4476): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002100)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x1}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x1f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x8, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0x88f8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000640)='syzkaller\x00', 0x7, 0xf9, &(0x7f0000000080)=""/249}, 0x94) 669.494131ms ago: executing program 1 (id=4479): r0 = msgget$private(0x0, 0x480) msgsnd(r0, &(0x7f0000000040)={0x2, "ff7f1c823e695237825488d5e047d09602c1017642c6ca17e11ecf866b5b33b179d065bdcb1b5e01481dfb6a2c73cc623a60ca094f1a550aba92acd8a69444d52f86e5db83b032f4c6cbfcd0c084237048eefc30d84c82b62811c1ed61c0d1cc88dbb7e55311885b8c03a47e40dc0a477e793c06fe89f41fe664acdf6434e5cf7eca1eed5afb2f9e91e889b97755d343257d850a78e658f2d1f1b4ff08fd506422d93d3b8b9ee5580b0eb7f573bd411b8a27de0a2d011cf5bf2940dfc6dd679d19b42d2caa34c32fa898432365273970a5082329e61912d4eef4f24b9268e601579fc8f0fa2a3c2af89591ffce34b75eebb33b8156902d50adc2bcdb24763d29716bfd0626e59496e492fc385c150cf7e89132f467ebaa62301278af495c0e9bc64c588aa6e815255b85c7d90fe5c01aa73969671fd0e29b206006309aeb4615a4b5b0d066b3fa6bce7be06c51410e3ea7e031e6a8edd63d3c44f5ddd104222c649edb056ece9ce94e7a1d115f79b4f2d26a1d29f3213f0d647cafbbb8ef825c1226ed716bfb0d187df7463bc949b8281cd1e5343f1f2d37f5690a5557262a2053e34484be6267897bcba5f709a52ae5a6255c58ef0f46632e05c2ccfe33e8258daf59413151812ebddc6b4293ca132b3612b1cf78b5f83285393979c5d07c3a01db4aba7bf8bca1705673b1a6f218fc971ebfc5ef5accc6fea12d0c0369d290bd9684eab10b88cad97cb10ea58ffc615c54212574874ee72289b96f8f3f00be319ebf72ddfeb45e36b9055f042dad6a290a01101452c3d0e2dd43ea4779f62bee347f05eb191b877dad4c5bdabfd0210b6a39fc8a93e0c2efab44426a3c9e0dbdc4626f4ffa245992c519d624a29b25ed65151ecc38e67d071e01886d922b2ec23728e8445223882b60e6dc2f8551bcbddc2f3d8bc106c8aa2ad0edcf0d1ee8af02ad69e57114f302f13acbda7b97730f4f141cd041198f9a3cb806b7db72b2c05e0aaf6a786bd367d38402a9087b669ec9b557ca2571689369bbd076789a91f655ff0bcaa853891b0ef2b0cf9914a2b886e6c3a0d3eb8d9225557baff7573bd6d45a4b64d4b3d8d5b596a0c944845cb79ca0b1eccd0048f3195b77ec0d2d16158a80cb5937b6f78066ad1e97c8afa5c654c8a68befd2a253280497c7ea2e0409f1fbfc3b507dbb6574dd111ffed8e2de29b5d696196ac949398971d217e9418c08715fe11e29c454ece4a0577633879ef0b8c95bfa5c556b0a746332333e617146f0bb06e15d4102cef7106e2dadd3682c9e47b827ee43e9319181c7759bf6726dac95f0852dd5448b96222edd4bc6c8e0e85656bcaf5137f8ce0cd0fca7fb12eb5582eb6d2a680ab74e18806ccd441cdd87fed1a985cf4f178e3cf12b658d8d8c3b2153d73eee5fd9a585192fa1b763db8a3f2bf7df48f3"}, 0x401, 0x0) msgsnd(r0, &(0x7f0000000a00)={0x1, "1ed0c436a214761fd7732fb6cb3ea28a9f48bb02eb141f79bf60b803048f88ff56c163e58fccc51656c914a2aab43c1a8f330b17e465467c2b1281717176bfd8155eb6a5f7b99be8731f4bb5065ca1d00c286692f1dbef423d804a7aed7326347d8c9b24f60fb42ca7daf28d317dd44a96e825684ee2f99dcc17aa0a5d8222ac28e071217d9556765da9db24dcdfd2fec4d502c6d1815cef885111edce9c2f39142319f5b234c707c027bcab6f1b207130c963e2071b7de4aba435ad27d2923252ce76d4a07d920a174a6fcebef85ca405dc1407d27596c1a3e02fe9756894f929aad6cfe644932fe5aae77ad0d24efc289f3d2e2c2fb1c8db334278b6b5cf2d4f1fa7d4b91061fd6da9031cc72f457d2bb19f17ec0a8d85fb3c7c32e94ed52b8bf9f8a71d295978fb78666bf68ef15f11e101cd0db8392c8d45bff0772256ebb00574423ae8306575edc31598c570b8417c8d2087e85352116dcbc28df5cd92c2047ad4471167e99c84d86309533e77dddc7ae97271df280e95be64e6dab8055b0a1248ac5a9fd496b2434c0a2e188660c05dcfd9350d0ac619519b057c08742cdf94579b121a1bc5e350f45bb69c876797d9820cd06f8d14e61c3d51f0c91eb2e8ccab11f5d3f7f53ca3b420c4c023144124391b3d054d70a7526655120e46d385a184bf930ae19d360943235f800b9658f9bd139774ca7ba27de416447438cd5ae524a3f8fe13f4d5699e4d406fc820c0a2914efdf8326e994f63ca6bb37c1cf4830e4a1f35552cbe3c72134879dfd2038969f91c237de7e8bfae14d772b20677e175772a725f9630d0000a49e6b26bc82e2ed151e69e22a02b1a9c9baf8e8806b22f34fe082ac5412396002f806ddb7d0665e9678a264a5487dcf29253943840c20ab5388735f22237681923f447386621f6aef2d7cae61723b5c3ca062de416655588751d802911ce58f8a64c149c927286338b54579b105e3e6881eb1a1302bbcf91c1fd176706744dba253a6007d7511a8d0b92a00fa04701364370e9048662a1ce71b362f64bcb2f452811d21bd64c73061c839232ae24d8df5299952eaf4eabf2db9f35f1384ded0037b6a401303cec4020dca9b729829171df72c2979695420ee007107ddd670d5c2610b95830fb5683e1e0d9365ca8b2dba742a289a9d370ae8d4c0827ce63908162d39b5243a50da528f24d93d9a987b6da7736d2129de83e324e544826bdf24ae219db40271d9e3ac283046742740de4d65b0b66d425248f42df859fb0c07e6be4f16476390ecfc3ee64157ab113af8b700ea54cada85cdede584cb8a92dbb7b338248a97237ed3ddcc72fedf5d45b4ec6390f191767ba979a75f1db73736791a6f8c9f68eec2e4170e90bac256a5a28722a956b191ffd752ddf285252ec522f4fc9d1a961553cd6db7b7a7b"}, 0x401, 0x0) msgctl$IPC_RMID(r0, 0x0) 651.275052ms ago: executing program 6 (id=4480): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) capget(0x0, 0x0) 623.841193ms ago: executing program 6 (id=4483): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0x88}}, 0x0) 543.275006ms ago: executing program 1 (id=4489): r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0x4004550e, 0x0) 529.865277ms ago: executing program 6 (id=4490): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x183, 0x806}, 0x6025, 0x4005, 0x9, 0x0, 0x1, 0x1, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x18d6, &(0x7f0000000040)={0x0, 0x3, 0x800, 0xfffffffc, 0xad}, &(0x7f0000000440), &(0x7f0000000500)) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x2, &(0x7f0000000180), 0xfe) 493.104868ms ago: executing program 5 (id=4494): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f0000001480)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000040)="8f", 0x1}], 0x1}}, {{&(0x7f0000000340)={0xa, 0x4e23, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x288}, 0x1c, &(0x7f0000000400)=[{&(0x7f0000000380)='2', 0x1}], 0x1}}], 0x2, 0x0) shutdown(r0, 0x1) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000280)={0x0, @in={{0x2, 0x4e23, @empty}}, 0xfb3, 0x9}, 0x90) 460.78057ms ago: executing program 5 (id=4495): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000900)={0x38, r1, 0x601, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x5, 0x2}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0xc000) sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010080000000fedbdf250f002d00180007800800020007"], 0x2c}, 0x1, 0x0, 0x0, 0x2805}, 0x0) 443.066111ms ago: executing program 4 (id=4497): bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) lsm_set_self_attr(0x65, &(0x7f0000000380)={0x6b, 0xa, 0x38, 0x18, "e50c9a646ef08d53ffbaa124d9f664202ef44c77f1edf0bf"}, 0x38, 0x0) 416.798022ms ago: executing program 4 (id=4499): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x81}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000039000900000000000000000001000000040000000c0001800600000005470000080002"], 0x38}}, 0x0) 384.483563ms ago: executing program 5 (id=4500): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_MOVE(0x1e, r1, 0xfffffffffffffffe, r1, 0x1) 378.232643ms ago: executing program 3 (id=4501): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000400)={0xa, 0x2, 0xac3, @loopback, 0x9}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) sendmmsg$sock(r0, &(0x7f00000033c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@timestamping={{0x14, 0x1, 0x25, 0x4}}], 0x18}}], 0x2, 0x8c3) 339.954535ms ago: executing program 3 (id=4502): r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) io_setup(0x8, &(0x7f0000004200)=0x0) io_submit(r1, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x80044940, &(0x7f0000001b00)) 339.782865ms ago: executing program 5 (id=4503): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) pivot_root(&(0x7f00000002c0)='.\x00', &(0x7f0000001600)='./file1\x00') 339.542355ms ago: executing program 4 (id=4504): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000140), 0x2, 0x0) write$cgroup_freezer_state(r1, &(0x7f0000000040)='FROZEN\x00', 0x7) 285.547027ms ago: executing program 5 (id=4505): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file3\x00', 0x800000, &(0x7f0000000380)={[{@noauto_da_alloc}, {@jqfmt_vfsold}, {@noquota}, {@norecovery}, {@resuid}]}, 0x1, 0x4be, &(0x7f0000000540)="$eJzs3ctrW1caAPBPUvyMZ/KYYUgyMAlkIPMglh8MsWdmM6uZWQSGCXTTQuraiutatowlp7EJ1Gl3WXRRWlooXXRZ6D/QbppVQ6F03e5LFiWlTV1oCwUVXUmO/JArGjsC398PbnTuOTf6zrH4jq+OrnUDSK1ztX8yEUMR8UlEHKvvbj3gXP1h48HN6dqWiWr1yleZ5LjafvPQ5v87GhHrEdEfEf//d8QzmZ1xy6tr81PFYmG5sZ+vLCzly6trF+cWpmYLs4XF0YlLk5MTI+Njk/s21tsvP3f78vv/7X33u5fu333lww9q3RpqtLWOYz/Vh94TJ1rqjkTEPw8iWBfkGuMZ6HZH+EVqr99vIuJ8kv/HIpe8mkAaVKvV6o/VvnbN61Xg0Mom58CZ7HBE1MvZ7PBw/Rz+tzGYLZbKlb9eK60sztTPlY9HT/baXLEw0nivcDx6MrX90aT8cH9s2/54RHIO/GpuINkfni4VZx7vVAdsc3Rb/n+bq+c/kBLe8kN6yX9IL/kP6SX/Ib3kP6SX/If0kv+QXvIf0kv+Q3rJf0gv+Q+p9L/Ll2tbtfn37zPXV1fmS9cvzhTK88MLK9PD06XlGJ4t9b3X2fMVS6Wl0b/Fyo18pVCu5Mura1cXSiuLlatzC1OzvVHoOeDxAJ07cfbOZ5mIWP/7QLLV9Dba5CocbtUX6t8BAKRPrtsTENA1lv4gvbzHB3b5it4t+ts1LD1S1J8LCxygbLc7AHTNhdM+/4O0sv4P6WX9H9Jr6zm+swFIo+6s/wPdZP0f0muo5f4/mZb7f/2q5d5dIxHx64j4NNfT17zXF3AYZL/INHL/wrE/Dm1v7c18nywK9EbE829eef3GVKWyPFqr/3qzvvJGvb63G90HOpbk71jj0S9yAEi1jQc3p5vbZuXxg4/75b/qFyHsjH+ksTbZn3xGObiR2XKtQmafrl1YvxURp3aLn2nc77z+ycfgRm5H/JONx0z9KZL+Hknum/4o8e+902n80y3x/9AS/8wj/1QgHe7U5p+R3fI/m+R0bObf1vlnaJ+uj24//2U3579cm/nvbIcxnn3rxXtt49+KOLNr/Ga8/iTW9vi1vl3oMP79p574Xbu26tv159ktflOtlK8sLOXLq2sX5xamZguzhcXRiUuTkxMj42OT+WSNOt9cqd7pH6c+vrvX+AfbxN9r/LW6P3c4/h9+/9GT5/aI/6fzu7/+J/eIPxARf+kw/jdjnz/drq0Wf6bN+LPb47cs8NXqxjuMX37tP30dHgoAPAbl1bX5qWKxsKygoKCwWej2zAQctIdJ3+2eAAAAAAAAAAAAAJ16HJcTd3uMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHwU8BAAD//zAx0oQ=") syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000040)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@barrier}, {@noload}, {@dioread_nolock}]}, 0x1, 0x599, &(0x7f0000001280)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=") openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x49) renameat2(0xffffffffffffff9c, &(0x7f00000007c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file3\x00', 0x4) 285.104897ms ago: executing program 4 (id=4506): r0 = socket$inet6(0xa, 0x2, 0x3a) sched_setscheduler(0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x4, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) sendmmsg$inet6(r0, &(0x7f0000000340)=[{{&(0x7f0000000380)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5, '\x00', 0x0}}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000100)="a0002883781ecc0e", 0x4008}], 0x6}}], 0x1, 0x0) 269.549118ms ago: executing program 4 (id=4507): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x6, 0x8, 0xae, 0x0, 0x1, 0x20727ff}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffff05850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4006, 0x5, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x8000000}, 0x50) 255.753069ms ago: executing program 3 (id=4508): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001400add427323b472545b4560a117fffffff81000e220e227f000001925aa80013007b00090080007f000001e809000000ff0000f03ac7ffe703ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) 204.038411ms ago: executing program 6 (id=4509): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) alarm(0x38) 196.190911ms ago: executing program 3 (id=4510): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x4, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdf}, 0x94) ioctl$TIOCL_BLANKSCREEN(r0, 0x4b67, &(0x7f0000000180)) 143.676633ms ago: executing program 6 (id=4511): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) futex(&(0x7f0000000040), 0x5, 0x2, 0x0, &(0x7f0000000100)=0x2, 0x0) 44.512028ms ago: executing program 6 (id=4512): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000170900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}}, 0x2000c450) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}, {0x10, 0x1, 0x0, 0x1, @masq={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xe}}}, 0x80}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) close(0x3) 44.414638ms ago: executing program 4 (id=4513): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@debug}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f00000001c0)='.\x00', 0x1ac8431, &(0x7f00000008c0)=ANY=[], 0x0, 0x0, &(0x7f00000001c0)) 44.147288ms ago: executing program 3 (id=4514): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x12, 0xa, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r2, &(0x7f00000001c0), 0x0}, 0x20) 6.361529ms ago: executing program 3 (id=4515): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) move_mount(0xffffffffffffffff, &(0x7f0000004000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, 0x0, 0x157) 0s ago: executing program 5 (id=4516): r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300a8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffff800, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x2, 0x1}, 0x1205, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x40000000000000, r0, 0x0) syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): 76.682168][ T8207] Symlink component flag not implemented (7) [ 76.693917][ T8208] EXT4-fs error (device loop4): __ext4_iget:5443: inode #11: block 1: comm syz.4.2070: invalid block [ 76.712209][ T8208] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.2070: couldn't read orphan inode 11 (err -117) [ 76.732873][ T8208] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.775602][ T8227] syz.3.2078 uses obsolete (PF_INET,SOCK_PACKET) [ 76.835512][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.091832][ T8274] netlink: 'syz.3.2100': attribute type 2 has an invalid length. [ 77.156352][ T3792] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.226173][ T3792] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.291206][ T3792] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.364625][ T3792] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.511532][ T8315] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2116'. [ 77.547403][ T3792] bridge_slave_1: left allmulticast mode [ 77.553142][ T3792] bridge_slave_1: left promiscuous mode [ 77.558871][ T3792] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.590089][ T3792] bridge_slave_0: left allmulticast mode [ 77.595967][ T3792] bridge_slave_0: left promiscuous mode [ 77.601726][ T3792] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.718558][ T8330] loop1: detected capacity change from 0 to 2048 [ 77.734950][ T8330] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.754755][ T3792] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 77.765338][ T3792] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 77.775364][ T3792] bond0 (unregistering): Released all slaves [ 77.811376][ T8291] chnl_net:caif_netlink_parms(): no params data found [ 77.819066][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.835508][ T3792] hsr_slave_0: left promiscuous mode [ 77.841314][ T3792] hsr_slave_1: left promiscuous mode [ 77.860334][ T3792] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 77.867995][ T3792] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 77.873905][ T8335] loop3: detected capacity change from 0 to 1024 [ 77.882969][ T8335] EXT4-fs: inline encryption not supported [ 77.905830][ T3792] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 77.907016][ T8335] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.913415][ T3792] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 77.938378][ T3792] veth1_macvtap: left promiscuous mode [ 77.944665][ T3792] veth0_macvtap: left promiscuous mode [ 77.950790][ T3792] veth1_vlan: left promiscuous mode [ 77.956169][ T3792] veth0_vlan: left promiscuous mode [ 78.013041][ T3792] pimreg (unregistering): left allmulticast mode [ 78.083070][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.095584][ T3792] team0 (unregistering): Port device team_slave_1 removed [ 78.115299][ T3792] team0 (unregistering): Port device team_slave_0 removed [ 78.219839][ T8291] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.227045][ T8291] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.241483][ T8291] bridge_slave_0: entered allmulticast mode [ 78.247978][ T8291] bridge_slave_0: entered promiscuous mode [ 78.255008][ T8291] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.257340][ T8348] Process accounting resumed [ 78.262190][ T8291] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.274384][ T8291] bridge_slave_1: entered allmulticast mode [ 78.280841][ T8291] bridge_slave_1: entered promiscuous mode [ 78.309676][ T8291] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.320885][ T8291] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.339071][ T8375] netlink: 'syz.3.2137': attribute type 21 has an invalid length. [ 78.360577][ T8291] team0: Port device team_slave_0 added [ 78.372956][ T8377] loop6: detected capacity change from 0 to 7 [ 78.379371][ T8377] Buffer I/O error on dev loop6, logical block 0, async page read [ 78.387403][ T8375] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2137'. [ 78.389750][ T8377] Buffer I/O error on dev loop6, logical block 0, async page read [ 78.396725][ T8375] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2137'. [ 78.404501][ T8377] loop6: unable to read partition table [ 78.422623][ T8291] team0: Port device team_slave_1 added [ 78.440907][ T8381] ------------[ cut here ]------------ [ 78.441807][ T8377] loop_reread_partitions: partition scan of loop6 (Sj̖P=ý?}X %`ր5) failed (rc=-5) [ 78.446458][ T8381] verifier bug: REG INVARIANTS VIOLATION (true_reg2): range bounds violation u64=[0x0, 0x7800000000] s64=[0x0, 0xffffffffffffffff] u32=[0x80000000, 0x0] s32=[0x0, 0xffffffff] var_off=(0x0, 0x7800000000) [ 78.478715][ T8381] WARNING: CPU: 1 PID: 8381 at kernel/bpf/verifier.c:2721 reg_bounds_sanity_check+0x673/0x680 [ 78.489148][ T8381] Modules linked in: [ 78.493180][ T8381] CPU: 1 UID: 0 PID: 8381 Comm: syz.4.2148 Not tainted syzkaller #0 PREEMPT(voluntary) [ 78.502990][ T8381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 78.513150][ T8381] RIP: 0010:reg_bounds_sanity_check+0x673/0x680 [ 78.519498][ T8381] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 12 f7 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 [ 78.539280][ T8381] RSP: 0018:ffffc90001d3b408 EFLAGS: 00010282 [ 78.545361][ T8381] RAX: 04c4835301256d00 RBX: ffff888119f9e040 RCX: 0000000000080000 [ 78.553370][ T8381] RDX: ffffc9000598e000 RSI: 00000000000772d6 RDI: 00000000000772d7 [ 78.561654][ T8381] RBP: 0000000000000000 R08: 0001c90001d3b257 R09: 0000000000000000 [ 78.569667][ T8381] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff888119f9e000 [ 78.577673][ T8381] R13: ffff888111da8000 R14: ffff888111da8000 R15: ffff888119f9e038 [ 78.585693][ T8381] FS: 00007f8dcd4b76c0(0000) GS:ffff8882aef11000(0000) knlGS:0000000000000000 [ 78.594721][ T8381] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.601362][ T8381] CR2: 00002000000054c0 CR3: 000000012203a000 CR4: 00000000003506f0 [ 78.609379][ T8381] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 78.617361][ T8381] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 78.625345][ T8381] Call Trace: [ 78.628631][ T8381] [ 78.631553][ T8381] reg_set_min_max+0x1eb/0x260 [ 78.636354][ T8381] check_cond_jmp_op+0x1370/0x19e0 [ 78.641473][ T8381] do_check+0x3363/0x8460 [ 78.645824][ T8381] do_check_common+0xc5e/0x12b0 [ 78.650747][ T8381] bpf_check+0xaaae/0xd9d0 [ 78.655174][ T8381] ? __alloc_frozen_pages_noprof+0x188/0x360 [ 78.661291][ T8381] ? alloc_pages_bulk_noprof+0x4a6/0x530 [ 78.666952][ T8381] ? __vmap_pages_range_noflush+0xbc4/0xcf0 [ 78.672866][ T8381] ? css_rstat_updated+0xb7/0x240 [ 78.678007][ T8381] ? try_charge_memcg+0x215/0xa10 [ 78.683037][ T8381] ? pcpu_block_update+0x24e/0x3b0 [ 78.688173][ T8381] ? pcpu_block_refresh_hint+0x10b/0x170 [ 78.693983][ T8381] ? pcpu_block_refresh_hint+0x157/0x170 [ 78.699717][ T8381] ? pcpu_block_update_hint_alloc+0x63d/0x660 [ 78.705987][ T8381] ? css_rstat_updated+0xb7/0x240 [ 78.711050][ T8381] ? __rcu_read_unlock+0x4f/0x70 [ 78.716072][ T8381] ? pcpu_memcg_post_alloc_hook+0xf1/0x150 [ 78.721980][ T8381] ? bpf_prog_alloc+0x5b/0x150 [ 78.726808][ T8381] ? pcpu_alloc_noprof+0xd29/0x1250 [ 78.732013][ T8381] ? should_fail_ex+0x30/0x280 [ 78.736773][ T8381] ? should_failslab+0x8c/0xb0 [ 78.741615][ T8381] ? __kmalloc_noprof+0x2a2/0x570 [ 78.746642][ T8381] ? security_bpf_prog_load+0x60/0x140 [ 78.752188][ T8381] ? selinux_bpf_prog_load+0xad/0xd0 [ 78.757507][ T8381] ? security_bpf_prog_load+0x9e/0x140 [ 78.763007][ T8381] bpf_prog_load+0xf6e/0x1100 [ 78.767802][ T8381] ? security_bpf+0x2b/0x90 [ 78.772391][ T8381] __sys_bpf+0x469/0x7c0 [ 78.776622][ T8381] __x64_sys_bpf+0x41/0x50 [ 78.781024][ T8381] x64_sys_call+0x2aee/0x3000 [ 78.785778][ T8381] do_syscall_64+0xd2/0x200 [ 78.790389][ T8381] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 78.796603][ T8381] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 78.802408][ T8381] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.808302][ T8381] RIP: 0033:0x7f8dcea4f749 [ 78.812825][ T8381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.832560][ T8381] RSP: 002b:00007f8dcd4b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 78.840972][ T8381] RAX: ffffffffffffffda RBX: 00007f8dceca5fa0 RCX: 00007f8dcea4f749 [ 78.848965][ T8381] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005 [ 78.856954][ T8381] RBP: 00007f8dcead3f91 R08: 0000000000000000 R09: 0000000000000000 [ 78.865122][ T8381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 78.873230][ T8381] R13: 00007f8dceca6038 R14: 00007f8dceca5fa0 R15: 00007fff8159ee68 [ 78.881193][ T8381] [ 78.884252][ T8381] ---[ end trace 0000000000000000 ]--- [ 78.893836][ T8291] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.900837][ T8291] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.926883][ T8291] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.953061][ T8291] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.960021][ T8291] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.986029][ T8291] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.028673][ T8291] hsr_slave_0: entered promiscuous mode [ 79.037885][ T8291] hsr_slave_1: entered promiscuous mode [ 79.044224][ T8291] debugfs: 'hsr0' already exists in 'hsr' [ 79.050034][ T8291] Cannot create hsr debugfs directory [ 79.058129][ T8399] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2147'. [ 79.074788][ T8401] loop3: detected capacity change from 0 to 512 [ 79.081435][ T8401] EXT4-fs: Ignoring removed orlov option [ 79.087790][ T8401] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 79.108336][ T8401] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.2149: corrupted in-inode xattr: e_value size too large [ 79.123057][ T8401] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2149: couldn't read orphan inode 15 (err -117) [ 79.138978][ T8401] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.163753][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.204773][ T8291] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 79.215255][ T8291] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 79.224271][ T8291] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 79.233270][ T8291] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 79.280528][ T8291] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.293801][ T8291] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.304011][ T3792] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.311119][ T3792] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.329405][ T8291] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 79.339804][ T8291] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 79.352689][ T3792] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.359962][ T3792] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.436534][ T8291] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.561010][ T8291] veth0_vlan: entered promiscuous mode [ 79.570047][ T8291] veth1_vlan: entered promiscuous mode [ 79.588445][ T8291] veth0_macvtap: entered promiscuous mode [ 79.598236][ T8291] veth1_macvtap: entered promiscuous mode [ 79.617529][ T8291] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.631482][ T8291] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.644030][ T3806] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.654027][ T3806] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.663344][ T3806] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.678172][ T3806] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.950916][ T8490] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2179'. [ 80.028974][ T3409] kernel write not supported for file bpf-map (pid: 3409 comm: kworker/1:5) [ 80.148771][ T8524] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2196'. [ 80.186231][ T8533] loop3: detected capacity change from 0 to 512 [ 80.203930][ T8533] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.217103][ T8533] ext4 filesystem being mounted at /517/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.230861][ T8533] EXT4-fs warning (device loop3): ext4_group_add:1716: Can't resize non-sparse filesystem further [ 80.250927][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.320681][ T8546] smc: net device bond0 applied user defined pnetid SYZ0 [ 80.503690][ T8569] macsec1: entered allmulticast mode [ 80.509029][ T8569] macvlan1: entered allmulticast mode [ 80.514486][ T8569] veth1_vlan: entered allmulticast mode [ 80.529171][ T8569] macvlan1: left allmulticast mode [ 80.534416][ T8569] veth1_vlan: left allmulticast mode [ 80.593578][ T8577] loop1: detected capacity change from 0 to 128 [ 80.617424][ T8577] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 80.629730][ T8577] ext4 filesystem being mounted at /488/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 80.655597][ T3317] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 80.700641][ T8592] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2227'. [ 80.716311][ T8596] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 80.775509][ T8606] SELinux: failed to load policy [ 80.860633][ T8624] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2242'. [ 80.893295][ T23] kernel write not supported for file bpf-map (pid: 23 comm: kworker/1:0) [ 80.984017][ T8647] capability: warning: `syz.4.2253' uses 32-bit capabilities (legacy support in use) [ 81.013682][ T8651] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2256'. [ 81.022621][ T8651] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2256'. [ 81.174148][ T3789] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1 [ 81.176870][ T23] kernel write not supported for file bpf-map (pid: 23 comm: kworker/1:0) [ 81.217967][ T29] kauditd_printk_skb: 98 callbacks suppressed [ 81.218051][ T29] audit: type=1326 audit(1763759959.630:1830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8662 comm="syz.1.2261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91cf33f749 code=0x7ffc0000 [ 81.257799][ T29] audit: type=1326 audit(1763759959.630:1831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8662 comm="syz.1.2261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f91cf33f749 code=0x7ffc0000 [ 81.281367][ T29] audit: type=1326 audit(1763759959.630:1832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8662 comm="syz.1.2261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91cf33f749 code=0x7ffc0000 [ 81.304871][ T29] audit: type=1326 audit(1763759959.640:1833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8662 comm="syz.1.2261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91cf33f749 code=0x7ffc0000 [ 81.353316][ T29] audit: type=1400 audit(1763759959.770:1834): avc: denied { create } for pid=8666 comm="syz.1.2263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 81.372409][ T8657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 81.381191][ T29] audit: type=1400 audit(1763759959.770:1835): avc: denied { write } for pid=8666 comm="syz.1.2263" path="socket:[21672]" dev="sockfs" ino=21672 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 81.381245][ T8657] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 81.470737][ T29] audit: type=1326 audit(1763759959.880:1836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8671 comm="syz.5.2265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 81.494517][ T29] audit: type=1326 audit(1763759959.880:1837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8671 comm="syz.5.2265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 81.519661][ T29] audit: type=1326 audit(1763759959.940:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8671 comm="syz.5.2265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 81.543170][ T29] audit: type=1326 audit(1763759959.940:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8671 comm="syz.5.2265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 82.098481][ T8745] bond1: option resend_igmp: invalid value (1024) [ 82.104965][ T8745] bond1: option resend_igmp: allowed values 0 - 255 [ 82.112970][ T8745] bond1 (unregistering): Released all slaves [ 82.204673][ T8756] netlink: 7 bytes leftover after parsing attributes in process `syz.3.2305'. [ 82.230633][ T8759] program syz.6.2306 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 82.256293][ T8762] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.2308'. [ 82.367750][ T8778] IPv6: NLM_F_CREATE should be specified when creating new route [ 82.403921][ T8782] macsec2: entered allmulticast mode [ 82.409247][ T8782] macvlan1: entered allmulticast mode [ 82.414703][ T8782] veth1_vlan: entered allmulticast mode [ 82.421839][ T8782] macvlan1: left allmulticast mode [ 82.427374][ T8782] veth1_vlan: left allmulticast mode [ 82.517978][ T8796] netlink: 'syz.4.2335': attribute type 5 has an invalid length. [ 82.525848][ T8796] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2335'. [ 82.563258][ T8804] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.570367][ T8804] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.607616][ T8812] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2330'. [ 82.835037][ T8837] loop1: detected capacity change from 0 to 512 [ 82.851365][ T8837] EXT4-fs: Ignoring removed oldalloc option [ 82.884211][ T8837] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.898677][ T8837] ext4 filesystem being mounted at /529/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 82.913764][ T8837] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2344: bg 0: block 217: padding at end of block bitmap is not set [ 82.929136][ T8837] EXT4-fs (loop1): Remounting filesystem read-only [ 82.947271][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.155616][ T8888] hub 2-0:1.0: USB hub found [ 83.160333][ T8888] hub 2-0:1.0: 8 ports detected [ 83.241444][ T8907] netlink: 7 bytes leftover after parsing attributes in process `syz.6.2377'. [ 83.287225][ T8911] loop6: detected capacity change from 0 to 8192 [ 83.368378][ T8927] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2386'. [ 83.880811][ T8958] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(6) [ 83.887346][ T8958] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 83.888227][ T8962] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8962 comm=syz.3.2402 [ 83.895111][ T8958] vhci_hcd vhci_hcd.0: Device attached [ 83.927392][ T8959] vhci_hcd: connection closed [ 83.927647][ T3789] vhci_hcd: stop threads [ 83.936633][ T3789] vhci_hcd: release socket [ 83.941078][ T3789] vhci_hcd: disconnect device [ 84.336091][ T9005] netlink: 'syz.4.2420': attribute type 11 has an invalid length. [ 84.378175][ T9014] netlink: 'syz.3.2424': attribute type 1 has an invalid length. [ 84.386090][ T9014] netlink: 'syz.3.2424': attribute type 4 has an invalid length. [ 84.394185][ T9014] NCSI netlink: No device for ifindex 3321692160 [ 84.473202][ T9029] loop4: detected capacity change from 0 to 512 [ 84.503025][ T9029] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 84.527120][ T9029] EXT4-fs (loop4): mount failed [ 84.577654][ T9050] program syz.3.2442 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 84.646843][ T9054] loop4: detected capacity change from 0 to 8192 [ 84.741947][ T9075] vxcan0: tx address claim with dlc 0 [ 84.748534][ T9076] loop4: detected capacity change from 0 to 128 [ 84.854793][ T9096] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 85.055730][ T9136] loop1: detected capacity change from 0 to 1024 [ 85.079887][ T9136] EXT4-fs: Ignoring removed oldalloc option [ 85.126124][ T9136] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 85.147292][ T9145] C: renamed from team_slave_0 (while UP) [ 85.157295][ T9145] netlink: 'syz.6.2496': attribute type 4 has an invalid length. [ 85.186877][ T9136] ext4 filesystem being mounted at /541/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.202975][ T9145] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 85.249087][ T9136] EXT4-fs (loop1): re-mounted 00000000-0000-0006-0000-000000000000 ro. [ 85.312480][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 85.365530][ T9156] loop5: detected capacity change from 0 to 512 [ 85.384027][ T9156] EXT4-fs warning (device loop5): ext4_xattr_inode_get:560: inode #11: comm syz.5.2492: EA inode hash validation failed [ 85.417785][ T9156] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #15: comm syz.5.2492: corrupted inode contents [ 85.431258][ T9156] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #15: comm syz.5.2492: mark_inode_dirty error [ 85.452354][ T9156] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #15: comm syz.5.2492: corrupted inode contents [ 85.519125][ T9156] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2996: inode #15: comm syz.5.2492: mark_inode_dirty error [ 85.531800][ T9156] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2999: inode #15: comm syz.5.2492: mark inode dirty (error -117) [ 85.544896][ T9156] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117) [ 85.556383][ T9156] EXT4-fs (loop5): 1 orphan inode deleted [ 85.562890][ T9156] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.634613][ T9188] pimreg: entered allmulticast mode [ 85.657256][ T9188] pimreg: left allmulticast mode [ 85.667134][ T6979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.684422][ T9190] loop1: detected capacity change from 0 to 512 [ 85.720381][ T9190] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 85.767977][ T9190] EXT4-fs (loop1): mount failed [ 85.810047][ T9205] loop3: detected capacity change from 0 to 1024 [ 85.832306][ T9205] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 85.843225][ T9205] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 85.863032][ T9205] JBD2: no valid journal superblock found [ 85.868978][ T9205] EXT4-fs (loop3): Could not load journal inode [ 85.874445][ T9212] loop1: detected capacity change from 0 to 512 [ 85.894963][ T9212] EXT4-fs: Ignoring removed bh option [ 85.906904][ T9205] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 85.916733][ T9212] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 85.934610][ T9212] EXT4-fs (loop1): 1 truncate cleaned up [ 85.940611][ T9212] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.008772][ T9212] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.2516: invalid indirect mapped block 4294967295 (level 1) [ 86.026748][ T9231] 9pnet_fd: Insufficient options for proto=fd [ 86.053832][ T9212] EXT4-fs (loop1): Remounting filesystem read-only [ 86.087445][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.108985][ T9240] program syz.6.2527 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 86.204494][ T9256] netlink: 'syz.4.2536': attribute type 1 has an invalid length. [ 86.233918][ T9259] __nla_validate_parse: 12 callbacks suppressed [ 86.233932][ T9259] netlink: 360 bytes leftover after parsing attributes in process `syz.6.2537'. [ 86.235947][ T9261] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2538'. [ 86.290382][ T9270] netlink: 72 bytes leftover after parsing attributes in process `syz.6.2542'. [ 86.299788][ T9270] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2542'. [ 86.318941][ T9272] loop5: detected capacity change from 0 to 128 [ 86.353827][ T29] kauditd_printk_skb: 100 callbacks suppressed [ 86.353841][ T29] audit: type=1326 audit(1763760220.773:1938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 86.391988][ T29] audit: type=1326 audit(1763760220.773:1939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 86.415585][ T29] audit: type=1326 audit(1763760220.803:1940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 86.439198][ T29] audit: type=1326 audit(1763760220.803:1941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 86.462877][ T29] audit: type=1326 audit(1763760220.803:1942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 86.486358][ T29] audit: type=1326 audit(1763760220.803:1943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 86.510152][ T29] audit: type=1326 audit(1763760220.803:1944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 86.533761][ T29] audit: type=1326 audit(1763760220.803:1945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 86.560114][ T9283] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 86.584095][ T29] audit: type=1326 audit(1763760220.813:1946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 86.607620][ T29] audit: type=1326 audit(1763760220.813:1947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.5.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 86.670015][ T9293] netlink: 360 bytes leftover after parsing attributes in process `syz.4.2553'. [ 86.753886][ T9311] loop4: detected capacity change from 0 to 1024 [ 86.764364][ T9311] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 86.775367][ T9311] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 86.775450][ T9311] EXT4-fs (loop4): orphan cleanup on readonly fs [ 86.775679][ T9311] EXT4-fs error (device loop4): __ext4_get_inode_loc:4832: comm syz.4.2562: Invalid inode table block 0 in block_group 0 [ 86.802693][ T9311] EXT4-fs (loop4): Remounting filesystem read-only [ 86.802731][ T9311] EXT4-fs (loop4): 1 truncate cleaned up [ 86.816809][ T9311] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 86.836163][ T9311] EXT4-fs (loop4): shut down requested (1) [ 86.856421][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.564695][ T9331] netlink: 360 bytes leftover after parsing attributes in process `syz.5.2567'. [ 87.594488][ T9339] program syz.4.2575 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 87.754166][ T9375] loop6: detected capacity change from 0 to 512 [ 87.769173][ T9377] loop4: detected capacity change from 0 to 1024 [ 87.778044][ T9377] EXT4-fs: Ignoring removed orlov option [ 87.783758][ T9377] EXT4-fs: Ignoring removed i_version option [ 87.791018][ T9375] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2593: bg 0: block 393: padding at end of block bitmap is not set [ 87.806784][ T9375] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 87.819377][ T9375] EXT4-fs (loop6): 2 truncates cleaned up [ 87.913826][ T9406] loop6: detected capacity change from 0 to 512 [ 87.936839][ T9406] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 88.008949][ T9422] SELinux: policydb version 0 does not match my version range 15-35 [ 88.017715][ T9422] SELinux: failed to load policy [ 88.063810][ T9434] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2620'. [ 88.180468][ T9457] serio: Serial port ptm0 [ 88.238779][ T9469] loop6: detected capacity change from 0 to 512 [ 88.257568][ T9469] EXT4-fs warning (device loop6): ext4_xattr_inode_get:560: inode #11: comm syz.6.2636: EA inode hash validation failed [ 88.270390][ T9469] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #15: comm syz.6.2636: corrupted inode contents [ 88.271647][ T9477] loop5: detected capacity change from 0 to 164 [ 88.283390][ T9469] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #15: comm syz.6.2636: mark_inode_dirty error [ 88.301089][ T9469] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #15: comm syz.6.2636: corrupted inode contents [ 88.314859][ T9469] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2996: inode #15: comm syz.6.2636: mark_inode_dirty error [ 88.315712][ T9477] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 88.327394][ T9469] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2999: inode #15: comm syz.6.2636: mark inode dirty (error -117) [ 88.347395][ T9469] EXT4-fs warning (device loop6): ext4_evict_inode:274: xattr delete (err -117) [ 88.356921][ T9469] EXT4-fs (loop6): 1 orphan inode deleted [ 88.486011][ T9504] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2653'. [ 88.529761][ T9510] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2656'. [ 88.541347][ T9512] sit0: entered promiscuous mode [ 88.542567][ T9514] loop5: detected capacity change from 0 to 1024 [ 88.549915][ T9512] netlink: 'syz.6.2657': attribute type 1 has an invalid length. [ 88.553840][ T9514] EXT4-fs: Ignoring removed orlov option [ 88.561184][ T9512] netlink: 1 bytes leftover after parsing attributes in process `syz.6.2657'. [ 88.573219][ T9514] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a002c018, mo2=0002] [ 88.584388][ T9514] System zones: 0-1, 3-12 [ 88.821672][ T9545] loop5: detected capacity change from 0 to 1024 [ 88.828590][ T9545] EXT4-fs: Ignoring removed nobh option [ 88.834422][ T9545] EXT4-fs: Ignoring removed bh option [ 88.936685][ T9563] loop5: detected capacity change from 0 to 1024 [ 88.943518][ T9563] EXT4-fs: Ignoring removed orlov option [ 89.038376][ T9573] loop4: detected capacity change from 0 to 1024 [ 89.048668][ T9573] EXT4-fs: Ignoring removed orlov option [ 89.082326][ T9580] loop5: detected capacity change from 0 to 512 [ 89.089179][ T9580] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 89.112412][ T9580] EXT4-fs (loop5): 1 truncate cleaned up [ 89.187820][ T9593] random: crng reseeded on system resumption [ 89.333662][ T9618] loop3: detected capacity change from 0 to 1024 [ 89.340635][ T9618] EXT4-fs: Ignoring removed orlov option [ 89.352909][ T9618] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a002c018, mo2=0002] [ 89.361513][ T9618] System zones: 0-1, 3-12 [ 89.504168][ T9635] loop3: detected capacity change from 0 to 164 [ 89.508999][ T9633] Invalid option length (938168) for dns_resolver key [ 89.545613][ T9635] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 89.687071][ T9655] macvtap1: entered promiscuous mode [ 89.692428][ T9655] macvtap1: entered allmulticast mode [ 89.710072][ T9657] loop5: detected capacity change from 0 to 512 [ 89.716966][ T9657] journal_path: Lookup failure for './file0/../file0' [ 89.723838][ T9657] EXT4-fs: error: could not find journal device path [ 89.756247][ T9665] loop1: detected capacity change from 0 to 512 [ 89.766707][ T9665] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2725: bg 0: block 393: padding at end of block bitmap is not set [ 89.781763][ T9665] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 89.791186][ T9665] EXT4-fs (loop1): 2 truncates cleaned up [ 89.798123][ T9673] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 89.819610][ T9674] loop6: detected capacity change from 0 to 512 [ 89.844055][ T9674] EXT4-fs (loop6): orphan cleanup on readonly fs [ 89.871471][ T9674] EXT4-fs error (device loop6): ext4_orphan_get:1418: comm syz.6.2726: bad orphan inode 13 [ 89.874650][ T9683] loop3: detected capacity change from 0 to 512 [ 89.884089][ T9674] ext4_test_bit(bit=12, block=18) = 1 [ 89.893319][ T9674] is_bad_inode(inode)=0 [ 89.897508][ T9674] NEXT_ORPHAN(inode)=2130706432 [ 89.902404][ T9674] max_ino=32 [ 89.905725][ T9674] i_nlink=1 [ 89.916326][ T9683] EXT4-fs warning (device loop3): ext4_xattr_inode_get:560: inode #11: comm syz.3.2733: EA inode hash validation failed [ 89.930490][ T9683] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.2733: corrupted inode contents [ 89.943488][ T9683] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #15: comm syz.3.2733: mark_inode_dirty error [ 89.955429][ T9683] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.2733: corrupted inode contents [ 89.956302][ T9692] loop1: detected capacity change from 0 to 512 [ 89.974496][ T9692] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 89.977556][ T9683] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2996: inode #15: comm syz.3.2733: mark_inode_dirty error [ 89.987299][ T9692] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.2736: inode has both inline data and extents flags [ 90.026439][ T9692] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2736: couldn't read orphan inode 15 (err -117) [ 90.041598][ T9683] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2999: inode #15: comm syz.3.2733: mark inode dirty (error -117) [ 90.055674][ T9692] EXT4-fs (loop1): shut down requested (2) [ 90.072574][ T9683] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 90.082034][ T9683] EXT4-fs (loop3): 1 orphan inode deleted [ 90.114731][ T9699] loop6: detected capacity change from 0 to 512 [ 90.156484][ T9699] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002] [ 90.169152][ T9699] System zones: 0-2, 18-18, 34-35 [ 90.175831][ T9699] ext4 filesystem being mounted at /104/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 90.383667][ T9740] loop1: detected capacity change from 0 to 512 [ 90.400248][ T9740] EXT4-fs warning (device loop1): ext4_xattr_inode_get:560: inode #11: comm syz.1.2757: EA inode hash validation failed [ 90.415816][ T9740] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #15: comm syz.1.2757: corrupted inode contents [ 90.429700][ T9740] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #15: comm syz.1.2757: mark_inode_dirty error [ 90.441634][ T9740] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #15: comm syz.1.2757: corrupted inode contents [ 90.453873][ T9740] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2996: inode #15: comm syz.1.2757: mark_inode_dirty error [ 90.454269][ T9746] loop4: detected capacity change from 0 to 512 [ 90.466126][ T9740] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2999: inode #15: comm syz.1.2757: mark inode dirty (error -117) [ 90.485160][ T9740] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117) [ 90.494486][ T9740] EXT4-fs (loop1): 1 orphan inode deleted [ 90.503495][ T9746] ext4 filesystem being mounted at /585/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.535725][ T9746] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.2760: bg 0: block 18: invalid block bitmap [ 90.568789][ T9756] loop3: detected capacity change from 0 to 512 [ 90.576108][ T9756] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 90.593503][ T9756] EXT4-fs (loop3): orphan cleanup on readonly fs [ 90.607981][ T9756] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.2764: Failed to acquire dquot type 1 [ 90.652065][ T9756] EXT4-fs (loop3): 1 truncate cleaned up [ 90.672441][ T9765] vhci_hcd: default hub control req: 3901 v2014 i0000 l0 [ 90.724312][ T9776] loop4: detected capacity change from 0 to 512 [ 90.735588][ T9776] ext4: Unknown parameter 'pcr' [ 90.778016][ T9784] loop3: detected capacity change from 0 to 512 [ 90.788144][ T9784] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 90.807188][ T9784] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 90.834591][ T9784] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2775: bg 0: block 248: padding at end of block bitmap is not set [ 90.860352][ T9784] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.2775: Failed to acquire dquot type 1 [ 90.874725][ T9784] EXT4-fs (loop3): 1 truncate cleaned up [ 90.945763][ T9819] loop6: detected capacity change from 0 to 512 [ 91.179755][ T9824] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 91.188626][ T9824] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 91.683131][ T9843] __nla_validate_parse: 11 callbacks suppressed [ 91.683146][ T9843] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2812'. [ 91.707210][ T9847] loop4: detected capacity change from 0 to 512 [ 91.717549][ T9847] EXT4-fs warning (device loop4): ext4_xattr_inode_get:560: inode #11: comm syz.4.2802: EA inode hash validation failed [ 91.730461][ T9847] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.2802: corrupted inode contents [ 91.742659][ T9847] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #15: comm syz.4.2802: mark_inode_dirty error [ 91.755727][ T9847] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.2802: corrupted inode contents [ 91.769697][ T9847] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2996: inode #15: comm syz.4.2802: mark_inode_dirty error [ 91.784830][ T9847] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2999: inode #15: comm syz.4.2802: mark inode dirty (error -117) [ 91.801010][ T9847] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117) [ 91.810859][ T9847] EXT4-fs (loop4): 1 orphan inode deleted [ 91.857372][ T9868] loop4: detected capacity change from 0 to 1024 [ 91.867985][ T9868] EXT4-fs: Ignoring removed orlov option [ 91.896440][ T29] kauditd_printk_skb: 85 callbacks suppressed [ 91.896452][ T29] audit: type=1107 audit(1763760226.313:2027): pid=9873 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='%' [ 91.947489][ T9882] loop4: detected capacity change from 0 to 512 [ 91.966959][ T9882] ext4 filesystem being mounted at /594/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 92.041651][ T9899] loop4: detected capacity change from 0 to 512 [ 92.054517][ T9902] loop3: detected capacity change from 0 to 512 [ 92.063292][ T29] audit: type=1326 audit(92.040:2028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.6.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03621df749 code=0x7ffc0000 [ 92.086188][ T29] audit: type=1326 audit(92.040:2029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.6.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03621df749 code=0x7ffc0000 [ 92.109088][ T29] audit: type=1326 audit(92.040:2030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.6.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03621df749 code=0x7ffc0000 [ 92.131805][ T29] audit: type=1326 audit(92.040:2031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.6.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03621df749 code=0x7ffc0000 [ 92.132724][ T9899] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 92.154528][ T29] audit: type=1326 audit(92.040:2032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.6.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03621df749 code=0x7ffc0000 [ 92.182685][ T9899] EXT4-fs (loop4): 1 truncate cleaned up [ 92.187039][ T29] audit: type=1326 audit(92.040:2033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.6.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03621df749 code=0x7ffc0000 [ 92.215517][ T29] audit: type=1326 audit(92.040:2034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.6.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03621df749 code=0x7ffc0000 [ 92.238249][ T29] audit: type=1326 audit(92.040:2035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.6.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7f03621df749 code=0x7ffc0000 [ 92.238713][ T9902] EXT4-fs: Ignoring removed bh option [ 92.261005][ T29] audit: type=1326 audit(92.040:2036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.6.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03621df749 code=0x7ffc0000 [ 92.268712][ T9902] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 92.310666][ T9902] EXT4-fs (loop3): 1 truncate cleaned up [ 92.327594][ T9912] netlink: 'syz.4.2833': attribute type 1 has an invalid length. [ 92.358680][ T9902] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.2828: invalid indirect mapped block 4294967295 (level 1) [ 92.412208][ T9918] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2835'. [ 92.491166][ T9920] loop4: detected capacity change from 0 to 512 [ 92.491211][ T9925] tap0: tun_chr_ioctl cmd 1074025677 [ 92.503197][ T9925] tap0: linktype set to 769 [ 92.521227][ T9920] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 92.542454][ T9920] EXT4-fs (loop4): orphan cleanup on readonly fs [ 92.560852][ T9920] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2836: Failed to acquire dquot type 1 [ 92.582940][ T9920] EXT4-fs (loop4): 1 truncate cleaned up [ 92.657358][ T9951] IPVS: persistence engine module ip_vs_pe_ not found [ 92.724684][ T9965] loop1: detected capacity change from 0 to 512 [ 92.893938][T10003] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2874'. [ 92.903014][T10003] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2874'. [ 92.903830][T10005] loop5: detected capacity change from 0 to 512 [ 92.968375][T10019] loop6: detected capacity change from 0 to 512 [ 92.977488][T10019] EXT4-fs error (device loop6): ext4_xattr_inode_iget:437: comm syz.6.2881: Parent and EA inode have the same ino 15 [ 92.994542][T10019] EXT4-fs (loop6): 1 orphan inode deleted [ 93.008388][T10019] EXT4-fs (loop6): shut down requested (1) [ 93.152584][T10050] loop4: detected capacity change from 0 to 512 [ 93.160750][T10050] EXT4-fs warning (device loop4): ext4_xattr_inode_get:560: inode #11: comm syz.4.2896: EA inode hash validation failed [ 93.173592][T10050] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.2896: corrupted inode contents [ 93.186122][T10050] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #15: comm syz.4.2896: mark_inode_dirty error [ 93.197728][T10050] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.2896: corrupted inode contents [ 93.209852][T10050] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2996: inode #15: comm syz.4.2896: mark_inode_dirty error [ 93.222184][T10050] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2999: inode #15: comm syz.4.2896: mark inode dirty (error -117) [ 93.235312][T10050] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117) [ 93.244542][T10050] EXT4-fs (loop4): 1 orphan inode deleted [ 93.327710][T10060] loop6: detected capacity change from 0 to 8192 [ 93.345698][T10066] loop4: detected capacity change from 0 to 1024 [ 93.353439][T10066] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 93.372969][T10066] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 93.408407][T10066] EXT4-fs (loop4): mount failed [ 93.414861][T10075] loop1: detected capacity change from 0 to 512 [ 93.431564][T10075] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #15: comm syz.1.2906: corrupted inode contents [ 93.450242][T10075] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem [ 93.461330][T10075] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #15: comm syz.1.2906: corrupted inode contents [ 93.477940][T10075] EXT4-fs error (device loop1): ext4_evict_inode:302: inode #15: comm syz.1.2906: mark_inode_dirty error [ 93.489444][T10075] EXT4-fs (loop1): 1 orphan inode deleted [ 93.590075][T10099] loop4: detected capacity change from 0 to 128 [ 93.599411][T10100] loop1: detected capacity change from 0 to 512 [ 93.686519][T10112] cgroup: Unknown subsys name '@﬽4*oңhoU' [ 93.697399][T10114] netlink: 256 bytes leftover after parsing attributes in process `syz.6.2924'. [ 93.706571][T10114] netlink: 56 bytes leftover after parsing attributes in process `syz.6.2924'. [ 93.753766][T10123] pimreg1: tun_chr_ioctl cmd 1074025681 [ 93.773707][T10126] sctp: [Deprecated]: syz.4.2930 (pid 10126) Use of int in maxseg socket option. [ 93.773707][T10126] Use struct sctp_assoc_value instead [ 93.805881][T10132] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2933'. [ 93.814932][T10132] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2933'. [ 93.842357][T10136] 9pnet_fd: Insufficient options for proto=fd [ 93.977416][T10158] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2946'. [ 94.069851][T10178] loop3: detected capacity change from 0 to 512 [ 94.203446][T10199] loop1: detected capacity change from 0 to 512 [ 94.219378][T10201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2965'. [ 94.266833][T10211] bpf: Bad value for 'uid' [ 94.289242][T10214] loop4: detected capacity change from 0 to 512 [ 94.318909][T10214] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.2971: corrupted inode contents [ 94.336778][T10214] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 94.345637][T10214] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.2971: corrupted inode contents [ 94.361988][T10214] EXT4-fs error (device loop4): ext4_evict_inode:302: inode #15: comm syz.4.2971: mark_inode_dirty error [ 94.373599][T10214] EXT4-fs (loop4): 1 orphan inode deleted [ 94.449438][T10238] bond1: option all_slaves_active: invalid value (5) [ 94.464507][T10238] bond1 (unregistering): Released all slaves [ 94.524453][T10249] ALSA: seq fatal error: cannot create timer (-19) [ 94.593237][T10243] loop3: detected capacity change from 0 to 32768 [ 94.729916][T10284] 9pnet_fd: Insufficient options for proto=fd [ 94.772996][T10294] loop3: detected capacity change from 0 to 512 [ 94.782955][T10294] EXT4-fs (loop3): blocks per group (8192) and clusters per group (2304) inconsistent [ 94.896290][T10315] loop3: detected capacity change from 0 to 1024 [ 94.903469][T10315] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 94.915148][T10315] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 94.932085][T10315] EXT4-fs (loop3): mount failed [ 94.956961][T10324] netlink: 'syz.6.3021': attribute type 4 has an invalid length. [ 95.072657][T10309] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 95.073762][T10347] loop3: detected capacity change from 0 to 128 [ 95.081200][T10309] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 95.244568][T10361] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 95.301301][T10373] loop3: detected capacity change from 0 to 1024 [ 95.507170][T10399] loop1: detected capacity change from 0 to 1024 [ 95.514338][T10399] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 95.524159][T10399] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 95.534582][T10399] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 95.545832][T10399] EXT4-fs error (device loop1): ext4_get_journal_inode:5808: inode #5: comm syz.1.3057: unexpected bad inode w/o EXT4_IGET_BAD [ 95.561181][T10399] EXT4-fs (loop1): no journal found [ 95.566464][T10399] EXT4-fs (loop1): can't get journal size [ 95.572861][T10399] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8840e11c, mo2=0102] [ 95.585336][T10399] EXT4-fs error (device loop1): ext4_inlinedir_to_tree:1314: inode #12: block 16: comm syz.1.3057: path /646/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=20, inode=13, rec_len=16, size=60 fake=0 [ 95.697596][T10426] netlink: 'syz.4.3069': attribute type 4 has an invalid length. [ 95.871431][T10459] loop4: detected capacity change from 0 to 512 [ 95.881934][T10459] EXT4-fs: Ignoring removed oldalloc option [ 95.902834][T10459] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.3084: Parent and EA inode have the same ino 15 [ 95.916657][T10459] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.3084: Parent and EA inode have the same ino 15 [ 95.929568][T10459] EXT4-fs (loop4): 1 orphan inode deleted [ 95.976975][T10443] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 96.007474][T10443] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 96.055425][T10478] loop1: detected capacity change from 0 to 512 [ 96.084020][T10478] EXT4-fs: Ignoring removed oldalloc option [ 96.186823][T10498] loop6: detected capacity change from 0 to 128 [ 96.457671][T10529] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 96.471773][T10529] vhci_hcd: invalid port number 96 [ 96.477067][T10529] vhci_hcd: default hub control req: 0311 v0005 i0060 l7 [ 96.498694][T10532] loop6: detected capacity change from 0 to 2048 [ 96.543666][T10532] EXT4-fs mount: 72 callbacks suppressed [ 96.543680][T10532] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.572886][T10538] loop3: detected capacity change from 0 to 128 [ 96.579831][T10538] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 96.612220][ T8291] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.645619][T10538] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 96.738079][T10556] loop5: detected capacity change from 0 to 1024 [ 96.749892][T10556] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 96.759771][T10556] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 96.775049][T10556] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 96.795352][T10556] EXT4-fs error (device loop5): ext4_get_journal_inode:5808: inode #5: comm syz.5.3127: unexpected bad inode w/o EXT4_IGET_BAD [ 96.811130][T10556] EXT4-fs (loop5): no journal found [ 96.816507][T10556] EXT4-fs (loop5): can't get journal size [ 96.847637][T10556] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8840e11c, mo2=0102] [ 96.874795][T10556] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 96.893032][T10573] loop3: detected capacity change from 0 to 512 [ 96.916003][T10556] EXT4-fs error (device loop5): ext4_inlinedir_to_tree:1314: inode #12: block 16: comm syz.5.3127: path /277/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=20, inode=13, rec_len=16, size=60 fake=0 [ 96.951970][ T6979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.962197][T10573] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.004203][ T29] kauditd_printk_skb: 153 callbacks suppressed [ 97.004217][ T29] audit: type=1326 audit(96.980:2186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10587 comm="syz.5.3141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 97.033251][ T29] audit: type=1326 audit(96.980:2187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10587 comm="syz.5.3141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 97.036012][T10590] loop1: detected capacity change from 0 to 512 [ 97.056393][ T29] audit: type=1326 audit(96.990:2188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10587 comm="syz.5.3141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 97.085638][ T29] audit: type=1326 audit(96.990:2189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10587 comm="syz.5.3141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 97.087493][T10590] EXT4-fs: Ignoring removed oldalloc option [ 97.108655][ T29] audit: type=1326 audit(96.990:2190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10587 comm="syz.5.3141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 97.163415][ T29] audit: type=1326 audit(97.130:2191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10587 comm="syz.5.3141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 97.186335][ T29] audit: type=1326 audit(97.130:2192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10587 comm="syz.5.3141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 97.187981][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.220641][T10590] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.3142: Parent and EA inode have the same ino 15 [ 97.233478][ T29] audit: type=1326 audit(97.230:2193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10587 comm="syz.5.3141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 97.233650][T10590] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.3142: Parent and EA inode have the same ino 15 [ 97.256877][ T29] audit: type=1326 audit(97.230:2194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10587 comm="syz.5.3141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 97.291870][ T29] audit: type=1326 audit(97.230:2195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10587 comm="syz.5.3141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 97.325164][T10590] EXT4-fs (loop1): 1 orphan inode deleted [ 97.331250][T10590] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.397121][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.423443][T10612] loop5: detected capacity change from 0 to 512 [ 97.450065][T10612] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: comm syz.5.3152: Parent and EA inode have the same ino 15 [ 97.480827][T10612] EXT4-fs (loop5): 1 orphan inode deleted [ 97.484502][T10623] tipc: Enabled bearer , priority 4 [ 97.488400][T10612] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.512025][T10627] loop1: detected capacity change from 0 to 512 [ 97.513144][T10612] EXT4-fs (loop5): shut down requested (1) [ 97.518723][T10627] EXT4-fs: Ignoring removed orlov option [ 97.538503][T10627] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 97.560524][T10627] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 97.560629][ T6979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.572137][T10627] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.3158: corrupted in-inode xattr: e_value size too large [ 97.597390][T10627] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.3158: couldn't read orphan inode 15 (err -117) [ 97.628053][T10627] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.673534][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.683539][T10643] __nla_validate_parse: 5 callbacks suppressed [ 97.683555][T10643] netlink: 172 bytes leftover after parsing attributes in process `syz.4.3166'. [ 97.715174][T10647] 9pnet: Could not find request transport: r [ 97.761215][T10660] netlink: 7 bytes leftover after parsing attributes in process `syz.4.3169'. [ 97.782571][T10660] netlink: 7 bytes leftover after parsing attributes in process `syz.4.3169'. [ 97.812075][T10670] usb usb5: usbfs: process 10670 (syz.3.3175) did not claim interface 0 before use [ 97.932587][T10694] loop1: detected capacity change from 0 to 1024 [ 97.944652][T10694] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 97.955893][T10694] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 97.983277][T10694] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 98.004063][T10694] EXT4-fs (loop1): invalid journal inode [ 98.010342][T10694] EXT4-fs (loop1): can't get journal size [ 98.032252][T10694] EXT4-fs error (device loop1): ext4_protect_reserved_inode:182: inode #3: comm syz.1.3187: blocks 2-2 from inode overlap system zone [ 98.052215][T10694] EXT4-fs (loop1): failed to initialize system zone (-117) [ 98.059588][T10694] EXT4-fs (loop1): mount failed [ 98.124852][T10711] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3194'. [ 98.133966][T10711] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3194'. [ 98.134172][T10692] loop3: detected capacity change from 0 to 32768 [ 98.257387][T10729] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3203'. [ 98.551368][T10771] SELinux: failed to load policy [ 98.601992][ T10] tipc: Node number set to 2886997007 [ 98.654499][T10795] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10795 comm=syz.4.3234 [ 98.706003][T10806] loop3: detected capacity change from 0 to 512 [ 98.733631][T10809] loop6: detected capacity change from 0 to 512 [ 98.740954][T10806] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3240: bg 0: block 248: padding at end of block bitmap is not set [ 98.764596][T10806] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.3240: Failed to acquire dquot type 1 [ 98.793555][T10806] EXT4-fs (loop3): 1 truncate cleaned up [ 98.803024][T10806] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.813729][T10819] sch_fq: defrate 0 ignored. [ 98.875157][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.923213][T10837] netlink: 532 bytes leftover after parsing attributes in process `syz.3.3250'. [ 98.988270][T10854] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3262'. [ 99.074314][T10870] program syz.1.3265 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 99.099020][T10875] loop5: detected capacity change from 0 to 512 [ 99.132688][T10875] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.3271: inode has both inline data and extents flags [ 99.146369][T10875] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.3271: couldn't read orphan inode 15 (err -117) [ 99.165862][T10875] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.181584][T10875] EXT4-fs (loop5): shut down requested (1) [ 99.225061][ T6979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.450367][T10911] loop4: detected capacity change from 0 to 4096 [ 99.457398][T10911] EXT4-fs: Ignoring removed nomblk_io_submit option [ 99.472634][T10911] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.505444][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.636555][T10935] netlink: 92 bytes leftover after parsing attributes in process `syz.5.3295'. [ 99.661281][T10937] loop4: detected capacity change from 0 to 512 [ 99.795260][T10941] loop5: detected capacity change from 0 to 8192 [ 99.907514][T10937] ------------[ cut here ]------------ [ 99.913043][T10937] EA inode 11 i_nlink=2 [ 99.913299][T10937] WARNING: CPU: 0 PID: 10937 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380 [ 99.927761][T10937] Modules linked in: [ 99.931662][T10937] CPU: 0 UID: 0 PID: 10937 Comm: syz.4.3296 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 99.943352][T10937] Tainted: [W]=WARN [ 99.947402][T10937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 99.957499][T10937] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380 [ 99.964174][T10937] Code: 90 49 8d 7e 40 e8 06 f8 b8 ff 4d 8b 6e 40 4c 89 e7 e8 1a f3 b8 ff 41 8b 56 48 48 c7 c7 86 d6 55 86 4c 89 ee e8 f7 f3 67 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 78 f2 b5 03 0f 1f 84 00 00 00 00 00 [ 99.984294][T10937] RSP: 0018:ffffc90000f135a0 EFLAGS: 00010246 [ 99.990499][T10937] RAX: 31861ff96baf7600 RBX: ffff88810a2481a8 RCX: 0000000000080000 [ 99.998550][T10937] RDX: ffffc9000598e000 RSI: 0000000000003f54 RDI: 0000000000003f55 [ 100.006567][T10937] RBP: 0000000000000002 R08: 0001c90000f13427 R09: 0000000000000000 [ 100.014629][T10937] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88810a248158 [ 100.022669][T10937] R13: 000000000000000b R14: ffff88810a248110 R15: 0000000000000001 [ 100.030664][T10937] FS: 00007f8dcd4b76c0(0000) GS:ffff8882aee11000(0000) knlGS:0000000000000000 [ 100.039729][T10937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.046558][T10937] CR2: 0000001b33f1bff8 CR3: 00000001363b2000 CR4: 00000000003506f0 [ 100.054587][T10937] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 100.062883][T10937] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 100.070878][T10937] Call Trace: [ 100.074192][T10937] [ 100.077136][T10937] ext4_xattr_set_entry+0x77f/0x1020 [ 100.082533][T10937] ext4_xattr_ibody_set+0x184/0x3c0 [ 100.087873][T10937] ext4_expand_extra_isize_ea+0xcbb/0x11f0 [ 100.093784][T10937] __ext4_expand_extra_isize+0x246/0x280 [ 100.099435][T10937] __ext4_mark_inode_dirty+0x29d/0x3f0 [ 100.105087][T10937] ext4_evict_inode+0x80e/0xd90 [ 100.109954][T10937] ? __pfx_ext4_evict_inode+0x10/0x10 [ 100.115505][T10937] evict+0x2e3/0x550 [ 100.119406][T10937] ? __dquot_initialize+0x146/0x7c0 [ 100.124668][T10937] iput+0x4ed/0x650 [ 100.128543][T10937] ext4_process_orphan+0x1a9/0x1c0 [ 100.133830][T10937] ext4_orphan_cleanup+0x6a8/0xa00 [ 100.139220][T10937] ext4_fill_super+0x3483/0x3810 [ 100.144250][T10937] ? snprintf+0x86/0xb0 [ 100.148433][T10937] ? set_blocksize+0x1a8/0x310 [ 100.153251][T10937] ? sb_set_blocksize+0xe3/0x100 [ 100.158235][T10937] ? setup_bdev_super+0x30e/0x370 [ 100.163397][T10937] ? __pfx_ext4_fill_super+0x10/0x10 [ 100.168686][T10937] get_tree_bdev_flags+0x291/0x300 [ 100.173870][T10937] ? __pfx_ext4_fill_super+0x10/0x10 [ 100.179202][T10937] get_tree_bdev+0x1f/0x30 [ 100.183751][T10937] ext4_get_tree+0x1c/0x30 [ 100.188221][T10937] vfs_get_tree+0x57/0x1d0 [ 100.192672][T10937] do_new_mount+0x24d/0x660 [ 100.197387][T10937] path_mount+0x4a5/0xb70 [ 100.200788][T10957] netlink: 'syz.5.3304': attribute type 1 has an invalid length. [ 100.201843][T10937] ? user_path_at+0x109/0x130 [ 100.209696][T10957] netlink: 224 bytes leftover after parsing attributes in process `syz.5.3304'. [ 100.214150][T10937] __se_sys_mount+0x28c/0x2e0 [ 100.228119][T10937] __x64_sys_mount+0x67/0x80 [ 100.232857][T10937] x64_sys_call+0x2b51/0x3000 [ 100.237587][T10937] do_syscall_64+0xd2/0x200 [ 100.242137][T10937] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 100.248224][T10937] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 100.254008][T10937] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.259923][T10937] RIP: 0033:0x7f8dcea50eea [ 100.264526][T10937] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.284508][T10937] RSP: 002b:00007f8dcd4b6e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 100.293162][T10937] RAX: ffffffffffffffda RBX: 00007f8dcd4b6ef0 RCX: 00007f8dcea50eea [ 100.301157][T10937] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f8dcd4b6eb0 [ 100.309196][T10937] RBP: 0000200000000180 R08: 00007f8dcd4b6ef0 R09: 0000000000800700 [ 100.317321][T10937] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 100.325500][T10937] R13: 00007f8dcd4b6eb0 R14: 000000000000046f R15: 000000000000002c [ 100.333735][T10937] [ 100.336745][T10937] ---[ end trace 0000000000000000 ]--- [ 100.367179][T10937] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #18: comm syz.4.3296: iget: bad extra_isize 90 (inode size 256) [ 100.370755][T10967] netlink: 'syz.3.3309': attribute type 2 has an invalid length. [ 100.397416][T10937] EXT4-fs (loop4): Remounting filesystem read-only [ 100.404338][T10937] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -30) [ 100.446314][T10937] EXT4-fs (loop4): 1 orphan inode deleted [ 100.469662][T10969] loop1: detected capacity change from 0 to 4096 [ 100.477965][T10937] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 100.494409][T10969] EXT4-fs: Ignoring removed nomblk_io_submit option [ 100.522498][T10969] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.573363][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.585199][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.828821][T11033] serio: Serial port ptm0 [ 101.487873][T11157] loop6: detected capacity change from 0 to 512 [ 101.516048][T11157] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.3399: couldn't read orphan inode 26 (err -116) [ 101.546522][T11157] EXT4-fs (loop6): Remounting filesystem read-only [ 101.560463][T11157] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.596943][T11165] loop1: detected capacity change from 0 to 2048 [ 101.605699][ T8291] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.653802][T11165] Alternate GPT is invalid, using primary GPT. [ 101.660195][T11165] loop1: p1 p2 p3 [ 101.663970][T11165] loop1: partition table partially beyond EOD, truncated [ 101.677030][T11184] loop3: detected capacity change from 0 to 512 [ 101.688234][T11184] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.3411: inode has both inline data and extents flags [ 101.702700][T11184] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3411: couldn't read orphan inode 15 (err -117) [ 101.716050][T11184] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.749685][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.800759][T11198] loop5: detected capacity change from 0 to 512 [ 101.814717][T11200] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 101.828610][T11204] new mount options do not match the existing superblock, will be ignored [ 101.850579][T11198] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.913991][T11198] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 101.982502][ T6979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.014151][T11235] 9pnet: Could not find request transport: r [ 102.026351][T11240] loop6: detected capacity change from 0 to 512 [ 102.034058][ T29] kauditd_printk_skb: 203 callbacks suppressed [ 102.034073][ T29] audit: type=1400 audit(102.020:2397): avc: denied { write } for pid=11241 comm="syz.3.3439" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 102.052986][T11240] EXT4-fs: Ignoring removed bh option [ 102.097208][T11240] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 102.153872][T11240] EXT4-fs (loop6): 1 truncate cleaned up [ 102.159915][T11240] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.185612][ T29] audit: type=1400 audit(102.140:2398): avc: denied { read write } for pid=11266 comm="syz.5.3450" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 102.208704][ T29] audit: type=1400 audit(102.140:2399): avc: denied { open } for pid=11266 comm="syz.5.3450" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 102.236237][ T29] audit: type=1400 audit(102.220:2400): avc: denied { add_name } for pid=11239 comm="syz.6.3438" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 102.256486][ T29] audit: type=1400 audit(102.220:2401): avc: denied { create } for pid=11239 comm="syz.6.3438" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 102.282756][ T29] audit: type=1400 audit(102.240:2402): avc: denied { create } for pid=11270 comm="syz.4.3453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 102.301674][ T29] audit: type=1400 audit(102.250:2403): avc: denied { write } for pid=11270 comm="syz.4.3453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 102.320621][ T29] audit: type=1400 audit(102.250:2404): avc: denied { read write } for pid=11239 comm="syz.6.3438" name="file0" dev="loop6" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 102.342820][ T29] audit: type=1400 audit(102.250:2405): avc: denied { open } for pid=11239 comm="syz.6.3438" path="/253/file0/file0/file0" dev="loop6" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 102.375776][T11275] 9pnet_fd: Insufficient options for proto=fd [ 102.382515][ T8291] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.422139][ T29] audit: type=1400 audit(102.400:2406): avc: denied { create } for pid=11278 comm="syz.3.3457" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 102.471623][T11288] loop3: detected capacity change from 0 to 512 [ 102.504629][T11291] loop5: detected capacity change from 0 to 1024 [ 102.526233][T11291] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 102.557722][T11291] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.651590][ T6979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.698768][T11327] __nla_validate_parse: 9 callbacks suppressed [ 102.698781][T11327] netlink: 104 bytes leftover after parsing attributes in process `syz.5.3474'. [ 102.733546][T11329] loop3: detected capacity change from 0 to 512 [ 102.775864][T11329] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.851882][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.963865][T11369] netlink: 556 bytes leftover after parsing attributes in process `syz.5.3499'. [ 102.975847][T11373] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3501'. [ 102.984889][T11373] netem: unknown loss type 13 [ 102.985165][T11374] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3496'. [ 102.989599][T11373] netem: change failed [ 103.012202][T11377] tipc: Started in network mode [ 103.017151][T11377] tipc: Node identity , cluster identity 4711 [ 103.023258][T11377] tipc: Failed to set node id, please configure manually [ 103.030309][T11377] tipc: Enabling of bearer rejected, failed to enable media [ 103.144845][T11398] loop6: detected capacity change from 0 to 1024 [ 103.170765][T11398] EXT4-fs: Ignoring removed orlov option [ 103.204454][T11398] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.205381][T11411] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3518'. [ 103.230878][T11412] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 103.237468][T11412] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 103.245383][T11412] vhci_hcd vhci_hcd.0: Device attached [ 103.281413][ T8291] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.296957][T11425] loop3: detected capacity change from 0 to 512 [ 103.309046][T11416] vhci_hcd: connection closed [ 103.309250][ T3749] vhci_hcd: stop threads [ 103.318442][ T3749] vhci_hcd: release socket [ 103.322997][ T3749] vhci_hcd: disconnect device [ 103.330303][T11428] loop6: detected capacity change from 0 to 512 [ 103.332388][T11425] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e01c, mo2=0002] [ 103.339046][T11428] EXT4-fs error (device loop6): ext4_xattr_inode_iget:441: inode #18: comm syz.6.3525: iget: bad extra_isize 90 (inode size 256) [ 103.358110][T11425] System zones: 1-12 [ 103.364011][T11425] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.3524: Directory hole found for htree index block 0 [ 103.389693][T11428] EXT4-fs (loop6): Remounting filesystem read-only [ 103.397257][T11425] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 103.397279][T11428] EXT4-fs warning (device loop6): ext4_evict_inode:274: xattr delete (err -30) [ 103.397302][T11428] EXT4-fs (loop6): 1 orphan inode deleted [ 103.397759][T11428] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.414539][T11425] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.3524: Directory hole found for htree index block 0 [ 103.445281][T11425] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 103.454134][T11425] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.467984][ T8291] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.479387][T11425] EXT4-fs: Ignoring removed orlov option [ 103.486511][T11425] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 103.496758][T11425] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 103.515160][T11447] loop5: detected capacity change from 0 to 512 [ 103.524546][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.535161][T11447] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.3533: couldn't read orphan inode 26 (err -116) [ 103.560329][T11447] EXT4-fs (loop5): Remounting filesystem read-only [ 103.567608][T11447] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.576751][T11455] loop6: detected capacity change from 0 to 2048 [ 103.596206][ T6979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.602226][T11457] netlink: 88 bytes leftover after parsing attributes in process `syz.3.3538'. [ 103.615014][T11457] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3538'. [ 103.633016][T11455] Alternate GPT is invalid, using primary GPT. [ 103.639338][T11455] loop6: p1 p2 p3 [ 103.643348][T11455] loop6: partition table partially beyond EOD, truncated [ 103.776660][T11483] netlink: 'syz.3.3550': attribute type 2 has an invalid length. [ 103.977735][T11515] smc: net device hsr0 applied user defined pnetid SYZ2 [ 103.985157][T11515] smc: net device hsr0 erased user defined pnetid SYZ2 [ 104.633131][T11535] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3572'. [ 104.646021][T11535] netlink: 'syz.3.3572': attribute type 5 has an invalid length. [ 104.714225][T11541] program syz.4.3575 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 104.930306][T11567] loop5: detected capacity change from 0 to 512 [ 104.943858][T11567] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3587: bg 0: block 248: padding at end of block bitmap is not set [ 104.959191][T11567] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.3587: Failed to acquire dquot type 1 [ 104.971215][T11567] EXT4-fs (loop5): 1 truncate cleaned up [ 104.977400][T11567] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.014454][ T6979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.176210][T11608] loop5: detected capacity change from 0 to 512 [ 105.188919][T11608] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e01c, mo2=0002] [ 105.193329][T11613] loop6: detected capacity change from 0 to 128 [ 105.202087][T11608] System zones: 1-12 [ 105.211595][T11608] EXT4-fs error (device loop5): dx_probe:791: inode #2: comm syz.5.3606: Directory hole found for htree index block 0 [ 105.232799][T11608] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -117 [ 105.246558][T11608] EXT4-fs error (device loop5): dx_probe:791: inode #2: comm syz.5.3606: Directory hole found for htree index block 0 [ 105.276188][T11608] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117 [ 105.291775][T11608] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.325340][T11618] xt_hashlimit: max too large, truncated to 1048576 [ 105.325427][T11611] loop3: detected capacity change from 0 to 32768 [ 105.345299][T11618] xt_CT: You must specify a L4 protocol and not use inversions on it [ 105.359454][T11608] EXT4-fs: Ignoring removed orlov option [ 105.365336][T11608] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 105.394088][T11608] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000. [ 105.438762][ T6979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.682898][T11674] random: crng reseeded on system resumption [ 105.723419][ T36] hid (null): unknown global tag 0xd [ 105.737874][ T36] hid_parser_main: 23 callbacks suppressed [ 105.737893][ T36] hid-generic 0000:0002:0005.0003: unknown main item tag 0x6 [ 105.751220][ T36] hid-generic 0000:0002:0005.0003: reserved main item tag 0xe [ 105.758792][ T36] hid-generic 0000:0002:0005.0003: unknown global tag 0xd [ 105.765953][ T36] hid-generic 0000:0002:0005.0003: item 0 1 1 13 parsing failed [ 105.827496][ T36] hid-generic 0000:0002:0005.0003: probe with driver hid-generic failed with error -22 [ 105.979653][T11733] netlink: 84 bytes leftover after parsing attributes in process `syz.3.3665'. [ 106.070971][T11747] loop4: detected capacity change from 0 to 512 [ 106.089971][T11747] EXT4-fs: Ignoring removed bh option [ 106.102386][T11747] EXT4-fs (loop4): can't mount with data_err=abort, fs mounted w/o journal [ 106.278330][T11794] bridge1: entered promiscuous mode [ 106.364231][T11808] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 106.375265][T11816] SELinux: Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped). [ 106.381056][T11808] vhci_hcd: invalid port number 96 [ 106.389871][T11808] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 106.431370][T11822] pim6reg0: tun_chr_ioctl cmd 35108 [ 106.549316][T11837] program syz.3.3715 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 106.673008][T11844] loop5: detected capacity change from 0 to 128 [ 106.702540][T11844] syz.5.3718: attempt to access beyond end of device [ 106.702540][T11844] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 106.731411][T11844] syz.5.3718: attempt to access beyond end of device [ 106.731411][T11844] loop5: rw=2049, sector=169, nr_sectors = 24 limit=128 [ 106.735694][T11850] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=104 sclass=netlink_audit_socket pid=11850 comm=syz.4.3721 [ 106.745295][T11844] syz.5.3718: attempt to access beyond end of device [ 106.745295][T11844] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 106.786445][T11844] syz.5.3718: attempt to access beyond end of device [ 106.786445][T11844] loop5: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 106.800050][T11844] syz.5.3718: attempt to access beyond end of device [ 106.800050][T11844] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 106.813809][T11844] syz.5.3718: attempt to access beyond end of device [ 106.813809][T11844] loop5: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 106.827635][T11844] syz.5.3718: attempt to access beyond end of device [ 106.827635][T11844] loop5: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 106.842435][T11844] syz.5.3718: attempt to access beyond end of device [ 106.842435][T11844] loop5: rw=2049, sector=281, nr_sectors = 9 limit=128 [ 106.844724][T11856] blktrace: Concurrent blktraces are not allowed on loop8 [ 107.112271][T11902] loop1: detected capacity change from 0 to 164 [ 107.128672][ T29] kauditd_printk_skb: 160 callbacks suppressed [ 107.128684][ T29] audit: type=1400 audit(107.179:2565): avc: denied { mount } for pid=11901 comm="syz.1.3746" name="/" dev="loop1" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 107.186950][T11902] Unsupported NM flag settings (240) [ 107.194865][ T29] audit: type=1400 audit(107.209:2566): avc: denied { egress } for pid=36 comm="kworker/1:1" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1 [ 107.223204][ T29] audit: type=1400 audit(107.209:2567): avc: denied { sendto } for pid=36 comm="kworker/1:1" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1 [ 107.251031][T11883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 107.259723][T11883] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 107.294531][ T29] audit: type=1400 audit(107.259:2568): avc: denied { mounton } for pid=11901 comm="syz.1.3746" path="/788/file0/file0" dev="loop1" ino=1856 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=dir permissive=1 [ 107.317911][ T29] audit: type=1400 audit(107.279:2569): avc: denied { unmount } for pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 107.339938][ T29] audit: type=1400 audit(107.299:2570): avc: denied { read write } for pid=11881 comm="syz.6.3736" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 107.363522][ T29] audit: type=1400 audit(107.299:2571): avc: denied { open } for pid=11881 comm="syz.6.3736" path="/dev/raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 107.387594][ T29] audit: type=1400 audit(107.299:2572): avc: denied { ioctl } for pid=11881 comm="syz.6.3736" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 107.460843][ T29] audit: type=1326 audit(107.489:2573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11916 comm="syz.3.3753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d765f749 code=0x7ffc0000 [ 107.484412][ T29] audit: type=1326 audit(107.499:2574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11916 comm="syz.3.3753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d765f749 code=0x7ffc0000 [ 107.554434][T11929] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3759'. [ 107.574355][T11926] IPv6: Can't replace route, no match found [ 107.622952][T11936] loop5: detected capacity change from 0 to 128 [ 107.650093][T11936] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 107.683575][ T6979] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 107.694209][T11950] random: crng reseeded on system resumption [ 107.723701][ T36] hid (null): unknown global tag 0xd [ 107.730305][ T36] hid-generic 0000:0002:0005.0004: unknown main item tag 0x6 [ 107.737776][ T36] hid-generic 0000:0002:0005.0004: reserved main item tag 0xe [ 107.745400][ T36] hid-generic 0000:0002:0005.0004: unknown global tag 0xd [ 107.752587][ T36] hid-generic 0000:0002:0005.0004: item 0 1 1 13 parsing failed [ 107.765693][ T36] hid-generic 0000:0002:0005.0004: probe with driver hid-generic failed with error -22 [ 107.814373][T11970] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3779'. [ 107.896785][T11990] random: crng reseeded on system resumption [ 107.906474][ T9] hid (null): unknown global tag 0xd [ 107.912647][ T9] hid-generic 0000:0002:0005.0005: unknown main item tag 0x6 [ 107.920207][ T9] hid-generic 0000:0002:0005.0005: reserved main item tag 0xe [ 107.927819][ T9] hid-generic 0000:0002:0005.0005: unknown global tag 0xd [ 107.935281][ T9] hid-generic 0000:0002:0005.0005: item 0 1 1 13 parsing failed [ 107.944305][ T9] hid-generic 0000:0002:0005.0005: probe with driver hid-generic failed with error -22 [ 107.988437][T11996] loop3: detected capacity change from 0 to 512 [ 107.995215][T11996] EXT4-fs: Ignoring removed nobh option [ 108.017180][T11996] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.3792: corrupted inode contents [ 108.036896][T11996] EXT4-fs (loop3): Remounting filesystem read-only [ 108.061476][T11996] EXT4-fs (loop3): 1 truncate cleaned up [ 108.072160][ T3763] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 108.082746][ T3763] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 108.088594][T11996] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.106139][ T3763] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started [ 108.116954][T11996] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.148096][T12019] loop5: detected capacity change from 0 to 256 [ 108.238072][T12043] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3814'. [ 108.264601][T12043] netlink: 312 bytes leftover after parsing attributes in process `syz.1.3814'. [ 108.273790][T12043] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3814'. [ 108.279174][T12051] loop5: detected capacity change from 0 to 1024 [ 108.312131][T12051] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.360229][ T6979] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.375131][T12068] tipc: Started in network mode [ 108.380133][T12068] tipc: Node identity ac141413, cluster identity 4711 [ 108.392106][T12068] tipc: Enabling of bearer rejected, failed to enable media [ 108.440399][T12079] netlink: 64 bytes leftover after parsing attributes in process `syz.5.3830'. [ 108.628909][T12116] IPv6: Can't replace route, no match found [ 108.654920][T12118] loop1: detected capacity change from 0 to 512 [ 108.702370][T12118] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 109.256275][T12157] loop1: detected capacity change from 0 to 512 [ 109.280133][T12157] EXT4-fs: Ignoring removed nobh option [ 109.356187][T12157] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.3866: corrupted inode contents [ 109.392234][T12157] EXT4-fs (loop1): Remounting filesystem read-only [ 109.412518][T12157] EXT4-fs (loop1): 1 truncate cleaned up [ 109.418574][T12157] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.432907][ T3810] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 109.443484][ T3810] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 109.459209][ T3810] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started [ 109.490256][T12157] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.521115][T12181] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3874'. [ 109.530098][T12181] netlink: 'syz.3.3874': attribute type 21 has an invalid length. [ 109.544944][T12183] loop4: detected capacity change from 0 to 512 [ 109.576475][T12183] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.578562][T12191] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14385 sclass=netlink_route_socket pid=12191 comm=syz.6.3878 [ 109.617412][T12194] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 109.628391][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.712449][T12214] loop1: detected capacity change from 0 to 512 [ 109.723571][T12213] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3890'. [ 109.751200][T12222] program syz.6.3895 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 109.876194][T12248] loop3: detected capacity change from 0 to 512 [ 109.884079][T12248] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 109.893165][T12248] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 109.903405][T12248] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 109.912973][T12248] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 109.920987][T12248] System zones: 0-2, 18-18, 34-35 [ 109.926891][T12248] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.941082][T12248] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3907: bg 0: block 353: padding at end of block bitmap is not set [ 109.966112][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.122797][T12280] loop3: detected capacity change from 0 to 128 [ 110.131555][T12282] netlink: 'syz.4.3923': attribute type 14 has an invalid length. [ 110.139593][T12282] netlink: 156 bytes leftover after parsing attributes in process `syz.4.3923'. [ 110.150394][T12280] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 110.176516][ T3318] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 110.196494][T12291] loop4: detected capacity change from 0 to 512 [ 110.203282][T12291] EXT4-fs: Ignoring removed nobh option [ 110.223926][T12291] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.3928: corrupted inode contents [ 110.239768][T12291] EXT4-fs (loop4): Remounting filesystem read-only [ 110.246840][T12291] EXT4-fs (loop4): 1 truncate cleaned up [ 110.252963][T12291] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.266637][T12291] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.268442][ T3752] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 110.268462][ T3752] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 110.268482][ T3752] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started [ 110.359159][T12312] loop3: detected capacity change from 0 to 256 [ 110.379643][T12314] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 110.388019][T12312] FAT-fs (loop3): Directory bread(block 64) failed [ 110.395010][T12312] FAT-fs (loop3): Directory bread(block 65) failed [ 110.408387][T12312] FAT-fs (loop3): Directory bread(block 66) failed [ 110.421477][T12312] FAT-fs (loop3): Directory bread(block 67) failed [ 110.428164][T12312] FAT-fs (loop3): Directory bread(block 68) failed [ 110.440900][T12312] FAT-fs (loop3): Directory bread(block 69) failed [ 110.447674][T12312] FAT-fs (loop3): Directory bread(block 70) failed [ 110.454295][T12312] FAT-fs (loop3): Directory bread(block 71) failed [ 110.461116][T12312] FAT-fs (loop3): Directory bread(block 72) failed [ 110.468028][T12312] FAT-fs (loop3): Directory bread(block 73) failed [ 110.526213][T12312] syz.3.3935: attempt to access beyond end of device [ 110.526213][T12312] loop3: rw=2051, sector=1224, nr_sectors = 32 limit=256 [ 110.590804][T12341] loop6: detected capacity change from 0 to 512 [ 110.607318][T12341] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 110.619681][T12341] EXT4-fs (loop6): 1 truncate cleaned up [ 110.636968][T12341] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.680273][ T8291] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.700913][T12355] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3956'. [ 110.724781][T12361] loop6: detected capacity change from 0 to 512 [ 110.743702][T12361] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 110.766500][T12361] EXT4-fs (loop6): 1 truncate cleaned up [ 110.786224][T12372] program syz.1.3963 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 110.916316][T12393] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3974'. [ 110.945497][T12398] loop6: detected capacity change from 0 to 512 [ 110.954596][T12398] EXT4-fs: Ignoring removed nobh option [ 110.966005][T12398] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.3975: corrupted inode contents [ 110.990970][T12398] EXT4-fs (loop6): Remounting filesystem read-only [ 110.999938][T12398] EXT4-fs (loop6): 1 truncate cleaned up [ 111.010024][ T3764] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 111.020625][ T3764] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 111.031772][ T3764] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started [ 111.248883][T12414] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 111.258382][T12431] loop5: detected capacity change from 0 to 32768 [ 111.262046][T12414] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 111.301518][T12448] loop1: detected capacity change from 0 to 512 [ 111.308564][T12431] loop5: p1 p2 p3 < > p4 < p5 p6 > [ 111.314788][T12431] loop5: p1 start 460800 is beyond EOD, truncated [ 111.321218][T12431] loop5: p2 size 83886080 extends beyond EOD, truncated [ 111.333612][T12431] loop5: p5 start 460800 is beyond EOD, truncated [ 111.340075][T12431] loop5: p6 size 83886080 extends beyond EOD, truncated [ 111.342668][T12448] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.3997: Failed to acquire dquot type 1 [ 111.359961][T12448] EXT4-fs (loop1): 1 truncate cleaned up [ 111.483959][T12473] hub 9-0:1.0: USB hub found [ 111.488679][T12473] hub 9-0:1.0: 8 ports detected [ 111.549860][T12478] netlink: 'syz.1.4013': attribute type 3 has an invalid length. [ 111.564913][T12480] 9pnet_fd: Insufficient options for proto=fd [ 111.636543][T12497] loop1: detected capacity change from 0 to 764 [ 111.645679][T12497] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 111.897854][T12541] netlink: 'syz.3.4043': attribute type 10 has an invalid length. [ 112.157590][ T29] kauditd_printk_skb: 340 callbacks suppressed [ 112.157604][ T29] audit: type=1400 audit(112.209:2889): avc: denied { create } for pid=12598 comm="syz.3.4071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 112.203677][ T29] audit: type=1400 audit(112.209:2890): avc: denied { ioctl } for pid=12598 comm="syz.3.4071" path="socket:[34211]" dev="sockfs" ino=34211 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 112.229085][ T29] audit: type=1400 audit(112.209:2891): avc: denied { ioctl } for pid=12598 comm="syz.3.4071" path="socket:[34212]" dev="sockfs" ino=34212 ioctlcmd=0x8918 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 112.317176][T12612] loop1: detected capacity change from 0 to 512 [ 112.323521][ T29] audit: type=1400 audit(112.369:2892): avc: denied { setopt } for pid=12602 comm="syz.6.4073" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 112.347159][T12614] loop6: detected capacity change from 0 to 512 [ 112.354152][T12612] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 112.388302][T12612] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.4076: Invalid block bitmap block 0 in block_group 0 [ 112.432692][ T29] audit: type=1400 audit(112.479:2893): avc: denied { create } for pid=12622 comm="syz.3.4082" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 112.452981][T12612] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 112.462858][T12612] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #11: comm syz.1.4076: attempt to clear invalid blocks 983261 len 1 [ 112.482209][T12612] EXT4-fs error (device loop1): __ext4_get_inode_loc:4832: comm syz.1.4076: Invalid inode table block 0 in block_group 0 [ 112.502145][T12612] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 112.521284][T12612] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem [ 112.532724][T12612] EXT4-fs error (device loop1): __ext4_get_inode_loc:4832: comm syz.1.4076: Invalid inode table block 0 in block_group 0 [ 112.546888][ T29] audit: type=1326 audit(112.599:2894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12627 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 112.569887][ T29] audit: type=1326 audit(112.599:2895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12627 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 112.592770][ T29] audit: type=1326 audit(112.599:2896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12627 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 112.612175][T12612] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 112.615644][ T29] audit: type=1326 audit(112.599:2897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12627 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848ce4f749 code=0x7ffc0000 [ 112.648580][ T29] audit: type=1400 audit(112.699:2898): avc: denied { write } for pid=12622 comm="syz.3.4082" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 112.652734][T12612] EXT4-fs error (device loop1): ext4_truncate:4637: inode #11: comm syz.1.4076: mark_inode_dirty error [ 112.690677][T12612] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem [ 112.699822][T12612] EXT4-fs error (device loop1): __ext4_get_inode_loc:4832: comm syz.1.4076: Invalid inode table block 0 in block_group 0 [ 112.713232][T12612] EXT4-fs (loop1): 1 truncate cleaned up [ 112.768111][T12639] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 112.786144][T12639] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 112.799677][T12612] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 112.891967][T12649] program syz.5.4093 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 112.929217][T12652] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.989991][T12652] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.074360][T12652] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.115687][T12668] loop4: detected capacity change from 0 to 512 [ 113.144073][T12652] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.191170][T12674] __nla_validate_parse: 16 callbacks suppressed [ 113.191188][T12674] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4105'. [ 113.243394][ T3816] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.260264][ T3816] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.270974][ T3816] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.282126][T12685] SELinux: failed to load policy [ 113.297427][ T3816] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.387413][T12701] program syz.1.4119 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 113.413107][T12703] loop4: detected capacity change from 0 to 128 [ 113.495230][T12717] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 113.509186][T12721] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4129'. [ 113.514232][T12717] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 113.556928][T12725] loop4: detected capacity change from 0 to 512 [ 113.563935][T12725] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 113.608615][T12732] loop5: detected capacity change from 0 to 128 [ 113.629261][T12725] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.4130: Invalid block bitmap block 0 in block_group 0 [ 113.682052][T12725] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 113.701243][T12725] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #11: comm syz.4.4130: attempt to clear invalid blocks 983261 len 1 [ 113.715207][T12725] EXT4-fs error (device loop4): __ext4_get_inode_loc:4832: comm syz.4.4130: Invalid inode table block 0 in block_group 0 [ 113.739167][T12725] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 113.772102][T12725] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 113.792155][T12725] EXT4-fs error (device loop4): __ext4_get_inode_loc:4832: comm syz.4.4130: Invalid inode table block 0 in block_group 0 [ 113.811083][T12725] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 113.821322][T12725] EXT4-fs error (device loop4): ext4_truncate:4637: inode #11: comm syz.4.4130: mark_inode_dirty error [ 113.833173][T12725] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 113.842236][T12725] EXT4-fs error (device loop4): __ext4_get_inode_loc:4832: comm syz.4.4130: Invalid inode table block 0 in block_group 0 [ 113.855354][T12725] EXT4-fs (loop4): 1 truncate cleaned up [ 113.869644][T12725] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 114.025667][T12767] loop1: detected capacity change from 0 to 128 [ 114.042699][T12767] FAT-fs (loop1): Directory bread(block 162) failed [ 114.049478][T12767] FAT-fs (loop1): Directory bread(block 163) failed [ 114.062132][T12767] FAT-fs (loop1): Directory bread(block 164) failed [ 114.068862][T12767] FAT-fs (loop1): Directory bread(block 165) failed [ 114.084174][T12767] FAT-fs (loop1): Directory bread(block 166) failed [ 114.102999][T12767] FAT-fs (loop1): Directory bread(block 167) failed [ 114.109702][T12767] FAT-fs (loop1): Directory bread(block 168) failed [ 114.117003][T12767] FAT-fs (loop1): Directory bread(block 169) failed [ 114.123784][T12767] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 114.138168][T12767] FAT-fs (loop1): Directory bread(block 162) failed [ 114.144967][T12767] FAT-fs (loop1): Directory bread(block 163) failed [ 114.151679][T12767] syz.1.4150: attempt to access beyond end of device [ 114.151679][T12767] loop1: rw=3, sector=226, nr_sectors = 6 limit=128 [ 114.174132][T12767] syz.1.4150: attempt to access beyond end of device [ 114.174132][T12767] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 114.193300][T12780] loop3: detected capacity change from 0 to 512 [ 114.202700][T12780] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 114.223542][T12784] loop1: detected capacity change from 0 to 512 [ 114.223987][T12780] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.4154: Invalid block bitmap block 0 in block_group 0 [ 114.247203][T12784] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 114.256794][T12780] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 114.265837][T12780] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #11: comm syz.3.4154: attempt to clear invalid blocks 983261 len 1 [ 114.273442][T12784] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 114.291068][T12780] EXT4-fs error (device loop3): __ext4_get_inode_loc:4832: comm syz.3.4154: Invalid inode table block 0 in block_group 0 [ 114.294224][T12784] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4157: bg 0: block 248: padding at end of block bitmap is not set [ 114.307505][T12780] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 114.330280][T12784] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.4157: Failed to acquire dquot type 1 [ 114.330502][T12780] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem [ 114.351615][T12780] EXT4-fs error (device loop3): __ext4_get_inode_loc:4832: comm syz.3.4154: Invalid inode table block 0 in block_group 0 [ 114.364631][T12780] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 114.374340][T12780] EXT4-fs error (device loop3): ext4_truncate:4637: inode #11: comm syz.3.4154: mark_inode_dirty error [ 114.386010][T12780] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem [ 114.395318][T12784] EXT4-fs (loop1): 1 truncate cleaned up [ 114.403399][T12780] EXT4-fs error (device loop3): __ext4_get_inode_loc:4832: comm syz.3.4154: Invalid inode table block 0 in block_group 0 [ 114.424098][T12780] EXT4-fs (loop3): 1 truncate cleaned up [ 114.468142][T12798] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4161'. [ 114.477967][T12780] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 114.791519][T12862] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4193'. [ 114.799035][T12864] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4194'. [ 114.809528][T12864] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4194'. [ 114.818529][T12864] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4194'. [ 114.827032][T12866] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=12866 comm=syz.1.4195 [ 114.864398][T12864] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4194'. [ 114.873410][T12864] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4194'. [ 114.882510][T12864] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4194'. [ 115.030791][T12901] loop3: detected capacity change from 0 to 128 [ 115.046722][T12905] loop6: detected capacity change from 0 to 128 [ 115.058608][T12905] FAT-fs (loop6): Directory bread(block 162) failed [ 115.065722][T12905] FAT-fs (loop6): Directory bread(block 163) failed [ 115.072759][T12905] FAT-fs (loop6): Directory bread(block 164) failed [ 115.079436][T12905] FAT-fs (loop6): Directory bread(block 165) failed [ 115.086401][T12905] FAT-fs (loop6): Directory bread(block 166) failed [ 115.093307][T12905] FAT-fs (loop6): Directory bread(block 167) failed [ 115.099930][T12905] FAT-fs (loop6): Directory bread(block 168) failed [ 115.106585][T12905] FAT-fs (loop6): Directory bread(block 169) failed [ 115.113414][T12905] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 115.127608][T12905] FAT-fs (loop6): Directory bread(block 162) failed [ 115.135789][T12905] FAT-fs (loop6): Directory bread(block 163) failed [ 115.143391][T12905] syz.6.4212: attempt to access beyond end of device [ 115.143391][T12905] loop6: rw=3, sector=226, nr_sectors = 6 limit=128 [ 115.158303][T12905] syz.6.4212: attempt to access beyond end of device [ 115.158303][T12905] loop6: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 115.282506][T12931] 9pnet: Could not find request transport: t [ 115.314321][T12935] loop6: detected capacity change from 0 to 2048 [ 115.343184][T12940] loop3: detected capacity change from 0 to 128 [ 115.350937][T12940] FAT-fs (loop3): Directory bread(block 162) failed [ 115.358385][T12940] FAT-fs (loop3): Directory bread(block 163) failed [ 115.362377][T12935] loop6: p2 p3 p7 [ 115.365225][T12940] FAT-fs (loop3): Directory bread(block 164) failed [ 115.375515][T12940] FAT-fs (loop3): Directory bread(block 165) failed [ 115.382456][T12940] FAT-fs (loop3): Directory bread(block 166) failed [ 115.389204][T12940] FAT-fs (loop3): Directory bread(block 167) failed [ 115.395992][T12940] FAT-fs (loop3): Directory bread(block 168) failed [ 115.411423][T12940] FAT-fs (loop3): Directory bread(block 169) failed [ 115.418518][T12940] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 115.451641][T12940] FAT-fs (loop3): Directory bread(block 162) failed [ 115.460134][T12940] FAT-fs (loop3): Directory bread(block 163) failed [ 115.467131][T12940] syz.3.4229: attempt to access beyond end of device [ 115.467131][T12940] loop3: rw=3, sector=226, nr_sectors = 6 limit=128 [ 115.498811][T12940] syz.3.4229: attempt to access beyond end of device [ 115.498811][T12940] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 115.568735][T12957] netlink: 'syz.5.4238': attribute type 18 has an invalid length. [ 115.733502][T12979] loop5: detected capacity change from 0 to 128 [ 115.748824][T12979] FAT-fs (loop5): Directory bread(block 162) failed [ 115.755840][T12979] FAT-fs (loop5): Directory bread(block 163) failed [ 115.765022][T12979] FAT-fs (loop5): Directory bread(block 164) failed [ 115.778132][T12979] FAT-fs (loop5): Directory bread(block 165) failed [ 115.785126][T12979] FAT-fs (loop5): Directory bread(block 166) failed [ 115.804742][T12979] FAT-fs (loop5): Directory bread(block 167) failed [ 115.811455][T12979] FAT-fs (loop5): Directory bread(block 168) failed [ 115.818224][T12979] FAT-fs (loop5): Directory bread(block 169) failed [ 115.825230][T12979] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 115.840458][T12979] FAT-fs (loop5): Directory bread(block 162) failed [ 115.847555][T12979] FAT-fs (loop5): Directory bread(block 163) failed [ 115.855169][T12979] syz.5.4246: attempt to access beyond end of device [ 115.855169][T12979] loop5: rw=3, sector=226, nr_sectors = 6 limit=128 [ 115.883715][T12979] syz.5.4246: attempt to access beyond end of device [ 115.883715][T12979] loop5: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 116.076208][T12998] loop5: detected capacity change from 0 to 512 [ 116.094269][T12998] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 116.109894][T12998] EXT4-fs (loop5): invalid journal inode [ 116.116468][T12998] EXT4-fs (loop5): can't get journal size [ 116.136675][T12998] EXT4-fs (loop5): 1 truncate cleaned up [ 116.158624][T12998] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 116.297640][T13027] xt_hashlimit: size too large, truncated to 1048576 [ 116.463919][T13054] loop4: detected capacity change from 0 to 512 [ 116.533383][T13068] loop5: detected capacity change from 0 to 512 [ 116.560265][T13068] EXT4-fs: Ignoring removed nobh option [ 116.632952][T13084] loop3: detected capacity change from 0 to 2048 [ 116.665528][T13099] xt_hashlimit: size too large, truncated to 1048576 [ 116.686208][T13084] loop3: p2 p3 p7 [ 116.927155][T13127] loop6: detected capacity change from 0 to 512 [ 116.948097][T13128] 9pnet: Could not find request transport: r [ 116.954403][T13127] EXT4-fs: Ignoring removed bh option [ 116.970300][T13127] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 117.004264][T13127] EXT4-fs (loop6): 1 truncate cleaned up [ 117.079244][T13144] tap0: tun_chr_ioctl cmd 2147767506 [ 117.100656][T13150] loop6: detected capacity change from 0 to 512 [ 117.115361][T13150] EXT4-fs: Ignoring removed nobh option [ 117.193283][ T29] kauditd_printk_skb: 301 callbacks suppressed [ 117.193298][ T29] audit: type=1400 audit(117.249:3198): avc: denied { execute } for pid=13161 comm="syz.5.4328" path=2F6D656D66643A0241BBCC960E202864656C6574656429 dev="hugetlbfs" ino=36436 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 117.249045][T13166] netlink: 'syz.5.4330': attribute type 15 has an invalid length. [ 117.272691][ T29] audit: type=1400 audit(117.329:3199): avc: denied { read } for pid=13169 comm="syz.1.4341" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 117.295049][ T29] audit: type=1400 audit(117.329:3200): avc: denied { open } for pid=13169 comm="syz.1.4341" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 117.317888][ T29] audit: type=1400 audit(117.349:3201): avc: denied { ioctl } for pid=13169 comm="syz.1.4341" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 117.353466][T13173] netlink: 'syz.6.4332': attribute type 3 has an invalid length. [ 117.446373][ T29] audit: type=1400 audit(117.489:3202): avc: denied { create } for pid=13192 comm="syz.3.4342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 117.465801][ T29] audit: type=1400 audit(117.499:3203): avc: denied { write } for pid=13192 comm="syz.3.4342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 117.494226][ T29] audit: type=1400 audit(117.549:3204): avc: denied { bind } for pid=13198 comm="syz.4.4346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 117.586613][T13219] loop5: detected capacity change from 0 to 512 [ 117.596964][T13219] EXT4-fs: Ignoring removed bh option [ 117.602710][T13219] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 117.625312][T13221] netlink: 'syz.1.4356': attribute type 8 has an invalid length. [ 117.659786][T13219] EXT4-fs (loop5): 1 truncate cleaned up [ 117.661453][ T29] audit: type=1326 audit(117.709:3205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13225 comm="syz.4.4357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dcea4f749 code=0x7ffc0000 [ 117.688517][ T29] audit: type=1326 audit(117.709:3206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13225 comm="syz.4.4357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8dcea4f749 code=0x7ffc0000 [ 117.711535][ T29] audit: type=1326 audit(117.709:3207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13225 comm="syz.4.4357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dcea4f749 code=0x7ffc0000 [ 117.780274][T13233] xt_hashlimit: size too large, truncated to 1048576 [ 117.976342][T13267] netlink: 'syz.5.4383': attribute type 1 has an invalid length. [ 117.993623][T13270] syz_tun: entered allmulticast mode [ 118.002257][T13270] syz_tun: left allmulticast mode [ 118.371431][T13327] sg_write: data in/out 852124/1 bytes for SCSI command 0x7-- guessing data in; [ 118.371431][T13327] program syz.1.4406 not setting count and/or reply_len properly [ 118.521446][T13352] loop1: detected capacity change from 0 to 8192 [ 118.528272][T13362] loop5: detected capacity change from 0 to 128 [ 118.538078][T13362] FAT-fs (loop5): error, invalid FAT chain (i_pos 548, last_block 8) [ 118.546232][T13362] FAT-fs (loop5): Filesystem has been set read-only [ 118.554483][T13362] FAT-fs (loop5): error, corrupted file size (i_pos 548, 522) [ 118.591162][T13367] __nla_validate_parse: 19 callbacks suppressed [ 118.591178][T13367] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4423'. [ 118.613557][T13367] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 118.617926][T13370] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4425'. [ 118.660523][T13376] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 118.669373][T13376] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 118.706208][T13383] loop4: detected capacity change from 0 to 256 [ 118.754483][T13389] smc: net device bond0 erased user defined pnetid SYZ0 [ 118.874613][T13413] loop4: detected capacity change from 0 to 256 [ 118.981534][T13421] loop4: detected capacity change from 0 to 2048 [ 119.258303][T13458] loop5: detected capacity change from 0 to 8192 [ 119.419939][T13505] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4487'. [ 119.472321][T13513] xt_NFQUEUE: number of total queues is 0 [ 119.545901][T13525] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4495'. [ 119.555099][T13525] tipc: Started in network mode [ 119.559959][T13525] tipc: Node identity 7, cluster identity 4711 [ 119.566166][T13525] tipc: Node number set to 7 [ 119.583498][T13531] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 119.614296][T13533] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4499'. [ 119.631112][T13533] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 119.667284][T13512] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.677129][T13512] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 119.686963][T13544] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 119.713343][T13546] loop5: detected capacity change from 0 to 512 [ 119.720188][T13546] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 119.778852][T13546] EXT4-fs error (device loop5): ext4_xattr_block_get:597: inode #15: comm syz.5.4505: corrupted xattr block 32: bad e_name length [ 119.793502][T13546] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop5 ino=15 [ 119.803181][T13546] EXT4-fs error (device loop5): ext4_xattr_block_get:597: inode #15: comm syz.5.4505: corrupted xattr block 32: bad e_name length [ 119.816923][T13546] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop5 ino=15 [ 119.827910][T13546] EXT4-fs error (device loop5): ext4_xattr_block_get:597: inode #15: comm syz.5.4505: corrupted xattr block 32: bad e_name length [ 119.860563][T13546] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop5 ino=15 [ 119.868218][T13561] EXT4-fs error (device loop5): ext4_xattr_block_get:597: inode #15: comm syz.5.4505: corrupted xattr block 32: bad e_name length [ 119.870991][T13546] EXT4-fs error (device loop5): ext4_xattr_block_get:597: inode #15: comm syz.5.4505: corrupted xattr block 32: bad e_name length [ 119.897543][T13546] EXT4-fs error (device loop5): ext4_xattr_block_get:597: inode #15: comm syz.5.4505: corrupted xattr block 32: bad e_name length [ 119.911206][T13561] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop5 ino=15 [ 119.911691][T13546] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop5 ino=15 [ 119.930315][T13561] EXT4-fs error (device loop5): __ext4_new_inode:1279: comm syz.5.4505: failed to insert inode 16: doubly allocated? [ 119.958495][T13563] loop4: detected capacity change from 0 to 1024 [ 119.982662][T13563] EXT4-fs: Ignoring removed bh option [ 119.992350][T13563] EXT4-fs: inline encryption not supported [ 119.998779][T13563] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 120.010107][ T6979] ================================================================== [ 120.018202][ T6979] BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked [ 120.025587][ T6979] [ 120.027908][ T6979] read-write to 0xffff88810a12afe0 of 8 bytes by interrupt on cpu 1: [ 120.035960][ T6979] __xa_clear_mark+0xf5/0x1e0 [ 120.040634][ T6979] __folio_end_writeback+0xf7/0x3b0 [ 120.045914][ T6979] folio_end_writeback_no_dropbehind+0x6d/0x1b0 [ 120.052160][ T6979] folio_end_writeback+0x1c/0x70 [ 120.057105][ T6979] end_buffer_async_write+0x156/0x1f0 [ 120.062472][ T6979] end_bio_bh_io_sync+0x79/0xa0 [ 120.067327][ T6979] bio_endio+0x37e/0x420 [ 120.071592][ T6979] blk_update_request+0x336/0x730 [ 120.076643][ T6979] blk_mq_end_request+0x26/0x50 [ 120.081490][ T6979] lo_complete_rq+0x98/0x140 [ 120.086087][ T6979] blk_done_softirq+0x77/0xb0 [ 120.090753][ T6979] handle_softirqs+0xba/0x290 [ 120.095422][ T6979] run_ksoftirqd+0x1c/0x30 [ 120.099828][ T6979] smpboot_thread_fn+0x32b/0x530 [ 120.104752][ T6979] kthread+0x489/0x510 [ 120.108807][ T6979] ret_from_fork+0x122/0x1b0 [ 120.113472][ T6979] ret_from_fork_asm+0x1a/0x30 [ 120.118223][ T6979] [ 120.120531][ T6979] read to 0xffff88810a12afe0 of 8 bytes by task 6979 on cpu 0: [ 120.128140][ T6979] xas_find_marked+0x218/0x620 [ 120.132889][ T6979] find_get_entry+0x5d/0x380 [ 120.137475][ T6979] filemap_get_folios_tag+0x92/0x210 [ 120.142754][ T6979] filemap_write_and_wait_range+0x1d3/0x340 [ 120.148725][ T6979] sync_blockdev+0x35/0x50 [ 120.153132][ T6979] sync_filesystem+0x162/0x190 [ 120.157911][ T6979] generic_shutdown_super+0x44/0x210 [ 120.163216][ T6979] kill_block_super+0x2a/0x70 [ 120.167894][ T6979] ext4_kill_sb+0x42/0x80 [ 120.172222][ T6979] deactivate_locked_super+0x75/0x1c0 [ 120.177596][ T6979] deactivate_super+0x97/0xa0 [ 120.182262][ T6979] cleanup_mnt+0x269/0x2e0 [ 120.186669][ T6979] __cleanup_mnt+0x19/0x20 [ 120.191076][ T6979] task_work_run+0x131/0x1a0 [ 120.195661][ T6979] exit_to_user_mode_loop+0xed/0x110 [ 120.200936][ T6979] do_syscall_64+0x1d6/0x200 [ 120.205515][ T6979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.211397][ T6979] [ 120.213706][ T6979] value changed: 0x00000000000002a0 -> 0x0000000000000000 [ 120.220792][ T6979] [ 120.223098][ T6979] Reported by Kernel Concurrency Sanitizer on: [ 120.229232][ T6979] CPU: 0 UID: 0 PID: 6979 Comm: syz-executor Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 120.240678][ T6979] Tainted: [W]=WARN [ 120.244465][ T6979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 120.254500][ T6979] ================================================================== [ 120.264616][T13563] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 120.286238][T13563] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.4513: lblock 2 mapped to illegal pblock 2 (length 1) [ 120.300669][T13563] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.4513: lblock 0 mapped to illegal pblock 48 (length 1) [ 120.315122][T13563] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.4513: Failed to acquire dquot type 0 [ 120.326883][T13563] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 120.336588][T13563] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.4513: mark_inode_dirty error [ 120.348267][T13563] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 120.359327][T13563] EXT4-fs (loop4): 1 orphan inode deleted [ 120.371427][ T3764] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:21: lblock 1 mapped to illegal pblock 1 (length 1) [ 120.386428][ T3764] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:21: Failed to release dquot type 0 [ 120.399040][T13563] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 127.632262][ T29] kauditd_printk_skb: 77 callbacks suppressed [ 127.632277][ T29] audit: type=1400 audit(127.689:3282): avc: denied { egress } for pid=22 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1 [ 127.661402][ T29] audit: type=1400 audit(127.689:3283): avc: denied { sendto } for pid=22 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1