last executing test programs: 1m49.772504483s ago: executing program 1 (id=647): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000d8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) statx(0xffffffffffffffff, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x7100, 0x7ff, 0x0) syz_emit_ethernet(0x2416, &(0x7f0000000580)=ANY=[@ANYBLOB="e727dc07001f391e7dd7a2d786dd609907a623e02c03cb697a653e336f000000500000000000ff02000000000000000000000000000132000012"], 0x0) syz_emit_ethernet(0x66, &(0x7f0000000080)=ANY=[@ANYBLOB="e706f2ffff1f391e7dd7a2d786dd609907a600302c03cb697a653e336f000000500000000000ff020000000000000000000000000001"], 0x0) 1m49.708738049s ago: executing program 1 (id=652): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r1) sendmsg$NL80211_CMD_GET_WIPHY(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01030000000000000000010000000800010014000000080003"], 0x30}}, 0x44) 1m49.612984147s ago: executing program 1 (id=656): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) listen(r0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x80002011}) shutdown(r0, 0x0) 1m49.514176885s ago: executing program 1 (id=661): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ") mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./file1\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x110) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]}) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x4842, 0x0) 1m49.289263863s ago: executing program 1 (id=671): socket$inet_udp(0x2, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18) sched_getscheduler(0x0) 1m48.625022227s ago: executing program 1 (id=677): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a800000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x6}, 0x66) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0x5, r1}, 0x38) 1m48.624921556s ago: executing program 32 (id=677): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a800000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x6}, 0x66) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0x5, r1}, 0x38) 8.361207053s ago: executing program 5 (id=4890): r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000016c0)='task\x00') fchdir(r1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xc3490000) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x14, 0x0) syz_open_procfs(r0, &(0x7f0000000140)='smaps\x00') 8.139555091s ago: executing program 5 (id=4900): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002580000000e0a01020000000000000000010000000900020073797a32000000001800038014000080100001800400028006000180000000000900010073797a30"], 0xc8}}, 0x0) 8.099773364s ago: executing program 5 (id=4902): write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd630080fc00082c00db5b6861589bcfe8875a060300000023000000000000000000000000ac1414aa33"], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2, 0x31}, 0x48) 7.895662621s ago: executing program 5 (id=4911): syz_emit_ethernet(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400)={[{@sysvgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=") r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) r1 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100)=0x0, &(0x7f00000007c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x40, 0x0, @fd=r0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="1a", 0x1}], 0x1}) io_uring_enter(r1, 0x4d10, 0x2, 0x2, 0x0, 0x0) 7.763527131s ago: executing program 5 (id=4913): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x0, 0x0, {0x7, r4}, [@MDBA_SET_ENTRY={0x20, 0x1, {r1, 0x1, 0x0, 0x3, {@ip4=@loopback}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0) 7.177957178s ago: executing program 5 (id=4935): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="16000000000000000400000002"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x5}, 0x48) 7.096296645s ago: executing program 33 (id=4935): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="16000000000000000400000002"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x5}, 0x48) 1.60315428s ago: executing program 2 (id=5134): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) r2 = socket$inet6_udp(0xa, 0x2, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x40, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0xecbf}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x98, 0x1ff, 0xd7}, {0x6, 0x24, 0x1a, 0x6, 0x12}}, {{0x9, 0x5, 0x81, 0x3, 0x40, 0x2, 0x7, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x4, 0x81, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x6, 0x2, 0x3}}}}}}}]}}, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 1.296444335s ago: executing program 4 (id=5150): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) lchown(&(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0) 1.259949518s ago: executing program 4 (id=5153): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='kmem_cache_free\x00', r0}, 0x18) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000940)=0x28, 0x4) sendto$inet6(r1, 0x0, 0x0, 0x400ad80, &(0x7f0000000080)={0xa, 0x4621, 0x0, @local}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000006780)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="b3ab706204ee39c9dae21a1718ee351ebc92d2f0d482a863ae5c0b4d768ffe745af2c53a083d9b761b", 0xfff7}], 0x1}, 0xb00}], 0x1, 0x0) 1.192855983s ago: executing program 0 (id=5155): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r0}, 0x10) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18) setitimer(0x0, 0x0, 0x0) 1.192241833s ago: executing program 4 (id=5156): unshare(0x68040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000) r0 = socket$phonet_pipe(0x23, 0x5, 0x2) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) bind$phonet(r1, &(0x7f0000000040)={0x23, 0x14}, 0x10) bind$phonet(r0, &(0x7f0000000000)={0x23, 0x4, 0x2}, 0x10) 1.11068652s ago: executing program 0 (id=5168): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1, 0x0, 0x6}, 0x18) r2 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x505b8, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x586e, 0x2, @perf_config_ext={0x6, 0x400000008}, 0x4c58, 0x5, 0x0, 0x1, 0x2, 0x20005, 0x10, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000000, 0x13, r2, 0x0) 1.031544856s ago: executing program 0 (id=5172): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace(0x8, r0) r1 = syz_pidfd_open(r0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) pidfd_getfd(r1, 0xffffffffffffffff, 0x0) 1.021165957s ago: executing program 2 (id=5162): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000e00)={{r0}, &(0x7f0000000d80), &(0x7f0000000dc0)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18) getxattr(0x0, &(0x7f0000000040)=@known='system.sockprotoname\x00', 0x0, 0x0) 950.220443ms ago: executing program 2 (id=5166): unshare(0x62040200) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv4_newroute={0x2c, 0x18, 0xaba64f4add525e83, 0x1, 0x0, {0x2, 0x0, 0x0, 0x0, 0xfd, 0x0, 0xfe, 0x2}, [@RTA_OIF={0x8, 0x4, r2}, @RTA_PREFSRC={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x44}}]}, 0x2c}, 0x1, 0xffffff7f}, 0x84) 947.099453ms ago: executing program 0 (id=5167): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) socket$inet6_tcp(0xa, 0x1, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r1 = epoll_create(0x2) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x6000200c}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000001c0)) 816.625664ms ago: executing program 4 (id=5173): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x27ff, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="10031400e0ff020002004788aa96a13bb100001100007fca1a00", 0x1000a, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) 797.618425ms ago: executing program 2 (id=5174): r0 = socket$inet_sctp(0x2, 0x1, 0x84) prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00') r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18) unshare(0x2040400) setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0) 772.235077ms ago: executing program 4 (id=5177): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x4, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48) write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd09032800030020000000600000000004730081e949b93897bc3b0000000000007d01ff020000000000000000000000000001"], 0xfdef) 754.023249ms ago: executing program 2 (id=5178): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x4, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]}) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r1, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) close_range(r0, 0xffffffffffffffff, 0x0) 656.628106ms ago: executing program 4 (id=5184): prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98,\xc8\x18E/\x8c\x1a\xe3\xbd') r0 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=0x0, &(0x7f0000000580)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1}) io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00) rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8) 633.768828ms ago: executing program 2 (id=5186): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2) readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1) 519.613478ms ago: executing program 6 (id=5193): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb65c3f11d22cea2f, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = getpgid(0x0) r1 = syz_pidfd_open(r0, 0x0) r2 = pidfd_getfd(r1, r1, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) name_to_handle_at(r2, &(0x7f0000000040)='./file7/file0\x00', &(0x7f00000000c0)=ANY=[], 0x0, 0x1400) 502.556239ms ago: executing program 6 (id=5195): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x3) r2 = socket$vsock_stream(0x28, 0x1, 0x0) fgetxattr(r2, &(0x7f0000000000)=ANY=[], 0x0, 0x0) 478.099171ms ago: executing program 6 (id=5197): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000840)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18) semget(0x0, 0x2, 0x2b) 454.788593ms ago: executing program 6 (id=5199): r0 = epoll_create1(0x0) r1 = socket$unix(0x1, 0x1, 0x0) close(r1) socket(0x15, 0x5, 0x0) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000040)=0xffff, 0x4) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xa0028000}) 435.577284ms ago: executing program 6 (id=5200): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0) r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0) write$selinux_load(r1, &(0x7f0000000000)=ANY=[], 0xffa8) 418.877686ms ago: executing program 3 (id=5201): sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x70bd2d, 0xffffffff, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x0, 0x3, 0x3, {@ip4=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x86dd}}}]}, 0x38}}, 0x40c8480) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000100000000c00018008000100", @ANYRES32=r3, @ANYBLOB="080011"], 0x28}, 0x1, 0x0, 0x0, 0x40000c5}, 0x0) 375.914419ms ago: executing program 6 (id=5202): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) write(r1, &(0x7f00000009c0)="3bf58d7d45d3", 0x6) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7fffeffd) 375.750859ms ago: executing program 3 (id=5203): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00') syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_u}]}}) 292.208146ms ago: executing program 3 (id=5204): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 93.213562ms ago: executing program 0 (id=5205): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) wait4(0x0, 0x0, 0x1, 0x0) 93.101832ms ago: executing program 3 (id=5206): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x41000, 0x2c}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18) syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x4e24, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) 36.444587ms ago: executing program 3 (id=5207): r0 = fsopen(&(0x7f0000001500)='devtmpfs\x00', 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000004c0)='kfree\x00', r1, 0x0, 0x1}, 0x18) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x6) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 35.767777ms ago: executing program 0 (id=5217): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket(0xa, 0x3, 0xff) connect$inet6(r2, &(0x7f00000004c0)={0xa, 0x4e22, 0x2, @mcast1, 0x3}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000340)=[{{0x0, 0x1008, &(0x7f0000000040)=[{&(0x7f0000000000)="5e54e574da93883e8c628a600b17cbe584d2e73c68141965f3fbcf0e16db6e759d420151c6c57504", 0x28}], 0x1}}], 0x1, 0x44080) 0s ago: executing program 3 (id=5208): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0x1fffffffffffff62, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10) fsync(r0) kernel console output (not intermixed with test programs): 0 arch=c000003e syscall=202 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 95.741470][ T29] audit: type=1326 audit(1756508119.264:2543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9202 comm="syz.5.2312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 95.765074][ T29] audit: type=1326 audit(1756508119.264:2544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9202 comm="syz.5.2312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 95.788594][ T29] audit: type=1326 audit(1756508119.264:2545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9202 comm="syz.5.2312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 95.875524][ T9221] netlink: 'syz.3.2307': attribute type 13 has an invalid length. [ 95.892497][ T9227] loop4: detected capacity change from 0 to 512 [ 95.901026][ T9227] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.2310: casefold flag without casefold feature [ 95.916708][ T9221] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 95.926537][ T9227] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.2310: couldn't read orphan inode 15 (err -117) [ 95.954719][ T9227] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.961443][ T9221] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 95.975270][ T9221] gretap1: entered promiscuous mode [ 95.980507][ T9221] gretap1: entered allmulticast mode [ 96.030544][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.226360][ T9270] netlink: 'syz.4.2328': attribute type 13 has an invalid length. [ 96.241180][ T9270] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 96.265820][ T9270] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 96.283654][ T9270] gretap1: entered promiscuous mode [ 96.289058][ T9270] gretap1: entered allmulticast mode [ 96.425240][ T9303] loop2: detected capacity change from 0 to 512 [ 96.436234][ T9303] EXT4-fs (loop2): too many log groups per flexible block group [ 96.444034][ T9303] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 96.451931][ T9303] EXT4-fs (loop2): mount failed [ 96.742917][ T9308] loop5: detected capacity change from 0 to 512 [ 96.752272][ T9308] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 96.766220][ T9308] EXT4-fs (loop5): 1 truncate cleaned up [ 96.772346][ T9308] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.811721][ T5146] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.848765][ T9322] netlink: 'syz.5.2350': attribute type 13 has an invalid length. [ 96.859500][ T9322] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 96.870210][ T9322] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 96.878274][ T9322] gretap1: entered promiscuous mode [ 96.883528][ T9322] gretap1: entered allmulticast mode [ 97.010308][ T9346] program syz.2.2365 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 97.098577][ T9352] SELinux: failed to load policy [ 97.520248][ T9401] loop4: detected capacity change from 0 to 128 [ 97.563974][ T9401] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 97.571944][ T9401] FAT-fs (loop4): Filesystem has been set read-only [ 97.589690][ T9413] loop3: detected capacity change from 0 to 128 [ 97.593796][ T9401] bio_check_eod: 10085 callbacks suppressed [ 97.593818][ T9401] syz.4.2390: attempt to access beyond end of device [ 97.593818][ T9401] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 97.605424][ T9413] EXT4-fs: Ignoring removed nobh option [ 97.617058][ T9401] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 97.629518][ T9401] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 97.638240][ T9401] syz.4.2390: attempt to access beyond end of device [ 97.638240][ T9401] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 97.639619][ T9413] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 97.674007][ T9401] syz.4.2390: attempt to access beyond end of device [ 97.674007][ T9401] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 97.694729][ T9401] syz.4.2390: attempt to access beyond end of device [ 97.694729][ T9401] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 97.709904][ T9401] syz.4.2390: attempt to access beyond end of device [ 97.709904][ T9401] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 97.723356][ T9401] syz.4.2390: attempt to access beyond end of device [ 97.723356][ T9401] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 97.732541][ T9413] ext4 filesystem being mounted at /507/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 97.737089][ T9401] syz.4.2390: attempt to access beyond end of device [ 97.737089][ T9401] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 97.737139][ T9401] syz.4.2390: attempt to access beyond end of device [ 97.737139][ T9401] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 97.737192][ T9401] syz.4.2390: attempt to access beyond end of device [ 97.737192][ T9401] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 97.737236][ T9401] syz.4.2390: attempt to access beyond end of device [ 97.737236][ T9401] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 97.849524][ T3305] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 98.810119][ T9463] loop4: detected capacity change from 0 to 128 [ 98.881707][ T9463] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 98.958611][ T9463] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 99.061298][ T8944] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 99.166862][ T9484] loop4: detected capacity change from 0 to 512 [ 99.220735][ T9484] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 99.233115][ T9490] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2429'. [ 99.266030][ T9484] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c0a8, mo2=0002] [ 99.288381][ T9484] System zones: 1-12 [ 99.319022][ T9484] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.2428: iget: bogus i_mode (700) [ 99.337893][ T9484] EXT4-fs (loop4): Remounting filesystem read-only [ 99.344847][ T9484] EXT4-fs (loop4): 1 orphan inode deleted [ 99.352266][ T9484] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.379731][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.226217][ T9538] loop4: detected capacity change from 0 to 2048 [ 100.245721][ T9538] loop4: p1 < > p3 p4 < > [ 100.261284][ T9538] loop4: p3 start 4284289 is beyond EOD, truncated [ 100.276324][ T9544] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 100.320232][ C0] operation not supported error, dev loop4, sector 0 op 0x9:(WRITE_ZEROES) flags 0x20000800 phys_seg 0 prio class 2 [ 100.400780][ T9555] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2458'. [ 100.691708][ T9588] hub 8-0:1.0: USB hub found [ 100.699745][ T9588] hub 8-0:1.0: 8 ports detected [ 100.795732][ T29] kauditd_printk_skb: 222 callbacks suppressed [ 100.795751][ T29] audit: type=1326 audit(1756508124.324:2768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9597 comm="syz.0.2479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 100.825523][ T29] audit: type=1326 audit(1756508124.324:2769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9597 comm="syz.0.2479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 100.849120][ T29] audit: type=1326 audit(1756508124.324:2770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9597 comm="syz.0.2479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 100.872595][ T29] audit: type=1326 audit(1756508124.324:2771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9597 comm="syz.0.2479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 100.896025][ T29] audit: type=1326 audit(1756508124.324:2772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9597 comm="syz.0.2479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 100.970500][ T9606] loop3: detected capacity change from 0 to 512 [ 100.979603][ T9606] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.2482: error while reading EA inode 32 err=-116 [ 100.993406][ T9606] EXT4-fs (loop3): Remounting filesystem read-only [ 100.999989][ T9606] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 101.011344][ T9606] EXT4-fs (loop3): 1 orphan inode deleted [ 101.018182][ T9606] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.031947][ T9606] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.326744][ T9617] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2497'. [ 101.393499][ T9621] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 101.409175][ T9] IPVS: starting estimator thread 0... [ 101.425015][ T29] audit: type=1326 audit(1756508124.934:2773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9625 comm="syz.5.2487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 101.448540][ T29] audit: type=1326 audit(1756508124.934:2774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9625 comm="syz.5.2487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 101.472144][ T29] audit: type=1326 audit(1756508124.934:2775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9625 comm="syz.5.2487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 101.495580][ T29] audit: type=1326 audit(1756508124.934:2776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9625 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 101.518668][ T29] audit: type=1326 audit(1756508124.934:2777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9625 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 101.546833][ T9627] IPVS: using max 2400 ests per chain, 120000 per kthread [ 101.605151][ T9633] loop5: detected capacity change from 0 to 8192 [ 101.728820][ T9656] loop5: detected capacity change from 0 to 2048 [ 101.765967][ T9656] loop5: p1 < > p3 p4 < > [ 101.770812][ T9656] loop5: p3 start 4284289 is beyond EOD, truncated [ 101.780898][ C0] operation not supported error, dev loop5, sector 0 op 0x9:(WRITE_ZEROES) flags 0x20000800 phys_seg 0 prio class 2 [ 102.055024][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 103.095028][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 104.135498][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 104.634601][ T3379] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x4 [ 104.642442][ T3379] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x2 [ 104.657427][ T3379] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x3 [ 104.666209][ T3379] hid-generic 0000:3000000:0000.0007: hidraw0: HID v0.00 Device [sy] on syz0 [ 104.742879][ T9867] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 104.750526][ T9867] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 104.782804][ T9867] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 104.790489][ T9867] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 104.828762][ T9877] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2601'. [ 105.153320][ T9899] loop5: detected capacity change from 0 to 512 [ 105.174982][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 105.185818][ T9899] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.2614: Failed to acquire dquot type 1 [ 105.213973][ T9899] EXT4-fs (loop5): 1 truncate cleaned up [ 105.220914][ T9899] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.235032][ T9899] ext4 filesystem being mounted at /393/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 105.275079][ T5146] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.359981][ T9920] loop5: detected capacity change from 0 to 164 [ 105.381948][ T9920] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 105.396576][ T9920] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 105.409358][ T9920] Symlink component flag not implemented [ 105.415454][ T9920] Symlink component flag not implemented [ 105.439080][ T9920] Symlink component flag not implemented (7) [ 105.445151][ T9920] Symlink component flag not implemented (116) [ 105.871278][ T9992] program syz.5.2650 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 106.215004][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 106.929668][T10009] netlink: 'syz.2.2656': attribute type 3 has an invalid length. [ 107.011517][T10019] netlink: 'syz.2.2662': attribute type 3 has an invalid length. [ 107.045224][ T29] kauditd_printk_skb: 107 callbacks suppressed [ 107.045241][ T29] audit: type=1326 audit(1756508130.574:2883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.2653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7fc00000 [ 107.265322][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 107.305299][T10038] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2671'. [ 107.367117][T10044] netlink: 'syz.3.2672': attribute type 3 has an invalid length. [ 107.486528][T10050] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 107.539492][T10056] netlink: 'syz.3.2678': attribute type 3 has an invalid length. [ 107.599840][ T29] audit: type=1326 audit(1756508131.124:2884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10060 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 107.638808][ T29] audit: type=1326 audit(1756508131.144:2885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10060 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 107.662477][ T29] audit: type=1326 audit(1756508131.144:2886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10060 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 107.686044][ T29] audit: type=1326 audit(1756508131.144:2887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10060 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 107.709726][ T29] audit: type=1326 audit(1756508131.144:2888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10060 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 107.760072][ T29] audit: type=1326 audit(1756508131.234:2889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.2653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60aa20ebe9 code=0x7fc00000 [ 107.783589][ T29] audit: type=1326 audit(1756508131.274:2890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10070 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 107.806583][ T29] audit: type=1326 audit(1756508131.274:2891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10070 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 107.829608][ T29] audit: type=1326 audit(1756508131.274:2892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10070 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 107.874242][T10075] netlink: 'syz.0.2686': attribute type 3 has an invalid length. [ 108.139538][T10120] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2707'. [ 108.163380][T10120] IPVS: Error joining to the multicast group [ 108.295025][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 109.131350][T10165] pim6reg: entered allmulticast mode [ 109.147063][T10160] syzkaller1: entered promiscuous mode [ 109.152617][T10160] syzkaller1: entered allmulticast mode [ 109.166075][T10165] pim6reg: left allmulticast mode [ 109.334997][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 109.396640][T10187] atomic_op ffff88811451dd28 conn xmit_atomic 0000000000000000 [ 109.436233][T10191] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2739'. [ 109.515328][T10202] pim6reg: entered allmulticast mode [ 109.536712][T10202] pim6reg: left allmulticast mode [ 109.554587][T10199] syzkaller1: entered promiscuous mode [ 109.560224][T10199] syzkaller1: entered allmulticast mode [ 109.613888][T10209] team0 (unregistering): Port device team_slave_0 removed [ 109.633220][T10209] team0 (unregistering): Port device team_slave_1 removed [ 110.385019][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 111.080194][T10238] pim6reg: entered allmulticast mode [ 111.101757][T10238] pim6reg: left allmulticast mode [ 111.125752][T10246] syzkaller1: entered promiscuous mode [ 111.131428][T10246] syzkaller1: entered allmulticast mode [ 111.414982][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 111.776325][T10257] TCP: TCP_TX_DELAY enabled [ 111.811684][T10273] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2780'. [ 112.045760][T10305] loop5: detected capacity change from 0 to 1024 [ 112.052973][T10305] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 112.094949][T10305] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2794: Invalid block bitmap block 0 in block_group 0 [ 112.119627][T10305] __quota_error: 49 callbacks suppressed [ 112.119648][T10305] Quota error (device loop5): write_blk: dquota write failed [ 112.127381][ T29] audit: type=1400 audit(1756508135.654:2942): avc: denied { connect } for pid=10312 comm="syz.0.2798" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 112.132785][T10305] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 112.162689][T10305] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.2794: Failed to acquire dquot type 0 [ 112.174382][T10305] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.2794: Freeing blocks not in datazone - block = 0, count = 4096 [ 112.187920][T10305] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.2794: Invalid inode bitmap blk 0 in block_group 0 [ 112.200797][T10305] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem [ 112.209524][ T3437] Quota error (device loop5): do_check_range: Getting block 0 out of range 1-7 [ 112.218706][ T3437] EXT4-fs error (device loop5): ext4_release_dquot:6973: comm kworker/u8:8: Failed to release dquot type 0 [ 112.231386][T10305] EXT4-fs (loop5): 1 orphan inode deleted [ 112.245743][T10305] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.336590][T10305] infiniband syz2: set active [ 112.341475][T10305] infiniband syz2: added bond0 [ 112.356738][T10305] RDS/IB: syz2: added [ 112.360774][T10305] smc: adding ib device syz2 with port count 1 [ 112.367049][T10305] smc: ib device syz2 port 1 has pnetid [ 112.454999][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 112.512329][ T29] audit: type=1326 audit(1756508136.034:2943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10325 comm="syz.3.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 112.536000][ T29] audit: type=1326 audit(1756508136.034:2944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10325 comm="syz.3.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 112.559614][ T29] audit: type=1326 audit(1756508136.034:2945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10325 comm="syz.3.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 112.620956][T10305] syz.5.2794 (10305) used greatest stack depth: 9312 bytes left [ 112.629697][ T5146] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.730889][ T29] audit: type=1326 audit(1756508136.254:2946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10343 comm="syz.2.2812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 112.754626][ T29] audit: type=1326 audit(1756508136.254:2947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10343 comm="syz.2.2812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 112.778226][ T29] audit: type=1326 audit(1756508136.254:2948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10343 comm="syz.2.2812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 112.839608][T10350] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2814'. [ 113.494992][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 113.666849][T10401] af_packet: tpacket_rcv: packet too big, clamped from 102 to 4294967286. macoff=82 [ 113.669625][T10402] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2840'. [ 114.064352][T10452] IPv6: Can't replace route, no match found [ 114.359071][T10494] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2895'. [ 114.525339][T10510] loop0: detected capacity change from 0 to 1024 [ 114.544974][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 114.633944][T10510] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 114.733440][T10510] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.2891: Invalid block bitmap block 0 in block_group 0 [ 114.773081][T10510] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.2891: Failed to acquire dquot type 0 [ 114.802239][T10528] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2900'. [ 114.812123][T10510] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.2891: Freeing blocks not in datazone - block = 0, count = 4096 [ 114.836833][T10510] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.2891: Invalid inode bitmap blk 0 in block_group 0 [ 114.857722][ T3437] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:8: Failed to release dquot type 0 [ 114.874198][T10510] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem [ 114.905815][T10510] EXT4-fs (loop0): 1 orphan inode deleted [ 114.912039][T10510] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.952635][T10510] rdma_rxe: rxe_newlink: failed to add bond0 [ 114.987911][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.258662][T10570] loop0: detected capacity change from 0 to 1024 [ 115.278838][T10570] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.291118][T10570] ext4 filesystem being mounted at /569/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 115.304838][T10570] EXT4-fs (loop0): resizing filesystem from 512 to 0 blocks [ 115.312255][T10570] EXT4-fs warning (device loop0): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 115.357204][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.585047][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 116.216528][T10609] loop2: detected capacity change from 0 to 1024 [ 116.242425][T10609] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 116.254685][T10609] ext4 filesystem being mounted at /574/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 116.270287][T10609] EXT4-fs (loop2): resizing filesystem from 512 to 0 blocks [ 116.277676][T10609] EXT4-fs warning (device loop2): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 116.317808][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.520733][T10666] tipc: Enabling of bearer rejected, failed to enable media [ 116.562665][T10671] loop5: detected capacity change from 0 to 1024 [ 116.576440][T10671] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 116.588825][T10671] ext4 filesystem being mounted at /467/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 116.605878][T10679] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2971'. [ 116.615153][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 116.622428][T10679] unsupported nlmsg_type 40 [ 116.627279][T10671] EXT4-fs (loop5): resizing filesystem from 512 to 0 blocks [ 116.632973][T10681] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2972'. [ 116.634591][T10671] EXT4-fs warning (device loop5): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 116.678128][ T5146] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.993636][T10744] tipc: Enabling of bearer rejected, failed to enable media [ 117.083370][T10761] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3011'. [ 117.179360][ T29] kauditd_printk_skb: 133 callbacks suppressed [ 117.179420][ T29] audit: type=1326 audit(1756508140.704:3079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.4.3017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 117.209257][ T29] audit: type=1326 audit(1756508140.704:3080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.4.3017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 117.232957][ T29] audit: type=1326 audit(1756508140.704:3081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.4.3017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 117.256480][ T29] audit: type=1326 audit(1756508140.704:3082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.4.3017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 117.280134][ T29] audit: type=1326 audit(1756508140.704:3083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.4.3017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 117.303710][ T29] audit: type=1326 audit(1756508140.704:3084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.4.3017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 117.316581][ T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 117.327659][ T29] audit: type=1326 audit(1756508140.704:3085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.4.3017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 117.358392][ T29] audit: type=1326 audit(1756508140.714:3086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.4.3017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 117.358815][ T23] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz1] on syz0 [ 117.424745][T10777] tipc: Enabling of bearer rejected, failed to enable media [ 117.586020][ T29] audit: type=1326 audit(1756508141.114:3087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10790 comm="syz.0.3024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 117.609729][ T29] audit: type=1326 audit(1756508141.114:3088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10790 comm="syz.0.3024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 117.654995][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 117.697134][T10795] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3027'. [ 118.456033][T10875] netlink: 'syz.4.3063': attribute type 1 has an invalid length. [ 118.463886][T10875] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3063'. [ 118.482849][T10876] loop0: detected capacity change from 0 to 256 [ 118.497718][T10868] loop5: detected capacity change from 0 to 8192 [ 118.694986][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 118.771675][T10890] vhci_hcd: invalid port number 96 [ 118.776996][T10890] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 119.080270][T10917] loop2: detected capacity change from 0 to 256 [ 119.188413][ T3387] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 119.203770][T10928] netlink: 'syz.4.3083': attribute type 298 has an invalid length. [ 119.215085][ T3387] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz1] on syz0 [ 119.744971][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 120.018952][T10981] netlink: 'syz.2.3111': attribute type 298 has an invalid length. [ 120.269783][T11004] vhci_hcd: invalid port number 96 [ 120.275092][T11004] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 120.472305][T11026] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3132'. [ 120.541155][T11034] loop0: detected capacity change from 0 to 1024 [ 120.585454][T11034] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 120.628804][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.775064][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 120.877455][T11060] netlink: 'syz.0.3146': attribute type 1 has an invalid length. [ 120.885267][T11060] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3146'. [ 120.979376][T11074] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3153'. [ 121.330377][T11128] loop0: detected capacity change from 0 to 764 [ 121.363273][T11130] netlink: 'syz.2.3181': attribute type 1 has an invalid length. [ 121.371097][T11130] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3181'. [ 121.449451][T11141] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3185'. [ 121.475771][T11141] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3185'. [ 121.499500][T11141] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3185'. [ 121.513255][T11141] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3185'. [ 121.563443][T11151] loop5: detected capacity change from 0 to 1024 [ 121.599062][T11151] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.616840][T11159] netlink: 'syz.4.3194': attribute type 1 has an invalid length. [ 121.624659][T11159] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3194'. [ 121.672772][ T5146] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.815006][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 121.823391][T11188] netlink: 'syz.5.3208': attribute type 1 has an invalid length. [ 121.881699][T11196] loop2: detected capacity change from 0 to 1024 [ 121.896639][T11198] openvswitch: netlink: Message has 6 unknown bytes. [ 121.933099][T11196] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.984772][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.058102][T11223] netlink: 'syz.3.3222': attribute type 1 has an invalid length. [ 122.153116][T11242] loop2: detected capacity change from 0 to 128 [ 122.185559][T11242] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 122.204851][T11242] ext4 filesystem being mounted at /628/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 122.216393][ T29] kauditd_printk_skb: 395 callbacks suppressed [ 122.216407][ T29] audit: type=1400 audit(1756508145.744:3484): avc: denied { mounton } for pid=11241 comm="syz.2.3233" path="/628/file1" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 122.264493][ T3303] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 122.290018][ T29] audit: type=1326 audit(1756508145.814:3485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11259 comm="syz.3.3243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 122.313843][ T29] audit: type=1326 audit(1756508145.814:3486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11259 comm="syz.3.3243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 122.339308][ T29] audit: type=1326 audit(1756508145.864:3487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11259 comm="syz.3.3243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 122.373440][ T29] audit: type=1326 audit(1756508145.864:3488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11259 comm="syz.3.3243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 122.397307][ T29] audit: type=1326 audit(1756508145.864:3489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11259 comm="syz.3.3243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 122.470288][T11274] netlink: 'syz.0.3247': attribute type 30 has an invalid length. [ 122.489642][ T29] audit: type=1326 audit(1756508146.004:3490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11271 comm="syz.5.3248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 122.513274][ T29] audit: type=1326 audit(1756508146.004:3491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11271 comm="syz.5.3248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 122.536825][ T29] audit: type=1326 audit(1756508146.004:3492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11271 comm="syz.5.3248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 122.560384][ T29] audit: type=1326 audit(1756508146.004:3493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11271 comm="syz.5.3248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 122.625804][T11286] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 122.632403][T11286] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 122.640094][T11286] vhci_hcd vhci_hcd.0: Device attached [ 122.655171][T11287] vhci_hcd: connection closed [ 122.655996][ T7454] vhci_hcd: stop threads [ 122.665224][ T7454] vhci_hcd: release socket [ 122.669667][ T7454] vhci_hcd: disconnect device [ 122.669857][T11292] loop5: detected capacity change from 0 to 764 [ 122.854970][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 123.148366][T11339] syzkaller1: entered promiscuous mode [ 123.154017][T11339] syzkaller1: entered allmulticast mode [ 123.263712][T11360] loop5: detected capacity change from 0 to 512 [ 123.288995][T11360] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 123.328212][T11360] EXT4-fs (loop5): mount failed [ 123.336636][T11373] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 123.365632][T11376] /dev/loop4: Can't lookup blockdev [ 123.437053][T11374] openvswitch: netlink: Message has 6 unknown bytes. [ 123.504658][T11390] __nla_validate_parse: 9 callbacks suppressed [ 123.504690][T11390] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3299'. [ 123.521809][T11388] vhci_hcd: invalid port number 96 [ 123.527114][T11388] vhci_hcd: default hub control req: 0318 vf7fa i0060 l0 [ 123.541768][T11390] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3299'. [ 123.561461][T11390] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3299'. [ 123.585505][T11390] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3299'. [ 123.633213][T11399] loop0: detected capacity change from 0 to 128 [ 123.644897][T11399] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 123.659847][T11399] ext4 filesystem being mounted at /653/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 123.691136][ T3314] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 123.761360][T11419] syzkaller1: entered promiscuous mode [ 123.767008][T11419] syzkaller1: entered allmulticast mode [ 123.807741][T11425] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3317'. [ 123.828025][T11425] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3317'. [ 123.840333][T11425] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3317'. [ 123.849758][T11425] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3317'. [ 123.884306][T11433] loop5: detected capacity change from 0 to 128 [ 123.895014][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 123.902664][T11433] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 123.915519][T11433] ext4 filesystem being mounted at /548/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 123.959519][ T5146] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 124.008772][T11452] netlink: 7 bytes leftover after parsing attributes in process `syz.0.3328'. [ 124.014673][T11454] loop5: detected capacity change from 0 to 1764 [ 124.025061][T11452] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3328'. [ 124.327691][T11461] syzkaller1: entered promiscuous mode [ 124.333276][T11461] syzkaller1: entered allmulticast mode [ 124.479950][T11486] GUP no longer grows the stack in syz.5.3340 (11486): 200000004000-20000000a000 (200000002000) [ 124.490596][T11486] CPU: 0 UID: 0 PID: 11486 Comm: syz.5.3340 Not tainted syzkaller #0 PREEMPT(voluntary) [ 124.490696][T11486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 124.490719][T11486] Call Trace: [ 124.490728][T11486] [ 124.490739][T11486] __dump_stack+0x1d/0x30 [ 124.490767][T11486] dump_stack_lvl+0xe8/0x140 [ 124.490789][T11486] dump_stack+0x15/0x1b [ 124.490810][T11486] __get_user_pages+0x198d/0x1fa0 [ 124.490926][T11486] ? __rcu_read_unlock+0x4f/0x70 [ 124.490953][T11486] get_user_pages_remote+0x1d5/0x6d0 [ 124.490982][T11486] __access_remote_vm+0x15c/0x590 [ 124.491150][T11486] access_remote_vm+0x32/0x40 [ 124.491236][T11486] proc_pid_cmdline_read+0x32b/0x6c0 [ 124.491288][T11486] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 124.491313][T11486] vfs_readv+0x3fb/0x690 [ 124.491351][T11486] __x64_sys_preadv+0xfd/0x1c0 [ 124.491401][T11486] x64_sys_call+0x282a/0x2ff0 [ 124.491422][T11486] do_syscall_64+0xd2/0x200 [ 124.491504][T11486] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 124.491528][T11486] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 124.491555][T11486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.491577][T11486] RIP: 0033:0x7f2c95a5ebe9 [ 124.491593][T11486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.491670][T11486] RSP: 002b:00007f2c944bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 124.491690][T11486] RAX: ffffffffffffffda RBX: 00007f2c95c95fa0 RCX: 00007f2c95a5ebe9 [ 124.491703][T11486] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003 [ 124.491715][T11486] RBP: 00007f2c95ae1e19 R08: 0000000000000000 R09: 0000000000000000 [ 124.491727][T11486] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 124.491739][T11486] R13: 00007f2c95c96038 R14: 00007f2c95c95fa0 R15: 00007ffe5e05fa18 [ 124.491758][T11486] [ 124.737316][T11498] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 124.923388][T11527] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6) [ 124.929952][T11527] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 124.937571][T11527] vhci_hcd vhci_hcd.0: Device attached [ 124.943824][T11528] vhci_hcd: connection closed [ 124.944086][ T3437] vhci_hcd: stop threads [ 124.945010][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 124.948868][ T3437] vhci_hcd: release socket [ 124.964493][ T3437] vhci_hcd: disconnect device [ 124.982540][T11535] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 124.997324][T11534] loop2: detected capacity change from 0 to 1764 [ 125.097717][T11546] loop2: detected capacity change from 0 to 512 [ 125.111943][T11546] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 125.129641][T11546] EXT4-fs (loop2): 1 truncate cleaned up [ 125.141396][T11546] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.298172][T11564] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 125.463830][T11578] netlink: 'syz.0.3384': attribute type 6 has an invalid length. [ 125.949118][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.968849][T11632] loop0: detected capacity change from 0 to 1024 [ 125.985011][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 125.999109][T11632] EXT4-fs: Ignoring removed bh option [ 126.018524][T11632] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 126.049787][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.291840][T11662] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 126.298413][T11662] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 126.306080][T11662] vhci_hcd vhci_hcd.0: Device attached [ 126.317420][T11665] vhci_hcd: connection closed [ 126.318410][ T3437] vhci_hcd: stop threads [ 126.327538][ T3437] vhci_hcd: release socket [ 126.332029][ T3437] vhci_hcd: disconnect device [ 126.448440][T11691] loop2: detected capacity change from 0 to 512 [ 126.455358][T11691] EXT4-fs: Ignoring removed mblk_io_submit option [ 126.462030][T11691] EXT4-fs: Ignoring removed nomblk_io_submit option [ 126.469306][T11691] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 126.477844][T11691] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 126.506601][T11691] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.3434: Allocating blocks 41-42 which overlap fs metadata [ 126.520984][T11691] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.3434: Failed to acquire dquot type 1 [ 126.532732][T11691] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 126.547430][T11691] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.3434: corrupted inode contents [ 126.562196][T11691] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #12: comm syz.2.3434: mark_inode_dirty error [ 126.574059][T11691] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.3434: corrupted inode contents [ 126.588038][T11691] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.3434: mark_inode_dirty error [ 126.600553][T11691] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.3434: corrupted inode contents [ 126.613279][T11691] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 126.622258][T11691] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.3434: corrupted inode contents [ 126.634593][T11691] EXT4-fs error (device loop2): ext4_truncate:4666: inode #12: comm syz.2.3434: mark_inode_dirty error [ 126.646133][T11691] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 126.655984][T11691] EXT4-fs (loop2): 1 truncate cleaned up [ 126.662269][T11691] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.688037][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.014961][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 127.070981][T11757] loop0: detected capacity change from 0 to 512 [ 127.087892][T11757] EXT4-fs: Ignoring removed mblk_io_submit option [ 127.098651][T11757] EXT4-fs: Ignoring removed nomblk_io_submit option [ 127.115225][T11757] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 127.123947][T11757] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 127.162268][T11774] loop2: detected capacity change from 0 to 1024 [ 127.162470][T11757] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.3472: Allocating blocks 41-42 which overlap fs metadata [ 127.170107][T11774] EXT4-fs: Ignoring removed bh option [ 127.190175][T11757] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.3472: Failed to acquire dquot type 1 [ 127.206219][T11774] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.219906][T11757] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 127.234886][T11757] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.3472: corrupted inode contents [ 127.247679][T11757] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #12: comm syz.0.3472: mark_inode_dirty error [ 127.260915][T11757] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.3472: corrupted inode contents [ 127.274006][T11757] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #12: comm syz.0.3472: mark_inode_dirty error [ 127.286291][T11757] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.3472: corrupted inode contents [ 127.300185][T11757] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 127.310286][T11757] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.3472: corrupted inode contents [ 127.315343][ T29] kauditd_printk_skb: 223 callbacks suppressed [ 127.315363][ T29] audit: type=1326 audit(1756508150.834:3710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11783 comm="syz.5.3470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 127.352324][T11757] EXT4-fs error (device loop0): ext4_truncate:4666: inode #12: comm syz.0.3472: mark_inode_dirty error [ 127.397053][ T29] audit: type=1326 audit(1756508150.904:3711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11783 comm="syz.5.3470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 127.420623][ T29] audit: type=1326 audit(1756508150.914:3712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11782 comm="syz.4.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 127.444267][ T29] audit: type=1326 audit(1756508150.914:3713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11782 comm="syz.4.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 127.467853][ T29] audit: type=1326 audit(1756508150.914:3714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11782 comm="syz.4.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 127.491418][ T29] audit: type=1326 audit(1756508150.924:3715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11783 comm="syz.5.3470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 127.519305][T11757] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 127.539593][T11757] EXT4-fs (loop0): 1 truncate cleaned up [ 127.549607][T11757] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.562808][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.591325][ T29] audit: type=1326 audit(1756508151.094:3716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11783 comm="syz.5.3470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 127.615306][ T29] audit: type=1326 audit(1756508151.094:3717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11783 comm="syz.5.3470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 127.638935][ T29] audit: type=1326 audit(1756508151.104:3718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11783 comm="syz.5.3470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 127.663184][ T29] audit: type=1326 audit(1756508151.104:3719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11783 comm="syz.5.3470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 127.678817][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.720546][T11793] loop2: detected capacity change from 0 to 2048 [ 127.737884][T11793] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.810565][T11804] loop0: detected capacity change from 0 to 256 [ 127.826023][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.847925][T11804] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 127.962356][T11818] loop2: detected capacity change from 0 to 128 [ 128.055003][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 128.256670][T11858] chnl_net:caif_netlink_parms(): no params data found [ 128.427750][T11890] netlink: 'syz.0.3520': attribute type 1 has an invalid length. [ 128.447762][T11894] loop5: detected capacity change from 0 to 512 [ 128.455386][T11894] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 128.467502][T11894] EXT4-fs (loop5): 1 truncate cleaned up [ 128.473581][T11894] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.553948][T11907] __nla_validate_parse: 31 callbacks suppressed [ 128.554028][T11907] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3528'. [ 128.570177][T11907] chnl_net:caif_netlink_parms(): no params data found [ 128.665250][T11915] loop0: detected capacity change from 0 to 2048 [ 128.676796][T11915] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 128.739866][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.904338][T11940] loop0: detected capacity change from 0 to 128 [ 129.095130][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 129.168469][T11947] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3546'. [ 129.177794][T11947] chnl_net:caif_netlink_parms(): no params data found [ 129.245875][T11952] netlink: 'syz.4.3547': attribute type 1 has an invalid length. [ 129.356263][ T5146] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.392505][T11970] loop5: detected capacity change from 0 to 128 [ 129.501947][T11985] netlink: 'syz.5.3561': attribute type 1 has an invalid length. [ 129.600597][T12000] loop0: detected capacity change from 0 to 128 [ 129.701441][T12008] loop2: detected capacity change from 0 to 256 [ 129.722538][T12008] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 129.869874][T12016] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3577'. [ 129.890530][T12016] chnl_net:caif_netlink_parms(): no params data found [ 130.109141][T12042] netlink: 'syz.3.3591': attribute type 3 has an invalid length. [ 130.134994][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 130.841617][T12083] 9pnet_fd: Insufficient options for proto=fd [ 130.867704][T12087] loop0: detected capacity change from 0 to 512 [ 130.898392][T12087] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.911570][T12087] ext4 filesystem being mounted at /727/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 130.977909][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.007933][T12107] random: crng reseeded on system resumption [ 131.174967][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 131.436271][T12152] loop5: detected capacity change from 0 to 128 [ 131.450421][T12153] 9pnet_fd: Insufficient options for proto=fd [ 131.478283][T12157] random: crng reseeded on system resumption [ 131.519947][T12159] I/O error, dev loop5, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 131.535003][T12159] isofs_fill_super: bread failed, dev=loop5, iso_blknum=16, block=32 [ 132.215000][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 132.555552][ T29] kauditd_printk_skb: 187 callbacks suppressed [ 132.555567][ T29] audit: type=1326 audit(1756508156.084:3907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12181 comm="syz.5.3650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 132.602338][ T29] audit: type=1326 audit(1756508156.114:3908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12181 comm="syz.5.3650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 132.626074][ T29] audit: type=1326 audit(1756508156.114:3909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12181 comm="syz.5.3650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 132.649747][ T29] audit: type=1326 audit(1756508156.114:3910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12181 comm="syz.5.3650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 132.673400][ T29] audit: type=1326 audit(1756508156.124:3911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12181 comm="syz.5.3650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 132.697077][ T29] audit: type=1326 audit(1756508156.124:3912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12181 comm="syz.5.3650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 132.720703][ T29] audit: type=1326 audit(1756508156.124:3913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12181 comm="syz.5.3650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 132.744346][ T29] audit: type=1326 audit(1756508156.124:3914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12182 comm="syz.3.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 132.746756][T12186] 9pnet_fd: Insufficient options for proto=fd [ 132.767874][ T29] audit: type=1326 audit(1756508156.124:3915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12182 comm="syz.3.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 132.797473][ T29] audit: type=1326 audit(1756508156.124:3916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12181 comm="syz.5.3650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 132.825865][T12191] random: crng reseeded on system resumption [ 132.856122][T12193] netlink: 'syz.5.3656': attribute type 3 has an invalid length. [ 132.887266][T12199] /dev/loop4: Can't lookup blockdev [ 132.954283][T12209] netlink: 'syz.4.3665': attribute type 1 has an invalid length. [ 133.027873][T12218] SELinux: failed to load policy [ 133.140170][T12233] I/O error, dev loop0, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 133.149742][T12233] isofs_fill_super: bread failed, dev=loop0, iso_blknum=16, block=32 [ 133.194445][T12241] pim6reg1: entered promiscuous mode [ 133.199847][T12241] pim6reg1: entered allmulticast mode [ 133.254968][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 133.272615][T12250] vcan0: tx drop: invalid sa for name 0x0000000000000004 [ 133.314439][T12257] netlink: 7 bytes leftover after parsing attributes in process `+}[@'. [ 133.328548][T12257] netlink: 7 bytes leftover after parsing attributes in process `+}[@'. [ 133.820576][T12273] netlink: 3 bytes leftover after parsing attributes in process `syz.4.3693'. [ 133.830790][T12275] /dev/loop3: Can't lookup blockdev [ 133.833797][T12273] batadv1: entered promiscuous mode [ 133.841466][T12273] batadv1: entered allmulticast mode [ 133.873331][T12281] ref_ctr_offset mismatch. inode: 0xc7c offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 134.124566][T12310] pim6reg1: entered promiscuous mode [ 134.129995][T12310] pim6reg1: entered allmulticast mode [ 134.216461][T12322] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3718'. [ 134.260071][T12328] netlink: 3 bytes leftover after parsing attributes in process `syz.3.3720'. [ 134.287031][T12330] vcan0: tx drop: invalid sa for name 0x0000000000000004 [ 134.304968][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 134.305131][T12328] batadv1: entered promiscuous mode [ 134.317247][T12328] batadv1: entered allmulticast mode [ 134.373690][T12338] ref_ctr_offset mismatch. inode: 0xe44 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 134.464138][T12350] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 134.503630][T12357] vcan0: tx drop: invalid sa for name 0x0000000000000004 [ 134.650898][T12385] netlink: 3 bytes leftover after parsing attributes in process `syz.2.3749'. [ 134.664665][T12385] batadv0: entered promiscuous mode [ 134.670018][T12385] batadv0: entered allmulticast mode [ 134.714536][T12392] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3752'. [ 134.925593][T12413] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 134.987621][T12420] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3764'. [ 135.094684][T12438] wireguard0: entered promiscuous mode [ 135.100367][T12438] wireguard0: entered allmulticast mode [ 135.112109][T12441] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3774'. [ 135.131409][T12443] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 135.345046][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 135.462753][T12490] 9pnet_fd: Insufficient options for proto=fd [ 135.524980][T12500] Invalid ELF header magic: != ELF [ 135.916580][T12545] sd 0:0:1:0: device reset [ 136.102137][T12572] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 136.111179][T12572] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.198946][T12580] netlink: 104 bytes leftover after parsing attributes in process `syz.5.3838'. [ 136.223958][T12582] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 136.245722][T12582] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.374985][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 136.423960][T12588] wireguard0: entered promiscuous mode [ 136.429688][T12588] wireguard0: entered allmulticast mode [ 136.654760][T12603] sd 0:0:1:0: device reset [ 136.713307][T12614] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12614 comm=syz.4.3853 [ 136.731517][T12614] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12614 comm=syz.4.3853 [ 136.748216][T12618] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3855'. [ 136.757273][T12618] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3855'. [ 136.842196][T12631] sd 0:0:1:0: device reset [ 136.972953][T12644] loop2: detected capacity change from 0 to 2048 [ 137.028272][T12644] Alternate GPT is invalid, using primary GPT. [ 137.037063][T12644] loop2: p2 p3 p7 [ 137.080718][T12663] sd 0:0:1:0: device reset [ 137.152201][T12678] wireguard0: entered promiscuous mode [ 137.157890][T12678] wireguard0: entered allmulticast mode [ 137.422029][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 137.440092][T12703] sd 0:0:1:0: device reset [ 137.631515][ T29] kauditd_printk_skb: 424 callbacks suppressed [ 137.631584][ T29] audit: type=1400 audit(1756508161.154:4341): avc: denied { mount } for pid=12729 comm="syz.5.3904" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 137.678587][ T29] audit: type=1400 audit(1756508161.204:4342): avc: denied { unmount } for pid=5146 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 137.732831][T12738] loop5: detected capacity change from 0 to 764 [ 137.743048][T12738] rock: directory entry would overflow storage [ 137.749316][T12738] rock: sig=0x5245, size=8, remaining=5 [ 137.758100][ T29] audit: type=1400 audit(1756508161.284:4343): avc: denied { mount } for pid=12737 comm="syz.5.3906" name="/" dev="loop5" ino=1920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 137.834065][ T29] audit: type=1400 audit(1756508161.344:4344): avc: denied { unmount } for pid=5146 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 137.928850][ T29] audit: type=1326 audit(1756508161.454:4345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12751 comm="syz.4.3911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 137.967855][ T29] audit: type=1326 audit(1756508161.474:4346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12750 comm="syz.5.3912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 137.991428][ T29] audit: type=1326 audit(1756508161.474:4347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12750 comm="syz.5.3912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 138.015246][ T29] audit: type=1326 audit(1756508161.474:4348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12750 comm="syz.5.3912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 138.039014][ T29] audit: type=1326 audit(1756508161.474:4349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12750 comm="syz.5.3912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 138.048645][T12761] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12761 comm=syz.5.3917 [ 138.062953][ T29] audit: type=1326 audit(1756508161.474:4350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12750 comm="syz.5.3912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 138.084783][T12761] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12761 comm=syz.5.3917 [ 138.464982][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 138.809665][T12841] loop5: detected capacity change from 0 to 2048 [ 138.878169][T12841] Alternate GPT is invalid, using primary GPT. [ 138.884635][T12841] loop5: p2 p3 p7 [ 139.410877][T12878] smc: net device bond0 applied user defined pnetid SYZ0 [ 139.418293][T12878] smc: net device bond0 erased user defined pnetid SYZ0 [ 139.494974][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 139.721573][ C0] vcan0: j1939_tp_rxtimer: 0xffff88811a968800: rx timeout, send abort [ 139.770724][T12913] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12913 comm=syz.4.3987 [ 139.783713][T12913] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12913 comm=syz.4.3987 [ 139.898511][T12932] random: crng reseeded on system resumption [ 140.101499][T12938] program syz.0.4000 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 140.129375][T12942] __nla_validate_parse: 3 callbacks suppressed [ 140.129404][T12942] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4002'. [ 140.221568][ C0] vcan0: j1939_tp_rxtimer: 0xffff88811a969000: rx timeout, send abort [ 140.230045][ C0] vcan0: j1939_tp_rxtimer: 0xffff88811a968800: abort rx timeout. Force session deactivation [ 140.356548][T12980] SELinux: Context system_u:object_r:mouse_device_t:s0 is not valid (left unmapped). [ 140.485443][T13007] SELinux: failed to load policy [ 140.535050][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 140.700595][T13050] sd 0:0:1:0: device reset [ 140.727609][T13054] syzkaller1: entered promiscuous mode [ 140.729848][ C0] vcan0: j1939_tp_rxtimer: 0xffff88811a969000: abort rx timeout. Force session deactivation [ 140.733212][T13054] syzkaller1: entered allmulticast mode [ 141.017954][T13055] Set syz1 is full, maxelem 65536 reached [ 141.512917][T13116] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 141.574963][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 141.644812][T13138] veth1_vlan: left promiscuous mode [ 141.659338][T13138] netlink: 'syz.4.4091': attribute type 2 has an invalid length. [ 141.696493][T13143] netlink: 332 bytes leftover after parsing attributes in process `syz.4.4093'. [ 141.821496][T13163] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 141.828070][T13163] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 141.835604][T13163] vhci_hcd vhci_hcd.0: Device attached [ 141.885201][T13166] vhci_hcd: connection closed [ 141.885344][ T3331] vhci_hcd: stop threads [ 141.894478][ T3331] vhci_hcd: release socket [ 141.899140][ T3331] vhci_hcd: disconnect device [ 141.978535][T13186] PID 13186 killed due to inadequate hugepage pool [ 142.191451][T13221] loop5: detected capacity change from 0 to 1764 [ 142.428989][T13247] siw: device registration error -23 [ 142.481823][T13255] netlink: 'syz.2.4145': attribute type 21 has an invalid length. [ 142.489842][T13255] netlink: 156 bytes leftover after parsing attributes in process `syz.2.4145'. [ 142.511808][T13261] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4148'. [ 142.520899][T13261] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4148'. [ 142.530532][T13261] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4148'. [ 142.548197][T13261] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4148'. [ 142.557372][T13261] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4148'. [ 142.567203][T13261] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4148'. [ 142.594513][T13261] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4148'. [ 142.625261][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 142.696312][ T29] kauditd_printk_skb: 204 callbacks suppressed [ 142.696329][ T29] audit: type=1326 audit(1756508166.224:4555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.4.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 142.702695][ C0] vcan0: j1939_tp_rxtimer: 0xffff88810b493200: rx timeout, send abort [ 142.726470][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88810b493200: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 142.749368][ T29] audit: type=1326 audit(1756508166.254:4556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.4.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 142.773031][ T29] audit: type=1326 audit(1756508166.254:4557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.4.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f60aa20d550 code=0x7ffc0000 [ 142.796668][ T29] audit: type=1326 audit(1756508166.254:4558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.4.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 142.820223][ T29] audit: type=1326 audit(1756508166.254:4559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.4.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 142.843746][ T29] audit: type=1326 audit(1756508166.254:4560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.4.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 142.867472][ T29] audit: type=1326 audit(1756508166.254:4561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.4.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60aa20ebe9 code=0x7ffc0000 [ 142.975192][ T29] audit: type=1400 audit(1756508166.484:4562): avc: denied { create } for pid=13285 comm="syz.2.4158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 142.995437][ T29] audit: type=1400 audit(1756508166.484:4563): avc: denied { ioctl } for pid=13285 comm="syz.2.4158" path="socket:[39204]" dev="sockfs" ino=39204 ioctlcmd=0x48cb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 143.020864][ T29] audit: type=1400 audit(1756508166.484:4564): avc: denied { bind } for pid=13285 comm="syz.2.4158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 143.105347][T13298] 8021q: adding VLAN 0 to HW filter on device bond1 [ 143.137449][T13298] bond1: (slave batadv0): Opening slave failed [ 143.149072][T13307] macvtap0: refused to change device tx_queue_len [ 143.654986][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 143.818972][T13394] ipvlan2: entered promiscuous mode [ 143.826334][T13394] bridge0: port 3(ipvlan2) entered blocking state [ 143.832811][T13394] bridge0: port 3(ipvlan2) entered disabled state [ 143.840535][T13394] ipvlan2: entered allmulticast mode [ 143.845992][T13394] bridge0: entered allmulticast mode [ 143.869011][T13394] ipvlan2: left allmulticast mode [ 143.874105][T13394] bridge0: left allmulticast mode [ 144.190551][T13449] netlink: 'syz.3.4235': attribute type 1 has an invalid length. [ 144.236906][T13459] SELinux: policydb version 960 does not match my version range 15-35 [ 144.254867][T13449] 8021q: adding VLAN 0 to HW filter on device bond1 [ 144.264339][T13459] SELinux: failed to load policy [ 144.276677][T13463] bond1: (slave geneve2): making interface the new active one [ 144.297573][T13463] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 144.323066][T13467] bond2: entered promiscuous mode [ 144.328220][T13467] bond2: entered allmulticast mode [ 144.345056][T13467] 8021q: adding VLAN 0 to HW filter on device bond2 [ 144.377570][T13467] bond2 (unregistering): Released all slaves [ 144.521106][T13503] netlink: 'syz.2.4257': attribute type 5 has an invalid length. [ 144.565732][T13480] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 144.575984][T13480] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 144.695003][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 144.809810][T13542] syz.2.4277: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 144.824520][T13542] CPU: 0 UID: 0 PID: 13542 Comm: syz.2.4277 Not tainted syzkaller #0 PREEMPT(voluntary) [ 144.824628][T13542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 144.824703][T13542] Call Trace: [ 144.824710][T13542] [ 144.824718][T13542] __dump_stack+0x1d/0x30 [ 144.824815][T13542] dump_stack_lvl+0xe8/0x140 [ 144.824834][T13542] dump_stack+0x15/0x1b [ 144.824850][T13542] warn_alloc+0x12b/0x1a0 [ 144.824896][T13542] ? audit_log_end+0x1d7/0x1f0 [ 144.824977][T13542] ? audit_log_end+0x1d7/0x1f0 [ 144.825018][T13542] __vmalloc_node_range_noprof+0x9c/0xe00 [ 144.825059][T13542] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 144.825143][T13542] ? update_load_avg+0x1da/0x820 [ 144.825173][T13542] ? __list_add_valid_or_report+0x38/0xe0 [ 144.825204][T13542] ? __set_next_task_fair+0x5b/0x150 [ 144.825226][T13542] ? tracing_record_taskinfo_sched_switch+0x71/0x260 [ 144.825256][T13542] ? should_fail_ex+0x30/0x280 [ 144.825276][T13542] ? xskq_create+0x36/0xe0 [ 144.825313][T13542] vmalloc_user_noprof+0x7d/0xb0 [ 144.825352][T13542] ? xskq_create+0x80/0xe0 [ 144.825451][T13542] xskq_create+0x80/0xe0 [ 144.825490][T13542] xsk_init_queue+0x95/0xf0 [ 144.825528][T13542] xsk_setsockopt+0x477/0x640 [ 144.825637][T13542] ? __pfx_xsk_setsockopt+0x10/0x10 [ 144.825675][T13542] __sys_setsockopt+0x184/0x200 [ 144.825705][T13542] __x64_sys_setsockopt+0x64/0x80 [ 144.825732][T13542] x64_sys_call+0x20ec/0x2ff0 [ 144.825782][T13542] do_syscall_64+0xd2/0x200 [ 144.825811][T13542] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 144.825866][T13542] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 144.825918][T13542] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.825944][T13542] RIP: 0033:0x7ffbcc7debe9 [ 144.825970][T13542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.825993][T13542] RSP: 002b:00007ffbcb23f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 144.826022][T13542] RAX: ffffffffffffffda RBX: 00007ffbcca15fa0 RCX: 00007ffbcc7debe9 [ 144.826038][T13542] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000004 [ 144.826054][T13542] RBP: 00007ffbcc861e19 R08: 0000000000000004 R09: 0000000000000000 [ 144.826069][T13542] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000 [ 144.826084][T13542] R13: 00007ffbcca16038 R14: 00007ffbcca15fa0 R15: 00007ffd59235378 [ 144.826108][T13542] [ 145.063039][T13542] Mem-Info: [ 145.066203][T13542] active_anon:4639 inactive_anon:16 isolated_anon:0 [ 145.066203][T13542] active_file:14718 inactive_file:15069 isolated_file:0 [ 145.066203][T13542] unevictable:0 dirty:246 writeback:0 [ 145.066203][T13542] slab_reclaimable:3398 slab_unreclaimable:17564 [ 145.066203][T13542] mapped:28932 shmem:243 pagetables:1611 [ 145.066203][T13542] sec_pagetables:0 bounce:0 [ 145.066203][T13542] kernel_misc_reclaimable:0 [ 145.066203][T13542] free:1859667 free_pcp:26549 free_cma:0 [ 145.111302][T13542] Node 0 active_anon:18556kB inactive_anon:64kB active_file:58872kB inactive_file:60276kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:115728kB dirty:984kB writeback:0kB shmem:972kB kernel_stack:3824kB pagetables:6444kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 145.138607][T13542] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 145.167281][T13542] lowmem_reserve[]: 0 2883 7862 7862 [ 145.172686][T13542] Node 0 DMA32 free:2949196kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952828kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:100kB free_cma:0kB [ 145.203041][T13542] lowmem_reserve[]: 0 0 4978 4978 [ 145.208204][T13542] Node 0 Normal free:4474112kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:18440kB inactive_anon:64kB active_file:58872kB inactive_file:60276kB unevictable:0kB writepending:984kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:102924kB local_pcp:27652kB free_cma:0kB [ 145.240561][T13542] lowmem_reserve[]: 0 0 0 0 [ 145.245167][T13542] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 145.257973][T13542] Node 0 DMA32: 3*4kB (M) 2*8kB (M) 3*16kB (M) 2*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949196kB [ 145.274494][T13542] Node 0 Normal: 1673*4kB (UME) 569*8kB (UME) 844*16kB (UME) 547*32kB (UME) 541*64kB (UME) 274*128kB (UME) 171*256kB (UME) 65*512kB (UME) 29*1024kB (UME) 16*2048kB (UME) 1031*4096kB (UM) = 4474444kB [ 145.294280][T13542] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 145.303615][T13542] 30036 total pagecache pages [ 145.308398][T13542] 20 pages in swap cache [ 145.312652][T13542] Free swap = 124916kB [ 145.316864][T13542] Total swap = 124996kB [ 145.321059][T13542] 2097051 pages RAM [ 145.324882][T13542] 0 pages HighMem/MovableOnly [ 145.329669][T13542] 80444 pages reserved [ 145.353795][T13553] __nla_validate_parse: 13 callbacks suppressed [ 145.353810][T13553] netlink: 48 bytes leftover after parsing attributes in process `syz.5.4281'. [ 145.370495][T13554] netlink: 'syz.0.4282': attribute type 10 has an invalid length. [ 145.595597][T13592] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4301'. [ 145.736087][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 145.761049][T13606] serio: Serial port ptm0 [ 145.888920][T13620] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4313'. [ 146.031173][T13641] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=13641 comm=syz.4.4323 [ 146.044013][T13641] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13641 comm=syz.4.4323 [ 146.234747][T13675] vcan0: tx drop: invalid da for name 0xfffffffffffffffb [ 146.415918][T13706] netdevsim netdevsim0: Direct firmware load for ./file0/file1 failed with error -2 [ 146.454985][T13710] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4356'. [ 146.552786][T13730] loop2: detected capacity change from 0 to 512 [ 146.561375][T13730] journal_path: Non-blockdev passed as './bus' [ 146.567615][T13730] EXT4-fs: error: could not find journal device path [ 146.585934][T13734] sd 0:0:1:0: device reset [ 146.662376][T13748] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4374'. [ 146.671344][T13748] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4374'. [ 146.774991][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 146.786348][T13760] SELinux: failed to load policy [ 146.857814][T13772] ip6gre1: entered allmulticast mode [ 147.151353][T13811] 9pnet: p9_errstr2errno: server reported unknown error Ȫjn [ 147.151353][T13811] 2$tO*mտ*Džj`c?ڊ#t>r) [ 147.186823][T13819] 9pnet_fd: Insufficient options for proto=fd [ 147.276977][T13835] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=13835 comm=syz.4.4417 [ 147.484282][ C1] vcan0: j1939_tp_rxtimer: 0xffff888114589000: rx timeout, send abort [ 147.492694][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888114589000: 0x10000: (3) A timeout occurred and this is the connection abort to close the session. [ 147.587127][T13873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 147.605188][T13873] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 147.733437][ T29] kauditd_printk_skb: 518 callbacks suppressed [ 147.733453][ T29] audit: type=1326 audit(1756508171.254:5083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.0.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 147.765545][ T29] audit: type=1326 audit(1756508171.294:5084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.0.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 147.790146][ T29] audit: type=1326 audit(1756508171.294:5085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.0.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 147.813879][ T29] audit: type=1326 audit(1756508171.294:5086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.0.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 147.837987][ T29] audit: type=1326 audit(1756508171.294:5087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.0.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 147.844983][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 147.861954][ T29] audit: type=1326 audit(1756508171.314:5088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.0.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 147.892354][ T29] audit: type=1326 audit(1756508171.314:5089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.0.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 147.915950][ T29] audit: type=1326 audit(1756508171.314:5090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.0.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 147.939660][ T29] audit: type=1326 audit(1756508171.314:5091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.0.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 147.963200][ T29] audit: type=1326 audit(1756508171.314:5092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.0.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c38f2ebe9 code=0x7ffc0000 [ 148.036991][T13895] loop2: detected capacity change from 0 to 512 [ 148.063541][T13895] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 148.120265][T13895] EXT4-fs (loop2): 1 orphan inode deleted [ 148.143156][ T3437] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:8: Failed to release dquot type 1 [ 148.157342][T13895] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 148.191549][T13910] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4451'. [ 148.203403][T13895] ext4 filesystem being mounted at /824/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 148.239109][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.360241][T13934] SELinux: failed to load policy [ 148.375789][T13939] vhci_hcd: invalid port number 254 [ 148.414877][T13944] loop5: detected capacity change from 0 to 1024 [ 148.422021][T13944] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 148.433502][T13944] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 148.441728][T13944] EXT4-fs (loop5): orphan cleanup on readonly fs [ 148.454316][T13944] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.4468: Freeing blocks not in datazone - block = 0, count = 4096 [ 148.471530][T13944] EXT4-fs (loop5): 1 orphan inode deleted [ 148.487919][T13944] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 148.514315][ T5146] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.525634][T13954] netlink: 332 bytes leftover after parsing attributes in process `syz.2.4472'. [ 148.659783][T13981] netlink: 'syz.0.4485': attribute type 1 has an invalid length. [ 148.693600][T13981] 8021q: adding VLAN 0 to HW filter on device bond1 [ 148.716269][T13981] 8021q: adding VLAN 0 to HW filter on device bond1 [ 148.723636][T13981] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 148.735565][T13981] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 148.758303][T13987] serio: Serial port ptm0 [ 148.864940][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 148.955436][T14006] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4496'. [ 149.090167][T14021] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4503'. [ 149.136925][T14026] 0{X: renamed from gretap0 (while UP) [ 149.145508][T14026] 0{X: entered allmulticast mode [ 149.152085][T14026] A link change request failed with some changes committed already. Interface 30{X may have been left with an inconsistent configuration, please check. [ 149.459798][T14059] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 149.705840][T14095] serio: Serial port ttyS3 [ 149.730973][T14096] 9pnet: Could not find request transport: f [ 149.894966][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 149.902598][T14112] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 149.902638][T14112] SELinux: failed to load policy [ 150.268235][T14135] 9pnet: p9_errstr2errno: server reported unknown error n$[ [ 150.268235][T14135] Q&|xXX rejected, already enabled [ 153.093510][ T29] audit: type=1400 audit(1756508176.614:5378): avc: denied { read } for pid=14452 comm="syz.2.4702" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 153.302627][T14484] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4717'. [ 153.384676][ T29] audit: type=1326 audit(1756508176.874:5379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14498 comm="syz.3.4723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 153.408463][ T29] audit: type=1326 audit(1756508176.874:5380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14498 comm="syz.3.4723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 153.409632][T14506] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 153.432549][ T29] audit: type=1326 audit(1756508176.874:5381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14498 comm="syz.3.4723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 153.432589][ T29] audit: type=1326 audit(1756508176.874:5382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14498 comm="syz.3.4723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 153.489380][ T29] audit: type=1326 audit(1756508176.874:5383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14498 comm="syz.3.4723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 153.513012][ T29] audit: type=1326 audit(1756508176.874:5384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14498 comm="syz.3.4723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a717ebe9 code=0x7ffc0000 [ 153.538920][T14506] SELinux: failed to load policy [ 153.817041][T14546] macvtap0: refused to change device tx_queue_len [ 154.055030][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 154.193360][T14591] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4766'. [ 154.325581][T14606] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 154.778088][T14636] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 154.913628][T14655] SELinux: failed to load policy [ 155.100999][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 155.596148][T14661] Set syz1 is full, maxelem 65536 reached [ 155.974831][T14711] SELinux: failed to load policy [ 156.134950][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 156.164238][T14703] Set syz1 is full, maxelem 65536 reached [ 156.668162][T14719] __nla_validate_parse: 8 callbacks suppressed [ 156.668193][T14719] netlink: 332 bytes leftover after parsing attributes in process `syz.0.4814'. [ 156.691203][T14726] netlink: 'syz.5.4818': attribute type 2 has an invalid length. [ 156.723712][T14731] netlink: 332 bytes leftover after parsing attributes in process `syz.2.4831'. [ 156.749822][T14734] veth1_vlan: left promiscuous mode [ 156.767113][T14734] netlink: 'syz.0.4832': attribute type 2 has an invalid length. [ 157.174992][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 157.347061][T14760] Set syz1 is full, maxelem 65536 reached [ 157.539151][T14769] netlink: 'syz.3.4836': attribute type 2 has an invalid length. [ 157.883449][T14817] macvtap0: refused to change device tx_queue_len [ 157.945352][T14822] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4860'. [ 158.131032][T14840] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4866'. [ 158.146530][T14840] 8021q: adding VLAN 0 to HW filter on device bond2 [ 158.163666][T14840] bond2: (slave batadv1): Opening slave failed [ 158.215033][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 158.311911][ T29] kauditd_printk_skb: 131 callbacks suppressed [ 158.311932][ T29] audit: type=1400 audit(1756508181.834:5516): avc: denied { connect } for pid=14848 comm="syz.0.4869" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 158.642058][ T29] audit: type=1400 audit(1756508182.164:5517): avc: denied { mounton } for pid=14863 comm="syz.3.4877" path="/955/file0" dev="tmpfs" ino=4913 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 158.667459][T14866] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4888'. [ 158.742460][ T29] audit: type=1326 audit(1756508182.264:5518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14874 comm="syz.2.4882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 158.766153][ T29] audit: type=1326 audit(1756508182.264:5519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14874 comm="syz.2.4882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 158.789950][ T29] audit: type=1326 audit(1756508182.264:5520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14874 comm="syz.2.4882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 158.815242][ T29] audit: type=1326 audit(1756508182.264:5521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14874 comm="syz.2.4882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 158.838899][ T29] audit: type=1326 audit(1756508182.264:5522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14874 comm="syz.2.4882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 158.886045][ T29] audit: type=1326 audit(1756508182.414:5523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14880 comm="syz.5.4885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 158.914741][ T29] audit: type=1326 audit(1756508182.414:5524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14880 comm="syz.5.4885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 158.938453][ T29] audit: type=1326 audit(1756508182.414:5525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14880 comm="syz.5.4885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c95a5ebe9 code=0x7ffc0000 [ 159.254973][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 159.304727][T14912] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4898'. [ 159.322791][T14914] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4900'. [ 159.436848][T14927] ipvlan0: entered promiscuous mode [ 159.466741][T14927] bridge0: port 3(ipvlan0) entered blocking state [ 159.473316][T14927] bridge0: port 3(ipvlan0) entered disabled state [ 159.483083][T14927] ipvlan0: entered allmulticast mode [ 159.488645][T14927] bridge0: entered allmulticast mode [ 159.495489][T14927] ipvlan0: left allmulticast mode [ 159.500640][T14927] bridge0: left allmulticast mode [ 159.552979][T14931] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4907'. [ 159.562183][ C0] vcan0: j1939_tp_rxtimer: 0xffff88813b699200: rx timeout, send abort [ 159.570659][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88813b699200: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 159.571482][T14937] loop5: detected capacity change from 0 to 128 [ 159.597712][T14937] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 159.614076][T14937] ext4 filesystem being mounted at /848/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 159.664434][ T5146] EXT4-fs error (device loop5): ext4_readdir:224: inode #11: comm syz-executor: path /848/mnt/lost+found: directory fails checksum at offset 1024 [ 159.684066][ T5146] EXT4-fs error (device loop5): ext4_empty_dir:3109: inode #11: block 1: comm syz-executor: Directory block failed checksum [ 159.699204][T14942] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4914'. [ 159.713456][ T5146] EXT4-fs error (device loop5): ext4_readdir:224: inode #11: comm syz-executor: path /848/mnt/lost+found: directory fails checksum at offset 1024 [ 159.733444][ T8944] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 159.742016][ T8944] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 159.750863][T14942] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4914'. [ 159.760054][ T8944] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 159.772749][ T5146] EXT4-fs error (device loop5): ext4_empty_dir:3109: inode #11: block 1: comm syz-executor: Directory block failed checksum [ 159.790724][ T8944] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 159.813353][ T5146] EXT4-fs error (device loop5): ext4_readdir:224: inode #11: comm syz-executor: path /848/mnt/lost+found: directory fails checksum at offset 1024 [ 159.833552][ T5146] EXT4-fs error (device loop5): ext4_empty_dir:3109: inode #11: block 1: comm syz-executor: Directory block failed checksum [ 159.848471][ T5146] EXT4-fs error (device loop5): ext4_readdir:224: inode #11: comm syz-executor: path /848/mnt/lost+found: directory fails checksum at offset 1024 [ 159.879507][ T5146] EXT4-fs error (device loop5): ext4_empty_dir:3109: inode #11: block 1: comm syz-executor: Directory block failed checksum [ 159.903567][ T5146] EXT4-fs error (device loop5): ext4_readdir:224: inode #11: comm syz-executor: path /848/mnt/lost+found: directory fails checksum at offset 1024 [ 159.920703][ T5146] EXT4-fs error (device loop5): ext4_empty_dir:3109: inode #11: block 1: comm syz-executor: Directory block failed checksum [ 160.075445][ T5870] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 160.173099][T14984] SELinux: policydb version 960 does not match my version range 15-35 [ 160.188359][T14988] netlink: 'syz.2.4933': attribute type 1 has an invalid length. [ 160.196557][T14984] SELinux: failed to load policy [ 160.218318][T14988] 8021q: adding VLAN 0 to HW filter on device bond2 [ 160.236616][ T85] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 160.246999][ T85] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.274334][T14988] bond2: (slave geneve2): making interface the new active one [ 160.283581][T14988] bond2: (slave geneve2): Enslaving as an active interface with an up link [ 160.295033][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 160.307742][T14994] bond2: entered promiscuous mode [ 160.312873][T14994] bond2: entered allmulticast mode [ 160.318493][T14994] 8021q: adding VLAN 0 to HW filter on device bond2 [ 160.339509][T14994] bond2 (unregistering): Released all slaves [ 160.358705][ T85] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 160.369193][ T85] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.468027][ T85] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 160.478511][ T85] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.537853][ T85] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 160.548319][ T85] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.645108][ T85] bridge_slave_1: left allmulticast mode [ 160.650911][ T85] bridge_slave_1: left promiscuous mode [ 160.656624][ T85] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.664414][ T85] bridge_slave_0: left allmulticast mode [ 160.670363][ T85] bridge_slave_0: left promiscuous mode [ 160.676097][ T85] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.737289][ T85] erspan0 (unregistering): left promiscuous mode [ 160.746484][ T85] gretap0 (unregistering): left promiscuous mode [ 160.807145][ T8944] smc: removing ib device syz2 [ 160.812205][ T85] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 160.822558][ T85] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 160.833203][ T85] bond0 (unregistering): Released all slaves [ 161.000731][T15002] chnl_net:caif_netlink_parms(): no params data found [ 161.110427][ T85] batadv_slave_1: left promiscuous mode [ 161.118341][ T85] hsr_slave_0: left promiscuous mode [ 161.127451][ T85] hsr_slave_1: left promiscuous mode [ 161.133417][ T85] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 161.141006][ T85] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 161.151314][ T85] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 161.159204][ T85] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 161.186180][T15075] syz.3.4966: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 161.200815][T15075] CPU: 1 UID: 0 PID: 15075 Comm: syz.3.4966 Not tainted syzkaller #0 PREEMPT(voluntary) [ 161.200854][T15075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 161.200886][T15075] Call Trace: [ 161.200896][T15075] [ 161.200906][T15075] __dump_stack+0x1d/0x30 [ 161.200995][T15075] dump_stack_lvl+0xe8/0x140 [ 161.201024][T15075] dump_stack+0x15/0x1b [ 161.201046][T15075] warn_alloc+0x12b/0x1a0 [ 161.201088][T15075] ? audit_log_end+0x1d7/0x1f0 [ 161.201133][T15075] ? audit_log_end+0x1d7/0x1f0 [ 161.201176][T15075] __vmalloc_node_range_noprof+0x9c/0xe00 [ 161.201279][T15075] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 161.201367][T15075] ? update_load_avg+0x1da/0x820 [ 161.201401][T15075] ? __list_add_valid_or_report+0x38/0xe0 [ 161.201440][T15075] ? __set_next_task_fair+0x5b/0x150 [ 161.201498][T15075] ? tracing_record_taskinfo_sched_switch+0x71/0x260 [ 161.201529][T15075] ? should_fail_ex+0x30/0x280 [ 161.201555][T15075] ? xskq_create+0x36/0xe0 [ 161.201643][T15075] vmalloc_user_noprof+0x7d/0xb0 [ 161.201686][T15075] ? xskq_create+0x80/0xe0 [ 161.201734][T15075] xskq_create+0x80/0xe0 [ 161.201767][T15075] xsk_init_queue+0x95/0xf0 [ 161.201829][T15075] xsk_setsockopt+0x477/0x640 [ 161.201862][T15075] ? __pfx_xsk_setsockopt+0x10/0x10 [ 161.201900][T15075] __sys_setsockopt+0x184/0x200 [ 161.201953][T15075] __x64_sys_setsockopt+0x64/0x80 [ 161.202019][T15075] x64_sys_call+0x20ec/0x2ff0 [ 161.202085][T15075] do_syscall_64+0xd2/0x200 [ 161.202123][T15075] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 161.202157][T15075] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 161.202239][T15075] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.202265][T15075] RIP: 0033:0x7f73a717ebe9 [ 161.202284][T15075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.202307][T15075] RSP: 002b:00007f73a5be7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 161.202331][T15075] RAX: ffffffffffffffda RBX: 00007f73a73b5fa0 RCX: 00007f73a717ebe9 [ 161.202347][T15075] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000004 [ 161.202393][T15075] RBP: 00007f73a7201e19 R08: 0000000000000004 R09: 0000000000000000 [ 161.202409][T15075] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000 [ 161.202427][T15075] R13: 00007f73a73b6038 R14: 00007f73a73b5fa0 R15: 00007ffff6b63568 [ 161.202452][T15075] [ 161.202461][T15075] Mem-Info: [ 161.339470][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 161.393059][T15073] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 161.400248][T15075] active_anon:4589 inactive_anon:21 isolated_anon:0 [ 161.400248][T15075] active_file:9598 inactive_file:20196 isolated_file:0 [ 161.400248][T15075] unevictable:0 dirty:264 writeback:0 [ 161.400248][T15075] slab_reclaimable:3413 slab_unreclaimable:21143 [ 161.400248][T15075] mapped:28888 shmem:259 pagetables:1483 [ 161.400248][T15075] sec_pagetables:0 bounce:0 [ 161.400248][T15075] kernel_misc_reclaimable:0 [ 161.400248][T15075] free:1869443 free_pcp:13241 free_cma:0 [ 161.410706][T15073] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 161.416469][T15075] Node 0 active_anon:18356kB inactive_anon:84kB active_file:38392kB inactive_file:80784kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:115552kB dirty:1056kB writeback:0kB shmem:1036kB kernel_stack:3824kB pagetables:5932kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 161.542983][T15075] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 161.572425][T15075] lowmem_reserve[]: 0 2883 7862 7862 [ 161.578463][T15075] Node 0 DMA32 free:2949196kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952828kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3532kB free_cma:0kB [ 161.608914][T15075] lowmem_reserve[]: 0 0 4978 4978 [ 161.613984][T15075] Node 0 Normal free:4513216kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:18356kB inactive_anon:84kB active_file:38392kB inactive_file:80784kB unevictable:0kB writepending:1056kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:49300kB local_pcp:6664kB free_cma:0kB [ 161.646105][T15075] lowmem_reserve[]: 0 0 0 0 [ 161.650668][T15075] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 161.663797][T15075] Node 0 DMA32: 3*4kB (M) 2*8kB (M) 3*16kB (M) 2*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949196kB [ 161.680069][T15075] Node 0 Normal: 92*4kB (UME) 804*8kB (ME) 847*16kB (UME) 32*32kB (UM) 292*64kB (UM) 314*128kB (UME) 200*256kB (UME) 88*512kB (UME) 41*1024kB (UME) 17*2048kB (UME) 1040*4096kB (UM) = 4513152kB [ 161.700130][T15075] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 161.709524][T15075] 30068 total pagecache pages [ 161.714346][T15075] 29 pages in swap cache [ 161.719131][T15075] Free swap = 124880kB [ 161.723397][T15075] Total swap = 124996kB [ 161.727580][T15075] 2097051 pages RAM [ 161.731565][T15075] 0 pages HighMem/MovableOnly [ 161.736273][T15075] 80444 pages reserved [ 161.744577][ T85] veth1_macvtap: left promiscuous mode [ 161.750877][ T85] veth0_macvtap: left promiscuous mode [ 161.757523][ T85] veth1_vlan: left promiscuous mode [ 161.762875][ T85] veth0_vlan: left promiscuous mode [ 161.829747][ T85] team0 (unregistering): Port device team_slave_1 removed [ 161.840722][ T85] team0 (unregistering): Port device team_slave_0 removed [ 161.879132][T15002] bridge0: port 1(bridge_slave_0) entered blocking state [ 161.886368][T15002] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.893725][T15002] bridge_slave_0: entered allmulticast mode [ 161.901961][T15002] bridge_slave_0: entered promiscuous mode [ 161.909199][T15002] bridge0: port 2(bridge_slave_1) entered blocking state [ 161.916386][T15002] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.923548][T15002] bridge_slave_1: entered allmulticast mode [ 161.930559][T15002] bridge_slave_1: entered promiscuous mode [ 161.970318][T15002] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 161.996788][T15002] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 162.029842][T15002] team0: Port device team_slave_0 added [ 162.046837][T15002] team0: Port device team_slave_1 added [ 162.081293][T15002] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 162.088345][T15002] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.114533][T15002] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 162.128148][T15002] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 162.129450][T15097] __nla_validate_parse: 3 callbacks suppressed [ 162.129468][T15097] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4975'. [ 162.135259][T15002] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.135300][T15002] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 162.213179][T15002] hsr_slave_0: entered promiscuous mode [ 162.226580][T15002] hsr_slave_1: entered promiscuous mode [ 162.234537][T15002] debugfs: 'hsr0' already exists in 'hsr' [ 162.240394][T15002] Cannot create hsr debugfs directory [ 162.339391][T15114] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4984'. [ 162.380969][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 162.442485][T15002] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 162.457670][T15002] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 162.481472][T15002] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 162.493811][T15002] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 162.662529][T15002] 8021q: adding VLAN 0 to HW filter on device bond0 [ 162.685973][T15002] 8021q: adding VLAN 0 to HW filter on device team0 [ 162.705963][ T3434] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.713119][ T3434] bridge0: port 1(bridge_slave_0) entered forwarding state [ 162.755055][ T3434] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.762218][ T3434] bridge0: port 2(bridge_slave_1) entered forwarding state [ 162.776758][T15154] serio: Serial port ptm0 [ 162.846548][T15002] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 163.060092][T15201] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15201 comm=syz.0.5011 [ 163.067708][T15002] veth0_vlan: entered promiscuous mode [ 163.072866][T15201] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15201 comm=syz.0.5011 [ 163.098937][T15002] veth1_vlan: entered promiscuous mode [ 163.122212][T15002] veth0_macvtap: entered promiscuous mode [ 163.139385][T15002] veth1_macvtap: entered promiscuous mode [ 163.152837][T15002] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 163.165412][T15002] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 163.198279][ T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 163.226280][ T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 163.240990][ T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 163.250641][ T3434] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 163.330044][ T29] kauditd_printk_skb: 221 callbacks suppressed [ 163.330061][ T29] audit: type=1400 audit(1756508186.854:5747): avc: denied { relabelfrom } for pid=15225 comm="syz.3.5024" name="NETLINK" dev="sockfs" ino=46415 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 163.378935][ T29] audit: type=1400 audit(1756508186.884:5748): avc: denied { relabelto } for pid=15225 comm="syz.3.5024" name="NETLINK" dev="sockfs" ino=46415 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_route_socket permissive=1 [ 163.408460][ T29] audit: type=1326 audit(1756508186.914:5749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15228 comm="syz.2.5025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 163.415037][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 163.432021][ T29] audit: type=1326 audit(1756508186.924:5750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15228 comm="syz.2.5025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 163.462476][ T29] audit: type=1326 audit(1756508186.924:5751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15228 comm="syz.2.5025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 163.486198][ T29] audit: type=1326 audit(1756508186.924:5752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15228 comm="syz.2.5025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 163.509912][ T29] audit: type=1326 audit(1756508186.924:5753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15228 comm="syz.2.5025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 163.533592][ T29] audit: type=1326 audit(1756508186.924:5754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15228 comm="syz.2.5025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 163.557202][ T29] audit: type=1326 audit(1756508186.924:5755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15228 comm="syz.2.5025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 163.581119][ T29] audit: type=1326 audit(1756508186.924:5756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15228 comm="syz.2.5025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbcc7debe9 code=0x7ffc0000 [ 163.697494][T15249] netdevsim netdevsim4: Direct firmware load for ./file0/file1 failed with error -2 [ 163.738157][T15251] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5046'. [ 163.747197][T15251] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5046'. [ 163.768982][T15255] netlink: 96 bytes leftover after parsing attributes in process `syz.6.5036'. [ 163.973343][T15288] sd 0:0:1:0: device reset [ 164.029982][T15291] loop6: detected capacity change from 0 to 512 [ 164.038457][T15291] journal_path: Non-blockdev passed as './bus' [ 164.044747][T15291] EXT4-fs: error: could not find journal device path [ 164.116259][T15301] loop2: detected capacity change from 0 to 764 [ 164.124163][T15301] rock: directory entry would overflow storage [ 164.130577][T15301] rock: sig=0x4654, size=5, remaining=4 [ 164.169361][ T4108] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 164.193897][ T4108] hid-generic 0000:0000:0000.000A: hidraw0: HID v0.00 Device [syz1] on syz0 [ 164.206252][T15312] smc: net device bond0 applied user defined pnetid SYZ0 [ 164.242399][T15312] smc: net device bond0 erased user defined pnetid SYZ0 [ 164.455004][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 164.468443][T15350] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=15350 comm=syz.6.5081 [ 164.487019][ T3379] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 164.494556][ T3379] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 164.521853][ T3379] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 164.529491][ T3379] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 164.536949][ T3379] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 164.544375][ T3379] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 164.551807][ T3379] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 164.559263][ T3379] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 164.566709][ T3379] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 164.576125][ T3379] hid-generic 0000:0000:0000.000B: hidraw0: HID v0.00 Device [syz0] on syz1 [ 164.610350][T15366] netlink: 'syz.3.5091': attribute type 13 has an invalid length. [ 164.618305][T15366] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5091'. [ 164.632471][T15371] loop6: detected capacity change from 0 to 128 [ 164.640095][T15371] FAT-fs (loop6): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 164.670296][T15373] vcan0: tx drop: invalid da for name 0xfffffffffffffffb [ 164.685998][T15366] netlink: 'syz.3.5091': attribute type 13 has an invalid length. [ 164.693884][T15366] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5091'. [ 164.780726][T15380] serio: Serial port ptm0 [ 165.419751][T15438] loop2: detected capacity change from 0 to 512 [ 165.495032][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 165.510048][T15438] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 165.525181][T15438] EXT4-fs (loop2): mount failed [ 165.545156][T15448] SELinux: failed to load policy [ 165.606749][T15453] vhci_hcd: invalid port number 254 [ 165.643471][T15459] loop2: detected capacity change from 0 to 1024 [ 165.650837][T15459] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 165.665884][T15459] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 165.685794][T15459] EXT4-fs (loop2): orphan cleanup on readonly fs [ 165.695152][T15459] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.5131: Freeing blocks not in datazone - block = 0, count = 4096 [ 165.725134][T15459] EXT4-fs (loop2): 1 orphan inode deleted [ 165.731243][T15459] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 165.769295][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.859643][T15469] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 165.884320][T15471] netlink: 332 bytes leftover after parsing attributes in process `syz.4.5135'. [ 165.889072][T15469] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 165.919733][ C1] vcan0: j1939_tp_rxtimer: 0xffff888120bcbc00: rx timeout, send abort [ 165.928124][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888120bcbc00: 0x10000: (3) A timeout occurred and this is the connection abort to close the session. [ 166.113060][T15493] netlink: 'syz.3.5146': attribute type 1 has an invalid length. [ 166.143684][T15493] 8021q: adding VLAN 0 to HW filter on device bond3 [ 166.217732][T15493] 8021q: adding VLAN 0 to HW filter on device bond3 [ 166.231319][T15493] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address [ 166.243448][T15493] bond3: (slave vxcan3): Error -95 calling set_mac_address [ 166.441829][T15531] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5163'. [ 166.507945][T15537] netlink: 5 bytes leftover after parsing attributes in process `syz.3.5165'. [ 166.525377][T15537] 0{X: renamed from gretap0 (while UP) [ 166.533064][T15537] 0{X: entered allmulticast mode [ 166.538647][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 166.548410][T15537] A link change request failed with some changes committed already. Interface 30{X may have been left with an inconsistent configuration, please check. [ 166.769493][T15572] loop6: detected capacity change from 0 to 512 [ 166.776962][T15572] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 166.804002][T15572] EXT4-fs (loop6): 1 truncate cleaned up [ 166.814645][T15577] serio: Serial port ptm0 [ 166.820760][T15572] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 166.840682][T15572] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.947137][T15597] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 167.000780][T15605] 9pnet: Could not find request transport: f [ 167.048876][T15610] SELinux: failed to load policy [ 167.074664][T15616] loop6: detected capacity change from 0 to 512 [ 167.082050][T15616] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 167.093995][T15616] EXT4-fs (loop6): 1 truncate cleaned up [ 167.100280][T15616] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.449878][T15616] ================================================================== [ 167.458011][T15616] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping [ 167.465882][T15616] [ 167.468217][T15616] write to 0xffffea0004a12258 of 8 bytes by task 15622 on cpu 1: [ 167.476028][T15616] __filemap_remove_folio+0x1a5/0x2a0 [ 167.481431][T15616] folio_unmap_invalidate+0x1dd/0x360 [ 167.486862][T15616] invalidate_inode_pages2_range+0x27c/0x3d0 [ 167.492970][T15616] filemap_invalidate_pages+0x16d/0x1a0 [ 167.498540][T15616] kiocb_invalidate_pages+0x6e/0x80 [ 167.503758][T15616] __iomap_dio_rw+0x5d4/0x1250 [ 167.508550][T15616] iomap_dio_rw+0x40/0x90 [ 167.512887][T15616] ext4_file_write_iter+0xad9/0xf00 [ 167.518121][T15616] iter_file_splice_write+0x663/0xa60 [ 167.523642][T15616] direct_splice_actor+0x153/0x2a0 [ 167.528869][T15616] splice_direct_to_actor+0x30f/0x680 [ 167.534261][T15616] do_splice_direct+0xda/0x150 [ 167.539033][T15616] do_sendfile+0x380/0x650 [ 167.543469][T15616] __x64_sys_sendfile64+0x105/0x150 [ 167.548748][T15616] x64_sys_call+0x2bb0/0x2ff0 [ 167.553452][T15616] do_syscall_64+0xd2/0x200 [ 167.558002][T15616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.563911][T15616] [ 167.566241][T15616] read to 0xffffea0004a12258 of 8 bytes by task 15616 on cpu 0: [ 167.573879][T15616] folio_mapping+0xa1/0x120 [ 167.575012][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 167.578501][T15616] lru_add+0x80/0x430 [ 167.589343][T15616] folio_batch_move_lru+0x177/0x230 [ 167.594560][T15616] lru_add_drain_cpu+0x77/0x250 [ 167.599418][T15616] __folio_batch_release+0x44/0xb0 [ 167.604539][T15616] filemap_splice_read+0x59e/0x740 [ 167.609670][T15616] ext4_file_splice_read+0x8f/0xb0 [ 167.614800][T15616] splice_direct_to_actor+0x26f/0x680 [ 167.620200][T15616] do_splice_direct+0xda/0x150 [ 167.624974][T15616] do_sendfile+0x380/0x650 [ 167.629421][T15616] __x64_sys_sendfile64+0x105/0x150 [ 167.634722][T15616] x64_sys_call+0x2bb0/0x2ff0 [ 167.639415][T15616] do_syscall_64+0xd2/0x200 [ 167.643939][T15616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.649844][T15616] [ 167.652173][T15616] value changed: 0xffff88810959cb30 -> 0x0000000000000000 [ 167.659279][T15616] [ 167.661605][T15616] Reported by Kernel Concurrency Sanitizer on: [ 167.667766][T15616] CPU: 0 UID: 0 PID: 15616 Comm: syz.6.5202 Not tainted syzkaller #0 PREEMPT(voluntary) [ 167.677586][T15616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 167.687650][T15616] ================================================================== [ 167.986711][T15002] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.614986][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 169.655030][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 170.705147][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 171.734968][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 172.774969][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 173.814974][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 174.864985][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 175.905002][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 176.934985][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available