last executing test programs: 2.155057308s ago: executing program 3 (id=2961): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r0, &(0x7f00000008c0)=[{{&(0x7f0000000100)={0xa, 0x4e24, 0x66a5, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000180)="bf", 0x1}], 0x1}}, {{&(0x7f0000000140)={0xa, 0x4e21, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xfffffffa}, 0x1c, &(0x7f0000000580)=[{&(0x7f00000001c0)="05", 0x1}], 0x1}}], 0x2, 0x931766f6319eed44) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000040), &(0x7f0000000080)=0x4) 2.112311929s ago: executing program 3 (id=2965): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x8020000) mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xf, 0x89, 0x40000, {r1}}, 0x20) 2.094324469s ago: executing program 3 (id=2966): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r0) syz_clone(0x80001000, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNGETDEVNETNS(r0, 0xff08, 0x0) 1.809007694s ago: executing program 3 (id=2976): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x1, 0x9}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000940)={0x6, 0x10, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000022bf000000000000ff7f000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf29000000000000550901000000000095000000000000007617040007000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x4, 0x32, &(0x7f0000000040)=""/212}, 0x25) 1.628544778s ago: executing program 4 (id=2982): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x94}, 0x24000000) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xb}, @NFTA_SET_EXPRESSIONS={0x4}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x130}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4044050}, 0x40) 1.606468269s ago: executing program 4 (id=2983): r0 = epoll_create(0x3ff) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000280)={0x2000000}) 1.238829516s ago: executing program 4 (id=2985): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) recvmmsg$unix(r0, &(0x7f0000007100)=[{{&(0x7f0000000100), 0x6e, &(0x7f0000000280)=[{&(0x7f0000000180)=""/168, 0xa8}], 0x1}}, {{&(0x7f0000000440), 0x6e, 0x0}}], 0x2, 0x0, 0x0) 1.238357556s ago: executing program 2 (id=2994): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/65, 0x328000, 0x800}, 0x20) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) 1.237922046s ago: executing program 0 (id=2995): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000000)={[{@i_version}, {@init_itable}, {@noblock_validity}]}, 0x1, 0x71e, &(0x7f0000000f40)="$eJzs3U1rXNUbAPDn3nb+yb+NJoKKLyAVxYqlkya2lK6sC9FNMVBwm4bkJsTc9MbMTG1CF+nKrYii4Ea/gxtXims/gF9BQbTURV1F7rykbzPNVJMMZH4/uNPn3Hub55yZzHkgZ5gTwNA6UT6kEc9HxEwSMd4+n0REpRkdjbjYuu/2rRvz5ZHE9vblP5LmPWU77vk/peMRsRURz0XET5WIU+nDeWsbmytzeZ6tt9uT9dW1ydrG5unl1bmlbCm7euHs2emz589duLB3Y33j/Q+erZ57Z+z7mcXZk1O/fpfExRhrX7t3HHup9ZxUyqfwPu/uR7IBSgbdAf6V8q15pPUuj2diPI40IwDgMNseidgGAIZMov4DwJDp/B2gs7a3X+tgvfz+dkSMdst/tL1mNtpchzx2O7lvZSKJiImD7CiH0tbNiLgyceLh37/koTXbx3VmLzrIvvqxnH8udpt/0p35J7rMP6Odz078R73nv7v5j/SY/2b6zPHei42iZ/6bES8c7ZY/2cmf9Mh/pc/8P9xZ+LvXte1vI17rWn+S+3L1/nzI5OJynp1pPXbPcaJx48NHjf9Yj/xbu4x/rc/xj3328s9bj8j/+iuPfv275S9r4qd95v+k8tYXva6V+Rd6jH+31/+bPvOff+mjzT5vBQAAAAAAAAAAAAAAAAAAAAAAAAAAgEMhjYixSNLqTpym1WprD++n41iaF7X6qcWicXUhmntlT0Ql7XzV8nirnZTtqfb38Xfa0w+034yIpyLi85H/N9vV+SJfGPTgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDt+AP7//810tr/HwA45EYH3QEA4MCp/wAwfNR/ABg+6j8ADB/1HwCGj/oPAMNH/QcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADggM1culQe27dv3Zgv2wvXNhorxbXTC1ltpbramK/OF+tr1aWiWMqz6nyxutvPy4tibXo6Gtcn61mtPlnb2JxdLRpX67PLq3NL2WxWOZBRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjGWseSVqNiLQZp2m1GvFERExEJVlczrMzEfFkRPwyUhkp21OD7jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHaxubKXJ5n6wKBQLATDHpmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIN3d9PvQfcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYp/S2JiPI4Of7q2INX/5fcGWn+GxEff335y+tz9fr6VHn+z53z9a/a56cH0X8AYDedOt2p4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQTW1jc2Uuz7P1fQwGPUYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPbOPwEAAP//vT/OxQ==") r0 = creat(&(0x7f0000000380)='./bus\x00', 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x82, 0x1, 0x0, r0, &(0x7f0000000000), 0x100000, 0x3000}]) 1.138538378s ago: executing program 2 (id=2986): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_type(r0, &(0x7f0000000100), 0x2, 0x0) write$cgroup_netprio_ifpriomap(r1, &(0x7f0000000040)={'veth0_to_bond', 0x32, 0x30}, 0x10) 1.074507949s ago: executing program 2 (id=2987): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x80, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x0, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x3, 0x0, 0xff, 0x0, 0x0, 0x0, 0x40, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x1, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 931.636272ms ago: executing program 1 (id=2988): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x200000000000000) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000001d00)={0x13, 0x10, 0xfa00, {&(0x7f0000005d40), r1, 0x2}}, 0x18) 931.448082ms ago: executing program 4 (id=2989): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000200000000005700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10) timer_delete(0x0) 801.966334ms ago: executing program 1 (id=2990): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xffffffffffffff54}, 0x18) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000180)={[{@nobh}, {@noauto_da_alloc}]}, 0x1, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08") lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0) 801.844004ms ago: executing program 4 (id=2991): bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f00000001c0)='./file0\x00', 0x800082, &(0x7f0000000680)=ANY=[@ANYBLOB="756d61736b3d30303030303030303030303030303030303030333737372c616c6c6f775f7574696d653d30303030303030332c000000000083ec4c0d6e84de0249d09f31ef580c3d00000000"], 0x1, 0x191, &(0x7f0000000480)="$eJzs3c+qElEcB/Cff5qkletoMdCmlVRPYIWCNBAULmpVYG00gtxMrXyL3qBX6XXClTsv3hHlyly4F64O1/l8Nn7xq5xzZjFnNWc+P/k+nfyYf/v77090Oo1o96Mfq0Z0oxmtKCwCADgnq/U6/q8LN/j56xNMCQA4slvu/wDAGbD/A0D92P8BoH4+fPz09lWWDd6naSdiucjH+bj4LPrhKBs8Ty919/9a5vm4tetfFH16tX8Qj7b9y9I+iWdPi37TvXmXHfQPY1I24X7jzq8BAAAAAAAAAAAAAAAAAAAAAACcWi/dKT3fp9dLrumLNBwl2+8Oz/dpx+N2yYDJUZYBAAAAAAAAAAAAAAAAAAAA99r81+/pl9ns609BEIRdqPrOBAAAAAAAAAAAAAAAAAAA9bN/6LfqmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAdfbv/z9e2IzTrHqhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU2kUAAAD//1z+TP8=") r0 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x1, 0x7800, 0x0, 0x3) 747.807426ms ago: executing program 0 (id=2992): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='kfree\x00', r0, 0x0, 0x4}, 0x18) symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') removexattr(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000100)=@random={'osx.', ':\x00'}) 707.248196ms ago: executing program 1 (id=2993): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48) 703.752796ms ago: executing program 2 (id=3005): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000080)={[{@bsdgroups}]}, 0xfc, 0x574, &(0x7f0000001980)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUk4gWC3qvS7INJZtuyW5KEwu2B3vxIkUQsSB69+6x+A/4VxS0UKQEPXiJzGY2XZPZNNlumm3384Fp35uZzZvvvvm+fbOzywbQt8bSfwoRL0fEN0nESMu2wcg2jq3tt/Lw+nS6JLG6+ulfSSTZuub+Sfb/oazyUkT89lXEycLmdmtLy3OlSqW8kNXH6/NXxmtLy6cuzZdmy7Ply5NTU2fempp89523uxbr6+f/+f6Tux+e+fr4yne/3D9yO4mzcTjb1hrHE7jRWhmLsew5GYqzG3ac6EJjvSTZ6wOgIwNZng9FOgaMxECW9blWR57moQG77Ms0rYE+lch/6FPNeUDz2r5L18HPjAfvr10AbY5/cO29kRhuXBsdXEn+d2WUXu+OdqH9tI1f/7xzO12i3fsQ+7vQEMAGN25GxOnBwc3jX5KNf507vY19NrbRb68/sJfupvOfN/LmP4X1+U/kzH8O5eRuJx6f/4X7XWimrXT+917u/Hf9ptXoQFZ7oTHnG0ouXqqU07HtxYg4EUP70/pERHyQfxPk88LKvdV27bfO/9Ilbb85F8yO4/7ghvnfTKleevLI1zy4GfFK7vw3We//JKf/0+fj/DbbOFa+82q7bY+Pf3et/hTxWm7/P+rMZOv7k+ON82G8eVZs9vetY7+3a3+v40/7/+DW8Y8mrfdraztv48fhf8vttnV6/u9LPmuU92XrrpXq9YWJiH3Jx5vXTz56bLPe3D+N/8Txrce/vPP/QJrY24z/1tFbrbsO7yz+3ZXGP7Oj/t954d5HX/zQrv3t9f+bjdKJbM12xr/tHuCTPHcAAAAAAADQawoRcTiSQnG9XCgUi2uf7zgaBwuVaq1+8mJ18fJMNL4rOxpDhead7pGWz0NMZJ+HbdYnN9SnIuJIRHw7cKBRL05XKzN7HTwAAAAAAAAAAAAAAAAAAAD0iEMRw3nf/0/9MZD/mDargWfRFj/5DTzn2ud/tqUbv/QE9CSv/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kP/Wsn+f/zuV08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+nD93Ll1WVx5en07rM1eXFueqV0/NlGtzxfnF6eJ0deFKcbZana2Ui9PV+cf9vUq1emViMhavjdfLtfp4bWn5wnx18XL9wqX50mz5QnnoqUQFAAAAAAAAAAAAAAAAAAAAz5ba0vJcqVIpLygodFQY7I3D6MFCoTcOo8PCXo9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDIfwEAAP//wGE62g==") seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]}) r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) fdatasync(r0) 597.079218ms ago: executing program 0 (id=2996): mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) r1 = dup2(r0, r0) ioctl$BLKTRACESETUP(r1, 0x127f, 0x0) 582.052269ms ago: executing program 0 (id=2997): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x28) r1 = syz_io_uring_setup(0x223d, &(0x7f00000004c0)={0x0, 0x57d9, 0x100, 0x2, 0xf8}, &(0x7f0000000040), &(0x7f00000001c0)) io_uring_register$IORING_REGISTER_NAPI(r1, 0x1b, 0x0, 0x1) 581.491268ms ago: executing program 2 (id=3008): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x1b) ioctl$TIOCVHANGUP(r0, 0x5437, 0x2) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) 581.025238ms ago: executing program 4 (id=3009): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r0, 0x2007ffc) sendfile(r0, r0, 0x0, 0x800000009) 566.994999ms ago: executing program 1 (id=2998): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x94}, 0x24000000) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xb}, @NFTA_SET_EXPRESSIONS={0x4}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x130}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4044050}, 0x40) 549.426539ms ago: executing program 0 (id=2999): r0 = epoll_create(0x3ff) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000280)={0x2000000}) 515.38765ms ago: executing program 1 (id=3000): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) recvmmsg$unix(r0, &(0x7f0000007100)=[{{&(0x7f0000000100), 0x6e, &(0x7f0000000280)=[{&(0x7f0000000180)=""/168, 0xa8}], 0x1}}, {{&(0x7f0000000440), 0x6e, 0x0}}], 0x2, 0x0, 0x0) 510.36111ms ago: executing program 2 (id=3013): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0}, 0x94) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e3000000000000000000000000800030000000000140006"], 0x58}}, 0x0) 17.91552ms ago: executing program 3 (id=2976): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x1, 0x9}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000940)={0x6, 0x10, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000022bf000000000000ff7f000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf29000000000000550901000000000095000000000000007617040007000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x4, 0x32, &(0x7f0000000040)=""/212}, 0x25) 2.67284ms ago: executing program 3 (id=3001): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000000)={[{@errors_remount}, {@grpquota}]}, 0x4, 0x4f2, &(0x7f0000000a40)="$eJzs3c9vVF0ZAOD3Tjttv34DBWWhRgURRUOY/gAaggthozGExEhcuYDaDk3TGabptEgri7J0byKJK/0T3LkwYeXCnTvducGFCSrRUBMXY+6dSzu0HVqk7dDO8yR37j3nXuY9Z4ZzztzDDCeAnnUuItYiYiAi7kfESJ6f5FvcbG3pda9fPZlef/VkOolm8+4/kux8mhdtfyb1af6cQxHxg+9G/DjZHrexsjo/Va1WFvP06FJtYbSxsnp5rpDnTEyOT45dv3JtYt/qerb2m5ffmbv9w9/99ksv/rj2zZ+mxSr97ER2rr0e+6lV9WKU2vL6I+L2QQTrkv787w9HT9raPhMR57P2PxJ92bsJABxnzeZINEfa0wDAcZfe/5ciKZTzuYBSFArlcmsO70wMF6r1xtKlkfryw5nI5rBORbHwYK5aGcvnCk9FMUnT49nxZnpiS/pKRJyOiJ8PfpKly9P16kw3P/gAQA/7dMv4/+/B1vgPABxzQ+95va8IAMDR977jPwBw9Bn/AaD3vMf4b+ofAI4J9/8A0HuM/wDQe3Yd/58eTjkAgEPx/Tt30q25nv//1zOPVpa/VXp0eabSmC/XlqfL0/XFhfJsvT5brZSnm83dnq9ary+MX91INlZW79Xqyw+X7s3VpmYr9yrFA64PALC702ef/zmJiLUbn2RbtK3lYKyG463Q7QIAXdPX7QIAXeP3PNC79nCPbxoAjrkdluh9S8evCD2z+CscVRc/b/4fepX5f+hd/9/8/7f3vRzA4TP/D72r2Uys+Q8APcYcP/BB//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPaqUbUmhnK0FvpY+FsrliBMRcSqKyYO5amUsIk5GxJ8Gi4NperzbhQYAPlDhb0m+/tfFkQulrWcHkv8MZvuI+Mkv7/7i8dTS0uJ4mv/PjfylZ3n+xEA3KgAAtLu5Pas1Tuf7thv516+eTL/ZDrOIL2+1FhdN467nW+tMf/Rn+6EoRsTwv5I83ZJ+Xunbh/hrTyPic5v1f9wWoZTNgbRWPt0aP4194gDib77+W+MX3opfyM6l+2L2Wnx2H8oCveb5rVY/mbe9tInl7a8Q57L9zu1/KOuhPtyb/m99W/9X2Oj/+rbFT7I2f24j/e6SvLz6++9ty2yOtM49jfhC/07xk434SYf+98Ie6/iXL375fKdzzV9FXIyd47fUsm52dKm2MNpYWb08V5uarcxWHk5MTI5Pjl2/cm1iNJujbj3+YacYf79x6WSn+Gn9hzvEH9ql/l/bY/1//d/7P/rKO+J/46s7v/9n3hE/HRO/vsf4U8M3Oy7fncaf6VD/3d7/S3uM/+KvqzN7vBQAOASNldX5qWq1srjLQfpZc7drHBzNg1iL+AiKkR8MxEdRjJ4/6HbPBBy0zUbf7ZIAAAAAAAAAAAAAAACdNFZW5wfjYH9O1O06AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHz9LwAA//9Jt84K") perf_event_open(&(0x7f0000000740)={0x2, 0x80, 0x6e, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x7fff, 0xaea}, 0x110104, 0x32, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x10448) 2.00393ms ago: executing program 0 (id=3015): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000001080)={0x200000, 0x200000}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x7, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x2c}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x4}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r0, 0xe0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc}}, 0x10) 0s ago: executing program 1 (id=3016): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18) symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00') acct(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00') kernel console output (not intermixed with test programs): without journal. Quota mode: writeback. [ 69.935767][ T6251] ext4 filesystem being mounted at /256/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.970777][ T6251] EXT4-fs (loop0): shut down requested (0) [ 69.979685][ T6251] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=15 [ 69.988667][ T6251] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=15 [ 70.023954][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.085092][ T6273] loop0: detected capacity change from 0 to 512 [ 70.100699][ T6273] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 70.108968][ T6273] EXT4-fs (loop0): orphan cleanup on readonly fs [ 70.117496][ T6273] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm +}[@: Failed to acquire dquot type 1 [ 70.129634][ T6273] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 40: padding at end of block bitmap is not set [ 70.144661][ T6273] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 70.154140][ T6273] EXT4-fs (loop0): 1 truncate cleaned up [ 70.160690][ T6273] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 70.211776][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.233912][ T6282] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1251'. [ 70.376284][ T6292] SELinux: security_context_str_to_sid ( ) failed with errno=-22 [ 70.430390][ T6294] loop0: detected capacity change from 0 to 512 [ 70.445084][ T6294] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.458102][ T6294] ext4 filesystem being mounted at /265/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 70.474818][ T6294] EXT4-fs (loop0): shut down requested (0) [ 70.490293][ T6294] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=15 [ 70.499465][ T6294] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=15 [ 70.524112][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.596267][ T6306] loop2: detected capacity change from 0 to 8192 [ 70.603883][ T6306] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 70.682547][ T6306] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 70.691396][ T6306] FAT-fs (loop2): Filesystem has been set read-only [ 70.715737][ T6306] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 70.725013][ T6306] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 70.785683][ T3305] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 70.823601][ T29] kauditd_printk_skb: 94 callbacks suppressed [ 70.823620][ T29] audit: type=1400 audit(2000000027.830:42220): avc: denied { validate_trans } for pid=6310 comm="syz.2.1263" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 70.954404][ T29] audit: type=1400 audit(2000000027.960:42221): avc: denied { write } for pid=6323 comm="syz.3.1269" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 70.984201][ T6330] netlink: 'syz.4.1271': attribute type 4 has an invalid length. [ 71.008962][ T29] audit: type=1400 audit(2000000028.010:42222): avc: denied { sqpoll } for pid=6331 comm="syz.3.1272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 71.121001][ T29] audit: type=1400 audit(2000000028.120:42223): avc: denied { write } for pid=6340 comm="syz.4.1275" name="vlan0" dev="proc" ino=4026533209 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 71.207522][ T29] audit: type=1400 audit(2000000028.210:42224): avc: denied { map } for pid=6340 comm="syz.4.1275" path="/proc/529/net/vlan/vlan0" dev="proc" ino=4026533209 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 71.256147][ T6348] SELinux: Context system_u:object_r:dmidecode_exec_t:s0 is not valid (left unmapped). [ 71.376220][ T29] audit: type=1400 audit(2000000028.270:42225): avc: denied { relabelto } for pid=6347 comm="syz.1.1278" name="file1" dev="tmpfs" ino=1289 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:dmidecode_exec_t:s0" [ 71.403396][ T29] audit: type=1400 audit(2000000028.270:42226): avc: denied { associate } for pid=6347 comm="syz.1.1278" name="file1" dev="tmpfs" ino=1289 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:dmidecode_exec_t:s0" [ 71.553148][ T29] audit: type=1400 audit(2000000028.560:42227): avc: denied { name_bind } for pid=6354 comm="syz.0.1281" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 71.704900][ T6368] IPVS: Error joining to the multicast group [ 71.772729][ T6372] loop0: detected capacity change from 0 to 164 [ 71.806652][ T6372] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 71.948731][ T6386] bond1: entered promiscuous mode [ 71.953880][ T6386] bond1: entered allmulticast mode [ 71.997865][ T6392] loop4: detected capacity change from 0 to 512 [ 72.006422][ T6386] 8021q: adding VLAN 0 to HW filter on device bond1 [ 72.030188][ T6392] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 72.043305][ T6392] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 72.063774][ T6386] bond1 (unregistering): Released all slaves [ 72.073810][ T6392] EXT4-fs (loop4): 1 truncate cleaned up [ 72.085491][ T6392] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.103321][ T29] audit: type=1400 audit(2000000029.110:42228): avc: denied { remove_name } for pid=6391 comm="syz.4.1299" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 72.126272][ T29] audit: type=1400 audit(2000000029.110:42229): avc: denied { rename } for pid=6391 comm="syz.4.1299" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 72.187888][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.260024][ T6404] loop2: detected capacity change from 0 to 128 [ 72.287957][ T6404] syz.2.1303: attempt to access beyond end of device [ 72.287957][ T6404] loop2: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 72.497558][ T6430] syz.4.1315: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 72.512274][ T6430] CPU: 0 UID: 0 PID: 6430 Comm: syz.4.1315 Not tainted syzkaller #0 PREEMPT(voluntary) [ 72.512382][ T6430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 72.512395][ T6430] Call Trace: [ 72.512402][ T6430] [ 72.512460][ T6430] __dump_stack+0x1d/0x30 [ 72.512500][ T6430] dump_stack_lvl+0xe8/0x140 [ 72.512522][ T6430] dump_stack+0x15/0x1b [ 72.512542][ T6430] warn_alloc+0x12b/0x1a0 [ 72.512619][ T6430] __vmalloc_node_range_noprof+0x9c/0xe00 [ 72.512660][ T6430] ? __futex_wait+0x1ff/0x260 [ 72.512698][ T6430] ? __pfx_futex_wake_mark+0x10/0x10 [ 72.512810][ T6430] ? __rcu_read_unlock+0x4f/0x70 [ 72.512842][ T6430] ? avc_has_perm_noaudit+0x1b1/0x200 [ 72.512870][ T6430] ? should_fail_ex+0x30/0x280 [ 72.512898][ T6430] ? xskq_create+0x36/0xe0 [ 72.512925][ T6430] vmalloc_user_noprof+0x7d/0xb0 [ 72.513038][ T6430] ? xskq_create+0x80/0xe0 [ 72.513058][ T6430] xskq_create+0x80/0xe0 [ 72.513078][ T6430] xsk_init_queue+0x95/0xf0 [ 72.513099][ T6430] xsk_setsockopt+0x3f5/0x640 [ 72.513124][ T6430] ? __pfx_xsk_setsockopt+0x10/0x10 [ 72.513142][ T6430] __sys_setsockopt+0x181/0x200 [ 72.513172][ T6430] __x64_sys_setsockopt+0x64/0x80 [ 72.513199][ T6430] x64_sys_call+0x20ec/0x2ff0 [ 72.513276][ T6430] do_syscall_64+0xd2/0x200 [ 72.513310][ T6430] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 72.513334][ T6430] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 72.513368][ T6430] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.513406][ T6430] RIP: 0033:0x7f7b57a4eec9 [ 72.513423][ T6430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.513441][ T6430] RSP: 002b:00007f7b564af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 72.513462][ T6430] RAX: ffffffffffffffda RBX: 00007f7b57ca5fa0 RCX: 00007f7b57a4eec9 [ 72.513512][ T6430] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 72.513527][ T6430] RBP: 00007f7b57ad1f91 R08: 0000000000000004 R09: 0000000000000000 [ 72.513543][ T6430] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 72.513559][ T6430] R13: 00007f7b57ca6038 R14: 00007f7b57ca5fa0 R15: 00007ffd7d7ddeb8 [ 72.513583][ T6430] [ 72.733138][ T6430] Mem-Info: [ 72.736416][ T6430] active_anon:16496 inactive_anon:4 isolated_anon:0 [ 72.736416][ T6430] active_file:10202 inactive_file:12996 isolated_file:0 [ 72.736416][ T6430] unevictable:4 dirty:276 writeback:0 [ 72.736416][ T6430] slab_reclaimable:3287 slab_unreclaimable:15514 [ 72.736416][ T6430] mapped:29788 shmem:5326 pagetables:1295 [ 72.736416][ T6430] sec_pagetables:0 bounce:0 [ 72.736416][ T6430] kernel_misc_reclaimable:0 [ 72.736416][ T6430] free:1858772 free_pcp:24867 free_cma:0 [ 72.781923][ T6430] Node 0 active_anon:64708kB inactive_anon:16kB active_file:40808kB inactive_file:51984kB unevictable:16kB isolated(anon):0kB isolated(file):0kB mapped:119152kB dirty:1104kB writeback:0kB shmem:20028kB kernel_stack:3536kB pagetables:5180kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 72.809767][ T6430] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 72.838544][ T6430] lowmem_reserve[]: 0 2883 7862 7862 [ 72.843969][ T6430] Node 0 DMA32 free:2949188kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952820kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:100kB free_cma:0kB [ 72.874255][ T6430] lowmem_reserve[]: 0 0 4978 4978 [ 72.879354][ T6430] Node 0 Normal free:4473092kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:58560kB inactive_anon:16kB active_file:40808kB inactive_file:51984kB unevictable:16kB writepending:1104kB present:5242880kB managed:5098240kB mlocked:16kB bounce:0kB free_pcp:100324kB local_pcp:48068kB free_cma:0kB [ 72.911880][ T6430] lowmem_reserve[]: 0 0 0 0 [ 72.916519][ T6430] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 72.929395][ T6430] Node 0 DMA32: 3*4kB (M) 1*8kB (M) 3*16kB (M) 2*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949188kB [ 72.945602][ T6430] Node 0 Normal: 201*4kB (ME) 31*8kB (UM) 24*16kB (UM) 47*32kB (M) 96*64kB (UM) 39*128kB (UME) 4*256kB (UE) 26*512kB (UME) 12*1024kB (UM) 6*2048kB (UME) 1080*4096kB (UM) = 4476668kB [ 72.963992][ T6430] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 72.973319][ T6430] 25392 total pagecache pages [ 72.978055][ T6430] 7 pages in swap cache [ 72.982282][ T6430] Free swap = 124968kB [ 72.986483][ T6430] Total swap = 124996kB [ 72.990714][ T6430] 2097051 pages RAM [ 72.994579][ T6430] 0 pages HighMem/MovableOnly [ 72.999279][ T6430] 80446 pages reserved [ 73.140192][ T6444] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6) [ 73.146845][ T6444] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 73.154514][ T6444] vhci_hcd vhci_hcd.0: Device attached [ 73.190272][ T6447] vhci_hcd: connection closed [ 73.190443][ T2166] vhci_hcd: stop threads [ 73.199551][ T2166] vhci_hcd: release socket [ 73.204136][ T2166] vhci_hcd: disconnect device [ 73.333875][ T6467] loop2: detected capacity change from 0 to 1024 [ 73.353049][ T6467] EXT4-fs: Ignoring removed orlov option [ 73.358872][ T6467] EXT4-fs: Ignoring removed nomblk_io_submit option [ 73.371968][ T6465] lo speed is unknown, defaulting to 1000 [ 73.419139][ T6467] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.451815][ T6467] EXT4-fs (loop2): shut down requested (1) [ 73.481826][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.655315][ T6503] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 73.757811][ T6514] loop4: detected capacity change from 0 to 512 [ 73.797105][ T6514] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.825535][ T6514] ext4 filesystem being mounted at /264/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 73.887079][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.084388][ T6561] __nla_validate_parse: 3 callbacks suppressed [ 74.084406][ T6561] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1371'. [ 74.127993][ T6568] netlink: 'syz.3.1374': attribute type 1 has an invalid length. [ 74.135813][ T6568] NCSI netlink: No device for ifindex 131092 [ 74.328634][ T6588] loop3: detected capacity change from 0 to 1024 [ 74.345775][ T6588] EXT4-fs: Ignoring removed nomblk_io_submit option [ 74.376418][ T6588] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 74.389527][ T6595] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1385'. [ 74.401589][ T6588] System zones: 0-1, 3-36 [ 74.426789][ T6588] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.500956][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.662836][ T6622] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 74.673135][ T6622] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 74.977835][ T6655] loop3: detected capacity change from 0 to 512 [ 75.003870][ T6655] EXT4-fs (loop3): too many log groups per flexible block group [ 75.011629][ T6655] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 75.026195][ T6655] EXT4-fs (loop3): mount failed [ 75.049093][ T6667] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1416'. [ 75.092200][ T6667] batadv1: entered promiscuous mode [ 75.097641][ T6667] batadv1: entered allmulticast mode [ 75.208793][ T6681] loop4: detected capacity change from 0 to 512 [ 75.221872][ T6681] EXT4-fs: Ignoring removed orlov option [ 75.230153][ T6681] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 75.250117][ T6681] EXT4-fs (loop4): orphan cleanup on readonly fs [ 75.258038][ T6681] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1423: bg 0: block 248: padding at end of block bitmap is not set [ 75.274051][ T6681] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.1423: Failed to acquire dquot type 1 [ 75.286621][ T6681] EXT4-fs (loop4): 1 truncate cleaned up [ 75.294496][ T6681] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 75.308282][ T6681] syz.4.1423 (6681) used greatest stack depth: 9280 bytes left [ 75.333876][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.405555][ T6703] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) ! [ 75.476513][ T6713] netlink: 'syz.1.1439': attribute type 10 has an invalid length. [ 75.489907][ T6713] team0: Device hsr_slave_0 failed to register rx_handler [ 75.578320][ T6727] loop4: detected capacity change from 0 to 1024 [ 75.597427][ T6730] loop1: detected capacity change from 0 to 512 [ 75.601615][ T6727] EXT4-fs: Ignoring removed nomblk_io_submit option [ 75.613707][ T6730] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 75.621680][ T6730] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0003] [ 75.632469][ T6727] EXT4-fs: Ignoring removed nobh option [ 75.639878][ T6730] EXT4-fs (loop1): orphan cleanup on readonly fs [ 75.646551][ T6730] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #13: comm syz.1.1447: iget: bad i_size value: 12154761577498 [ 75.662747][ T6730] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1447: couldn't read orphan inode 13 (err -117) [ 75.679769][ T6727] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.693420][ T6730] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 75.720016][ T6730] EXT4-fs warning (device loop1): dx_probe:861: inode #2: comm syz.1.1447: dx entry: limit 65535 != root limit 120 [ 75.732208][ T6730] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.1447: Corrupt directory, running e2fsck is recommended [ 75.751848][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.761423][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.912839][ T29] kauditd_printk_skb: 106 callbacks suppressed [ 75.912858][ T29] audit: type=1400 audit(2000000032.920:42334): avc: denied { read } for pid=6753 comm="syz.1.1457" path="socket:[14812]" dev="sockfs" ino=14812 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 76.112656][ T6789] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 76.127541][ T6789] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 76.153840][ T29] audit: type=1400 audit(2000000033.160:42335): avc: denied { write } for pid=6795 comm="syz.3.1477" name="event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 76.216838][ T6802] loop1: detected capacity change from 0 to 512 [ 76.251607][ T6806] ip6erspan0: entered promiscuous mode [ 76.259740][ T6802] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.272492][ T6802] ext4 filesystem being mounted at /287/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 76.285386][ T6802] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.1479: corrupted inode contents [ 76.297474][ T6802] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #2: comm syz.1.1479: mark_inode_dirty error [ 76.309505][ T6802] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.1479: corrupted inode contents [ 76.359728][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.486848][ T29] audit: type=1400 audit(2000000033.490:42336): avc: denied { read write } for pid=6824 comm="syz.3.1489" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 76.511611][ T29] audit: type=1400 audit(2000000033.490:42337): avc: denied { open } for pid=6824 comm="syz.3.1489" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 76.539632][ T6827] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1490'. [ 76.691961][ T6849] unsupported nla_type 52263 [ 76.790704][ T3414] IPVS: starting estimator thread 0... [ 76.834059][ T29] audit: type=1326 audit(2000000033.840:42338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6869 comm="syz.0.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 76.857815][ T29] audit: type=1326 audit(2000000033.840:42339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6869 comm="syz.0.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 76.881461][ T29] audit: type=1326 audit(2000000033.840:42340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6869 comm="syz.0.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 76.905097][ T29] audit: type=1326 audit(2000000033.840:42341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6869 comm="syz.0.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 76.930844][ T6862] IPVS: using max 2016 ests per chain, 100800 per kthread [ 76.931766][ T29] audit: type=1326 audit(2000000033.940:42342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6869 comm="syz.0.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 77.029752][ T29] audit: type=1400 audit(2000000034.030:42343): avc: denied { module_load } for pid=6886 comm="syz.3.1517" path=2F6D656D66643A01FDAE2E2BA68CB63F32193994532C7C783F55655BBDE1210333BC2723FF179B25F35B64202097F5479741C2D8F05571E62BA56C940BB607175CFB0421E4C4B1A21CFF433B94510DB67D9CEC430BCFEBE49A52E52C8203202864656C6574656429 dev="hugetlbfs" ino=14985 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=system permissive=1 [ 77.031437][ T6887] Invalid ELF header magic: != ELF [ 77.094577][ T6891] loop0: detected capacity change from 0 to 512 [ 77.111241][ T6891] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 77.138232][ T6891] EXT4-fs (loop0): orphan cleanup on readonly fs [ 77.146594][ T6891] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.1519: iget: bad i_size value: 360287970189639680 [ 77.161873][ T6898] 9pnet_fd: Insufficient options for proto=fd [ 77.170557][ T6891] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1519: couldn't read orphan inode 15 (err -117) [ 77.198102][ T6891] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 77.226528][ T6901] loop4: detected capacity change from 0 to 1024 [ 77.239232][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.257340][ T6908] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1527'. [ 77.272928][ T6901] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.292175][ T6901] EXT4-fs warning (device loop4): empty_inline_dir:1749: bad inline directory (dir #12) - no `..' [ 77.312075][ T6916] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1530'. [ 77.324288][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.389228][ T6922] syz.4.1532 (6922) used greatest stack depth: 8872 bytes left [ 77.425803][ T6929] netlink: 140 bytes leftover after parsing attributes in process `syz.4.1538'. [ 77.456946][ T6933] loop1: detected capacity change from 0 to 512 [ 77.473593][ T6938] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1541'. [ 77.487558][ T6933] EXT4-fs (loop1): failed to initialize system zone (-117) [ 77.517819][ T6933] EXT4-fs (loop1): mount failed [ 77.674382][ T6962] hub 2-0:1.0: USB hub found [ 77.684658][ T6962] hub 2-0:1.0: 8 ports detected [ 77.706630][ T6968] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1555'. [ 77.756140][ T6975] loop3: detected capacity change from 0 to 1024 [ 77.852599][ T6975] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 77.879544][ T6990] tipc: Started in network mode [ 77.884586][ T6990] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 77.901808][ T6975] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.908942][ T6990] tipc: Enabled bearer , priority 10 [ 77.922023][ T6997] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1567'. [ 77.933043][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.974306][ T7006] loop4: detected capacity change from 0 to 1024 [ 77.984789][ T7006] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.002155][ T7006] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1571: bg 0: block 193: padding at end of block bitmap is not set [ 78.007499][ T7009] loop0: detected capacity change from 0 to 4096 [ 78.023549][ T7009] EXT4-fs: Ignoring removed mblk_io_submit option [ 78.030243][ T7009] EXT4-fs: test_dummy_encryption option not supported [ 78.038544][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.091920][ T7020] netlink: 'syz.4.1577': attribute type 6 has an invalid length. [ 78.136241][ T7027] program syz.0.1580 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 78.181358][ T7035] C: renamed from team_slave_0 (while UP) [ 78.189268][ T7035] netlink: 'syz.0.1584': attribute type 3 has an invalid length. [ 78.197285][ T7035] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 78.336482][ T7054] loop4: detected capacity change from 0 to 8192 [ 78.401379][ T7062] SELinux: Context system_u:object is not valid (left unmapped). [ 78.606189][ T7088] loop0: detected capacity change from 0 to 2048 [ 78.613032][ T7088] EXT4-fs: Ignoring removed i_version option [ 78.628887][ T7088] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.641747][ T7088] ext4 filesystem being mounted at /353/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.793899][ T7111] sch_tbf: peakrate 212 is lower than or equals to rate 32587 ! [ 78.805652][ T7112] netdevsim netdevsim1: Direct firmware load for ./file0/file1 failed with error -2 [ 78.841686][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.022607][ T3414] tipc: Node number set to 4269801488 [ 79.126430][ T7154] __nla_validate_parse: 4 callbacks suppressed [ 79.126448][ T7154] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1638'. [ 79.232779][ T7166] netlink: 'syz.1.1644': attribute type 21 has an invalid length. [ 79.243451][ T7168] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1645'. [ 79.304301][ T3414] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 79.305336][ T7178] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1650'. [ 79.311826][ T3414] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 79.328349][ T3414] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 79.335826][ T3414] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 79.343587][ T3414] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 79.349546][ T7180] loop3: detected capacity change from 0 to 512 [ 79.351002][ T3414] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 79.364897][ T3414] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 79.372310][ T3414] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 79.379914][ T3414] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 79.387454][ T3414] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 79.397958][ T7180] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 79.408542][ T7180] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 79.425299][ T7180] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #11: comm syz.3.1651: corrupted inode contents [ 79.437381][ T3414] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.03 Device [syz1] on syz1 [ 79.457505][ T7180] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #11: comm syz.3.1651: mark_inode_dirty error [ 79.473427][ T7180] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1651: invalid indirect mapped block 1 (level 1) [ 79.493445][ T7180] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #11: comm syz.3.1651: corrupted inode contents [ 79.516542][ T7180] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 79.536934][ T7180] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #11: comm syz.3.1651: corrupted inode contents [ 79.551624][ T7180] EXT4-fs error (device loop3): ext4_truncate:4666: inode #11: comm syz.3.1651: mark_inode_dirty error [ 79.566838][ T7180] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 79.576008][ T7180] EXT4-fs (loop3): 1 truncate cleaned up [ 79.582230][ T7180] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.645343][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.667669][ T7198] hub 9-0:1.0: USB hub found [ 79.672805][ T7198] hub 9-0:1.0: 8 ports detected [ 79.749084][ T7208] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1663'. [ 79.815044][ T7223] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1671'. [ 79.824341][ T7223] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1671'. [ 79.833462][ T7223] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1671'. [ 79.902630][ T7229] netlink: 'syz.4.1674': attribute type 1 has an invalid length. [ 80.032642][ T7252] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1685'. [ 80.045044][ T7255] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1686'. [ 80.317179][ T7286] loop3: detected capacity change from 0 to 256 [ 80.407914][ T7292] loop3: detected capacity change from 0 to 1024 [ 80.456296][ T7292] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.501150][ T7292] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1703: Allocating blocks 465-513 which overlap fs metadata [ 80.528793][ T7292] EXT4-fs (loop3): pa ffff88810702b150: logic 256, phys. 369, len 9 [ 80.536987][ T7292] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3 [ 80.547266][ T7292] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt. [ 80.594910][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.710234][ T7316] (unnamed net_device) (uninitialized): ARP target 9.0.0.0 is already present [ 80.719281][ T7316] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (9) [ 80.733337][ T7318] loop0: detected capacity change from 0 to 256 [ 80.779817][ T7328] 9pnet_fd: Insufficient options for proto=fd [ 80.895889][ T7341] sctp: [Deprecated]: syz.1.1725 (pid 7341) Use of int in max_burst socket option. [ 80.895889][ T7341] Use struct sctp_assoc_value instead [ 80.900360][ T7342] loop2: detected capacity change from 0 to 1024 [ 80.920744][ T7344] netlink: 'syz.4.1726': attribute type 21 has an invalid length. [ 80.928860][ T7344] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1726'. [ 80.966015][ T7342] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.030401][ T29] kauditd_printk_skb: 120 callbacks suppressed [ 81.030420][ T29] audit: type=1400 audit(2000000038.030:42464): avc: denied { bind } for pid=7355 comm="syz.0.1732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 81.065830][ T29] audit: type=1400 audit(2000000038.030:42465): avc: denied { setopt } for pid=7355 comm="syz.0.1732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 81.085397][ T7342] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.1724: Allocating blocks 449-513 which overlap fs metadata [ 81.087557][ T29] audit: type=1400 audit(2000000038.030:42466): avc: denied { listen } for pid=7355 comm="syz.0.1732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 81.166278][ T7339] EXT4-fs (loop2): pa ffff88810702b230: logic 48, phys. 177, len 21 [ 81.175108][ T7339] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 81.197031][ T7370] loop4: detected capacity change from 0 to 128 [ 81.210227][ T7370] EXT4-fs: Ignoring removed nobh option [ 81.218454][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.235184][ T7370] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 81.251715][ T7370] ext4 filesystem being mounted at /357/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 81.278299][ T7370] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 81.289304][ T29] audit: type=1400 audit(2000000038.300:42467): avc: denied { relabelto } for pid=7369 comm="syz.4.1737" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 81.377051][ T3314] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 81.504490][ T7409] loop2: detected capacity change from 0 to 512 [ 81.513141][ T7409] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 81.546714][ T7409] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 81.579463][ T7409] EXT4-fs (loop2): 1 truncate cleaned up [ 81.585896][ T7409] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.617547][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.670473][ T7428] loop3: detected capacity change from 0 to 8192 [ 81.678479][ T7428] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 81.745484][ T7428] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 81.754359][ T7428] FAT-fs (loop3): Filesystem has been set read-only [ 81.761433][ T7428] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 81.772251][ T7428] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 81.778097][ T29] audit: type=1326 audit(2000000038.780:42468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7435 comm="syz.2.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85d4bfeec9 code=0x7ffc0000 [ 81.804812][ T29] audit: type=1326 audit(2000000038.780:42469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7435 comm="syz.2.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85d4bfeec9 code=0x7ffc0000 [ 81.830067][ T29] audit: type=1326 audit(2000000038.840:42470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7435 comm="syz.2.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85d4bfeec9 code=0x7ffc0000 [ 81.853774][ T29] audit: type=1326 audit(2000000038.840:42471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7435 comm="syz.2.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85d4bfeec9 code=0x7ffc0000 [ 81.877309][ T29] audit: type=1326 audit(2000000038.840:42472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7435 comm="syz.2.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85d4bfeec9 code=0x7ffc0000 [ 81.901642][ T29] audit: type=1326 audit(2000000038.890:42473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7435 comm="syz.2.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85d4bfeec9 code=0x7ffc0000 [ 81.908051][ T3312] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 81.992596][ T7440] loop3: detected capacity change from 0 to 1024 [ 82.000712][ T7440] EXT4-fs: Ignoring removed nobh option [ 82.006412][ T7440] EXT4-fs: Ignoring removed bh option [ 82.027847][ T7440] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.084769][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.265203][ T7487] netlink: 'syz.3.1789': attribute type 2 has an invalid length. [ 82.273079][ T7487] netlink: 'syz.3.1789': attribute type 1 has an invalid length. [ 82.348614][ T7500] loop2: detected capacity change from 0 to 164 [ 82.358393][ T7499] netlink: 'syz.3.1794': attribute type 15 has an invalid length. [ 82.378610][ T7500] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 82.463079][ T7513] openvswitch: netlink: Message has 6 unknown bytes. [ 82.503019][ T7518] loop4: detected capacity change from 0 to 128 [ 82.528088][ T7522] bond1: entered promiscuous mode [ 82.533490][ T7522] bond1: entered allmulticast mode [ 82.539297][ T7522] 8021q: adding VLAN 0 to HW filter on device bond1 [ 82.548557][ T7518] syz.4.1813: attempt to access beyond end of device [ 82.548557][ T7518] loop4: rw=2049, sector=170, nr_sectors = 6 limit=128 [ 82.564744][ T7518] syz.4.1813: attempt to access beyond end of device [ 82.564744][ T7518] loop4: rw=2049, sector=174, nr_sectors = 2 limit=128 [ 82.569275][ T7522] bond1 (unregistering): Released all slaves [ 82.578315][ T7518] Buffer I/O error on dev loop4, logical block 87, lost async page write [ 82.578660][ T7518] syz.4.1813: attempt to access beyond end of device [ 82.578660][ T7518] loop4: rw=2049, sector=176, nr_sectors = 2 limit=128 [ 82.606319][ T7518] Buffer I/O error on dev loop4, logical block 88, lost async page write [ 82.615303][ T7518] syz.4.1813: attempt to access beyond end of device [ 82.615303][ T7518] loop4: rw=2049, sector=178, nr_sectors = 6 limit=128 [ 82.629109][ T7518] syz.4.1813: attempt to access beyond end of device [ 82.629109][ T7518] loop4: rw=2049, sector=182, nr_sectors = 2 limit=128 [ 82.642564][ T7518] Buffer I/O error on dev loop4, logical block 91, lost async page write [ 82.651058][ T7518] syz.4.1813: attempt to access beyond end of device [ 82.651058][ T7518] loop4: rw=2049, sector=184, nr_sectors = 2 limit=128 [ 82.664530][ T7518] Buffer I/O error on dev loop4, logical block 92, lost async page write [ 82.682683][ T7518] syz.4.1813: attempt to access beyond end of device [ 82.682683][ T7518] loop4: rw=2049, sector=202, nr_sectors = 6 limit=128 [ 82.696798][ T7518] syz.4.1813: attempt to access beyond end of device [ 82.696798][ T7518] loop4: rw=2049, sector=206, nr_sectors = 2 limit=128 [ 82.710344][ T7518] Buffer I/O error on dev loop4, logical block 103, lost async page write [ 82.718921][ T7518] syz.4.1813: attempt to access beyond end of device [ 82.718921][ T7518] loop4: rw=2049, sector=208, nr_sectors = 2 limit=128 [ 82.732395][ T7518] Buffer I/O error on dev loop4, logical block 104, lost async page write [ 82.757018][ T7518] syz.4.1813: attempt to access beyond end of device [ 82.757018][ T7518] loop4: rw=2049, sector=210, nr_sectors = 6 limit=128 [ 82.770988][ T7518] Buffer I/O error on dev loop4, logical block 107, lost async page write [ 82.786674][ T7535] loop0: detected capacity change from 0 to 512 [ 82.795428][ T7518] Buffer I/O error on dev loop4, logical block 108, lost async page write [ 82.806326][ T7535] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.819104][ T7518] Buffer I/O error on dev loop4, logical block 119, lost async page write [ 82.827923][ T7535] ext4 filesystem being mounted at /384/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.838523][ T7518] Buffer I/O error on dev loop4, logical block 120, lost async page write [ 82.848183][ T7535] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.916176][ T7545] loop1: detected capacity change from 0 to 512 [ 82.935791][ T7545] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.949326][ T7545] ext4 filesystem being mounted at /364/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 82.978144][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.000549][ T7560] batadv1: entered promiscuous mode [ 83.005937][ T7560] batadv1: entered allmulticast mode [ 83.006113][ T7558] loop3: detected capacity change from 0 to 512 [ 83.020521][ T7558] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 83.038031][ T7558] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.050759][ T7558] ext4 filesystem being mounted at /351/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.077517][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.095205][ T7568] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 83.103927][ T7568] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 83.263359][ T7585] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 83.275440][ T7585] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 83.280628][ T7587] loop1: detected capacity change from 0 to 1024 [ 83.305642][ T7587] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.329013][ T7591] loop3: detected capacity change from 0 to 1024 [ 83.336226][ T7591] EXT4-fs: Ignoring removed bh option [ 83.337604][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.355567][ T7591] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.416270][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.430929][ T7603] netlink: 'syz.2.1836': attribute type 1 has an invalid length. [ 83.465325][ T7611] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 83.472676][ T7611] IPv6: NLM_F_CREATE should be set when creating new route [ 83.479900][ T7611] IPv6: NLM_F_CREATE should be set when creating new route [ 83.487231][ T7611] IPv6: NLM_F_CREATE should be set when creating new route [ 83.494705][ T7611] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 83.556032][ T7622] macvtap0: entered promiscuous mode [ 83.567556][ T7622] macvtap0: left promiscuous mode [ 83.576973][ T7626] syz_tun: refused to change device tx_queue_len [ 83.707432][ T7653] loop1: detected capacity change from 0 to 1024 [ 83.725901][ T7653] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.787521][ T7666] lo speed is unknown, defaulting to 1000 [ 83.789137][ T7668] loop3: detected capacity change from 0 to 1024 [ 83.819423][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.838948][ T7668] EXT4-fs: Ignoring removed orlov option [ 83.844751][ T7668] EXT4-fs: Ignoring removed nomblk_io_submit option [ 83.866224][ T7668] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.891773][ T7668] EXT4-fs (loop3): shut down requested (1) [ 83.913373][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.035971][ T7700] loop1: detected capacity change from 0 to 512 [ 84.080642][ T7700] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.103303][ T7700] ext4 filesystem being mounted at /385/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 84.140644][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.184495][ T7724] loop0: detected capacity change from 0 to 512 [ 84.447862][ T7738] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 84.457949][ T7738] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 84.529480][ T3366] hid_parser_main: 73 callbacks suppressed [ 84.529497][ T3366] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 84.543028][ T3366] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 84.550448][ T3366] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 84.557945][ T3366] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 84.565440][ T3366] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 84.572960][ T3366] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 84.580372][ T3366] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 84.587915][ T3366] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 84.595454][ T3366] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 84.602901][ T3366] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 84.627936][ T3366] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [sy] on syz0 [ 84.664307][ T7754] loop2: detected capacity change from 0 to 1024 [ 84.671043][ T7754] EXT4-fs: Ignoring removed nomblk_io_submit option [ 84.678951][ T7754] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 84.687358][ T7754] System zones: 0-1, 3-36 [ 84.694592][ T7757] loop4: detected capacity change from 0 to 512 [ 84.706584][ T7754] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.761539][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.845666][ T7782] loop2: detected capacity change from 0 to 512 [ 84.873264][ T7782] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.886799][ T7782] ext4 filesystem being mounted at /359/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.927062][ T7782] EXT4-fs (loop2): shut down requested (0) [ 84.944029][ T7782] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop2 ino=12 [ 84.958512][ T7782] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop2 ino=12 [ 84.969608][ T7782] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop2 ino=15 [ 84.979710][ T7782] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop2 ino=12 [ 84.989776][ T7782] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop2 ino=15 [ 84.999306][ T7782] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop2 ino=12 [ 85.026378][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.089400][ T7812] loop4: detected capacity change from 0 to 512 [ 85.110963][ T7812] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.129013][ T7812] ext4 filesystem being mounted at /391/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.186066][ T7830] loop3: detected capacity change from 0 to 1024 [ 85.211679][ T7832] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 85.223854][ T7830] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.273157][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.333127][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.492166][ T7866] loop4: detected capacity change from 0 to 512 [ 85.526616][ T7866] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.539728][ T7866] ext4 filesystem being mounted at /394/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.569940][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.688493][ T7882] loop4: detected capacity change from 0 to 1024 [ 85.710751][ T7882] EXT4-fs: Ignoring removed orlov option [ 85.728937][ T7882] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 85.740299][ T7888] loop3: detected capacity change from 0 to 512 [ 85.772565][ T7888] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 85.780596][ T7888] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0003] [ 85.796542][ T7888] EXT4-fs (loop3): orphan cleanup on readonly fs [ 85.832943][ T7888] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #13: comm syz.3.1960: iget: bad i_size value: 12154761577498 [ 85.855547][ T7888] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1960: couldn't read orphan inode 13 (err -117) [ 85.893650][ T7888] EXT4-fs warning (device loop3): dx_probe:861: inode #2: comm syz.3.1960: dx entry: limit 65535 != root limit 120 [ 85.905935][ T7888] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.1960: Corrupt directory, running e2fsck is recommended [ 85.993626][ T7907] loop3: detected capacity change from 0 to 1024 [ 86.000899][ T7907] EXT4-fs: Ignoring removed nomblk_io_submit option [ 86.009648][ T7907] EXT4-fs: Ignoring removed nobh option [ 86.183149][ T7929] __nla_validate_parse: 6 callbacks suppressed [ 86.183166][ T7929] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1979'. [ 86.261028][ T7939] loop3: detected capacity change from 0 to 512 [ 86.293757][ T7939] ext4 filesystem being mounted at /389/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 86.314816][ T7939] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1981: corrupted inode contents [ 86.329916][ T7939] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.1981: mark_inode_dirty error [ 86.361793][ T7939] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1981: corrupted inode contents [ 86.816696][ T7985] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2005'. [ 86.830058][ T7987] loop1: detected capacity change from 0 to 1024 [ 86.845268][ T7993] Invalid ELF header magic: != ELF [ 86.880098][ T7987] EXT4-fs warning (device loop1): empty_inline_dir:1749: bad inline directory (dir #12) - no `..' [ 86.940353][ T7996] SELinux: failed to load policy [ 86.984345][ T29] kauditd_printk_skb: 95 callbacks suppressed [ 86.984360][ T29] audit: type=1400 audit(2000000043.990:42569): avc: denied { write } for pid=8007 comm="syz.3.2015" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 87.028076][ T8014] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2019'. [ 87.048639][ T29] audit: type=1326 audit(2000000044.050:42570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8015 comm="syz.1.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed8ba4eec9 code=0x7ffc0000 [ 87.072375][ T29] audit: type=1326 audit(2000000044.050:42571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8015 comm="syz.1.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed8ba4eec9 code=0x7ffc0000 [ 87.132498][ T29] audit: type=1326 audit(2000000044.110:42572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8015 comm="syz.1.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7fed8ba4eec9 code=0x7ffc0000 [ 87.135904][ T8024] loop2: detected capacity change from 0 to 512 [ 87.156159][ T29] audit: type=1326 audit(2000000044.110:42573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8015 comm="syz.1.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed8ba4eec9 code=0x7ffc0000 [ 87.186105][ T29] audit: type=1326 audit(2000000044.110:42574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8015 comm="syz.1.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed8ba4eec9 code=0x7ffc0000 [ 87.188560][ T8024] EXT4-fs warning (device loop2): ext4_xattr_inode_get:542: inode #11: comm syz.2.2023: ea_inode file size=0 entry size=6 [ 87.223124][ T8024] ------------[ cut here ]------------ [ 87.228635][ T8024] EA inode 11 i_nlink=2 [ 87.228982][ T8024] WARNING: CPU: 1 PID: 8024 at fs/ext4/xattr.c:1053 ext4_xattr_inode_update_ref+0x3d4/0x3f0 [ 87.243440][ T8024] Modules linked in: [ 87.247375][ T8024] CPU: 1 UID: 0 PID: 8024 Comm: syz.2.2023 Not tainted syzkaller #0 PREEMPT(voluntary) [ 87.257175][ T8024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 87.267479][ T8024] RIP: 0010:ext4_xattr_inode_update_ref+0x3d4/0x3f0 [ 87.274269][ T8024] Code: 90 49 8d 7e 40 e8 9c f8 b7 ff 4d 8b 6e 40 4c 89 e7 e8 b0 f3 b7 ff 41 8b 56 48 48 c7 c7 ee a6 54 86 4c 89 ee e8 fd de 66 ff 90 <0f> 0b 90 90 e9 58 fe ff ff e8 0e 9d ad 03 66 66 66 66 66 2e 0f 1f [ 87.293996][ T8024] RSP: 0018:ffffc9000f44f7c8 EFLAGS: 00010246 [ 87.300145][ T8024] RAX: ce96684bd029db00 RBX: ffff88811ac6e010 RCX: 0000000000080000 [ 87.308179][ T8024] RDX: ffffc900035cf000 RSI: 0000000000042f0f RDI: 0000000000042f10 [ 87.316312][ T8024] RBP: 0000000000000002 R08: 0001c9000f44f63f R09: 0000000000000000 [ 87.324921][ T8024] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88811ac6dfc0 [ 87.333036][ T8024] R13: 000000000000000b R14: ffff88811ac6df78 R15: 0000000000000001 [ 87.341100][ T8024] FS: 00007f85d36676c0(0000) GS:ffff8882aef40000(0000) knlGS:0000000000000000 [ 87.350183][ T8024] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.356841][ T8024] CR2: 00007f85d4be21e0 CR3: 0000000126bd4000 CR4: 00000000003506f0 [ 87.365165][ T8024] DR0: 0000200000000300 DR1: 0000000000000000 DR2: 0000000000000000 [ 87.373207][ T8024] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 87.381317][ T29] audit: type=1326 audit(2000000044.280:42575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8028 comm="syz.4.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b57a4eec9 code=0x7ffc0000 [ 87.381420][ T29] audit: type=1326 audit(2000000044.280:42576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8028 comm="syz.4.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=172 compat=0 ip=0x7f7b57a4eec9 code=0x7ffc0000 [ 87.381464][ T29] audit: type=1326 audit(2000000044.280:42577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8028 comm="syz.4.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b57a4eec9 code=0x7ffc0000 [ 87.404925][ T8024] Call Trace: [ 87.404936][ T8024] [ 87.404950][ T8024] ext4_xattr_inode_dec_ref_all+0x579/0x830 [ 87.428575][ T29] audit: type=1326 audit(2000000044.300:42578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8028 comm="syz.4.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b57a4eec9 code=0x7ffc0000 [ 87.452235][ T8024] ? errseq_check+0x2c/0x50 [ 87.466040][ T8033] 9pnet_fd: Insufficient options for proto=fd [ 87.488244][ T8024] ext4_xattr_delete_inode+0x6b7/0x790 [ 87.498864][ T8035] loop4: detected capacity change from 0 to 512 [ 87.499043][ T8024] ? ext4_truncate+0x92e/0xae0 [ 87.511177][ T8035] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 87.515678][ T8024] ext4_evict_inode+0xa6a/0xd90 [ 87.529404][ T8024] ? __pfx_ext4_evict_inode+0x10/0x10 [ 87.534857][ T8024] evict+0x2e3/0x550 [ 87.538999][ T8024] ? __dquot_initialize+0x146/0x7c0 [ 87.544274][ T8024] iput+0x447/0x5b0 [ 87.548161][ T8024] ext4_process_orphan+0x1a9/0x1c0 [ 87.553394][ T8024] ext4_orphan_cleanup+0x6a8/0xa00 [ 87.558696][ T8024] ext4_fill_super+0x3260/0x35d0 [ 87.563776][ T8024] ? set_blocksize+0x1a8/0x310 [ 87.568598][ T8024] ? sb_set_blocksize+0xe3/0x100 [ 87.573822][ T8024] ? setup_bdev_super+0x30e/0x370 [ 87.574181][ T8035] EXT4-fs (loop4): orphan cleanup on readonly fs [ 87.579028][ T8024] ? __pfx_ext4_fill_super+0x10/0x10 [ 87.587093][ T8035] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.2038: iget: bad i_size value: 360287970189639680 [ 87.590708][ T8024] get_tree_bdev_flags+0x28e/0x300 [ 87.605301][ T8035] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.2038: couldn't read orphan inode 15 (err -117) [ 87.608808][ T8024] ? __pfx_ext4_fill_super+0x10/0x10 [ 87.626420][ T8024] get_tree_bdev+0x1f/0x30 [ 87.630963][ T8024] ext4_get_tree+0x1c/0x30 [ 87.635653][ T8024] vfs_get_tree+0x57/0x1d0 [ 87.640117][ T8024] do_new_mount+0x207/0x5e0 [ 87.644709][ T8024] ? security_capable+0x83/0x90 [ 87.649727][ T8024] path_mount+0x4a4/0xb20 [ 87.654138][ T8024] ? user_path_at+0x109/0x130 [ 87.659068][ T8024] __se_sys_mount+0x28f/0x2e0 [ 87.663895][ T8024] __x64_sys_mount+0x67/0x80 [ 87.668623][ T8024] x64_sys_call+0x2b4d/0x2ff0 [ 87.673408][ T8024] do_syscall_64+0xd2/0x200 [ 87.677975][ T8024] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 87.684289][ T8024] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 87.690039][ T8024] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.696047][ T8024] RIP: 0033:0x7f85d4c0066a [ 87.700482][ T8024] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.720201][ T8024] RSP: 002b:00007f85d3666e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 87.728685][ T8024] RAX: ffffffffffffffda RBX: 00007f85d3666ef0 RCX: 00007f85d4c0066a [ 87.736721][ T8024] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f85d3666eb0 [ 87.744719][ T8024] RBP: 0000200000000180 R08: 00007f85d3666ef0 R09: 0000000000800700 [ 87.752774][ T8024] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 87.760903][ T8024] R13: 00007f85d3666eb0 R14: 0000000000000473 R15: 0000200000000680 [ 87.769032][ T8024] [ 87.772073][ T8024] ---[ end trace 0000000000000000 ]--- [ 87.782445][ T8024] EXT4-fs (loop2): 1 orphan inode deleted [ 88.056919][ T8066] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2041'. [ 88.264801][ T8099] C: renamed from team_slave_0 [ 88.272262][ T8099] netlink: 'syz.1.2056': attribute type 3 has an invalid length. [ 88.280247][ T8099] netlink: 144 bytes leftover after parsing attributes in process `syz.1.2056'. [ 88.289961][ T8099] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 88.608421][ T8119] program syz.4.2065 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 88.644471][ T8123] loop1: detected capacity change from 0 to 1024 [ 88.658153][ T8123] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2066: bg 0: block 193: padding at end of block bitmap is not set [ 88.724380][ T8137] program syz.1.2072 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 88.853278][ T8158] loop1: detected capacity change from 0 to 256 [ 89.139677][ T8200] loop1: detected capacity change from 0 to 128 [ 89.150018][ T8195] binfmt_misc: register: failed to install interpreter file ./file2 [ 89.249709][ T8211] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8211 comm=syz.1.2107 [ 89.405510][ T8217] netdevsim netdevsim0: Direct firmware load for ./file0/file1 failed with error -2 [ 89.432331][ T8219] netlink: 80 bytes leftover after parsing attributes in process `syz.0.2111'. [ 89.441499][ T8219] sch_tbf: peakrate 212 is lower than or equals to rate 32587 ! [ 89.782322][ T8259] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2130'. [ 89.794541][ T8261] loop4: detected capacity change from 0 to 256 [ 89.856377][ T8272] netlink: 148 bytes leftover after parsing attributes in process `syz.4.2137'. [ 89.929157][ T8285] netlink: 'syz.0.2143': attribute type 1 has an invalid length. [ 90.052327][ T8306] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2153'. [ 90.104841][ T8314] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2157'. [ 90.227419][ T8338] loop4: detected capacity change from 0 to 1024 [ 90.235609][ T8338] EXT4-fs: Ignoring removed orlov option [ 90.241383][ T8338] EXT4-fs: Ignoring removed nomblk_io_submit option [ 90.370110][ T8355] SELinux: failed to load policy [ 90.467204][ T8376] loop2: detected capacity change from 0 to 256 [ 90.512181][ T8382] veth1_macvtap: left promiscuous mode [ 90.675667][ T8407] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 90.975865][ T31] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.019854][ T31] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.071889][ T31] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.156135][ T8449] lo speed is unknown, defaulting to 1000 [ 91.174286][ T31] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.278160][ T8478] netlink: 'syz.3.2228': attribute type 21 has an invalid length. [ 91.286112][ T8478] __nla_validate_parse: 10 callbacks suppressed [ 91.286127][ T8478] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2228'. [ 91.361575][ T8486] netlink: 'syz.3.2231': attribute type 5 has an invalid length. [ 91.374131][ T31] bond0 (unregistering): Released all slaves [ 91.390314][ T8477] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2238'. [ 91.441503][ T8449] chnl_net:caif_netlink_parms(): no params data found [ 91.546147][ T8501] loop3: detected capacity change from 0 to 512 [ 91.559254][ T31] hsr_slave_0: left promiscuous mode [ 91.575163][ T31] hsr_slave_1: left promiscuous mode [ 91.595054][ T8506] loop0: detected capacity change from 0 to 256 [ 91.595542][ T31] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 91.608519][ T31] batman_adv: batadv0: Removing interface: veth1_vlan [ 91.627935][ T31] veth1_macvtap: left promiscuous mode [ 91.634135][ T31] veth0_macvtap: left promiscuous mode [ 91.640032][ T31] veth1_vlan: left promiscuous mode [ 91.645581][ T31] veth0_vlan: left promiscuous mode [ 91.651214][ T8509] loop3: detected capacity change from 0 to 1024 [ 91.728443][ T8509] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2241: Allocating blocks 449-513 which overlap fs metadata [ 91.778751][ T8508] EXT4-fs (loop3): pa ffff8881072825b0: logic 48, phys. 177, len 21 [ 91.787103][ T8508] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 91.839569][ T10] hid_parser_main: 22 callbacks suppressed [ 91.839591][ T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0 [ 91.853410][ T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0 [ 91.860820][ T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0 [ 91.868341][ T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0 [ 91.875862][ T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0 [ 91.883341][ T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0 [ 91.890787][ T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0 [ 91.894636][ T8528] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2249'. [ 91.898284][ T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0 [ 91.914615][ T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0 [ 91.922030][ T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0 [ 91.931699][ T10] hid-generic 0003:0004:0000.0003: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 91.944435][ T8526] loop3: detected capacity change from 0 to 512 [ 91.964949][ T8526] ext4 filesystem being mounted at /439/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 92.010665][ T8449] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.017889][ T8449] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.028166][ T8449] bridge_slave_0: entered allmulticast mode [ 92.036000][ T8449] bridge_slave_0: entered promiscuous mode [ 92.047607][ T29] kauditd_printk_skb: 46 callbacks suppressed [ 92.047622][ T29] audit: type=1326 audit(2000000305.053:42625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8544 comm="syz.0.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 92.077312][ T29] audit: type=1326 audit(2000000305.053:42626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8544 comm="syz.0.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 92.101020][ T29] audit: type=1326 audit(2000000305.053:42627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8544 comm="syz.0.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 92.124641][ T29] audit: type=1326 audit(2000000305.053:42628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8544 comm="syz.0.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 92.148262][ T29] audit: type=1326 audit(2000000305.053:42629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8544 comm="syz.0.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 92.171869][ T29] audit: type=1326 audit(2000000305.053:42630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8544 comm="syz.0.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 92.195596][ T29] audit: type=1326 audit(2000000305.053:42631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8544 comm="syz.0.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 92.219127][ T29] audit: type=1326 audit(2000000305.053:42632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8544 comm="syz.0.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 92.243037][ T29] audit: type=1326 audit(2000000305.053:42633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8544 comm="syz.0.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 92.247530][ T8449] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.266843][ T29] audit: type=1326 audit(2000000305.053:42634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8544 comm="syz.0.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 92.297623][ T8449] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.309620][ T8449] bridge_slave_1: entered allmulticast mode [ 92.310332][ T8449] bridge_slave_1: entered promiscuous mode [ 92.329549][ T8560] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2262'. [ 92.342129][ T8560] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2262'. [ 92.358648][ T8449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.374023][ T8449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.434653][ T8567] loop0: detected capacity change from 0 to 8192 [ 92.449738][ T8567] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 92.468686][ T8449] team0: Port device team_slave_0 added [ 92.483881][ T8449] team0: Port device team_slave_1 added [ 92.490373][ C1] hrtimer: interrupt took 27074 ns [ 92.567016][ T8449] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.574162][ T8449] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.600132][ T8449] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.611954][ T8567] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 92.620859][ T8567] FAT-fs (loop0): Filesystem has been set read-only [ 92.638570][ T8567] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 92.652140][ T8567] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 92.662246][ T8449] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.669250][ T8449] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.695415][ T8449] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.886974][ T8449] hsr_slave_0: entered promiscuous mode [ 92.905140][ T8449] hsr_slave_1: entered promiscuous mode [ 92.925784][ T8449] debugfs: 'hsr0' already exists in 'hsr' [ 92.931654][ T8449] Cannot create hsr debugfs directory [ 92.991374][ T8608] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2283'. [ 93.060193][ T8619] netlink: 'syz.4.2286': attribute type 15 has an invalid length. [ 93.068680][ T8617] loop0: detected capacity change from 0 to 1024 [ 93.078812][ T8617] EXT4-fs: Ignoring removed nobh option [ 93.084605][ T8617] EXT4-fs: Ignoring removed bh option [ 93.107973][ T8622] netdevsim netdevsim1: Firmware load for '..' refused, path contains '..' component [ 93.220454][ T8637] openvswitch: netlink: Message has 6 unknown bytes. [ 93.230108][ T8449] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 93.260059][ T8449] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 93.274689][ T8449] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 93.293926][ T8449] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 93.345884][ T8449] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.372305][ T8449] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.390553][ T1723] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.397692][ T1723] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.417813][ T51] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.425537][ T51] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.510069][ T8659] netlink: 'syz.1.2303': attribute type 15 has an invalid length. [ 93.551812][ T8449] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.567180][ T8663] bond1: entered promiscuous mode [ 93.572263][ T8663] bond1: entered allmulticast mode [ 93.577922][ T8663] 8021q: adding VLAN 0 to HW filter on device bond1 [ 93.591476][ T8663] bond1 (unregistering): Released all slaves [ 93.775608][ T8449] veth0_vlan: entered promiscuous mode [ 93.789668][ T8449] veth1_vlan: entered promiscuous mode [ 93.828983][ T8449] veth0_macvtap: entered promiscuous mode [ 93.829092][ T8682] loop3: detected capacity change from 0 to 164 [ 93.840488][ T8449] veth1_macvtap: entered promiscuous mode [ 93.870842][ T8449] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.887690][ T8449] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.906033][ T8682] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 93.913811][ T51] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.925143][ T51] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.939262][ T51] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.963322][ T51] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.031525][ T8691] loop2: detected capacity change from 0 to 1024 [ 94.058401][ T8691] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.2213: Allocating blocks 465-513 which overlap fs metadata [ 94.074779][ T8691] EXT4-fs (loop2): pa ffff888107282620: logic 256, phys. 369, len 9 [ 94.083084][ T8691] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3 [ 94.095318][ T8691] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt. [ 94.127263][ T8698] netlink: 'syz.0.2315': attribute type 15 has an invalid length. [ 94.149975][ T8702] loop1: detected capacity change from 0 to 128 [ 94.196715][ T8702] bio_check_eod: 32 callbacks suppressed [ 94.196735][ T8702] syz.1.2317: attempt to access beyond end of device [ 94.196735][ T8702] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 94.264908][ T8711] loop2: detected capacity change from 0 to 512 [ 94.279667][ T8715] loop0: detected capacity change from 0 to 1024 [ 94.304836][ T8711] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.307050][ T8717] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 94.325637][ T8717] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 94.407201][ T8728] loop2: detected capacity change from 0 to 1024 [ 94.416340][ T8728] EXT4-fs: Ignoring removed nobh option [ 94.421976][ T8728] EXT4-fs: Ignoring removed bh option [ 94.491088][ T8741] openvswitch: netlink: Message has 6 unknown bytes. [ 94.526754][ T8749] loop2: detected capacity change from 0 to 512 [ 94.549668][ T8755] loop3: detected capacity change from 0 to 128 [ 94.560409][ T8749] ext4 filesystem being mounted at /4/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 94.564506][ T8755] syz.3.2339: attempt to access beyond end of device [ 94.564506][ T8755] loop3: rw=2049, sector=170, nr_sectors = 6 limit=128 [ 94.591210][ T8755] syz.3.2339: attempt to access beyond end of device [ 94.591210][ T8755] loop3: rw=2049, sector=174, nr_sectors = 2 limit=128 [ 94.604806][ T8755] buffer_io_error: 18 callbacks suppressed [ 94.604826][ T8755] Buffer I/O error on dev loop3, logical block 87, lost async page write [ 94.624388][ T8755] syz.3.2339: attempt to access beyond end of device [ 94.624388][ T8755] loop3: rw=2049, sector=176, nr_sectors = 2 limit=128 [ 94.637960][ T8755] Buffer I/O error on dev loop3, logical block 88, lost async page write [ 94.650717][ T8755] syz.3.2339: attempt to access beyond end of device [ 94.650717][ T8755] loop3: rw=2049, sector=178, nr_sectors = 6 limit=128 [ 94.667043][ T8764] loop0: detected capacity change from 0 to 1024 [ 94.673401][ T8755] syz.3.2339: attempt to access beyond end of device [ 94.673401][ T8755] loop3: rw=2049, sector=182, nr_sectors = 2 limit=128 [ 94.687070][ T8755] Buffer I/O error on dev loop3, logical block 91, lost async page write [ 94.696253][ T8755] syz.3.2339: attempt to access beyond end of device [ 94.696253][ T8755] loop3: rw=2049, sector=184, nr_sectors = 2 limit=128 [ 94.709752][ T8755] Buffer I/O error on dev loop3, logical block 92, lost async page write [ 94.714337][ T8764] EXT4-fs: Ignoring removed bh option [ 94.724032][ T8755] syz.3.2339: attempt to access beyond end of device [ 94.724032][ T8755] loop3: rw=2049, sector=202, nr_sectors = 6 limit=128 [ 94.738883][ T8755] syz.3.2339: attempt to access beyond end of device [ 94.738883][ T8755] loop3: rw=2049, sector=206, nr_sectors = 2 limit=128 [ 94.752395][ T8755] Buffer I/O error on dev loop3, logical block 103, lost async page write [ 94.761257][ T8755] syz.3.2339: attempt to access beyond end of device [ 94.761257][ T8755] loop3: rw=2049, sector=208, nr_sectors = 2 limit=128 [ 94.774874][ T8755] Buffer I/O error on dev loop3, logical block 104, lost async page write [ 94.785539][ T8755] Buffer I/O error on dev loop3, logical block 107, lost async page write [ 94.812450][ T8755] Buffer I/O error on dev loop3, logical block 108, lost async page write [ 94.825670][ T8755] Buffer I/O error on dev loop3, logical block 119, lost async page write [ 94.834410][ T8755] Buffer I/O error on dev loop3, logical block 120, lost async page write [ 94.879225][ T8780] netdevsim netdevsim0: Firmware load for '..' refused, path contains '..' component [ 94.916733][ T8785] loop4: detected capacity change from 0 to 1024 [ 94.953511][ T8785] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2350: Allocating blocks 465-513 which overlap fs metadata [ 94.984798][ T8785] EXT4-fs (loop4): pa ffff88810702b310: logic 256, phys. 369, len 9 [ 94.992905][ T8785] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3 [ 95.003205][ T8785] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt. [ 95.077212][ T8808] loop4: detected capacity change from 0 to 1024 [ 95.088550][ T8808] EXT4-fs: Ignoring removed orlov option [ 95.094487][ T8808] EXT4-fs: Ignoring removed nomblk_io_submit option [ 95.107458][ T8808] EXT4-fs (loop4): shut down requested (1) [ 95.165652][ T8822] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 95.174726][ T8822] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 95.870446][ T8867] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 95.877011][ T8867] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 95.884515][ T8867] vhci_hcd vhci_hcd.0: Device attached [ 95.893965][ T8869] vhci_hcd: connection closed [ 95.897858][ T31] vhci_hcd: stop threads [ 95.906863][ T31] vhci_hcd: release socket [ 95.911339][ T31] vhci_hcd: disconnect device [ 95.986721][ T8882] loop0: detected capacity change from 0 to 512 [ 96.017369][ T8882] EXT4-fs (loop0): too many log groups per flexible block group [ 96.025154][ T8882] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 96.047452][ T8891] loop2: detected capacity change from 0 to 512 [ 96.050544][ T8882] EXT4-fs (loop0): mount failed [ 96.184356][ T8918] loop0: detected capacity change from 0 to 512 [ 96.194408][ T8918] ext4 filesystem being mounted at /517/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 96.290891][ T8935] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 96.325684][ T8939] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2421'. [ 96.377232][ T8947] loop2: detected capacity change from 0 to 512 [ 96.404447][ T8947] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.515023][ T8963] loop0: detected capacity change from 0 to 1024 [ 96.523452][ T8965] loop1: detected capacity change from 0 to 128 [ 96.550407][ T8967] loop3: detected capacity change from 0 to 512 [ 96.567460][ T8967] EXT4-fs: Ignoring removed orlov option [ 96.567902][ T8963] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.2429: Allocating blocks 465-513 which overlap fs metadata [ 96.589459][ T8967] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 96.598367][ T8963] EXT4-fs (loop0): pa ffff888107282690: logic 256, phys. 369, len 9 [ 96.606532][ T8963] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3 [ 96.617123][ T8967] EXT4-fs (loop3): orphan cleanup on readonly fs [ 96.618145][ T8963] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt. [ 96.624970][ T8967] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2431: bg 0: block 248: padding at end of block bitmap is not set [ 96.654423][ T8967] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.2431: Failed to acquire dquot type 1 [ 96.666792][ T8967] EXT4-fs (loop3): 1 truncate cleaned up [ 96.763746][ T8992] loop2: detected capacity change from 0 to 512 [ 96.801494][ T8999] netlink: 'syz.3.2445': attribute type 10 has an invalid length. [ 96.812203][ T8992] ext4 filesystem being mounted at /34/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.840268][ T8999] team0: Device hsr_slave_0 failed to register rx_handler [ 96.896937][ T9005] loop3: detected capacity change from 0 to 1024 [ 96.904148][ T9005] EXT4-fs: Ignoring removed orlov option [ 96.930866][ T9005] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 97.033814][ T9024] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 97.040462][ T9024] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 97.048145][ T9024] vhci_hcd vhci_hcd.0: Device attached [ 97.091146][ T9025] vhci_hcd: connection closed [ 97.091281][ T51] vhci_hcd: stop threads [ 97.100418][ T51] vhci_hcd: release socket [ 97.105300][ T51] vhci_hcd: disconnect device [ 97.673378][ T9062] loop0: detected capacity change from 0 to 512 [ 97.681100][ T9062] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 97.689511][ T9062] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0003] [ 97.698251][ T9062] EXT4-fs (loop0): orphan cleanup on readonly fs [ 97.708259][ T9062] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #13: comm syz.0.2472: iget: bad i_size value: 12154761577498 [ 97.722185][ T9062] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.2472: couldn't read orphan inode 13 (err -117) [ 97.744448][ T9062] EXT4-fs warning (device loop0): dx_probe:861: inode #2: comm syz.0.2472: dx entry: limit 65535 != root limit 120 [ 97.746444][ T9072] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 97.756672][ T9062] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.2472: Corrupt directory, running e2fsck is recommended [ 97.765360][ T9072] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 97.829443][ T9076] loop1: detected capacity change from 0 to 1024 [ 97.837561][ T9076] EXT4-fs: Ignoring removed bh option [ 97.837562][ T9078] loop0: detected capacity change from 0 to 512 [ 97.855732][ T9078] ext4 filesystem being mounted at /527/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 98.051511][ T9107] loop0: detected capacity change from 0 to 512 [ 98.076770][ T9107] ext4 filesystem being mounted at /531/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 98.091335][ T9107] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.2490: corrupted inode contents [ 98.104530][ T9107] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #2: comm syz.0.2490: mark_inode_dirty error [ 98.116386][ T9107] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.2490: corrupted inode contents [ 98.461995][ T29] kauditd_printk_skb: 85 callbacks suppressed [ 98.462011][ T29] audit: type=1326 audit(2000000311.463:42718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9132 comm="syz.0.2499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 98.503532][ T29] audit: type=1326 audit(2000000311.463:42719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9132 comm="syz.0.2499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 98.527349][ T29] audit: type=1326 audit(2000000311.463:42720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9132 comm="syz.0.2499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 98.551138][ T29] audit: type=1326 audit(2000000311.473:42721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9132 comm="syz.0.2499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 98.596360][ T9135] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2503'. [ 98.632584][ T29] audit: type=1326 audit(2000000311.633:42722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9140 comm="syz.0.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 98.656339][ T29] audit: type=1326 audit(2000000311.633:42723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9140 comm="syz.0.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 98.680465][ T29] audit: type=1326 audit(2000000311.633:42724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9140 comm="syz.0.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 98.704111][ T29] audit: type=1326 audit(2000000311.633:42725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9140 comm="syz.0.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 98.727886][ T29] audit: type=1326 audit(2000000311.633:42726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9140 comm="syz.0.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 98.751558][ T29] audit: type=1326 audit(2000000311.633:42727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9140 comm="syz.0.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 99.033057][ T9158] Invalid ELF header magic: != ELF [ 99.117503][ T9150] SELinux: failed to load policy [ 99.199602][ T9168] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2517'. [ 99.234941][ T9174] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 99.253881][ T1035] IPVS: starting estimator thread 0... [ 99.260856][ T9174] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 99.326529][ T9191] ip6erspan0: entered promiscuous mode [ 99.343853][ T9177] IPVS: using max 1968 ests per chain, 98400 per kthread [ 99.355653][ T9193] loop2: detected capacity change from 0 to 512 [ 99.375201][ T9193] ext4 filesystem being mounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 99.391041][ T9193] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.2529: corrupted inode contents [ 99.406062][ T9193] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #2: comm syz.2.2529: mark_inode_dirty error [ 99.417871][ T9193] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.2529: corrupted inode contents [ 99.422827][ T9201] 9pnet_fd: Insufficient options for proto=fd [ 99.871572][ T9213] loop2: detected capacity change from 0 to 512 [ 99.882588][ T9213] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 99.891658][ T9213] EXT4-fs (loop2): orphan cleanup on readonly fs [ 99.899532][ T9213] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.2539: iget: bad i_size value: 360287970189639680 [ 99.915371][ T9213] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2539: couldn't read orphan inode 15 (err -117) [ 99.967667][ T9226] loop4: detected capacity change from 0 to 512 [ 99.975575][ T9226] EXT4-fs (loop4): failed to initialize system zone (-117) [ 99.979896][ T9228] ip6erspan0: entered promiscuous mode [ 99.983168][ T9226] EXT4-fs (loop4): mount failed [ 100.070850][ T9231] netlink: 140 bytes leftover after parsing attributes in process `syz.2.2547'. [ 100.096652][ T9234] loop4: detected capacity change from 0 to 512 [ 100.113751][ T9234] ext4 filesystem being mounted at /525/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 100.128159][ T9234] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.2550: corrupted inode contents [ 100.141585][ T9234] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #2: comm syz.4.2550: mark_inode_dirty error [ 100.154387][ T9234] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.2550: corrupted inode contents [ 100.154633][ T3373] IPVS: starting estimator thread 0... [ 100.252316][ T9240] IPVS: using max 2400 ests per chain, 120000 per kthread [ 100.297897][ T9258] ip6erspan0: entered promiscuous mode [ 100.353750][ T9260] loop3: detected capacity change from 0 to 512 [ 100.355463][ T9264] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2561'. [ 100.371374][ T9260] EXT4-fs warning (device loop3): ext4_xattr_inode_get:542: inode #11: comm syz.3.2563: ea_inode file size=0 entry size=6 [ 100.393327][ T9260] EXT4-fs (loop3): 1 orphan inode deleted [ 100.454331][ T9277] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 100.463582][ T9277] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 100.624040][ T1035] IPVS: starting estimator thread 0... [ 100.712242][ T9296] IPVS: using max 2016 ests per chain, 100800 per kthread [ 101.073196][ T9306] loop0: detected capacity change from 0 to 512 [ 101.095329][ T9313] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2581'. [ 101.105497][ T9306] EXT4-fs (loop0): failed to initialize system zone (-117) [ 101.116958][ T9306] EXT4-fs (loop0): mount failed [ 101.179335][ T9323] syz.0.2588 (9323) used greatest stack depth: 8696 bytes left [ 101.213353][ T9321] hub 2-0:1.0: USB hub found [ 101.221176][ T9321] hub 2-0:1.0: 8 ports detected [ 101.305022][ T9348] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2603'. [ 101.360073][ T9354] loop3: detected capacity change from 0 to 512 [ 101.394991][ T9354] EXT4-fs (loop3): failed to initialize system zone (-117) [ 101.444217][ T9354] EXT4-fs (loop3): mount failed [ 101.465722][ T9365] loop4: detected capacity change from 0 to 1024 [ 101.484736][ T9365] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 101.516738][ T9374] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 101.525817][ T9374] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 101.593263][ T9378] hub 2-0:1.0: USB hub found [ 101.599073][ T9378] hub 2-0:1.0: 8 ports detected [ 101.619556][ T9384] netlink: 168 bytes leftover after parsing attributes in process `syz.4.2616'. [ 101.636535][ T9386] C: renamed from team_slave_0 (while UP) [ 101.644023][ T9386] netlink: 'syz.2.2617': attribute type 3 has an invalid length. [ 101.651793][ T9386] netlink: 144 bytes leftover after parsing attributes in process `syz.2.2617'. [ 101.660975][ T9386] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 101.705875][ T9394] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2622'. [ 101.735360][ T9396] loop2: detected capacity change from 0 to 512 [ 101.744805][ T9396] EXT4-fs (loop2): failed to initialize system zone (-117) [ 101.756388][ T9396] EXT4-fs (loop2): mount failed [ 102.059042][ T9414] C: renamed from team_slave_0 [ 102.096084][ T9414] netlink: 'syz.4.2631': attribute type 3 has an invalid length. [ 102.096334][ T9415] hub 2-0:1.0: USB hub found [ 102.103879][ T9414] netlink: 144 bytes leftover after parsing attributes in process `syz.4.2631'. [ 102.113885][ T9415] hub 2-0:1.0: 8 ports detected [ 102.117724][ T9414] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 102.154999][ T9420] syz_tun: refused to change device tx_queue_len [ 102.170022][ T9426] tipc: Started in network mode [ 102.175057][ T9426] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 102.194732][ T9426] tipc: Enabled bearer , priority 10 [ 102.282916][ T9441] loop3: detected capacity change from 0 to 4096 [ 102.291058][ T9441] EXT4-fs: Ignoring removed mblk_io_submit option [ 102.297873][ T9441] EXT4-fs: test_dummy_encryption option not supported [ 102.311373][ T9448] netlink: 'syz.0.2647': attribute type 6 has an invalid length. [ 102.485571][ T9472] loop2: detected capacity change from 0 to 1024 [ 102.504150][ T9472] EXT4-fs mount: 70 callbacks suppressed [ 102.504166][ T9472] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.582912][ T9472] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2659: bg 0: block 193: padding at end of block bitmap is not set [ 102.623863][ T8449] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.672857][ T9492] program syz.2.2666 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 102.728115][ T9499] program syz.2.2670 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 102.754452][ T9497] loop1: detected capacity change from 0 to 8192 [ 102.961450][ T9527] loop2: detected capacity change from 0 to 512 [ 102.962759][ T9529] loop4: detected capacity change from 0 to 512 [ 102.971389][ T9527] EXT4-fs (loop2): failed to initialize system zone (-117) [ 102.981822][ T9529] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 102.981948][ T9527] EXT4-fs (loop2): mount failed [ 103.004185][ T9529] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.2694: Failed to acquire dquot type 1 [ 103.016253][ T9529] EXT4-fs (loop4): 1 truncate cleaned up [ 103.024037][ T9529] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.056909][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.215947][ T9538] tipc: Started in network mode [ 103.220947][ T9538] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 103.232414][ T9538] tipc: Enabled bearer , priority 10 [ 103.267895][ T9547] netlink: 'syz.1.2690': attribute type 6 has an invalid length. [ 103.312856][ T3366] tipc: Node number set to 4269801488 [ 103.371489][ T9567] loop4: detected capacity change from 0 to 2048 [ 103.396349][ T9567] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.457195][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.642857][ T9605] loop1: detected capacity change from 0 to 2048 [ 103.649808][ T9605] EXT4-fs: Ignoring removed i_version option [ 103.696050][ T9616] loop4: detected capacity change from 0 to 256 [ 103.705541][ T9605] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.758372][ T9605] ext4 filesystem being mounted at /556/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 103.841153][ T9628] binfmt_misc: register: failed to install interpreter file ./file2 [ 103.945294][ T9631] loop4: detected capacity change from 0 to 512 [ 103.952167][ T9632] loop3: detected capacity change from 0 to 512 [ 103.959277][ T9632] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 103.960948][ T9631] EXT4-fs (loop4): failed to initialize system zone (-117) [ 103.973488][ T9632] __quota_error: 31 callbacks suppressed [ 103.973508][ T9632] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 103.975668][ T9631] EXT4-fs (loop4): mount failed [ 103.981347][ T9632] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 103.981373][ T9632] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.2727: Failed to acquire dquot type 1 [ 103.983498][ T9632] EXT4-fs (loop3): 1 truncate cleaned up [ 104.026119][ T9632] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.059296][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.073775][ T9637] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2739'. [ 104.103079][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.130634][ T9644] loop4: detected capacity change from 0 to 128 [ 104.231232][ T9665] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9665 comm=syz.2.2742 [ 104.243892][ T9] tipc: Node number set to 4269801488 [ 104.252436][ T9667] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2753'. [ 104.261496][ T9667] sch_tbf: peakrate 212 is lower than or equals to rate 32587 ! [ 104.271601][ T9669] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2755'. [ 104.324021][ T9676] netdevsim netdevsim4: Direct firmware load for ./file0/file1 failed with error -2 [ 104.344950][ T3366] hid_parser_main: 8 callbacks suppressed [ 104.344971][ T3366] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 104.358311][ T3366] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 104.365918][ T3366] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 104.373377][ T3366] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 104.380804][ T3366] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 104.388340][ T3366] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 104.395869][ T3366] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 104.403345][ T3366] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 104.410777][ T3366] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 104.418451][ T3366] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 104.432028][ T3366] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.03 Device [syz1] on syz1 [ 104.497491][ T9688] netlink: 'syz.3.2754': attribute type 21 has an invalid length. [ 104.511547][ T9686] loop2: detected capacity change from 0 to 2048 [ 104.524887][ T9692] loop0: detected capacity change from 0 to 512 [ 104.532207][ T9686] EXT4-fs: Ignoring removed i_version option [ 104.533531][ T9692] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 104.558015][ T9686] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.583368][ T9686] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 104.595430][ T9692] Quota error (device loop0): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 104.605610][ T9692] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 104.615654][ T9692] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.2751: Failed to acquire dquot type 1 [ 104.628878][ T9692] EXT4-fs (loop0): 1 truncate cleaned up [ 104.636948][ T9692] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.681501][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.819062][ T9709] macvtap0: entered promiscuous mode [ 104.834205][ T9709] macvtap0: left promiscuous mode [ 104.855228][ T8449] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.889271][ T29] audit: type=1326 audit(2000000573.888:42757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9714 comm="syz.0.2775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 104.913009][ T29] audit: type=1326 audit(2000000573.888:42758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9714 comm="syz.0.2775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 105.013401][ T29] audit: type=1326 audit(2000000573.948:42759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9714 comm="syz.0.2775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 105.036992][ T29] audit: type=1326 audit(2000000573.948:42760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9714 comm="syz.0.2775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 105.060799][ T29] audit: type=1326 audit(2000000573.948:42761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9714 comm="syz.0.2775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 105.084413][ T29] audit: type=1326 audit(2000000573.948:42762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9714 comm="syz.0.2775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 105.145701][ T9727] macvtap0: entered promiscuous mode [ 105.160985][ T9729] loop1: detected capacity change from 0 to 512 [ 105.170752][ T9727] macvtap0: left promiscuous mode [ 105.170975][ T9731] netlink: 'syz.2.2769': attribute type 21 has an invalid length. [ 105.187312][ T9729] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 105.256791][ T9729] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.2768: Failed to acquire dquot type 1 [ 105.272113][ T9738] loop3: detected capacity change from 0 to 512 [ 105.278550][ T9742] loop4: detected capacity change from 0 to 2048 [ 105.285400][ T9742] EXT4-fs: Ignoring removed i_version option [ 105.292628][ T9729] EXT4-fs (loop1): 1 truncate cleaned up [ 105.298771][ T9729] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.333014][ T9742] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.345691][ T9742] ext4 filesystem being mounted at /567/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 105.373052][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.557835][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.578628][ T9781] netlink: 148 bytes leftover after parsing attributes in process `syz.0.2803'. [ 105.680126][ T9799] loop3: detected capacity change from 0 to 256 [ 105.696448][ T9800] loop1: detected capacity change from 0 to 512 [ 105.716325][ T9800] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 105.753285][ T9800] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 105.782427][ T9800] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #11: comm syz.1.2799: corrupted inode contents [ 105.836203][ T9800] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #11: comm syz.1.2799: mark_inode_dirty error [ 105.856110][ T9800] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2799: invalid indirect mapped block 1 (level 1) [ 105.883197][ T9800] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #11: comm syz.1.2799: corrupted inode contents [ 105.905638][ T9800] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 105.933681][ T9816] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2810'. [ 105.934888][ T9800] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #11: comm syz.1.2799: corrupted inode contents [ 105.942876][ T9816] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2810'. [ 105.965377][ T9800] EXT4-fs error (device loop1): ext4_truncate:4666: inode #11: comm syz.1.2799: mark_inode_dirty error [ 105.991346][ T9800] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 106.003653][ T9800] EXT4-fs (loop1): 1 truncate cleaned up [ 106.015791][ T9823] netlink: 'syz.2.2813': attribute type 1 has an invalid length. [ 106.032669][ T9800] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.097574][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.283184][ T9867] loop0: detected capacity change from 0 to 512 [ 106.293255][ T9867] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 106.313733][ T9867] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.2833: Failed to acquire dquot type 1 [ 106.325889][ T9867] EXT4-fs (loop0): 1 truncate cleaned up [ 106.332267][ T9867] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.357038][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.933289][ T9878] loop3: detected capacity change from 0 to 2048 [ 106.940137][ T9878] EXT4-fs: Ignoring removed i_version option [ 106.953560][ T9878] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.965756][ T9878] ext4 filesystem being mounted at /558/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 107.040009][ T9894] __nla_validate_parse: 3 callbacks suppressed [ 107.040026][ T9894] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2837'. [ 107.055355][ T9894] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2837'. [ 107.064430][ T9894] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2837'. [ 107.268023][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.448785][ T9911] macvtap0: entered promiscuous mode [ 107.461450][ T9911] macvtap0: left promiscuous mode [ 107.517822][ T9922] loop0: detected capacity change from 0 to 1024 [ 107.532344][ T3366] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [sy] on syz0 [ 107.543676][ T9922] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.584327][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.606616][ T9934] loop0: detected capacity change from 0 to 256 [ 107.641280][ T9936] loop3: detected capacity change from 0 to 2048 [ 107.648062][ T9936] EXT4-fs: Ignoring removed i_version option [ 107.663582][ T9936] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.676108][ T9936] ext4 filesystem being mounted at /563/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 107.705336][ T9942] loop2: detected capacity change from 0 to 512 [ 107.821981][ T9955] loop1: detected capacity change from 0 to 512 [ 107.858084][ T9958] loop4: detected capacity change from 0 to 1024 [ 107.879163][ T9958] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.907106][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.006387][ T9980] loop1: detected capacity change from 0 to 512 [ 108.017991][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.041491][ T9986] loop4: detected capacity change from 0 to 512 [ 108.053794][ T9986] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.066931][ T9986] ext4 filesystem being mounted at /579/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 108.081928][ T9986] EXT4-fs (loop4): shut down requested (0) [ 108.113722][ T9986] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 108.125686][ T9995] loop1: detected capacity change from 0 to 2048 [ 108.133919][ T9986] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 108.134033][ T9995] EXT4-fs: Ignoring removed i_version option [ 108.151230][ T9986] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=15 [ 108.160433][ T9986] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 108.169751][ T9986] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=15 [ 108.178819][ T9986] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 108.189029][ T9995] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.201377][ T9995] ext4 filesystem being mounted at /590/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 108.213328][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.275207][T10010] loop0: detected capacity change from 0 to 512 [ 108.299750][T10010] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.322487][T10010] ext4 filesystem being mounted at /606/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 108.401653][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.452452][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.857198][T10019] loop3: detected capacity change from 0 to 1024 [ 108.869022][T10025] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2911'. [ 108.879179][T10025] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2911'. [ 108.890938][T10019] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.909292][T10029] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 108.942825][T10031] loop4: detected capacity change from 0 to 1024 [ 108.951541][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.967461][T10033] hub 9-0:1.0: USB hub found [ 108.970485][T10031] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.972498][T10033] hub 9-0:1.0: 8 ports detected [ 108.984715][T10037] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2905'. [ 109.000553][T10037] veth1_macvtap: left promiscuous mode [ 109.046557][T10039] SELinux: failed to load policy [ 109.057340][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.068898][T10043] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2919'. [ 109.214028][ T29] kauditd_printk_skb: 46 callbacks suppressed [ 109.214046][ T29] audit: type=1326 audit(2000000578.218:42805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10061 comm="syz.0.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 109.244153][ T29] audit: type=1326 audit(2000000578.218:42806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10061 comm="syz.0.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 109.268262][ T29] audit: type=1326 audit(2000000578.218:42807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10061 comm="syz.0.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 109.292334][ T29] audit: type=1326 audit(2000000578.218:42808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10061 comm="syz.0.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 109.315915][ T29] audit: type=1326 audit(2000000578.218:42809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10061 comm="syz.0.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 109.339862][ T29] audit: type=1326 audit(2000000578.218:42810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10061 comm="syz.0.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 109.363478][ T29] audit: type=1326 audit(2000000578.218:42811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10061 comm="syz.0.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 109.387096][ T29] audit: type=1326 audit(2000000578.218:42812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10061 comm="syz.0.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 109.410684][ T29] audit: type=1326 audit(2000000578.218:42813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10061 comm="syz.0.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 109.446851][ T29] audit: type=1326 audit(2000000578.268:42814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10061 comm="syz.0.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f467a75eec9 code=0x7ffc0000 [ 109.517670][T10068] loop1: detected capacity change from 0 to 2048 [ 109.526234][T10068] EXT4-fs: Ignoring removed i_version option [ 109.544497][T10068] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.558530][T10068] ext4 filesystem being mounted at /600/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 109.774226][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.909268][T10073] 9pnet_fd: Insufficient options for proto=fd [ 109.916893][T10077] loop2: detected capacity change from 0 to 1024 [ 109.945930][T10077] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.003036][T10082] loop1: detected capacity change from 0 to 1024 [ 110.004980][T10086] (unnamed net_device) (uninitialized): ARP target 9.0.0.0 is already present [ 110.010024][T10082] EXT4-fs: Ignoring removed orlov option [ 110.018490][T10086] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (9) [ 110.024187][T10082] EXT4-fs: Ignoring removed nomblk_io_submit option [ 110.060085][ T8449] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.079602][T10082] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.105491][T10097] loop0: detected capacity change from 0 to 512 [ 110.129085][T10097] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.142947][T10097] ext4 filesystem being mounted at /613/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 110.158552][T10097] EXT4-fs (loop0): shut down requested (0) [ 110.170060][T10097] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 110.179333][T10097] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 110.189274][T10097] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=15 [ 110.198643][T10097] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 110.208460][T10097] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=15 [ 110.217631][T10097] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 110.240379][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.307201][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.321566][T10109] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2928'. [ 110.362459][T10109] veth1_macvtap: left promiscuous mode [ 110.408525][T10120] loop1: detected capacity change from 0 to 512 [ 110.465831][T10120] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.495081][T10120] ext4 filesystem being mounted at /604/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 110.526867][T10137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2944'. [ 110.651395][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.676708][T10145] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2960'. [ 110.695635][T10150] loop4: detected capacity change from 0 to 256 [ 110.821005][T10168] sctp: [Deprecated]: syz.3.2961 (pid 10168) Use of int in max_burst socket option. [ 110.821005][T10168] Use struct sctp_assoc_value instead [ 111.031557][T10193] loop4: detected capacity change from 0 to 2048 [ 111.038649][T10193] EXT4-fs: Ignoring removed i_version option [ 111.064550][T10193] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.076864][T10193] ext4 filesystem being mounted at /597/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 111.115652][ T61] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.170139][T10200] (unnamed net_device) (uninitialized): ARP target 9.0.0.0 is already present [ 111.179215][T10200] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (9) [ 111.207714][ T61] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.278722][ T61] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.300938][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.347490][ T61] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.362967][T10203] lo speed is unknown, defaulting to 1000 [ 111.515928][ T61] bond0 (unregistering): Released all slaves [ 111.554693][T10203] chnl_net:caif_netlink_parms(): no params data found [ 111.603065][ T61] hsr_slave_0: left promiscuous mode [ 111.608882][ T61] hsr_slave_1: left promiscuous mode [ 111.615239][ T61] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 111.622327][ T61] batman_adv: batadv0: Removing interface: veth1_vlan [ 111.635655][ T61] veth0_macvtap: left promiscuous mode [ 111.641165][ T61] veth1_vlan: left promiscuous mode [ 111.646489][ T61] veth0_vlan: left promiscuous mode [ 111.744534][T10231] loop1: detected capacity change from 0 to 512 [ 111.753658][T10230] loop0: detected capacity change from 0 to 2048 [ 111.760871][T10230] EXT4-fs: Ignoring removed i_version option [ 111.771370][T10203] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.778486][T10203] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.789827][T10231] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.804432][T10203] bridge_slave_0: entered allmulticast mode [ 111.820515][T10231] ext4 filesystem being mounted at /608/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 111.833697][T10230] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.840664][T10203] bridge_slave_0: entered promiscuous mode [ 111.856857][T10203] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.864117][T10203] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.871431][T10203] bridge_slave_1: entered allmulticast mode [ 111.878283][T10203] bridge_slave_1: entered promiscuous mode [ 111.881706][T10230] ext4 filesystem being mounted at /620/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 111.903318][T10231] EXT4-fs (loop1): shut down requested (0) [ 111.914414][T10231] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=12 [ 111.923541][T10231] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=12 [ 111.936488][T10203] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 111.947498][T10203] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 111.959359][T10231] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=15 [ 111.977621][T10231] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=12 [ 111.986629][T10231] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=15 [ 111.995591][T10231] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=12 [ 111.997013][T10203] team0: Port device team_slave_0 added [ 112.014354][T10203] team0: Port device team_slave_1 added [ 112.043824][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.044230][T10203] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 112.059809][T10203] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.085849][T10203] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 112.097488][T10203] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 112.104513][T10203] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.130566][T10203] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 112.165476][T10203] hsr_slave_0: entered promiscuous mode [ 112.167059][T10252] loop1: detected capacity change from 0 to 128 [ 112.177770][T10252] EXT4-fs: Ignoring removed nobh option [ 112.184278][T10203] hsr_slave_1: entered promiscuous mode [ 112.190878][T10252] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 112.197085][T10250] loop4: detected capacity change from 0 to 256 [ 112.204686][T10203] debugfs: 'hsr0' already exists in 'hsr' [ 112.215108][T10203] Cannot create hsr debugfs directory [ 112.220789][T10252] ext4 filesystem being mounted at /610/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 112.221645][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.255253][ T61] IPVS: stop unused estimator thread 0... [ 112.256104][ T3309] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 112.293435][T10256] loop2: detected capacity change from 0 to 1024 [ 112.315903][T10256] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 112.343612][ T8449] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.394909][T10266] loop4: detected capacity change from 0 to 1024 [ 112.418161][T10266] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 112.457980][T10280] __nla_validate_parse: 1 callbacks suppressed [ 112.458073][T10280] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3013'. [ 112.460781][T10266] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.3009: Allocating blocks 449-513 which overlap fs metadata [ 112.497254][T10265] EXT4-fs (loop4): pa ffff88810702b3f0: logic 48, phys. 177, len 21 [ 112.505399][T10265] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 112.530254][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.566877][T10203] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 112.575762][T10203] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 112.584633][T10203] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 112.593566][T10203] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 112.628354][T10203] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.640819][T10203] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.650430][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.657525][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.668387][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.675555][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.690220][T10203] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 112.700677][T10203] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 112.756892][T10203] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 112.820515][T10203] veth0_vlan: entered promiscuous mode [ 112.828452][T10203] veth1_vlan: entered promiscuous mode [ 112.843491][T10203] veth0_macvtap: entered promiscuous mode [ 112.850868][T10203] veth1_macvtap: entered promiscuous mode [ 112.861956][T10203] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 112.873142][T10203] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.884434][ T2166] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.893403][ T51] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.902905][ T51] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.912428][ T51] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.969177][T10306] loop3: detected capacity change from 0 to 512 [ 112.987574][T10306] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.000712][T10306] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 113.031618][T10306] ================================================================== [ 113.039828][T10306] BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked [ 113.047218][T10306] [ 113.049551][T10306] read-write to 0xffff88810b6e0b50 of 8 bytes by interrupt on cpu 0: [ 113.057611][T10306] __xa_clear_mark+0xf5/0x1e0 [ 113.062305][T10306] __folio_end_writeback+0x177/0x470 [ 113.067631][T10306] folio_end_writeback+0x71/0x3d0 [ 113.072668][T10306] ext4_finish_bio+0x459/0x8c0 [ 113.077461][T10306] ext4_end_bio+0x298/0x3b0 [ 113.081992][T10306] bio_endio+0x37b/0x420 [ 113.086255][T10306] blk_update_request+0x336/0x730 [ 113.091287][T10306] blk_mq_end_request+0x26/0x50 [ 113.096150][T10306] lo_complete_rq+0x98/0x140 [ 113.100741][T10306] blk_done_softirq+0x77/0xb0 [ 113.105433][T10306] handle_softirqs+0xb7/0x290 [ 113.110114][T10306] run_ksoftirqd+0x1c/0x30 [ 113.114557][T10306] smpboot_thread_fn+0x32b/0x530 [ 113.119515][T10306] kthread+0x489/0x510 [ 113.123586][T10306] ret_from_fork+0x11f/0x1b0 [ 113.128175][T10306] ret_from_fork_asm+0x1a/0x30 [ 113.132946][T10306] [ 113.135280][T10306] read to 0xffff88810b6e0b50 of 8 bytes by task 10306 on cpu 1: [ 113.142910][T10306] xas_find_marked+0x218/0x620 [ 113.147689][T10306] find_get_entry+0x5d/0x380 [ 113.152303][T10306] filemap_get_folios_tag+0x13b/0x210 [ 113.157688][T10306] file_write_and_wait_range+0x1ea/0x2c0 [ 113.163330][T10306] generic_buffers_fsync_noflush+0x45/0x120 [ 113.169224][T10306] ext4_sync_file+0x1ab/0x690 [ 113.173897][T10306] vfs_fsync_range+0x10a/0x130 [ 113.178670][T10306] ext4_buffered_write_iter+0x34f/0x3c0 [ 113.184234][T10306] ext4_file_write_iter+0x383/0xf00 [ 113.189448][T10306] vfs_write+0x527/0x960 [ 113.193694][T10306] ksys_write+0xda/0x1a0 [ 113.197940][T10306] __x64_sys_write+0x40/0x50 [ 113.202577][T10306] x64_sys_call+0x27fe/0x2ff0 [ 113.207257][T10306] do_syscall_64+0xd2/0x200 [ 113.211779][T10306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.217697][T10306] [ 113.220034][T10306] value changed: 0x000000000001fffe -> 0x000000000001fff8 [ 113.227135][T10306] [ 113.229456][T10306] Reported by Kernel Concurrency Sanitizer on: [ 113.235605][T10306] CPU: 1 UID: 0 PID: 10306 Comm: syz.3.3001 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 113.246979][T10306] Tainted: [W]=WARN [ 113.250779][T10306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 113.260853][T10306] ================================================================== [ 113.342562][T10203] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.