last executing test programs: 3.251836339s ago: executing program 3 (id=5621): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000a00)=ANY=[], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000940)={0x6, 0x4, &(0x7f0000001000)=ANY=[@ANYBLOB="18000000fc04000000000000750000008004fefff0ffff179500000000000000000b1c1388b518d5c22c005ea105749dee46ce7b2d77243efb35868bb2c1b1919a48fa9a639060c5f9a5a4b41851f68ec4632935dd547b89f361c4c39eb5f8975193bf596a936a11ae623fa138e4b5bc76317ab7d2dca8ca458f28966e6ae7c99a9924e7a01ebc2ca3e2cb6ed1dbe3daea7b65d4b6829f4a7ef14a771b1703b456d04822c3", @ANYRESHEX, @ANYRESHEX=r0, @ANYRESOCT=r0], &(0x7f00000005c0)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, 0x25, r0, 0x8, &(0x7f0000000fc0)={0x5, 0x6}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000008c0), &(0x7f0000000900)=[{0x3, 0x4, 0xe, 0x6}], 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) syz_clone(0x40020000, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x48) lsetxattr$system_posix_acl(0x0, &(0x7f0000000480)='system.posix_acl_default\x00', &(0x7f0000000400)=ANY=[@ANYBLOB="0200d6000100010900000000020006", @ANYRES32, @ANYRES32, @ANYRES8, @ANYBLOB="10000000000000002000000000000000"], 0x1c, 0x0) r3 = syz_open_dev$loop(&(0x7f0000000180), 0x7, 0x2480) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x5df, 0x0, 0x0, 0x0, 0x0, 0xd, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000014000800000000000000007f"}}) ioctl$LOOP_SET_DIRECT_IO(r3, 0x4c08, 0x6e) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020900000700000000000000000000000500", @ANYRES32], 0x38}}, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000500)={0x3, &(0x7f00000004c0)=[{0x0, 0x9, 0x3, 0x5}, {0x8, 0x80, 0x3, 0x2580c682}, {0x5, 0x90, 0xb, 0x5}]}, 0x10) syz_emit_ethernet(0x3e, &(0x7f0000000540)=ANY=[], 0x0) 2.780724216s ago: executing program 3 (id=5628): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) setgroups(0x0, 0x0) 2.656651238s ago: executing program 3 (id=5631): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0) close(r0) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) read(r4, &(0x7f0000032440)=""/102364, 0x18fdc) timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x42001, 0x0) ioctl$TUNSETPERSIST(r5, 0x400454cb, 0x0) io_setup(0x3ff, &(0x7f0000000500)=0x0) r7 = openat$tcp_congestion(0xffffff9c, &(0x7f00000000c0), 0x1, 0x0) io_submit(r6, 0x1, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r7, 0x0}]) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0xd85fd000) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f00000005c0)={[{@acl}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4}}]}, 0x1, 0x7bc, &(0x7f0000001740)="$eJzs3ctrXNcZAPDvjl6W7FYqFFp3JSi0AuNR5ap2C124dFEKNRjatW0xGgtXI43RjIwlBLYJgSwSSEIWgWTjdR7OLts8tvF/kUWwcRLZxCGLMOHOQxpJM4rG0cyI+PeDq3vOPXd0zjfnPs7MvcwN4Lk1mf7JRJyMiFeTiPH68iQihqqpwYjztfWebm7k0imJSuW/XyXVdZ5sbuSi6TWp4/XMbyPikxcjTmX21ltaW1+cKxTyK/X8dHnp+nRpbf30taW5hfxCfvnszOzsmXN/OXf28GL95v76iYev/euP75//7oXf3Hvl0yTOx4l6WXMch2UyJuvvyVD6Fu7wz8OurM+SfjeAZ5LumgO1vTxOxngMVFNtjPayZQBAt9yKiEpnXu5wfQDgyEl2nv/vD/atJQBAbzS+B3iyuZFrTP39RqK3Hv0jIo7V4m9c36yVDNav2R2rXgcde5LsuDKSRMTEIdQ/GRFvf3jp3XSKttchRw6hJoCdbt+JiCsTk3uP/8meexY69af9Ciu1Y9rkrsXP2/kH+umjdPzz11bjv8zW+CdajH9GWuy7z+LH9//Mg0Oopq10/Pf3pnvbnjbFXzcxUM/9ojrmG0quXivk02PbLyNiKoZG0vxMddXWd0FNPf7+cbv6m8d/X7/+/3fS+tP59hqZB4O7hn/zc+W5nxp3w6M7Eb8bbBV/stX/SZvx78UD1vHvv730VruyNP403sa0N/7uqtyN+EPL/t/uy2Tf+xOnq5vDdGOjaOGDz98ca1f/dv+PVOdp/Y3PAr2Q9v/Y/vFPJM33a5Y6r+Ozu+Mftytr3v5bx996+x9O/ldND9eX3Zwrl1dmIoaT/+xdfmb7tY18Y/00/qnft97/223/mfq9sVe2cvsbfPjle/V/1TL+qtvt4u+uNP75jvp/n0Sl/ppdRfeeLg60q/9g/T9bTU3Vlxzk+LdPSy81L3nmNw4AAAAAAAAAAAAAAAAAAAAAAAAAOpCJiBORZLJb6Uwmm609w/vXMZYpFEvlU1eLq8vzUX1W9kQMZRo/dTne9HuoM/Xfw2/kz+zK/zkifhURb4yMVvPZXLEw3+/gAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDu+M7n/99KZ9lsreyLkX63DgDommP9bgAA0HPO/wDw/Ons/D/atXYAAL3T8ef/StKdhgAAPXPg8/+V7rYDAOgd1/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADososXLqRT5dvNjVyan7+xtrpYvHF6Pl9azC6t5rK54sr17EKxuFDIZ3PFpbb/6HZtVigWr8/G8urN6XK+VJ4ura1fXiquLpcvX1uaW8hfzg/1LDIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOLjS2vriXKGQX5HYNzF6NJpxZBKDcSSa8bNPDPet9uajxGj/DlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR9wPAQAA//8zpCOb") 1.779159302s ago: executing program 0 (id=5646): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x18) syz_clone(0x6200, 0x0, 0x0, 0x0, 0x0, 0x0) 1.724923943s ago: executing program 3 (id=5639): bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) r5 = creat(0x0, 0xd931d3864d39dcca) close(r5) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b00000000000001000000090002"], 0xfc}}, 0x20000004) 1.588854505s ago: executing program 0 (id=5648): r0 = socket(0x10, 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) connect$inet6(r1, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c) close_range(r0, r1, 0x0) 749.713558ms ago: executing program 3 (id=5650): io_uring_setup(0xf08, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(0xffffffffffffffff, 0x112, 0xa, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000004c0)='sched_switch\x00', r0}, 0x18) bind$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0) 745.708288ms ago: executing program 3 (id=5651): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0) close(r0) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) read(r4, &(0x7f0000032440)=""/102364, 0x18fdc) timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x42001, 0x0) ioctl$TUNSETPERSIST(r5, 0x400454cb, 0x0) io_setup(0x3ff, &(0x7f0000000500)=0x0) r7 = openat$tcp_congestion(0xffffff9c, &(0x7f00000000c0), 0x1, 0x0) io_submit(r6, 0x1, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r7, 0x0}]) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0xd85fd000) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f00000005c0)={[{@acl}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4}}]}, 0x1, 0x7bc, &(0x7f0000001740)="$eJzs3ctrXNcZAPDvjl6W7FYqFFp3JSi0AuNR5ap2C124dFEKNRjatW0xGgtXI43RjIwlBLYJgSwSSEIWgWTjdR7OLts8tvF/kUWwcRLZxCGLMOHOQxpJM4rG0cyI+PeDq3vOPXd0zjfnPs7MvcwN4Lk1mf7JRJyMiFeTiPH68iQihqqpwYjztfWebm7k0imJSuW/XyXVdZ5sbuSi6TWp4/XMbyPikxcjTmX21ltaW1+cKxTyK/X8dHnp+nRpbf30taW5hfxCfvnszOzsmXN/OXf28GL95v76iYev/euP75//7oXf3Hvl0yTOx4l6WXMch2UyJuvvyVD6Fu7wz8OurM+SfjeAZ5LumgO1vTxOxngMVFNtjPayZQBAt9yKiEpnXu5wfQDgyEl2nv/vD/atJQBAbzS+B3iyuZFrTP39RqK3Hv0jIo7V4m9c36yVDNav2R2rXgcde5LsuDKSRMTEIdQ/GRFvf3jp3XSKttchRw6hJoCdbt+JiCsTk3uP/8meexY69af9Ciu1Y9rkrsXP2/kH+umjdPzz11bjv8zW+CdajH9GWuy7z+LH9//Mg0Oopq10/Pf3pnvbnjbFXzcxUM/9ojrmG0quXivk02PbLyNiKoZG0vxMddXWd0FNPf7+cbv6m8d/X7/+/3fS+tP59hqZB4O7hn/zc+W5nxp3w6M7Eb8bbBV/stX/SZvx78UD1vHvv730VruyNP403sa0N/7uqtyN+EPL/t/uy2Tf+xOnq5vDdGOjaOGDz98ca1f/dv+PVOdp/Y3PAr2Q9v/Y/vFPJM33a5Y6r+Ozu+Mftytr3v5bx996+x9O/ldND9eX3Zwrl1dmIoaT/+xdfmb7tY18Y/00/qnft97/223/mfq9sVe2cvsbfPjle/V/1TL+qtvt4u+uNP75jvp/n0Sl/ppdRfeeLg60q/9g/T9bTU3Vlxzk+LdPSy81L3nmNw4AAAAAAAAAAAAAAAAAAAAAAAAAOpCJiBORZLJb6Uwmm609w/vXMZYpFEvlU1eLq8vzUX1W9kQMZRo/dTne9HuoM/Xfw2/kz+zK/zkifhURb4yMVvPZXLEw3+/gAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDu+M7n/99KZ9lsreyLkX63DgDommP9bgAA0HPO/wDw/Ons/D/atXYAAL3T8ef/StKdhgAAPXPg8/+V7rYDAOgd1/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADososXLqRT5dvNjVyan7+xtrpYvHF6Pl9azC6t5rK54sr17EKxuFDIZ3PFpbb/6HZtVigWr8/G8urN6XK+VJ4ura1fXiquLpcvX1uaW8hfzg/1LDIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOLjS2vriXKGQX5HYNzF6NJpxZBKDcSSa8bNPDPet9uajxGj/DlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR9wPAQAA//8zpCOb") 730.089758ms ago: executing program 0 (id=5652): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x18) r1 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000001c0)='\xd6;,\xec\x19\xae\x01S\x9c\x0fY=I\xfb2\xb0\f&v`\rl\a`t\xe0s\xa6W*\xf2\x98\xd2;?\xc6\xcf\xe05\x16,\xb8n\x90\x8d\x89\x8bpy \xddu\x00'/63, &(0x7f0000000380)='$\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)="6ed4", 0x2) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000200)='\x00\x00\x00\x00\x00\x00mg\x14\xa6\x8d8\x00+\'\xc5\xc6\x1a-\xb5\xb3T\x02\x94\xd3.\x91\xa6\x0e\xafVT\xfe%s\n\xdb\xec\x11\xc6\xf7\x8e\xd7k9\x18Z\xaf\xb9\xd7\x9e\xcc\"\xb1\";\xc4\xc5\x90-*G\x06\xc4)\x16\xb6D\xfd\xab\x99\xb0?\x9b\xb7\xbb\xec\x80\xb8\n\xc8\x91<;_9-\x12C\x9e\v\xce\a\x9e<\xe9\xda\xc0p\x026\xf6sf\xc9.c\xa7\xba\xe9\xcc\x9e\xecUv\x966\x826\x10\xc2-\t\x94,\x8f\xebez\xd6>\xe0WLY\xde~\x11U\xe7$~\xee\xbb\xa42\x19\x9c\xda\x8d\xd4W\xd3\xc2\xd28,\xf5:\x16\xf6\x03\x8a/', &(0x7f0000000300)='\xfa.-\x00', 0x0) close(r1) 675.270249ms ago: executing program 0 (id=5654): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000a80), 0x1, 0x79b, &(0x7f0000000180)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x81) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18) r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r1, 0x800448d3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB='\a\x00\x00'], 0x50) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mknod$loop(0x0, 0x100000000000600d, 0x1) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000980)={'#! ', '', [{0x20, '\\}/%\\/'}, {0x20, 'S\xda\xc4\xf2\x02'}, {0x20, ':'}, {0x20, 'X@%'}, {0x20, 'B*\\\x00\x00{'}, {0x20, '#! '}, {0x20, 'GPL\x00'}, {0x20, 'ext4\x00'}, {0x20, 'kmem_cache_free\x00'}]}, 0x3e) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) socket(0x200000100000011, 0x3, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000b00)=ANY=[@ANYBLOB="0400000000000000040000000000000005"]) 597.35959ms ago: executing program 2 (id=5657): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) stat(&(0x7f0000000640)='./file1\x00', 0x0) 497.239282ms ago: executing program 4 (id=5658): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) mount_setattr(0xffffffffffffffff, 0x0, 0x8000, 0x0, 0x0) 496.990222ms ago: executing program 2 (id=5659): r0 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) finit_module(r0, 0x0, 0x2) 496.686542ms ago: executing program 2 (id=5660): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) pipe(&(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000140)=[{0x0}, {0x0}], 0x2, 0x1) close(r1) setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000480)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x20000000005, 0x21}, 0xd8) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000340)=0x0) syz_open_procfs$userns(r3, &(0x7f0000000580)) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10) sync() bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10) splice(r0, 0x0, r1, 0x0, 0xfffd, 0x0) 417.803993ms ago: executing program 1 (id=5662): setuid(0xee01) setrlimit(0x9, &(0x7f0000000000)) io_setup(0x2004, &(0x7f0000000680)) 417.355663ms ago: executing program 1 (id=5663): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) r2 = socket(0x10, 0x2, 0x0) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="540000002000010000000000000000000200200003000000000000001400110076657468305f6d61637674617000000008000200ac1e0001080018"], 0x54}}, 0x20000080) 370.450884ms ago: executing program 1 (id=5664): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100000000000400048008000c8004000b800800020001000000a00008801c000780080077144ebb0000080006000000000008000500000003002400078008000500000000"], 0xd0}}, 0x0) 369.083364ms ago: executing program 4 (id=5665): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38) close(r2) 333.099515ms ago: executing program 1 (id=5666): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffb, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0) 308.346325ms ago: executing program 4 (id=5667): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r3}, &(0x7f00000002c0), &(0x7f0000000340)=r4}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r5}, 0x10) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r6}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x70, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x18}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x44, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x8, 0x0, 0x2, 0x8, 0xc, 0x7}, {0x1, 0x0, 0x9, 0x401, 0x0, 0x7fffffff}, 0x2000001, 0x1000, 0x575}}, @TCA_TBF_RATE64={0xc, 0x4, 0x274bdcb7db3981e2}, @TCA_TBF_PRATE64={0xc, 0x5, 0xe1e31d5aa9748ab8}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x404}, 0x0) 307.473235ms ago: executing program 0 (id=5668): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x2, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==") setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000010004000000000004000500a9930000100000000000000020"], 0x24, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fchown(r0, 0x0, 0xee01) 229.667056ms ago: executing program 4 (id=5669): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(0xffffffffffffffff, 0x80083313, &(0x7f00000003c0)) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0) 229.385206ms ago: executing program 1 (id=5670): syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000240)='./file1\x00', 0x0, &(0x7f0000000a00)=ANY=[], 0x1, 0x1b6, &(0x7f00000005c0)="$eJzs2zFrE2EYB/Dn0hrTOiSDkzjc6BSafoIWqSAGBCWDgqDYBqQnBQsBHUw3B7+EH8dVP4ljB+EkyV3alASLYC9tfr8lD3f3D88dJPe+L7yv778/3D867r/qf49GkkRtJ9I4TaIVtSidBABwk5zmefzK8zy/fRIb3yLP86o7AgD+N+9/AFg9z1+8fLLb7e49S9NGRPZl0Bv0Jp+T87v9eBdZHMRWNON3jAYIhUn96HF3bysda8XXbFjkh4Pe2my+E81ozc93Jvl0Nn8rNs/nt6MZd+fnt+fm6/Ggfi7fjmb8fBtHkcV+jLJn+c+dNH34tHshf2d8HQAAANwE7XRqPH+vx+z8vd2ePT/oDWoRMZyuDyTl+sBa8Y0L1wcuzK/X4956dfcNAKvs+OOnwzdZdvBhWYsfm5NGl6WfxUX5SKdHdsoDy9Lh34qN69FqUmxJucTFSUSMinJwWn3zy140iieWXf1/EXC1zn79VXcCAAAAAAAAAAAAAAAs8i9bhZpF9rKpim8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBX0JwAA//+uuHu6") r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0xc8) ftruncate(r0, 0x2007ffc) sendfile(r0, r0, 0x0, 0x800000009) 191.543687ms ago: executing program 4 (id=5671): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262) 162.118567ms ago: executing program 1 (id=5672): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f00000001c0)={0x0, 0x0, 0x8, 0x6}) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x12) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x1, &(0x7f00000009c0)=ANY=[@ANYBLOB="756e695f786c6174653d302c696f636861727365743d69736f383835392d392c756e695f786c6174653d302c756e695f786c6174653d312c756d61736b3d30303030303030303030303032303030303030303030302c756e695f786c6174653d312c636865636b3d72656c617865642c696f636861727365743d6d6163637972696c6c69632c756e695f786c6174653d302c696f636861727365743d6370313235312c696f636860727365743d6d61636963656c616e642c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d6c6f7765722c756e695f786c6174653d815571b136c781f9f7df2ac1bb312c61707072616973652c00"], 0x25, 0x365, &(0x7f0000000640)="$eJzs3U9oHNUfAPDvdpJsGtpfcvhB0dPqTRBpKoJ6SigVijloZfHfxcWmWrNrIYsL6SGbvSjFk+JF0JO3HvTYs3gQ8ebBqxakKl7sRQoNjuzu7OxsdqPJYWOLn88hfPN97zvvzcwjMwnJy2vt2Lg4G5du374V8/OlmFk5uxJ3SrEUxyKJvp2Y6P25yXkA4B53J03j97Tvn3t/uDCIPPsB4P7Ve/6/cXKYKB+i+NqJaUwJAJiyA37//9zE7JWpTQsAmKKx5//DI817fsw/k/9OAABw/3rh5VeeXV2LuFCpzEc03mtVW9V4eti+eikuRz3W43Qsxm5E/0Wh/7bQ/fjM+bVzpytdPy9FtVvRqkY02q1q/01hNYnLaT3KsRyLsZTVp3l90q1f7tVXImKn3Rs/GqVWdTYWsvF/WIj1OBOL8f+x+ojza+fOVLIDVBuD+nZEJ+YHJ9GdfxKL8d3rcSXqcTG6tcP5by9XKmfTtZH61vVyrx8AAAAAAAAAAAAAAAAAAAAAAEzDY5XcUr7/Tdpot969MNLhZtY/3x+n2v882x+o098fKC0Pdue5luzdH2h0f55WdSaO/WtnDQAAAAAAAAAAAAAAAAAAAPeW5tZc1Or19c3m1tWNYtAuZN7+5vOvjsegaSYrfSsZVkWWXN9szuZHHnQsHDmJfIg0L0+TkT5ZkEQMOu/Urt/IZ1zsU87HGivvBuWxplI2p1q9fvKhnz6ZVPVnN9jpZZIYuyyjQSkbv9DU+F83MR8Ru/tV7R+UJ9+LPPgjTdP9yrc/Hq+KUsRMHHoaBwi+vvXmA483Tz3Ry3yZbfrwyKOLL/740We/btTq0elfmXp9brO5m04+zoni3enOdbxPUlg/pew6lyashMlBZ5jpbDa3asn3v7304Aff7umcTF4/aTHzzv5jfbE3M9cPShFLg4vwd1OdnbD4u8GTo7fy6kbt1bv56j38jTv16UrtxvbNXw5aVfgiYaMOAAAAAAAAAAAAAAAAAAA4EoU/MD6Ep56f3owAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OgN//9/IeiMZQ4S3G3HeFN5fbO57+DHj/RUAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4D/srAAD//xu8baw=") 141.462907ms ago: executing program 2 (id=5673): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0, 0x0, 0x447}, 0x18) fspick(0xffffffffffffffff, &(0x7f0000004d40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x1) 81.688759ms ago: executing program 2 (id=5674): creat(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x192) r0 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f00000001c0)) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) io_uring_register$IORING_REGISTER_NAPI(r0, 0x1b, &(0x7f0000000280)={0x80000000, 0xf1}, 0x1) 81.402239ms ago: executing program 4 (id=5675): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000240)={[{@grpquota}, {@auto_da_alloc}, {@minixdf}]}, 0x1, 0x50c, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLEaGVEHsEqRsSN4pix1HsLJvQQ3rmikQlTvTIH8C5Jw7cuCC4cSkHJH5EoAaJg9GMJ6mb2o3VJHYUfz7SaObNm/r7fXH8Xuc59gtgZF2PiP2ImIiITyNiNjufy7b4qL0l1z05uLdyeHBvJRet1if/zKX1ybno+DeJa9ljFiPihw8jfpJ7Pm5jd29juVqtbGfl+WZta76xu3drvba8VlmrbJbLS4tLCx/cfr98bm19qzaRHX318R/2v/WzJK2Z7ExnO85Tu+mF4ziJ8Yj4/kUEG4KxrD0Tw06El5KPiNcj4u309T8bY+mzCQBcZa3WbLRmO8sAwFWXT+fAcvlSNhcwE/l8qdSew3sjpvPVeqN58259Z3O1PVc2F4X83fVqZSGbK5yLQi4pL6bHT8vlE+XbEfFaRPxiciotl1bq1dVh/scHAEbYtRPj/38m2+M/AHDFFYedAAAwcD3G//1B5wEADI77fwAYPcZ/ABg97fF/athpAAAD5P4fAEaP8R8ARsoPPv442VqH2fdfr362u7NR/+zWaqWxUartrJRW6ttbpbV6fS39zp7aaY9Xrde3Ft+Lnc/nvr3VaM43dvfu1Oo7m8076fd636kU0qt8sgAAhum1tx79OZeMyB9OpVt0rOVQGGpmwEXLDzsBYGjGhp0AMDRW+4LRdYZ7fNMDcEV0WaL3GcVuHxBqtVqti0sJuGA3vmT+H0ZVx/y/vwKGEWP+H0aX+X8YXa1Wrt81/6PfCwGAy80cP9Dj/f/Xs/1vsjcHfrx68ooHF5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXG5H6/+WsrXAZyKfL5UiXomIuSjk7q5XKwsR8WpE/GmyMJmUF4ecMwBwVvm/5bL1v27MvjvzTNWb144PJyLip7/65JefLzeb23+MmMj9a/LofPNBdr48+OwBgNMdjdPpvuNG/snBvZWjbZD5/P27EVFsxz88mIjD4/jjMZ7ui1GIiOl/57JyW65j7uIs9u9HxBe7tT8XM+kcSHvl05Pxk9ivDDR+/pn4+bSuvU9+Fl84h1xg1DxK+p+Pur3+8nE93Xd//RfTHurssv4veaiVw7QPfBr/qP8b69H/Xe83xnu/+177aOr5uvsRXx6POIp92NH/HMXP9Yj/bp/x//KVN9/uVdf6dcSN6B6/M9Z8s7Y139jdu7VeW16rrFU2y+WlxaWFD26/X55P56jne48G//jw5qu96pL2T/eIXzyl/V/vs/0P//fpj772gvjffKdb/Hy88YL4yZj4jT7jL0//ttirLom/2qP9pz3/N/uM//ive88tGw4ADE9jd29juVqtbI/kQfR38e+zH9alyHmkD5Jn4RKk0fXgO4OKNRHdq37+TvvXdDKi8xe71XqpWL16jPOYdQMug+MXfUT8d9jJAAAAAAAAAAAAAAAAXQ3iE0vDbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABX1/8DAAD//9RMyv0=") symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 56.710139ms ago: executing program 2 (id=5676): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x84, 0x2c, 0xd27, 0x30b529, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {}, {0xfff2}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x2, 0xffffffffffffffff, 0xa, 0x8}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0) 0s ago: executing program 0 (id=5677): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x8000001f) close_range(r1, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): _advance+0x66/0x130 [ 870.182686][T15148] ext4_fill_super+0x8912/0x9030 [ 870.187749][T15148] ? ext4_mount+0x40/0x40 [ 870.193022][T15148] ? set_blocksize+0x1fc/0x380 [ 870.202900][T15148] ? sb_set_blocksize+0xaa/0xf0 [ 870.207958][T15148] ? ext4_mount+0x40/0x40 [ 870.219830][T15148] mount_bdev+0x2ae/0x3e0 [ 870.226954][T15148] ? ext4_mount+0x40/0x40 [ 870.241904][T15148] ext4_mount+0x34/0x40 [ 870.246121][T15148] legacy_get_tree+0xed/0x190 [ 870.250860][T15148] ? ext4_errno_to_code+0x160/0x160 [ 870.271416][T15148] vfs_get_tree+0x89/0x260 [ 870.275910][T15148] do_new_mount+0x25a/0xa20 [ 870.280511][T15148] path_mount+0x675/0x1020 [ 870.285090][T15148] __se_sys_mount+0x318/0x380 [ 870.289796][T15148] ? __x64_sys_mount+0xd0/0xd0 [ 870.310338][T15148] ? __bpf_trace_sys_enter+0x62/0x70 [ 870.317855][T15148] __x64_sys_mount+0xbf/0xd0 [ 870.322775][T15148] x64_sys_call+0x6bf/0x9a0 [ 870.327332][T15148] do_syscall_64+0x4c/0xa0 [ 870.335156][T15180] loop2: detected capacity change from 0 to 512 [ 870.344724][T15148] ? clear_bhb_loop+0x50/0xa0 [ 870.349694][T15148] ? clear_bhb_loop+0x50/0xa0 [ 870.354476][T15148] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 870.360986][T15148] RIP: 0033:0x7f30e1e120ca [ 870.365497][T15148] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 870.385435][T15148] RSP: 002b:00007f30e0478e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 870.394227][T15148] RAX: ffffffffffffffda RBX: 00007f30e0478ef0 RCX: 00007f30e1e120ca [ 870.403140][T15148] RDX: 00002000000002c0 RSI: 00002000000001c0 RDI: 00007f30e0478eb0 [ 870.415775][T15182] loop4: detected capacity change from 0 to 256 [ 870.423347][T15148] RBP: 00002000000002c0 R08: 00007f30e0478ef0 R09: 0000000000800700 [ 870.475307][T15180] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 870.487633][T15148] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 870.487659][T15148] R13: 00007f30e0478eb0 R14: 0000000000000464 R15: 000000000000002c [ 870.487682][T15148] [ 870.487689][T15148] ---[ end trace fad6b67904002146 ]--- [ 870.487754][T15148] EXT4-fs error (device loop1): ext4_xattr_inode_iget:400: comm syz.1.4466: Parent and EA inode have the same ino 15 [ 870.525281][T15180] ext4 filesystem being mounted at /256/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 870.829885][T15148] EXT4-fs (loop1): Remounting filesystem read-only [ 870.878996][T15148] EXT4-fs (loop1): 1 orphan inode deleted [ 870.900417][T15148] EXT4-fs (loop1): mounted filesystem without journal. Opts: resgid=0x0000000000000000,bsdgroups,debug_want_extra_isize=0x000000000000005a,init_itable,errors=remount-ro,noinit_itable,nojournal_checksum,. Quota mode: none. [ 870.956666][T15194] loop0: detected capacity change from 0 to 256 [ 870.986263][T15195] loop2: detected capacity change from 0 to 512 [ 871.058098][T15195] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 871.173907][T15195] EXT4-fs (loop2): mounted filesystem without journal. Opts: discard,mblk_io_submit,grpjquota=,quota,nobarrier,,errors=continue. Quota mode: writeback. [ 871.224537][T15195] ext4 filesystem being mounted at /257/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 871.407903][ T30] kauditd_printk_skb: 112 callbacks suppressed [ 871.407920][ T30] audit: type=1326 audit(1750529192.647:7053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15221 comm="syz.2.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 871.493790][ T30] audit: type=1326 audit(1750529192.658:7054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15221 comm="syz.2.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 871.523868][T15228] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.4497' sets config #1 [ 871.524283][ T30] audit: type=1326 audit(1750529192.688:7055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15221 comm="syz.2.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 871.562499][ T30] audit: type=1326 audit(1750529192.688:7056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15221 comm="syz.2.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 871.587523][ T30] audit: type=1326 audit(1750529192.688:7057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15221 comm="syz.2.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 871.611906][ T30] audit: type=1326 audit(1750529192.688:7058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15221 comm="syz.2.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 871.642360][ T30] audit: type=1326 audit(1750529192.688:7059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15221 comm="syz.2.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 871.669896][ T30] audit: type=1326 audit(1750529192.770:7060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15227 comm="syz.2.4497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 871.693977][ T30] audit: type=1326 audit(1750529192.770:7061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15227 comm="syz.2.4497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 871.719679][ T30] audit: type=1326 audit(1750529192.770:7062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15227 comm="syz.2.4497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 871.777994][T15237] loop4: detected capacity change from 0 to 8192 [ 871.796269][T15238] loop0: detected capacity change from 0 to 256 [ 871.992273][T15242] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4502'. [ 872.492513][T15262] loop4: detected capacity change from 0 to 256 [ 872.548402][T15262] FAT-fs (loop4): bogus number of FAT sectors [ 872.550191][T15264] loop0: detected capacity change from 0 to 8192 [ 872.554515][T15262] FAT-fs (loop4): Can't find a valid FAT filesystem [ 872.886468][T15293] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4525'. [ 872.941440][T15293] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4525'. [ 872.953695][T15294] loop1: detected capacity change from 0 to 256 [ 873.106298][T15296] loop0: detected capacity change from 0 to 512 [ 873.123066][T15296] EXT4-fs (loop0): Ignoring removed oldalloc option [ 873.198972][T15296] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 873.268283][T15296] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.4526: Parent and EA inode have the same ino 15 [ 873.323910][T15296] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.4526: Parent and EA inode have the same ino 15 [ 873.341395][T15296] EXT4-fs (loop0): 1 orphan inode deleted [ 873.362088][T15296] EXT4-fs (loop0): mounted filesystem without journal. Opts: nojournal_checksum,init_itable=0x0000000000000008,debug_want_extra_isize=0x000000000000005c,dioread_nolock,init_itable,oldalloc,init_itable=0x0000000000000002,,errors=continue. Quota mode: none. [ 873.796295][T15323] loop4: detected capacity change from 0 to 512 [ 873.803499][T15325] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4539'. [ 873.813463][T15329] loop0: detected capacity change from 0 to 1024 [ 873.826777][T15325] loop2: detected capacity change from 0 to 1024 [ 873.834152][T15323] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22 [ 873.859897][T15323] EXT4-fs (loop4): Invalid want_extra_isize 262248 [ 873.861077][T15329] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 873.890626][T15325] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 873.925348][T15329] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,bsddf,noinit_itable,nobarrier,debug_want_extra_isize=0x0000000000000080,noquota,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 874.102344][T15359] loop2: detected capacity change from 0 to 128 [ 874.171322][T15363] loop4: detected capacity change from 0 to 256 [ 874.201119][T15359] attempt to access beyond end of device [ 874.201119][T15359] loop2: rw=0, want=1041, limit=128 [ 874.261855][T15372] tipc: Enabled bearer , priority 0 [ 874.288926][T15372] device syzkaller0 entered promiscuous mode [ 874.320320][T15371] tipc: Resetting bearer [ 874.335811][T15376] usb usb1: usbfs: process 15376 (+}[@) did not claim interface 0 before use [ 874.382612][T15371] tipc: Disabling bearer [ 874.398186][T15380] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4562'. [ 874.410408][T15380] loop3: detected capacity change from 0 to 512 [ 874.468616][T15380] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 874.509934][T15389] loop1: detected capacity change from 0 to 512 [ 874.518261][T15380] EXT4-fs (loop3): 1 truncate cleaned up [ 874.524194][T15380] EXT4-fs (loop3): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota,. Quota mode: writeback. [ 874.597519][T15389] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 874.610996][T15389] ext4 filesystem being mounted at /266/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 874.635567][T15393] loop2: detected capacity change from 0 to 512 [ 874.707594][T15393] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 874.743405][T15393] EXT4-fs (loop2): 1 truncate cleaned up [ 874.749229][T15393] EXT4-fs (loop2): mounted filesystem without journal. Opts: minixdf,max_dir_size_kb=0x00000000000001ff,stripe=0x0000000000000000,noblock_validity,debug_want_extra_isize=0x0000000000000006,,errors=continue. Quota mode: none. [ 874.812268][ T3412] hid-generic 0000:0000:0000.00A9: unknown main item tag 0x0 [ 874.825392][ T3412] hid-generic 0000:0000:0000.00A9: hidraw0: HID v0.00 Device [syz1] on syz0 [ 874.869893][T15405] fido_id[15405]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 874.885378][T15407] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4572'. [ 874.912854][T15407] netlink: 'syz.2.4572': attribute type 13 has an invalid length. [ 875.012113][T15407] bridge0: port 2(bridge_slave_1) entered disabled state [ 875.045379][T15412] @: renamed from vlan0 [ 875.229323][T15437] loop4: detected capacity change from 0 to 8192 [ 875.347303][T15441] loop1: detected capacity change from 0 to 256 [ 875.364503][T15443] loop2: detected capacity change from 0 to 512 [ 875.407451][T15451] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4591'. [ 875.416526][T15451] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 875.428795][T15451] bridge0: port 2(bridge_slave_1) entered disabled state [ 875.436107][T15451] bridge0: port 1(bridge_slave_0) entered disabled state [ 875.472342][T15443] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 875.490550][T15443] EXT4-fs (loop2): orphan cleanup on readonly fs [ 875.526534][T15443] EXT4-fs error (device loop2): ext4_do_update_inode:5234: inode #16: comm syz.2.4587: corrupted inode contents [ 875.559330][T15443] EXT4-fs (loop2): Remounting filesystem read-only [ 875.566001][T15443] EXT4-fs error (device loop2): ext4_dirty_inode:6070: inode #16: comm syz.2.4587: mark_inode_dirty error [ 875.588114][T15457] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4593'. [ 875.603508][T15457] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4593'. [ 875.630347][T15443] EXT4-fs (loop2): Remounting filesystem read-only [ 875.651886][T15443] EXT4-fs error (device loop2): ext4_do_update_inode:5234: inode #16: comm syz.2.4587: corrupted inode contents [ 875.666742][T15443] EXT4-fs (loop2): Remounting filesystem read-only [ 875.673717][T15443] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #16: comm syz.2.4587: mark_inode_dirty error [ 875.687512][T15443] EXT4-fs (loop2): Remounting filesystem read-only [ 875.694335][T15443] EXT4-fs error (device loop2): ext4_do_update_inode:5234: inode #16: comm syz.2.4587: corrupted inode contents [ 875.706489][T15443] EXT4-fs (loop2): Remounting filesystem read-only [ 875.713068][T15443] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 875.722278][T15443] EXT4-fs (loop2): Remounting filesystem read-only [ 875.757791][T15443] EXT4-fs error (device loop2): ext4_do_update_inode:5234: inode #16: comm syz.2.4587: corrupted inode contents [ 875.770275][T15443] EXT4-fs (loop2): Remounting filesystem read-only [ 875.777055][T15443] EXT4-fs error (device loop2): ext4_truncate:4304: inode #16: comm syz.2.4587: mark_inode_dirty error [ 875.788998][T15443] EXT4-fs (loop2): Remounting filesystem read-only [ 875.795776][T15443] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 875.805330][T15443] EXT4-fs (loop2): Remounting filesystem read-only [ 875.812175][T15443] EXT4-fs (loop2): 1 truncate cleaned up [ 875.821021][T15443] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,discard,. Quota mode: writeback. [ 875.914720][T15472] loop0: detected capacity change from 0 to 256 [ 875.989476][T15472] FAT-fs (loop0): Directory bread(block 64) failed [ 876.005084][T15472] FAT-fs (loop0): Directory bread(block 65) failed [ 876.014614][T15472] FAT-fs (loop0): Directory bread(block 66) failed [ 876.022285][T15472] FAT-fs (loop0): Directory bread(block 67) failed [ 876.028865][T15472] FAT-fs (loop0): Directory bread(block 68) failed [ 876.049152][T15472] FAT-fs (loop0): Directory bread(block 69) failed [ 876.063021][T15472] FAT-fs (loop0): Directory bread(block 70) failed [ 876.077822][T15472] FAT-fs (loop0): Directory bread(block 71) failed [ 876.084669][T15472] FAT-fs (loop0): Directory bread(block 72) failed [ 876.091926][T15472] FAT-fs (loop0): Directory bread(block 73) failed [ 876.291422][T15488] syz.1.4606 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 877.177671][ T30] kauditd_printk_skb: 114 callbacks suppressed [ 877.177687][ T30] audit: type=1326 audit(1750529198.522:7177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15486 comm="syz.1.4606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 877.272163][ T30] audit: type=1400 audit(1750529198.532:7178): avc: denied { unmount } for pid=11659 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 877.315464][T15492] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4608'. [ 877.355547][ T30] audit: type=1400 audit(1750529198.664:7179): avc: denied { module_request } for pid=15491 comm="syz.4.4608" kmod="netdev-ipvlan1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 877.450419][ T30] audit: type=1400 audit(1750529198.806:7180): avc: denied { create } for pid=15504 comm="syz.1.4613" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 877.457683][T15503] loop4: detected capacity change from 0 to 512 [ 877.486822][ T30] audit: type=1400 audit(1750529198.826:7181): avc: denied { setopt } for pid=15504 comm="syz.1.4613" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 877.535477][T15511] SELinux: failed to load policy [ 877.549288][ T30] audit: type=1400 audit(1750529198.867:7182): avc: denied { execmem } for pid=15506 comm="syz.1.4614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 877.568871][ T30] audit: type=1400 audit(1750529198.887:7183): avc: denied { load_policy } for pid=15510 comm="syz.0.4616" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 877.593724][ T30] audit: type=1400 audit(1750529198.938:7184): avc: denied { mounton } for pid=15500 comm="syz.4.4611" path="/352/bus" dev="tmpfs" ino=1864 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 877.637038][T15503] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 877.668311][ T30] audit: type=1400 audit(1750529199.019:7185): avc: denied { mount } for pid=15500 comm="syz.4.4611" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 877.710934][T15503] ext4 filesystem being mounted at /352/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 877.783969][T15524] loop1: detected capacity change from 0 to 256 [ 877.825980][T15526] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4621'. [ 877.840136][T15528] mmap: syz.0.4622 (15528) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 877.852948][ T30] audit: type=1400 audit(1750529199.080:7186): avc: denied { create } for pid=15521 comm="syz.0.4620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 877.880035][T15503] EXT4-fs error (device loop4): ext4_do_update_inode:5234: inode #2: comm syz.4.4611: corrupted inode contents [ 877.908586][T15503] EXT4-fs error (device loop4): ext4_dirty_inode:6070: inode #2: comm syz.4.4611: mark_inode_dirty error [ 877.956465][T15503] EXT4-fs error (device loop4): ext4_do_update_inode:5234: inode #2: comm syz.4.4611: corrupted inode contents [ 878.115588][T15544] loop3: detected capacity change from 0 to 2048 [ 878.183467][T15544] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 878.445566][T15558] loop3: detected capacity change from 0 to 512 [ 878.490903][T15558] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 878.498093][T15558] EXT4-fs (loop3): Ignoring removed bh option [ 878.520851][T15558] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 878.553550][T15558] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 878.589783][T15558] EXT4-fs (loop3): 1 truncate cleaned up [ 878.595838][T15558] EXT4-fs (loop3): mounted filesystem without journal. Opts: mblk_io_submit,dioread_nolock,bh,errors=continue,nouid32,quota,nogrpid,,errors=continue. Quota mode: writeback. [ 878.830024][T15592] loop3: detected capacity change from 0 to 1024 [ 878.908242][T15597] loop0: detected capacity change from 0 to 128 [ 878.945834][T15592] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c800e02c, mo2=0000] [ 878.990352][T15592] EXT4-fs error (device loop3): ext4_map_blocks:630: inode #3: block 2: comm syz.3.4646: lblock 2 mapped to illegal pblock 2 (length 1) [ 879.026613][T15597] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 879.037911][T15597] ext4 filesystem being mounted at /264/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 879.086152][T15592] EXT4-fs (loop3): Remounting filesystem read-only [ 879.109269][T15592] EXT4-fs error (device loop3): ext4_map_blocks:630: inode #3: block 48: comm syz.3.4646: lblock 0 mapped to illegal pblock 48 (length 1) [ 879.179743][T15592] EXT4-fs (loop3): Remounting filesystem read-only [ 879.217348][T15592] EXT4-fs error (device loop3): ext4_acquire_dquot:6195: comm syz.3.4646: Failed to acquire dquot type 0 [ 879.289211][T15592] EXT4-fs (loop3): Remounting filesystem read-only [ 879.329373][T15592] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5866: Corrupt filesystem [ 879.358366][T15592] EXT4-fs (loop3): Remounting filesystem read-only [ 879.378403][T15592] EXT4-fs error (device loop3): ext4_evict_inode:283: inode #11: comm syz.3.4646: mark_inode_dirty error [ 879.447043][T15592] EXT4-fs (loop3): Remounting filesystem read-only [ 879.456691][T15607] loop0: detected capacity change from 0 to 256 [ 879.503631][T15592] EXT4-fs warning (device loop3): ext4_evict_inode:286: couldn't mark inode dirty (err -117) [ 879.544773][T15592] EXT4-fs (loop3): 1 orphan inode deleted [ 879.560427][ T9806] EXT4-fs error (device loop3): ext4_map_blocks:630: inode #3: block 1: comm kworker/u4:339: lblock 1 mapped to illegal pblock 1 (length 1) [ 879.585089][T15592] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,noblock_validity,grpjquota=,init_itable=0x0000000000000006,debug,errors=remount-ro,. Quota mode: none. [ 879.639157][ T9806] EXT4-fs (loop3): Remounting filesystem read-only [ 879.684891][ T9806] EXT4-fs error (device loop3): ext4_release_dquot:6231: comm kworker/u4:339: Failed to release dquot type 0 [ 879.778101][ T9806] EXT4-fs (loop3): Remounting filesystem read-only [ 880.154573][T11515] EXT4-fs error (device loop3): __ext4_get_inode_loc:4352: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 880.191829][T11515] EXT4-fs (loop3): Remounting filesystem read-only [ 880.198384][T11515] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5866: Corrupt filesystem [ 880.228469][T11515] EXT4-fs (loop3): Remounting filesystem read-only [ 880.248432][T11515] EXT4-fs error (device loop3): ext4_quota_off:6501: inode #3: comm syz-executor: mark_inode_dirty error [ 880.280430][T11515] EXT4-fs (loop3): Remounting filesystem read-only [ 880.306906][T15612] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4655'. [ 880.523489][T15622] loop0: detected capacity change from 0 to 128 [ 880.589181][T15627] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4662'. [ 880.604107][T15622] attempt to access beyond end of device [ 880.604107][T15622] loop0: rw=2049, want=234, limit=128 [ 880.880747][T15643] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4670'. [ 881.001625][T15648] loop1: detected capacity change from 0 to 256 [ 881.585976][T15652] netlink: 'syz.3.4673': attribute type 3 has an invalid length. [ 881.646712][T15657] loop4: detected capacity change from 0 to 1024 [ 881.691388][T15664] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4678'. [ 881.729639][T15657] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 881.738570][T15666] tipc: Started in network mode [ 881.738586][T15666] tipc: Node identity c, cluster identity 3142 [ 881.738596][T15666] tipc: Node number set to 12 [ 881.790369][T15676] loop2: detected capacity change from 0 to 512 [ 881.831764][T15676] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.4680: bg 0: block 248: padding at end of block bitmap is not set [ 881.847358][T15676] EXT4-fs error (device loop2): ext4_acquire_dquot:6195: comm syz.2.4680: Failed to acquire dquot type 1 [ 881.861911][T15676] EXT4-fs (loop2): 1 truncate cleaned up [ 881.867589][T15676] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 881.879073][T15676] ext4 filesystem being mounted at /296/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 881.911009][T15686] loop1: detected capacity change from 0 to 128 [ 881.998461][T15688] loop4: detected capacity change from 0 to 256 [ 882.046261][T15691] loop3: detected capacity change from 0 to 512 [ 882.088736][T15691] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 882.103623][T15691] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.4686: inode #13: comm syz.3.4686: iget: illegal inode # [ 882.107519][T15700] xt_hashlimit: max too large, truncated to 1048576 [ 882.117214][T15691] EXT4-fs (loop3): Remounting filesystem read-only [ 882.129688][T15691] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.4686: couldn't read orphan inode 13 (err -117) [ 882.153930][T15691] EXT4-fs (loop3): Remounting filesystem read-only [ 882.160847][T15691] EXT4-fs (loop3): mounted filesystem without journal. Opts: user_xattr,errors=remount-ro,noblock_validity,abort,mblk_io_submit,nogrpid,nodelalloc,delalloc,prjquota,. Quota mode: writeback. [ 882.183878][T15702] loop1: detected capacity change from 0 to 128 [ 882.212512][ T30] kauditd_printk_skb: 80 callbacks suppressed [ 882.212530][ T30] audit: type=1400 audit(1750529459.569:7262): avc: denied { mounton } for pid=15689 comm="syz.3.4686" path="/406/bus" dev="tmpfs" ino=2126 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 882.251079][T15691] loop_set_status: loop3 () has still dirty pages (nrpages=1) [ 882.270613][ T30] audit: type=1400 audit(1750529459.619:7263): avc: denied { unmount } for pid=11515 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 882.318406][ T30] audit: type=1326 audit(1750529459.669:7264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15707 comm="syz.1.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 882.348399][ T30] audit: type=1326 audit(1750529459.669:7265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15707 comm="syz.1.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 882.373096][ T30] audit: type=1326 audit(1750529459.669:7266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15707 comm="syz.1.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 882.397400][ T30] audit: type=1326 audit(1750529459.669:7267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15707 comm="syz.1.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 882.421117][ T30] audit: type=1326 audit(1750529459.669:7268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15707 comm="syz.1.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 882.446383][ T30] audit: type=1326 audit(1750529459.669:7269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15707 comm="syz.1.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 882.470404][ T30] audit: type=1326 audit(1750529459.669:7270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15707 comm="syz.1.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 882.497627][ T30] audit: type=1326 audit(1750529459.669:7271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15707 comm="syz.1.4693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 882.538092][T15717] loop3: detected capacity change from 0 to 512 [ 882.562296][T15717] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 882.573931][T15717] EXT4-fs (loop3): 1 truncate cleaned up [ 882.579683][T15717] EXT4-fs (loop3): mounted filesystem without journal. Opts: init_itable,resuid=0x0000000000000000,stripe=0x0000000000000000,,errors=continue. Quota mode: none. [ 882.702608][T15722] loop4: detected capacity change from 0 to 512 [ 882.724719][T15722] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 882.736695][T15722] ext4 filesystem being mounted at /358/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 882.763134][T15722] EXT4-fs error (device loop4): ext4_do_update_inode:5234: inode #2: comm syz.4.4700: corrupted inode contents [ 882.778997][T15722] EXT4-fs error (device loop4): ext4_dirty_inode:6070: inode #2: comm syz.4.4700: mark_inode_dirty error [ 882.785735][T15730] loop3: detected capacity change from 0 to 128 [ 882.790811][T15722] EXT4-fs error (device loop4): ext4_do_update_inode:5234: inode #2: comm syz.4.4700: corrupted inode contents [ 882.812283][T15722] EXT4-fs error (device loop4): ext4_do_update_inode:5234: inode #2: comm syz.4.4700: corrupted inode contents [ 882.824467][T15722] EXT4-fs error (device loop4): ext4_dirty_inode:6070: inode #2: comm syz.4.4700: mark_inode_dirty error [ 882.836345][T15722] EXT4-fs error (device loop4): ext4_do_update_inode:5234: inode #2: comm syz.4.4700: corrupted inode contents [ 882.848449][T15722] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #2: comm syz.4.4700: mark_inode_dirty error [ 882.860012][T15722] EXT4-fs error (device loop4): ext4_do_update_inode:5234: inode #2: comm syz.4.4700: corrupted inode contents [ 882.872051][T15722] EXT4-fs error (device loop4): ext4_dirty_inode:6070: inode #2: comm syz.4.4700: mark_inode_dirty error [ 882.884810][T15731] EXT4-fs error (device loop4): ext4_do_update_inode:5234: inode #2: comm syz.4.4700: corrupted inode contents [ 883.042260][T15743] syz.4.4709[15743] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 883.042381][T15743] syz.4.4709[15743] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 883.522598][T15770] loop4: detected capacity change from 0 to 256 [ 884.399360][T15825] loop4: detected capacity change from 0 to 256 [ 884.829046][T15840] loop3: detected capacity change from 0 to 512 [ 884.924357][T15846] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4752'. [ 884.984015][T15854] x_tables: duplicate underflow at hook 2 [ 884.984565][T15852] loop2: detected capacity change from 0 to 1024 [ 884.997810][T15840] EXT4-fs (loop3): mounted filesystem without journal. Opts: noquota,noquota,grpjquota=,noauto_da_alloc,dioread_lock,,errors=continue. Quota mode: writeback. [ 885.020390][T15840] ext4 filesystem being mounted at /423/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 885.046651][T15840] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz.3.4750: corrupted xattr block 19 [ 885.050818][T15859] loop1: detected capacity change from 0 to 512 [ 885.068865][T15840] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 885.104551][T15840] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz.3.4750: corrupted xattr block 19 [ 885.123925][T15852] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,,errors=continue. Quota mode: none. [ 885.129746][T15840] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 885.170166][T15859] EXT4-fs (loop1): mounted filesystem without journal. Opts: user_xattr,grpjquota=,nodelalloc,,errors=continue. Quota mode: writeback. [ 885.184283][T15859] ext4 filesystem being mounted at /313/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 885.202790][ T3412] kernel write not supported for file /706/loginuid (pid: 3412 comm: kworker/0:9) [ 885.384917][T15895] syz.3.4773[15895] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 885.385001][T15895] syz.3.4773[15895] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 885.407896][T15897] xt_hashlimit: size too large, truncated to 1048576 [ 885.430932][T15895] loop9: detected capacity change from 0 to 7 [ 885.657200][T15912] loop2: detected capacity change from 0 to 8192 [ 885.729932][T15915] loop3: detected capacity change from 0 to 256 [ 885.750532][T15914] loop2: detected capacity change from 0 to 512 [ 885.822185][T15921] loop4: detected capacity change from 0 to 512 [ 885.845347][T15914] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 885.854448][T15914] EXT4-fs (loop2): orphan cleanup on readonly fs [ 885.871933][T15921] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 885.908870][T15914] EXT4-fs error (device loop2): ext4_do_update_inode:5234: inode #16: comm syz.2.4778: corrupted inode contents [ 885.928849][T15921] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 885.936676][T15914] EXT4-fs (loop2): Remounting filesystem read-only [ 885.944924][T15914] EXT4-fs error (device loop2): ext4_dirty_inode:6070: inode #16: comm syz.2.4778: mark_inode_dirty error [ 885.945330][T15921] System zones: [ 885.956581][T15914] EXT4-fs (loop2): Remounting filesystem read-only [ 885.956649][T15921] 1-12 [ 885.960188][T15914] EXT4-fs error (device loop2): ext4_do_update_inode:5234: inode #16: comm syz.2.4778: corrupted inode contents [ 885.967703][T15921] [ 885.969717][T15914] EXT4-fs (loop2): Remounting filesystem read-only [ 885.982787][T15921] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2228: inode #15: comm syz.4.4781: corrupted in-inode xattr [ 885.983685][T15914] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #16: comm syz.2.4778: mark_inode_dirty error [ 885.984013][T15914] EXT4-fs (loop2): Remounting filesystem read-only [ 885.990928][T15921] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.4781: couldn't read orphan inode 15 (err -117) [ 886.002435][T15914] EXT4-fs error (device loop2): ext4_do_update_inode:5234: inode #16: comm syz.2.4778: corrupted inode contents [ 886.014988][T15921] EXT4-fs (loop4): mounted filesystem without journal. Opts: nogrpid,jqfmt=vfsv0,jqfmt=vfsold,debug,nombcache,quota,nolazytime,,errors=continue. Quota mode: writeback. [ 886.020421][T15914] EXT4-fs (loop2): Remounting filesystem read-only [ 886.073083][T15914] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 886.087147][T15914] EXT4-fs (loop2): Remounting filesystem read-only [ 886.093765][T15914] EXT4-fs error (device loop2): ext4_do_update_inode:5234: inode #16: comm syz.2.4778: corrupted inode contents [ 886.105925][T15914] EXT4-fs (loop2): Remounting filesystem read-only [ 886.112519][T15914] EXT4-fs error (device loop2): ext4_truncate:4304: inode #16: comm syz.2.4778: mark_inode_dirty error [ 886.124230][T15914] EXT4-fs (loop2): Remounting filesystem read-only [ 886.131020][T15914] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 886.140113][T15914] EXT4-fs (loop2): Remounting filesystem read-only [ 886.146999][T15914] EXT4-fs (loop2): 1 truncate cleaned up [ 886.153062][T15914] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,discard,. Quota mode: writeback. [ 886.983315][T15977] loop4: detected capacity change from 0 to 256 [ 887.209753][T15991] loop2: detected capacity change from 0 to 1024 [ 887.318213][T15991] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 887.359759][ T30] kauditd_printk_skb: 208 callbacks suppressed [ 887.359774][ T30] audit: type=1400 audit(1750529464.709:7480): avc: denied { write } for pid=15997 comm="syz.1.4813" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 887.411437][T15998] loop1: detected capacity change from 0 to 8192 [ 887.471273][T16004] netlink: 3 bytes leftover after parsing attributes in process `syz.0.4816'. [ 887.543343][ T5338] loop1: p1 p3 p4 [ 887.547269][ T5338] loop1: p1 size 8390912 extends beyond EOD, truncated [ 887.563066][ T5338] loop1: p3 size 589824 extends beyond EOD, truncated [ 887.581228][T15998] loop1: p1 p3 p4 [ 887.585538][T15998] loop1: p1 size 8390912 extends beyond EOD, truncated [ 887.596364][T15998] loop1: p3 size 589824 extends beyond EOD, truncated [ 887.959284][ T30] audit: type=1400 audit(1750529465.309:7481): avc: denied { compute_member } for pid=16023 comm="syz.0.4824" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 887.995149][ T343] udevd[343]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 888.006209][ T337] udevd[337]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 888.024495][ T5338] udevd[5338]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 888.036193][ T30] audit: type=1400 audit(1750529465.389:7482): avc: denied { read write } for pid=16028 comm="syz.0.4826" name="rtc0" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 888.053362][ T343] udevd[343]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 888.071165][ T337] udevd[337]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 888.071588][T16031] loop1: detected capacity change from 0 to 128 [ 888.082664][ T30] audit: type=1400 audit(1750529465.419:7483): avc: denied { open } for pid=16028 comm="syz.0.4826" path="/dev/rtc0" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 888.113150][ T5338] udevd[5338]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 888.130429][T16031] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 550) [ 888.148018][ T30] audit: type=1326 audit(1750529465.499:7484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16037 comm="syz.0.4829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 888.156205][T16031] FAT-fs (loop1): Filesystem has been set read-only [ 888.204508][ T30] audit: type=1326 audit(1750529465.529:7485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16037 comm="syz.0.4829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 888.235943][T12276] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 550) [ 888.246537][ T30] audit: type=1326 audit(1750529465.529:7486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16037 comm="syz.0.4829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 888.270342][ T30] audit: type=1400 audit(1750529465.589:7487): avc: denied { create } for pid=16041 comm="syz.0.4831" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 888.372214][ T30] audit: type=1400 audit(1750529465.589:7488): avc: denied { write } for pid=16041 comm="syz.0.4831" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 888.392106][ T30] audit: type=1400 audit(1750529465.589:7489): avc: denied { mount } for pid=16041 comm="syz.0.4831" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 888.410980][T16042] kernel profiling enabled (shift: 6) [ 888.836576][T16087] loop1: detected capacity change from 0 to 256 [ 888.855439][T16091] loop0: detected capacity change from 0 to 1024 [ 888.930839][T16091] EXT4-fs (loop0): Ignoring removed orlov option [ 888.937297][T16091] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 888.980553][T16091] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 889.286960][T16144] loop2: detected capacity change from 0 to 512 [ 889.359976][T16144] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 889.372485][T16144] ext4 filesystem being mounted at /341/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 889.505977][T16161] loop2: detected capacity change from 0 to 1024 [ 889.519522][T16165] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4882'. [ 889.536640][T16165] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4882'. [ 889.555348][T16161] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 889.569891][T16161] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 889.583966][T16161] JBD2: no valid journal superblock found [ 889.603882][T16161] EXT4-fs (loop2): error loading journal [ 889.870913][T16189] loop2: detected capacity change from 0 to 512 [ 890.154707][T16189] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 890.166375][T16189] ext4 filesystem being mounted at /343/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 890.993950][T16218] syz.2.4904[16218] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 890.994021][T16218] syz.2.4904[16218] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 891.059878][T16228] loop2: detected capacity change from 0 to 512 [ 891.081452][T16228] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled [ 891.125513][T16233] loop3: detected capacity change from 0 to 1024 [ 891.136690][T16233] EXT4-fs (loop3): Ignoring removed nobh option [ 891.151364][T16233] EXT4-fs (loop3): Ignoring removed bh option [ 891.157759][T16233] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 891.170945][T16228] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv0,,errors=continue. Quota mode: writeback. [ 891.192523][T16228] ext4 filesystem being mounted at /347/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 891.212152][T16233] EXT4-fs (loop3): mounted filesystem without journal. Opts: data_err=ignore,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,delalloc,grpquota,nobh,user_xattr,bh,dioread_nolock,quota,,errors=continue. Quota mode: writeback. [ 891.223871][T16244] loop1: detected capacity change from 0 to 512 [ 891.256659][T16233] EXT4-fs (loop3): shut down requested (0) [ 891.273700][T16244] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 891.303343][T16244] EXT4-fs (loop1): 1 truncate cleaned up [ 891.309340][T16244] EXT4-fs (loop1): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000004,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 891.406825][T16253] loop3: detected capacity change from 0 to 8192 [ 891.455132][T16261] loop0: detected capacity change from 0 to 512 [ 891.521229][T16261] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 891.540562][T16261] ext4 filesystem being mounted at /336/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 891.640638][T16276] loop1: detected capacity change from 0 to 256 [ 891.721571][T16282] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4928'. [ 891.927804][T16306] loop0: detected capacity change from 0 to 8192 [ 891.977489][T16306] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 892.018251][T16312] x_tables: unsorted underflow at hook 2 [ 892.037998][T16314] loop0: detected capacity change from 0 to 128 [ 892.076212][T16322] 9pnet: Could not find request transport: rdma [ 892.211435][T16337] loop0: detected capacity change from 0 to 512 [ 892.236846][T16341] loop2: detected capacity change from 0 to 1024 [ 892.264811][T16337] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback. [ 892.284827][T16337] ext4 filesystem being mounted at /344/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 892.288052][T16341] EXT4-fs (loop2): Ignoring removed bh option [ 892.323393][T16341] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bh,,errors=continue. Quota mode: none. [ 892.337891][T16341] ext4 filesystem being mounted at /365/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 892.354110][T16341] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 892.369338][T16341] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 43 with error 28 [ 892.381969][T16341] EXT4-fs (loop2): This should not happen!! Data will be lost [ 892.381969][T16341] [ 892.392159][T16341] EXT4-fs (loop2): Total free blocks count 0 [ 892.398256][T16341] EXT4-fs (loop2): Free/Dirty block details [ 892.404904][T16341] EXT4-fs (loop2): free_blocks=4293918720 [ 892.410893][T16341] EXT4-fs (loop2): dirty_blocks=48 [ 892.416094][T16341] EXT4-fs (loop2): Block reservation details [ 892.422370][T16341] EXT4-fs (loop2): i_reserved_data_blocks=3 [ 892.438348][T16351] loop1: detected capacity change from 0 to 512 [ 892.455567][ T30] kauditd_printk_skb: 532 callbacks suppressed [ 892.455584][ T30] audit: type=1326 audit(1750529469.809:8022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16352 comm="syz.0.4959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 892.486115][ T30] audit: type=1326 audit(1750529469.809:8023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16352 comm="syz.0.4959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 892.517864][T16351] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option [ 892.526413][ T30] audit: type=1326 audit(1750529469.809:8024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16352 comm="syz.0.4959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 892.541757][T16351] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 892.550883][ T30] audit: type=1326 audit(1750529469.809:8025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16352 comm="syz.0.4959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 892.585634][ T30] audit: type=1326 audit(1750529469.809:8026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16352 comm="syz.0.4959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 892.625796][T16351] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,dioread_nolock,nomblk_io_submit,,errors=continue. Quota mode: writeback. [ 892.648977][T16361] loop2: detected capacity change from 0 to 512 [ 892.650514][T16351] ext4 filesystem being mounted at /335/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 892.702634][T16361] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 892.716055][T16361] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec018, mo2=0002] [ 892.724588][T16361] System zones: 1-12 [ 892.728911][T16361] EXT4-fs (loop2): orphan cleanup on readonly fs [ 892.735563][T16361] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2825: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 892.748846][T16361] EXT4-fs (loop2): 1 truncate cleaned up [ 892.762026][T16361] EXT4-fs (loop2): mounted filesystem without journal. Opts: quota,resuid=0x000000000000ee01,debug,debug_want_extra_isize=0x000000000000007e,data_err=ignore,grpjquota=,,errors=continue. Quota mode: writeback. [ 892.826568][ T30] audit: type=1400 audit(1750529470.179:8027): avc: denied { create } for pid=16372 comm="syz.2.4968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 892.873577][ T30] audit: type=1400 audit(1750529470.199:8028): avc: denied { write } for pid=16372 comm="syz.2.4968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 892.893837][ T30] audit: type=1400 audit(1750529470.199:8029): avc: denied { read } for pid=16372 comm="syz.2.4968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 892.913599][ T30] audit: type=1400 audit(1750529470.209:8030): avc: denied { execmem } for pid=16374 comm="syz.1.4969" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 893.051482][T16383] loop1: detected capacity change from 0 to 256 [ 893.114191][ T30] audit: type=1400 audit(1750529470.469:8031): avc: denied { setopt } for pid=16386 comm="syz.2.4983" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 893.279185][T16389] xt_hashlimit: max too large, truncated to 1048576 [ 893.328837][T16399] loop2: detected capacity change from 0 to 512 [ 893.371959][T16399] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 893.379349][T16399] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 893.402558][T16399] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,dioread_nolock,nomblk_io_submit,,errors=continue. Quota mode: writeback. [ 893.423322][T16399] ext4 filesystem being mounted at /375/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 893.643695][T16418] loop0: detected capacity change from 0 to 512 [ 893.745046][T16418] EXT4-fs (loop0): orphan cleanup on readonly fs [ 893.762258][T16418] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.4988: bg 0: block 248: padding at end of block bitmap is not set [ 893.777862][T16418] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.4988: Failed to acquire dquot type 1 [ 893.792085][T16418] EXT4-fs (loop0): 1 truncate cleaned up [ 893.798541][T16418] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 894.222543][T16433] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=16433 comm=syz.1.4993 [ 894.465360][T16443] xt_hashlimit: max too large, truncated to 1048576 [ 894.544196][T16449] loop2: detected capacity change from 0 to 128 [ 894.624953][T16453] loop0: detected capacity change from 0 to 2048 [ 894.707371][T16453] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 894.725335][T16468] syz.3.5008[16468] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 894.725419][T16468] syz.3.5008[16468] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 894.790706][T16470] loop1: detected capacity change from 0 to 256 [ 894.883149][T16453] EXT4-fs error (device loop0): ext4_find_extent:929: inode #2: comm syz.0.5003: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 894.918414][T16453] EXT4-fs error (device loop0): ext4_find_extent:929: inode #2: comm syz.0.5003: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 894.922033][T16468] device syzkaller0 entered promiscuous mode [ 894.951131][T16453] EXT4-fs error (device loop0): ext4_find_extent:929: inode #2: comm syz.0.5003: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 894.981541][T16453] EXT4-fs error (device loop0): ext4_ext_precache:608: inode #2: comm syz.0.5003: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 895.161083][T16492] loop3: detected capacity change from 0 to 1024 [ 895.181803][T16492] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 895.192967][T16492] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 895.198271][T16495] syz.2.5020[16495] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 895.204262][T16495] syz.2.5020[16495] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 895.205851][T16492] JBD2: no valid journal superblock found [ 895.235244][T16492] EXT4-fs (loop3): error loading journal [ 895.264040][T16499] netlink: 144 bytes leftover after parsing attributes in process `syz.4.5022'. [ 895.479057][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.487186][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.495038][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.503675][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.511591][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.518337][T16532] loop1: detected capacity change from 0 to 128 [ 895.519093][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.533040][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.540488][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.547896][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.555417][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.562896][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.570434][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.581032][T16532] EXT4-fs (loop1): Ignoring removed nobh option [ 895.586149][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.595093][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.602702][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.611835][T16532] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobh,usrjquota=,,errors=continue. Quota mode: none. [ 895.619798][T16538] netlink: 'syz.0.5039': attribute type 4 has an invalid length. [ 895.624751][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.635099][T16532] ext4 filesystem being mounted at /346/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 895.639353][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.653697][T16538] netlink: 'syz.0.5039': attribute type 4 has an invalid length. [ 895.659271][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.674863][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.733511][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.741106][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.748946][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.756613][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.764071][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.771512][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.778935][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.786391][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.793833][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.801324][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.808873][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.816429][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.824009][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.831580][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.839124][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.846726][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.854236][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.862001][T16542] loop0: detected capacity change from 0 to 512 [ 895.868593][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.876346][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.883954][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.891727][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.893532][T16542] EXT4-fs error (device loop0): ext4_orphan_get:1427: comm syz.0.5040: bad orphan inode 15 [ 895.909687][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.910337][T16542] ext4_test_bit(bit=14, block=18) = 1 [ 895.922721][T16542] is_bad_inode(inode)=0 [ 895.927200][T16542] NEXT_ORPHAN(inode)=1023 [ 895.931632][T16542] max_ino=32 [ 895.934886][T16542] i_nlink=0 [ 895.938499][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.939181][T16542] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2941: inode #15: comm syz.0.5040: corrupted xattr block 19 [ 895.958326][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 895.958649][T16542] EXT4-fs warning (device loop0): ext4_evict_inode:303: xattr delete (err -117) [ 895.974935][T16542] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 895.985705][T16542] ext4 filesystem being mounted at /361/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 896.009167][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 896.016717][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 896.024300][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 896.031838][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 896.039434][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 896.047051][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 896.054695][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 896.062285][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 896.069883][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 896.077456][ T444] hid-generic 0008:0006:0007.00AA: unknown main item tag 0x0 [ 896.088360][ T444] hid-generic 0008:0006:0007.00AA: hidraw0: HID v0.0b Device [syz1] on syz1 [ 896.537789][T16546] fido_id[16546]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 896.609059][T16558] loop1: detected capacity change from 0 to 256 [ 897.491370][ T30] kauditd_printk_skb: 72 callbacks suppressed [ 897.491388][ T30] audit: type=1400 audit(1750529474.849:8102): avc: denied { create } for pid=16568 comm="syz.3.5051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 897.602240][ T30] audit: type=1400 audit(1750529474.879:8103): avc: denied { write } for pid=16568 comm="syz.3.5051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 897.644094][T16575] loop3: detected capacity change from 0 to 1024 [ 897.703813][T16575] EXT4-fs (loop3): Ignoring removed orlov option [ 897.761227][T16575] EXT4-fs (loop3): mounted filesystem without journal. Opts: resgid=0x0000000000000000,bsddf,grpquota,nobarrier,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback. [ 897.827276][ T30] audit: type=1400 audit(1750529475.179:8104): avc: denied { create } for pid=16595 comm="syz.4.5061" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 897.857056][T16586] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5059'. [ 897.857253][ T30] audit: type=1400 audit(1750529475.199:8105): avc: denied { connect } for pid=16595 comm="syz.4.5061" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 897.951530][T16604] loop1: detected capacity change from 0 to 256 [ 898.011675][ T30] audit: type=1400 audit(1750529475.369:8106): avc: denied { read } for pid=16602 comm="syz.4.5063" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 898.244608][T16608] loop3: detected capacity change from 0 to 512 [ 898.290956][T16608] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 898.337319][T16608] EXT4-fs (loop3): mounted filesystem without journal. Opts: discard,mblk_io_submit,grpjquota=,quota,nobarrier,,errors=continue. Quota mode: writeback. [ 898.357500][T16608] ext4 filesystem being mounted at /477/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 898.542212][ T30] audit: type=1326 audit(1750529475.899:8107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16614 comm="syz.2.5067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 898.625091][ T30] audit: type=1326 audit(1750529475.929:8108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16614 comm="syz.2.5067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 898.676881][ T30] audit: type=1326 audit(1750529475.929:8109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16614 comm="syz.2.5067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 898.701122][T16621] syz.3.5070[16621] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 898.701211][T16621] syz.3.5070[16621] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 898.749803][T16623] IPv4: Oversized IP packet from 127.202.26.0 [ 898.808818][T16621] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5070'. [ 898.817959][ T30] audit: type=1326 audit(1750529475.929:8110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16614 comm="syz.2.5067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 898.860321][ T30] audit: type=1326 audit(1750529475.929:8111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16614 comm="syz.2.5067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 899.029665][T16634] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 899.360902][T16661] loop0: detected capacity change from 0 to 256 [ 900.068792][T16669] syz.4.5085[16669] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 900.068880][T16669] syz.4.5085[16669] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 900.082707][T16669] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5085'. [ 900.104764][T16669] netem: change failed [ 900.268967][T16688] loop2: detected capacity change from 0 to 4096 [ 900.277410][T16692] loop3: detected capacity change from 0 to 512 [ 900.311259][T16692] EXT4-fs (loop3): first meta block group too large: 768 (group descriptor block count 1) [ 900.341640][T16688] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 900.418640][ T58] hid-generic 0000:0000:0000.00AB: unknown main item tag 0x0 [ 900.438054][ T58] hid-generic 0000:0000:0000.00AB: hidraw0: HID v0.00 Device [syz1] on syz0 [ 901.177663][T16710] syz.0.5098[16710] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 901.177749][T16710] syz.0.5098[16710] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 901.201673][T16710] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5098'. [ 901.232917][T16710] netem: change failed [ 901.270379][T16706] loop4: detected capacity change from 0 to 256 [ 901.284519][T16722] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5109'. [ 901.293654][T16722] 8021q: VLANs not supported on ip6_vti0 [ 902.132179][T16743] loop2: detected capacity change from 0 to 1024 [ 902.195733][T16743] EXT4-fs (loop2): Ignoring removed oldalloc option [ 902.208561][T16743] EXT4-fs (loop2): Ignoring removed bh option [ 902.215716][T16743] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 902.242158][T16743] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,mb_optimize_scan=0x0000000000000001,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback. [ 902.297529][T16763] serio: Serial port ptm0 [ 902.403361][T16767] loop3: detected capacity change from 0 to 256 [ 902.503420][ T30] kauditd_printk_skb: 679 callbacks suppressed [ 902.503445][ T30] audit: type=1326 audit(1750529992.862:8791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16738 comm="syz.1.5113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f30e1e078e7 code=0x7ffc0000 [ 902.545889][ T30] audit: type=1326 audit(1750529992.892:8792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16738 comm="syz.1.5113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f30e1dacb19 code=0x7ffc0000 [ 902.578080][ T30] audit: type=1326 audit(1750529992.892:8793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16738 comm="syz.1.5113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 902.610147][ T30] audit: type=1326 audit(1750529992.892:8794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16738 comm="syz.1.5113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f30e1e078e7 code=0x7ffc0000 [ 902.634450][ T30] audit: type=1326 audit(1750529992.892:8795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16738 comm="syz.1.5113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f30e1dacb19 code=0x7ffc0000 [ 902.664144][ T30] audit: type=1326 audit(1750529992.892:8796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16738 comm="syz.1.5113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 902.688762][ T30] audit: type=1326 audit(1750529992.902:8797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16738 comm="syz.1.5113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f30e1e078e7 code=0x7ffc0000 [ 902.750839][T16782] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5132'. [ 902.771504][T16782] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5132'. [ 902.782600][ T30] audit: type=1326 audit(1750529992.902:8798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16738 comm="syz.1.5113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f30e1dacb19 code=0x7ffc0000 [ 902.859924][ T30] audit: type=1326 audit(1750529992.902:8799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16738 comm="syz.1.5113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 902.896320][ T30] audit: type=1326 audit(1750529992.922:8800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16738 comm="syz.1.5113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f30e1e078e7 code=0x7ffc0000 [ 902.973493][T16797] 9pnet: Could not find request transport: rdma [ 903.293295][T16832] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5156'. [ 903.314429][T16832] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16832 comm=syz.4.5156 [ 903.389015][T16837] loop1: detected capacity change from 0 to 512 [ 903.407504][T16837] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback. [ 903.424366][T16837] ext4 filesystem being mounted at /370/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 903.476111][T16837] EXT4-fs error (device loop1): ext4_do_update_inode:5234: inode #19: comm syz.1.5157: corrupted inode contents [ 903.489315][T16837] EXT4-fs error (device loop1): ext4_dirty_inode:6070: inode #19: comm syz.1.5157: mark_inode_dirty error [ 903.502165][T16837] EXT4-fs error (device loop1): ext4_do_update_inode:5234: inode #19: comm syz.1.5157: corrupted inode contents [ 903.514308][T16837] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2970: inode #19: comm syz.1.5157: mark_inode_dirty error [ 903.526805][T16837] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2973: inode #19: comm syz.1.5157: mark inode dirty (error -117) [ 903.539616][T16837] EXT4-fs warning (device loop1): ext4_evict_inode:303: xattr delete (err -117) [ 903.665122][T16851] loop1: detected capacity change from 0 to 512 [ 903.770880][T16855] loop2: detected capacity change from 0 to 256 [ 903.780863][T16851] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 903.796081][T16851] ext4 filesystem being mounted at /372/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 903.863996][T16851] EXT4-fs error (device loop1): ext4_do_update_inode:5234: inode #2: comm syz.1.5162: corrupted inode contents [ 903.876565][T16851] EXT4-fs error (device loop1): ext4_dirty_inode:6070: inode #2: comm syz.1.5162: mark_inode_dirty error [ 903.890198][T16851] EXT4-fs error (device loop1): ext4_do_update_inode:5234: inode #2: comm syz.1.5162: corrupted inode contents [ 903.903105][T16851] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #2: comm syz.1.5162: mark_inode_dirty error [ 903.920101][T16861] EXT4-fs warning (device loop1): ext4_empty_dir:3147: inode #18: comm syz.1.5162: directory missing '.' [ 904.598407][T16877] loop3: detected capacity change from 0 to 512 [ 904.704844][T16879] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5172'. [ 904.741172][T16879] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16879 comm=syz.1.5172 [ 904.783496][T16877] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback. [ 904.821457][T16877] ext4 filesystem being mounted at /498/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 904.876905][T16877] EXT4-fs error (device loop3): ext4_do_update_inode:5234: inode #19: comm syz.3.5170: corrupted inode contents [ 904.889359][T16877] EXT4-fs error (device loop3): ext4_dirty_inode:6070: inode #19: comm syz.3.5170: mark_inode_dirty error [ 904.901228][T16877] EXT4-fs error (device loop3): ext4_do_update_inode:5234: inode #19: comm syz.3.5170: corrupted inode contents [ 904.913532][T16877] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2970: inode #19: comm syz.3.5170: mark_inode_dirty error [ 904.926161][T16877] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2973: inode #19: comm syz.3.5170: mark inode dirty (error -117) [ 904.938955][T16877] EXT4-fs warning (device loop3): ext4_evict_inode:303: xattr delete (err -117) [ 905.029162][T16889] loop2: detected capacity change from 0 to 256 [ 905.046472][T16892] loop4: detected capacity change from 0 to 512 [ 905.115336][T16892] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 905.149858][T16892] ext4 filesystem being mounted at /446/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 905.163749][T16892] EXT4-fs error (device loop4): ext4_do_update_inode:5234: inode #2: comm syz.4.5177: corrupted inode contents [ 905.176626][T16892] EXT4-fs error (device loop4): ext4_dirty_inode:6070: inode #2: comm syz.4.5177: mark_inode_dirty error [ 905.188207][T16892] EXT4-fs error (device loop4): ext4_do_update_inode:5234: inode #2: comm syz.4.5177: corrupted inode contents [ 905.200549][T16892] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #2: comm syz.4.5177: mark_inode_dirty error [ 905.215996][T16892] EXT4-fs warning (device loop4): ext4_empty_dir:3147: inode #18: comm syz.4.5177: directory missing '.' [ 905.303933][T16905] loop1: detected capacity change from 0 to 256 [ 905.956719][T16918] loop1: detected capacity change from 0 to 256 [ 906.006703][T16929] loop3: detected capacity change from 0 to 512 [ 906.099497][T16929] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 906.142252][T16929] ext4 filesystem being mounted at /503/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 906.169138][T16929] EXT4-fs error (device loop3): ext4_do_update_inode:5234: inode #2: comm syz.3.5192: corrupted inode contents [ 906.195715][T16929] EXT4-fs error (device loop3): ext4_dirty_inode:6070: inode #2: comm syz.3.5192: mark_inode_dirty error [ 906.227563][T16929] EXT4-fs error (device loop3): ext4_do_update_inode:5234: inode #2: comm syz.3.5192: corrupted inode contents [ 906.239992][T16929] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #2: comm syz.3.5192: mark_inode_dirty error [ 906.261209][T16929] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #18: comm syz.3.5192: directory missing '.' [ 906.277721][T16957] loop0: detected capacity change from 0 to 1024 [ 906.351780][T16957] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 906.363079][T16957] ext4 filesystem being mounted at /385/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 906.414996][ T9787] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm kworker/u4:320: bg 0: block 393: padding at end of block bitmap is not set [ 906.430216][ T9787] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2035 with error 117 [ 906.443139][ T9787] EXT4-fs (loop0): This should not happen!! Data will be lost [ 906.443139][ T9787] [ 906.483610][T16967] loop3: detected capacity change from 0 to 256 [ 907.078840][T16970] loop0: detected capacity change from 0 to 512 [ 907.119648][T16970] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 907.130873][T16970] ext4 filesystem being mounted at /386/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 907.154229][T16970] EXT4-fs error (device loop0): ext4_do_update_inode:5234: inode #2: comm syz.0.5218: corrupted inode contents [ 907.166767][T16970] EXT4-fs error (device loop0): ext4_dirty_inode:6070: inode #2: comm syz.0.5218: mark_inode_dirty error [ 907.178473][T16970] EXT4-fs error (device loop0): ext4_do_update_inode:5234: inode #2: comm syz.0.5218: corrupted inode contents [ 907.190680][T16970] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #2: comm syz.0.5218: mark_inode_dirty error [ 907.207127][T16970] EXT4-fs warning (device loop0): ext4_empty_dir:3147: inode #18: comm syz.0.5218: directory missing '.' [ 907.449932][T16997] loop4: detected capacity change from 0 to 2048 [ 907.510982][T16997] EXT4-fs (loop4): mounted filesystem without journal. Opts: acl,inode_readahead_blks=0x0000000000000004,,errors=continue. Quota mode: none. [ 907.525762][ T30] kauditd_printk_skb: 467 callbacks suppressed [ 907.525780][ T30] audit: type=1326 audit(1750529997.882:9268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16996 comm="syz.4.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8330e028e7 code=0x7ffc0000 [ 907.558916][T17018] loop3: detected capacity change from 0 to 256 [ 907.568208][ T30] audit: type=1326 audit(1750529997.922:9269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16996 comm="syz.4.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8330da7b19 code=0x7ffc0000 [ 907.593384][ T30] audit: type=1326 audit(1750529997.922:9270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16996 comm="syz.4.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8330e028e7 code=0x7ffc0000 [ 907.617544][ T30] audit: type=1326 audit(1750529997.922:9271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16996 comm="syz.4.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8330da7b19 code=0x7ffc0000 [ 907.641586][ T30] audit: type=1326 audit(1750529997.922:9272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16996 comm="syz.4.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f8330e0b929 code=0x7ffc0000 [ 907.665360][ T30] audit: type=1326 audit(1750529997.952:9273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16996 comm="syz.4.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8330e028e7 code=0x7ffc0000 [ 907.688995][ T30] audit: type=1326 audit(1750529997.952:9274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16996 comm="syz.4.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8330da7b19 code=0x7ffc0000 [ 907.712647][ T30] audit: type=1326 audit(1750529997.952:9275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16996 comm="syz.4.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f8330e0b929 code=0x7ffc0000 [ 907.736079][ T30] audit: type=1326 audit(1750529997.952:9276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16996 comm="syz.4.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8330e028e7 code=0x7ffc0000 [ 907.759773][ T30] audit: type=1326 audit(1750529997.952:9277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16996 comm="syz.4.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8330da7b19 code=0x7ffc0000 [ 909.029541][T17028] loop2: detected capacity change from 0 to 512 [ 909.165499][T17042] loop0: detected capacity change from 0 to 256 [ 909.198417][T17028] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 909.209767][T17028] ext4 filesystem being mounted at /425/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 909.224406][T17028] EXT4-fs error (device loop2): ext4_do_update_inode:5234: inode #2: comm syz.2.5228: corrupted inode contents [ 909.236716][T17028] EXT4-fs error (device loop2): ext4_dirty_inode:6070: inode #2: comm syz.2.5228: mark_inode_dirty error [ 909.253250][T17028] EXT4-fs error (device loop2): ext4_do_update_inode:5234: inode #2: comm syz.2.5228: corrupted inode contents [ 909.269640][T17028] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #2: comm syz.2.5228: mark_inode_dirty error [ 909.287222][T17028] EXT4-fs warning (device loop2): ext4_empty_dir:3147: inode #18: comm syz.2.5228: directory missing '.' [ 909.412099][T17058] loop1: detected capacity change from 0 to 2048 [ 909.460144][T17058] EXT4-fs (loop1): mounted filesystem without journal. Opts: acl,inode_readahead_blks=0x0000000000000004,,errors=continue. Quota mode: none. [ 909.496912][T17068] loop2: detected capacity change from 0 to 256 [ 909.547786][T17068] FAT-fs (loop2): Directory bread(block 64) failed [ 909.554430][T17068] FAT-fs (loop2): Directory bread(block 65) failed [ 909.561092][T17068] FAT-fs (loop2): Directory bread(block 66) failed [ 909.567650][T17068] FAT-fs (loop2): Directory bread(block 67) failed [ 909.574285][T17068] FAT-fs (loop2): Directory bread(block 68) failed [ 909.580888][T17068] FAT-fs (loop2): Directory bread(block 69) failed [ 909.587435][T17068] FAT-fs (loop2): Directory bread(block 70) failed [ 909.594494][T17068] FAT-fs (loop2): Directory bread(block 71) failed [ 909.601097][T17068] FAT-fs (loop2): Directory bread(block 72) failed [ 909.607627][T17068] FAT-fs (loop2): Directory bread(block 73) failed [ 909.933372][T17080] syz.0.5251[17080] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 909.933432][T17080] syz.0.5251[17080] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 910.099756][T17094] loop3: detected capacity change from 0 to 512 [ 910.171648][T17098] loop0: detected capacity change from 0 to 512 [ 910.183325][T17094] EXT4-fs (loop3): 1 orphan inode deleted [ 910.189110][T17094] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 910.200234][T17094] ext4 filesystem being mounted at /syzcgroup/cpu/syz3/cgroup.procs supports timestamps until 2038-01-19 (0x7fffffff) [ 910.202567][T17098] EXT4-fs (loop0): Ignoring removed bh option [ 910.219522][T17098] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 910.232512][T17099] loop4: detected capacity change from 0 to 256 [ 910.240937][T17098] EXT4-fs (loop0): 1 truncate cleaned up [ 910.246619][T17098] EXT4-fs (loop0): mounted filesystem without journal. Opts: bh,nombcache,journal_ioprio=0x0000000000000003,errors=remount-ro,lazytime,jqfmt=vfsv0,noquota,usrjquota=,. Quota mode: none. [ 910.502025][T17125] syz.1.5268[17125] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 910.502112][T17125] syz.1.5268[17125] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 910.988741][T17138] loop4: detected capacity change from 0 to 512 [ 911.019727][T17144] loop1: detected capacity change from 0 to 512 [ 911.031323][T17138] EXT4-fs (loop4): Ignoring removed bh option [ 911.039411][T17135] loop3: detected capacity change from 0 to 2048 [ 911.045850][T17138] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 911.068864][T17138] EXT4-fs (loop4): 1 truncate cleaned up [ 911.074910][T17138] EXT4-fs (loop4): mounted filesystem without journal. Opts: bh,nombcache,journal_ioprio=0x0000000000000003,errors=remount-ro,lazytime,jqfmt=vfsv0,noquota,usrjquota=,. Quota mode: none. [ 911.074970][T17135] EXT4-fs (loop3): mounted filesystem without journal. Opts: acl,inode_readahead_blks=0x0000000000000004,,errors=continue. Quota mode: none. [ 911.111287][T17144] EXT4-fs (loop1): 1 orphan inode deleted [ 911.117130][T17144] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 911.128643][T17144] ext4 filesystem being mounted at /syzcgroup/cpu/syz1/cgroup.procs supports timestamps until 2038-01-19 (0x7fffffff) [ 911.271702][T17160] loop0: detected capacity change from 0 to 128 [ 911.305803][T17166] loop4: detected capacity change from 0 to 1024 [ 911.323786][T17168] syz.2.5282[17168] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 911.323866][T17168] syz.2.5282[17168] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 911.345018][T17166] EXT4-fs (loop4): Ignoring removed nobh option [ 911.379096][T17166] EXT4-fs (loop4): Ignoring removed bh option [ 911.404337][T17166] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 911.428308][T17166] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,jqfmt=vfsv0,nobh,errors=remount-ro,bh,dioread_nolock,. Quota mode: none. [ 911.495856][T17160] attempt to access beyond end of device [ 911.495856][T17160] loop0: rw=0, want=1041, limit=128 [ 911.623237][T17185] loop2: detected capacity change from 0 to 512 [ 911.637584][T17185] EXT4-fs (loop2): Ignoring removed bh option [ 911.644003][T17185] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 911.657138][T17186] loop4: detected capacity change from 0 to 256 [ 911.662846][T17185] EXT4-fs (loop2): 1 truncate cleaned up [ 911.669491][T17185] EXT4-fs (loop2): mounted filesystem without journal. Opts: bh,nombcache,journal_ioprio=0x0000000000000003,errors=remount-ro,lazytime,jqfmt=vfsv0,noquota,usrjquota=,. Quota mode: none. [ 911.811120][T17197] loop2: detected capacity change from 0 to 512 [ 911.860489][T17197] EXT4-fs (loop2): 1 orphan inode deleted [ 911.869449][T17197] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 911.884206][T17197] ext4 filesystem being mounted at /syzcgroup/cpu/syz2/cgroup.procs supports timestamps until 2038-01-19 (0x7fffffff) [ 912.411641][T17217] syz.4.5298[17217] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 912.411717][T17217] syz.4.5298[17217] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 912.561691][ T30] kauditd_printk_skb: 892 callbacks suppressed [ 912.561709][ T30] audit: type=1326 audit(1750530002.922:10170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17225 comm="syz.1.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 912.605330][ T30] audit: type=1326 audit(1750530002.922:10171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17225 comm="syz.1.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 912.636059][ T30] audit: type=1326 audit(1750530002.922:10172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17225 comm="syz.1.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 912.671353][ T30] audit: type=1326 audit(1750530002.922:10173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17225 comm="syz.1.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 912.696535][ T30] audit: type=1326 audit(1750530002.922:10174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17225 comm="syz.1.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e1e10929 code=0x7ffc0000 [ 912.739934][ T30] audit: type=1326 audit(1750530003.052:10175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17230 comm="syz.2.5306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 912.764090][ T30] audit: type=1326 audit(1750530003.052:10176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17230 comm="syz.2.5306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 912.793469][ T30] audit: type=1400 audit(1750530003.082:10177): avc: denied { write } for pid=17241 comm="syz.0.5321" name="tcp6" dev="proc" ino=4026532495 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 912.826171][ T30] audit: type=1326 audit(1750530003.152:10178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17230 comm="syz.2.5306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 912.850202][ T30] audit: type=1326 audit(1750530003.152:10179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17230 comm="syz.2.5306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25e87cf929 code=0x7ffc0000 [ 912.877184][T17243] loop1: detected capacity change from 0 to 256 [ 912.893804][T17248] loop2: detected capacity change from 0 to 2048 [ 912.952927][T17248] EXT4-fs (loop2): mounted filesystem without journal. Opts: acl,inode_readahead_blks=0x0000000000000004,,errors=continue. Quota mode: none. [ 913.005529][T17264] loop3: detected capacity change from 0 to 128 [ 913.126506][T17277] loop4: detected capacity change from 0 to 2048 [ 913.557312][T17292] xt_hashlimit: max too large, truncated to 1048576 [ 913.685469][T17306] loop4: detected capacity change from 0 to 512 [ 913.772687][T17306] EXT4-fs (loop4): Ignoring removed bh option [ 913.785067][T17306] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 913.808332][T17306] EXT4-fs (loop4): 1 truncate cleaned up [ 913.824244][T17306] EXT4-fs (loop4): mounted filesystem without journal. Opts: bh,nombcache,journal_ioprio=0x0000000000000003,errors=remount-ro,lazytime,jqfmt=vfsv0,noquota,usrjquota=,. Quota mode: none. [ 913.886071][T17327] loop1: detected capacity change from 0 to 256 [ 914.368173][T17352] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5366'. [ 914.377735][T17352] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5366'. [ 914.809871][T17354] loop1: detected capacity change from 0 to 8192 [ 915.221622][T17368] loop2: detected capacity change from 0 to 512 [ 915.270355][T17379] 8021q: VLANs not supported on ip6gre0 [ 915.292733][T17368] EXT4-fs (loop2): Ignoring removed bh option [ 915.307312][T17368] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 915.331132][T17368] EXT4-fs (loop2): 1 truncate cleaned up [ 915.343796][T17368] EXT4-fs (loop2): mounted filesystem without journal. Opts: bh,nombcache,journal_ioprio=0x0000000000000003,errors=remount-ro,lazytime,jqfmt=vfsv0,noquota,usrjquota=,. Quota mode: none. [ 915.480712][T17386] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5370'. [ 915.565543][T17388] loop0: detected capacity change from 0 to 256 [ 916.019226][T17400] loop4: detected capacity change from 0 to 256 [ 916.275859][T17415] xt_SECMARK: invalid mode: 2 [ 916.365106][T17419] loop0: detected capacity change from 0 to 512 [ 916.394278][T17419] EXT4-fs (loop0): Ignoring removed bh option [ 916.494941][T17420] x_tables: duplicate underflow at hook 3 [ 917.185948][T17419] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 917.312383][T17419] EXT4-fs (loop0): 1 truncate cleaned up [ 917.322437][T17419] EXT4-fs (loop0): mounted filesystem without journal. Opts: bh,nombcache,journal_ioprio=0x0000000000000003,errors=remount-ro,lazytime,jqfmt=vfsv0,noquota,usrjquota=,. Quota mode: none. [ 917.334717][T17431] loop4: detected capacity change from 0 to 512 [ 917.475094][T17431] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 917.665219][T17431] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 917.688099][T17431] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002] [ 917.698502][T17431] System zones: 1-12 [ 917.708389][ T30] kauditd_printk_skb: 282 callbacks suppressed [ 917.708405][ T30] audit: type=1400 audit(1750530008.062:10462): avc: denied { map } for pid=17437 comm="syz.3.5393" path="socket:[83541]" dev="sockfs" ino=83541 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 917.713458][T17440] loop1: detected capacity change from 0 to 1024 [ 917.745003][T17431] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2825: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 917.759782][T17431] EXT4-fs (loop4): 1 truncate cleaned up [ 917.765679][T17431] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,mblk_io_submit,debug_want_extra_isize=0x0000000000000068,lazytime,discard,grpquota,,errors=continue. Quota mode: writeback. [ 917.778153][T17440] EXT4-fs (loop1): Ignoring removed orlov option [ 917.852819][T17446] syz.0.5397[17446] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 917.852939][T17446] syz.0.5397[17446] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 917.855062][ T30] audit: type=1400 audit(1750530008.192:10463): avc: denied { setattr } for pid=17429 comm="syz.4.5391" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 917.907778][T17440] EXT4-fs (loop1): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback. [ 917.922683][ T30] audit: type=1326 audit(1750530008.282:10464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17451 comm="syz.0.5399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 917.953599][ T30] audit: type=1326 audit(1750530008.302:10465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17451 comm="syz.0.5399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 918.280875][T17453] loop3: detected capacity change from 0 to 256 [ 918.660537][ T30] audit: type=1326 audit(1750530008.302:10466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17451 comm="syz.0.5399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 918.685226][ T30] audit: type=1326 audit(1750530008.312:10467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17451 comm="syz.0.5399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 918.709110][ T30] audit: type=1326 audit(1750530008.312:10468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17451 comm="syz.0.5399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 918.733000][ T30] audit: type=1326 audit(1750530008.312:10469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17451 comm="syz.0.5399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 918.757320][ T30] audit: type=1326 audit(1750530008.312:10470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17451 comm="syz.0.5399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 918.781141][ T30] audit: type=1326 audit(1750530008.312:10471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17451 comm="syz.0.5399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fa6e1397929 code=0x7ffc0000 [ 919.011132][T17493] tipc: Enabled bearer , priority 0 [ 919.019286][T17493] syzkaller0: MTU too low for tipc bearer [ 919.025406][T17493] tipc: Disabling bearer [ 919.057325][T17499] loop3: detected capacity change from 0 to 128 [ 919.157908][T17499] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 919.172913][T17499] FAT-fs (loop3): Filesystem has been set read-only [ 919.179699][T17499] attempt to access beyond end of device [ 919.179699][T17499] loop3: rw=524288, want=2073, limit=128 [ 919.191093][T17499] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 919.199008][T17499] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 919.207946][T17499] attempt to access beyond end of device [ 919.207946][T17499] loop3: rw=0, want=2073, limit=128 [ 919.219236][T17499] attempt to access beyond end of device [ 919.219236][T17499] loop3: rw=0, want=2073, limit=128 [ 919.231846][T17507] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 919.239701][T17507] attempt to access beyond end of device [ 919.239701][T17507] loop3: rw=524288, want=2073, limit=128 [ 919.251205][T17499] attempt to access beyond end of device [ 919.251205][T17499] loop3: rw=0, want=2073, limit=128 [ 919.262343][T17507] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 919.270188][T17507] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 919.270352][T17499] attempt to access beyond end of device [ 919.270352][T17499] loop3: rw=0, want=2073, limit=128 [ 919.278603][T17499] attempt to access beyond end of device [ 919.278603][T17499] loop3: rw=0, want=2073, limit=128 [ 919.299921][T17499] attempt to access beyond end of device [ 919.299921][T17499] loop3: rw=0, want=2073, limit=128 [ 919.310898][T17507] attempt to access beyond end of device [ 919.310898][T17507] loop3: rw=0, want=2073, limit=128 [ 919.322058][T17507] attempt to access beyond end of device [ 919.322058][T17507] loop3: rw=0, want=2073, limit=128 [ 919.391652][T17513] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.5421' sets config #1 [ 919.468359][T17515] bridge0: port 1(bridge_slave_0) entered disabled state [ 919.637376][T17520] loop0: detected capacity change from 0 to 256 [ 919.890616][T17531] tipc: Enabled bearer , priority 0 [ 919.906580][T17531] syzkaller0: MTU too low for tipc bearer [ 919.917684][T17531] tipc: Disabling bearer [ 919.997621][T17539] loop4: detected capacity change from 0 to 512 [ 920.040906][T17539] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled [ 920.090005][T17539] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv0,,errors=continue. Quota mode: writeback. [ 920.111719][T17539] ext4 filesystem being mounted at /504/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 920.221607][T17557] loop1: detected capacity change from 0 to 8192 [ 920.364167][T17571] loop2: detected capacity change from 0 to 128 [ 920.408047][T17575] loop0: detected capacity change from 0 to 512 [ 920.424138][T17571] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 920.436522][T17571] FAT-fs (loop2): Filesystem has been set read-only [ 920.443819][T17571] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 920.500786][T17571] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 920.514652][T17581] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 920.530701][T17581] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 920.532429][T17575] EXT4-fs (loop0): mounted filesystem without journal. Opts: user_xattr,grpjquota=,nodelalloc,,errors=continue. Quota mode: writeback. [ 920.538613][T17581] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 920.560479][T17575] ext4 filesystem being mounted at /433/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 920.584128][T17583] loop1: detected capacity change from 0 to 256 [ 920.617215][ T58] kernel write not supported for file /976/loginuid (pid: 58 comm: kworker/0:2) [ 920.758002][T17587] loop3: detected capacity change from 0 to 2048 [ 920.827377][T17587] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 920.859018][T17587] EXT4-fs error (device loop3): ext4_find_extent:929: inode #2: comm syz.3.5452: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 920.898983][T17587] EXT4-fs error (device loop3): ext4_find_extent:929: inode #2: comm syz.3.5452: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 920.934057][T17587] EXT4-fs error (device loop3): ext4_find_extent:929: inode #2: comm syz.3.5452: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 920.981798][T17599] xt_hashlimit: size too large, truncated to 1048576 [ 920.992178][T17587] EXT4-fs error (device loop3): ext4_ext_precache:608: inode #2: comm syz.3.5452: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 921.376952][T17612] loop1: detected capacity change from 0 to 512 [ 921.407443][T17617] loop0: detected capacity change from 0 to 512 [ 921.444657][T17612] EXT4-fs (loop1): Ignoring removed bh option [ 921.460339][T17612] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 921.472014][T17617] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.5464: invalid indirect mapped block 256 (level 2) [ 921.477403][T17612] EXT4-fs (loop1): 1 truncate cleaned up [ 921.487116][T17617] EXT4-fs (loop0): 2 truncates cleaned up [ 921.491577][T17612] EXT4-fs (loop1): mounted filesystem without journal. Opts: bh,nombcache,journal_ioprio=0x0000000000000003,errors=remount-ro,lazytime,jqfmt=vfsv0,noquota,usrjquota=,. Quota mode: none. [ 921.498010][T17617] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 921.541765][T17617] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.5464: bg 0: block 5: invalid block bitmap [ 921.554579][T17617] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28 [ 921.566978][T17617] EXT4-fs (loop0): This should not happen!! Data will be lost [ 921.566978][T17617] [ 921.576829][T17617] EXT4-fs (loop0): Total free blocks count 0 [ 921.582887][T17617] EXT4-fs (loop0): Free/Dirty block details [ 921.588810][T17617] EXT4-fs (loop0): free_blocks=0 [ 921.593809][T17617] EXT4-fs (loop0): dirty_blocks=16 [ 921.598936][T17617] EXT4-fs (loop0): Block reservation details [ 921.605126][T17617] EXT4-fs (loop0): i_reserved_data_blocks=16 [ 921.774361][T17629] loop0: detected capacity change from 0 to 512 [ 921.826629][T17629] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.5468: Parent and EA inode have the same ino 15 [ 921.844538][T17629] EXT4-fs (loop0): Remounting filesystem read-only [ 921.851547][T17629] EXT4-fs (loop0): 1 orphan inode deleted [ 921.857373][T17629] EXT4-fs (loop0): mounted filesystem without journal. Opts: resgid=0x0000000000000000,bsdgroups,debug_want_extra_isize=0x000000000000005a,init_itable,errors=remount-ro,noinit_itable,nojournal_checksum,. Quota mode: none. [ 921.872505][T17636] loop1: detected capacity change from 0 to 8192 [ 922.063753][T17646] loop4: detected capacity change from 0 to 8192 [ 922.096473][T17647] loop1: detected capacity change from 0 to 256 [ 922.112459][T17651] loop3: detected capacity change from 0 to 512 [ 922.120758][ T5338] loop4: p1 p3 p4 [ 922.124649][ T5338] loop4: p1 size 8390912 extends beyond EOD, truncated [ 922.126600][T17653] loop0: detected capacity change from 0 to 1024 [ 922.133283][ T5338] loop4: p3 size 589824 extends beyond EOD, truncated [ 922.147310][T17646] loop4: p1 p3 p4 [ 922.151646][T17651] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.5477: invalid indirect mapped block 256 (level 2) [ 922.151951][T17646] loop4: p1 size 8390912 extends beyond EOD, truncated [ 922.177422][T17653] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 922.179988][T17651] EXT4-fs (loop3): 2 truncates cleaned up [ 922.195495][T17653] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 922.197462][T17646] loop4: p3 size 589824 extends beyond EOD, [ 922.205229][T17651] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 922.206435][T17653] JBD2: no valid journal superblock found [ 922.221498][T17651] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.5477: bg 0: block 5: invalid block bitmap [ 922.229142][T17646] truncated [ 922.240394][T17653] EXT4-fs (loop0): error loading journal [ 922.244686][T17651] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28 [ 922.268122][T17651] EXT4-fs (loop3): This should not happen!! Data will be lost [ 922.268122][T17651] [ 922.278054][T17651] EXT4-fs (loop3): Total free blocks count 0 [ 922.284479][T17651] EXT4-fs (loop3): Free/Dirty block details [ 922.290516][T17651] EXT4-fs (loop3): free_blocks=0 [ 922.295568][T17651] EXT4-fs (loop3): dirty_blocks=16 [ 922.301036][T17651] EXT4-fs (loop3): Block reservation details [ 922.330337][T17651] EXT4-fs (loop3): i_reserved_data_blocks=16 [ 922.367415][T17658] loop0: detected capacity change from 0 to 128 [ 922.445724][T17664] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5479'. [ 922.462513][T17660] loop2: detected capacity change from 0 to 8192 [ 922.473014][ T337] udevd[337]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 922.490886][ T356] udevd[356]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 922.501443][ T341] loop2: p1 p3 p4 [ 922.506813][ T5338] udevd[5338]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 922.522970][ T341] loop2: p1 size 8390912 extends beyond EOD, truncated [ 922.532154][T17668] loop3: detected capacity change from 0 to 256 [ 922.535610][ T341] loop2: p3 size 589824 extends beyond EOD, truncated [ 922.541922][T17666] loop4: detected capacity change from 0 to 8192 [ 922.556120][T17660] loop2: p1 p3 p4 [ 922.560059][T17660] loop2: p1 size 8390912 extends beyond EOD, truncated [ 922.570134][T17660] loop2: p3 size 589824 extends beyond EOD, truncated [ 922.582366][T17668] FAT-fs (loop3): bogus number of FAT sectors [ 922.595305][T17668] FAT-fs (loop3): Can't find a valid FAT filesystem [ 922.606106][ T337] udevd[337]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 922.606117][ T356] udevd[356]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 922.609623][ T5338] udevd[5338]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 922.696503][ T343] udevd[343]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 922.710689][ T337] udevd[337]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 922.721938][ T356] udevd[356]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 922.724426][ T5338] udevd[5338]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 923.047760][T17689] loop4: detected capacity change from 0 to 1024 [ 923.067962][T17685] loop3: detected capacity change from 0 to 8192 [ 923.082821][T17691] loop2: detected capacity change from 0 to 512 [ 923.117331][T17689] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 923.125509][T17691] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 923.173835][T17691] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.5491: inode #13: comm syz.2.5491: iget: illegal inode # [ 923.187759][T17689] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,noinit_itable,nobarrier,debug_want_extra_isize=0x0000000000000080,noquota,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 923.256597][ T30] kauditd_printk_skb: 226 callbacks suppressed [ 923.256613][ T30] audit: type=1400 audit(1750530013.612:10698): avc: denied { create } for pid=17698 comm="syz.1.5495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 923.297580][T17691] EXT4-fs (loop2): Remounting filesystem read-only [ 923.425968][T17691] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.5491: couldn't read orphan inode 13 (err -117) [ 923.552875][ T30] audit: type=1326 audit(1750530013.692:10699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17708 comm="syz.3.5498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0f447929 code=0x7ffc0000 [ 923.602873][T17691] EXT4-fs (loop2): Remounting filesystem read-only [ 923.628663][ T30] audit: type=1326 audit(1750530013.692:10700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17708 comm="syz.3.5498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0f447929 code=0x7ffc0000 [ 923.656188][T17691] EXT4-fs (loop2): mounted filesystem without journal. Opts: user_xattr,errors=remount-ro,noblock_validity,abort,mblk_io_submit,nogrpid,nodelalloc,delalloc,prjquota,. Quota mode: writeback. [ 923.679687][ T30] audit: type=1326 audit(1750530013.702:10701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17708 comm="syz.3.5498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7fce0f447929 code=0x7ffc0000 [ 923.703577][ T30] audit: type=1326 audit(1750530013.702:10702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17708 comm="syz.3.5498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0f447929 code=0x7ffc0000 [ 923.732185][ T30] audit: type=1326 audit(1750530013.702:10703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17708 comm="syz.3.5498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0f447929 code=0x7ffc0000 [ 923.756153][ T30] audit: type=1400 audit(1750530014.062:10704): avc: denied { mounton } for pid=17716 comm="syz.3.5500" path="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1 [ 923.778562][ T30] audit: type=1400 audit(1750530014.112:10705): avc: denied { unmount } for pid=11515 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 923.823734][T17718] loop_set_status: loop2 () has still dirty pages (nrpages=1) [ 923.870664][ T30] audit: type=1400 audit(1750530014.232:10706): avc: denied { unmount } for pid=12156 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 923.879021][T17724] loop1: detected capacity change from 0 to 128 [ 923.900904][T17721] loop3: detected capacity change from 0 to 1024 [ 923.947985][T17721] EXT4-fs (loop3): Ignoring removed bh option [ 923.958301][T17726] loop2: detected capacity change from 0 to 256 [ 923.972502][T17721] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,bh,,errors=continue. Quota mode: none. [ 923.982598][T17730] loop1: detected capacity change from 0 to 2048 [ 923.991706][T17721] ext4 filesystem being mounted at /561/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 924.009841][T17721] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 924.027145][T17726] FAT-fs (loop2): bogus number of FAT sectors [ 924.043102][T17726] FAT-fs (loop2): Can't find a valid FAT filesystem [ 924.071407][T17721] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 43 with error 28 [ 924.105932][T17721] EXT4-fs (loop3): This should not happen!! Data will be lost [ 924.105932][T17721] [ 924.117181][T17730] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 924.128129][T17721] EXT4-fs (loop3): Total free blocks count 0 [ 924.187342][T17721] EXT4-fs (loop3): Free/Dirty block details [ 924.209630][T17721] EXT4-fs (loop3): free_blocks=4293918720 [ 924.216646][ T30] audit: type=1400 audit(1750530014.572:10707): avc: denied { write } for pid=17737 comm="syz.0.5507" name="ppp" dev="devtmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 924.249831][T17721] EXT4-fs (loop3): dirty_blocks=48 [ 924.259462][T17721] EXT4-fs (loop3): Block reservation details [ 924.270377][T17730] EXT4-fs error (device loop1): ext4_find_extent:929: inode #2: comm syz.1.5505: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 924.271759][T17721] EXT4-fs (loop3): i_reserved_data_blocks=3 [ 924.308626][T17730] EXT4-fs error (device loop1): ext4_find_extent:929: inode #2: comm syz.1.5505: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 924.330870][T17730] EXT4-fs error (device loop1): ext4_find_extent:929: inode #2: comm syz.1.5505: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 924.353194][T17730] EXT4-fs error (device loop1): ext4_ext_precache:608: inode #2: comm syz.1.5505: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 924.397327][T17744] loop3: detected capacity change from 0 to 128 [ 924.462964][T17744] EXT4-fs (loop3): Ignoring removed nobh option [ 924.475387][T17744] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobh,usrjquota=,,errors=continue. Quota mode: none. [ 924.493387][T17744] ext4 filesystem being mounted at /562/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 924.577453][T17760] loop1: detected capacity change from 0 to 512 [ 924.579125][T17762] loop3: detected capacity change from 0 to 128 [ 924.601302][T17760] EXT4-fs (loop1): orphan cleanup on readonly fs [ 924.619529][T17760] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.5515: bg 0: block 248: padding at end of block bitmap is not set [ 924.638800][T17760] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5515: Failed to acquire dquot type 1 [ 924.650934][T17760] EXT4-fs (loop1): 1 truncate cleaned up [ 924.656994][T17760] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 924.829894][T17777] loop4: detected capacity change from 0 to 8192 [ 925.143462][T17790] loop3: detected capacity change from 0 to 256 [ 925.226377][T17794] xt_SECMARK: invalid mode: 2 [ 925.287507][T17796] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17796 comm=syz.2.5530 [ 925.314432][T17796] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5530'. [ 925.328561][T17796] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5530'. [ 925.474765][T17812] x_tables: duplicate underflow at hook 3 [ 926.312814][T17819] loop2: detected capacity change from 0 to 8192 [ 926.473760][T17851] loop0: detected capacity change from 0 to 512 [ 926.502819][T17851] EXT4-fs (loop0): 1 orphan inode deleted [ 926.509307][T17851] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsddf,mb_optimize_scan=0x0000000000000000,auto_da_alloc=0x00000000000007ff,max_batch_time=0x0000000000000003,delalloc,delalloc,inode_readahead_blks=0x0000000000000100,debug_want_extra_isize=0x000000000000005c,i_version,,errors=continue. Quota mode: none. [ 926.670564][T17871] loop1: detected capacity change from 0 to 1024 [ 926.685795][T17874] loop4: detected capacity change from 0 to 2048 [ 926.685998][ T386] hid-generic 0003:0004:0000.00AC: unknown main item tag 0x0 [ 926.699907][ T386] hid-generic 0003:0004:0000.00AC: unknown main item tag 0x0 [ 926.707296][T17871] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 926.707321][T17871] EXT4-fs (loop1): group descriptors corrupted! [ 926.726519][ T386] hid-generic 0003:0004:0000.00AC: unknown main item tag 0x0 [ 926.761441][ T386] hid-generic 0003:0004:0000.00AC: hidraw0: USB HID vffffff.ff Device [syz0] on syz1 [ 926.789741][T17876] loop0: detected capacity change from 0 to 256 [ 927.051579][T17874] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 927.084561][T17874] EXT4-fs error (device loop4): ext4_find_extent:929: inode #2: comm syz.4.5565: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 927.126326][T17886] fido_id[17886]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 927.144892][T17874] EXT4-fs error (device loop4): ext4_find_extent:929: inode #2: comm syz.4.5565: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 927.244349][T17890] EXT4-fs error (device loop4): ext4_find_extent:929: inode #2: comm syz.4.5565: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 927.277184][T17874] EXT4-fs error (device loop4): ext4_ext_precache:608: inode #2: comm syz.4.5565: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 927.395210][T17904] loop7: detected capacity change from 0 to 16384 [ 927.401124][T17903] loop4: detected capacity change from 0 to 1024 [ 927.524896][T17903] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,,errors=continue. Quota mode: none. [ 927.611317][T17904] blk_update_request: I/O error, dev loop7, sector 6656 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 1 [ 927.710097][T17914] SELinux: failed to load policy [ 927.810413][T17924] loop0: detected capacity change from 0 to 2048 [ 927.838021][T17924] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 927.882873][T17924] EXT4-fs error (device loop0): ext4_find_extent:929: inode #2: comm syz.0.5582: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 927.901639][T17924] EXT4-fs error (device loop0): ext4_find_extent:929: inode #2: comm syz.0.5582: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 927.921657][T17924] EXT4-fs error (device loop0): ext4_find_extent:929: inode #2: comm syz.0.5582: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 927.942990][T17924] EXT4-fs error (device loop0): ext4_ext_precache:608: inode #2: comm syz.0.5582: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 928.217821][T17946] loop2: detected capacity change from 0 to 256 [ 928.270849][ T30] kauditd_printk_skb: 288 callbacks suppressed [ 928.270886][ T30] audit: type=1326 audit(1750530018.512:10994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17921 comm="syz.3.5581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fce0f43e8e7 code=0x7ffc0000 [ 928.429721][ T30] audit: type=1326 audit(1750530018.512:10995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17921 comm="syz.3.5581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce0f3e3b19 code=0x7ffc0000 [ 928.470294][ T30] audit: type=1326 audit(1750530018.512:10996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17921 comm="syz.3.5581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fce0f447929 code=0x7ffc0000 [ 928.479917][T17950] syz.0.5592[17950] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 928.493965][ T30] audit: type=1326 audit(1750530018.522:10997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17921 comm="syz.3.5581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fce0f43e8e7 code=0x7ffc0000 [ 928.494828][T17950] syz.0.5592[17950] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 928.506040][ T30] audit: type=1326 audit(1750530018.522:10998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17921 comm="syz.3.5581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce0f3e3b19 code=0x7ffc0000 [ 928.564289][ T30] audit: type=1326 audit(1750530018.522:10999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17921 comm="syz.3.5581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fce0f447929 code=0x7ffc0000 [ 928.595252][ T30] audit: type=1326 audit(1750530018.532:11000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17921 comm="syz.3.5581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fce0f43e8e7 code=0x7ffc0000 [ 928.646733][ T30] audit: type=1326 audit(1750530018.532:11001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17921 comm="syz.3.5581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce0f3e3b19 code=0x7ffc0000 [ 928.695073][ T30] audit: type=1326 audit(1750530018.532:11002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17921 comm="syz.3.5581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fce0f447929 code=0x7ffc0000 [ 928.721710][ T30] audit: type=1326 audit(1750530018.542:11003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17921 comm="syz.3.5581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fce0f43e8e7 code=0x7ffc0000 [ 928.815413][T17972] loop0: detected capacity change from 0 to 1024 [ 928.888852][T17972] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled [ 928.915469][T17972] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 928.923492][T17972] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 928.951020][T17972] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,nolazytime,abort,errors=continue,dioread_nolock,jqfmt=vfsv0,nomblk_io_submit,nobarrier,,errors=continue. Quota mode: writeback. [ 929.009345][T17983] loop3: detected capacity change from 0 to 2048 [ 929.071972][T17983] EXT4-fs (loop3): mounted filesystem without journal. Opts: acl,inode_readahead_blks=0x0000000000000004,,errors=continue. Quota mode: none. [ 929.088231][T17998] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 929.095546][T17998] IPv6: NLM_F_CREATE should be set when creating new route [ 929.121294][ T386] hid-generic 0003:0004:0000.00AD: unknown main item tag 0x0 [ 929.128832][ T386] hid-generic 0003:0004:0000.00AD: unknown main item tag 0x0 [ 929.136779][ T386] hid-generic 0003:0004:0000.00AD: unknown main item tag 0x0 [ 929.145330][ T386] hid-generic 0003:0004:0000.00AD: hidraw0: USB HID vffffff.ff Device [syz0] on syz1 [ 929.176168][T18002] fido_id[18002]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 929.177742][T18004] loop4: detected capacity change from 0 to 512 [ 929.237472][T18004] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.5614: invalid indirect mapped block 4294967295 (level 1) [ 929.255397][T18004] EXT4-fs (loop4): Remounting filesystem read-only [ 929.262041][T18004] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.5614: invalid indirect mapped block 4294967295 (level 1) [ 929.276195][T18004] EXT4-fs (loop4): Remounting filesystem read-only [ 929.282912][T18004] EXT4-fs (loop4): 2 truncates cleaned up [ 929.288650][T18004] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,errors=remount-ro,bsdgroups,. Quota mode: writeback. [ 929.382499][T18014] loop1: detected capacity change from 0 to 2048 [ 929.471869][T18014] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 929.487934][T18014] EXT4-fs error (device loop1): ext4_find_extent:929: inode #2: comm syz.1.5617: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 929.520167][T18014] EXT4-fs error (device loop1): ext4_find_extent:929: inode #2: comm syz.1.5617: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 929.549276][T18014] EXT4-fs error (device loop1): ext4_find_extent:929: inode #2: comm syz.1.5617: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 929.568821][T18014] EXT4-fs error (device loop1): ext4_ext_precache:608: inode #2: comm syz.1.5617: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 930.219946][T18030] device vlan0 entered promiscuous mode [ 930.643834][T18057] loop1: detected capacity change from 0 to 512 [ 930.656692][T18057] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.5634: invalid indirect mapped block 4294967295 (level 1) [ 930.671406][T18057] EXT4-fs (loop1): Remounting filesystem read-only [ 930.677992][T18057] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.5634: invalid indirect mapped block 4294967295 (level 1) [ 930.684299][T18060] loop3: detected capacity change from 0 to 2048 [ 930.693321][T18057] EXT4-fs (loop1): Remounting filesystem read-only [ 930.705119][T18057] EXT4-fs (loop1): 2 truncates cleaned up [ 930.711220][T18057] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,errors=remount-ro,bsdgroups,. Quota mode: writeback. [ 930.741987][T18060] EXT4-fs (loop3): mounted filesystem without journal. Opts: acl,inode_readahead_blks=0x0000000000000004,,errors=continue. Quota mode: none. [ 931.452500][T18068] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5637'. [ 932.071260][T18100] loop1: detected capacity change from 0 to 256 [ 932.156885][T18101] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5647'. [ 932.556860][T18113] loop0: detected capacity change from 0 to 2048 [ 932.572248][T18115] device bridge_slave_1 left promiscuous mode [ 932.578498][T18115] bridge0: port 2(bridge_slave_1) entered disabled state [ 932.613813][T18116] loop3: detected capacity change from 0 to 2048 [ 932.629170][T18113] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 932.653805][T18113] EXT4-fs error (device loop0): ext4_find_extent:929: inode #2: comm syz.0.5654: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 932.711197][T18125] Invalid ELF header magic: != ELF [ 932.740556][T18113] EXT4-fs error (device loop0): ext4_find_extent:929: inode #2: comm syz.0.5654: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 932.782206][T18116] EXT4-fs (loop3): mounted filesystem without journal. Opts: acl,inode_readahead_blks=0x0000000000000004,,errors=continue. Quota mode: none. [ 932.808201][T18137] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5663'. [ 932.837765][T18113] EXT4-fs error (device loop0): ext4_find_extent:929: inode #2: comm syz.0.5654: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 932.867943][T18113] EXT4-fs error (device loop0): ext4_ext_precache:608: inode #2: comm syz.0.5654: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 932.961807][T18149] loop0: detected capacity change from 0 to 512 [ 932.996428][T18153] loop1: detected capacity change from 0 to 128 [ 933.006125][T18149] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 933.018961][T18149] ext4 filesystem being mounted at /491/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 933.034256][T18149] EXT4-fs error (device loop0): ext4_do_update_inode:5234: inode #2: comm syz.0.5668: corrupted inode contents [ 933.070337][T18149] EXT4-fs error (device loop0): ext4_dirty_inode:6070: inode #2: comm syz.0.5668: mark_inode_dirty error [ 933.119485][T18149] EXT4-fs error (device loop0): ext4_do_update_inode:5234: inode #2: comm syz.0.5668: corrupted inode contents [ 933.149388][T18157] EXT4-fs error (device loop0): ext4_do_update_inode:5234: inode #2: comm syz.0.5668: corrupted inode contents [ 933.175513][T18165] loop4: detected capacity change from 0 to 512 [ 933.183577][T18167] ================================================================== [ 933.183940][T18157] EXT4-fs error (device loop0): ext4_setattr:5495: inode #2: comm syz.0.5668: mark_inode_dirty error [ 933.191681][T18167] BUG: KASAN: slab-out-of-bounds in tc_setup_flow_action+0x870/0x3240 [ 933.191715][T18167] Read of size 8 at addr ffff88813d2dc3c0 by task syz.2.5676/18167 [ 933.191733][T18167] [ 933.191741][T18167] CPU: 1 PID: 18167 Comm: syz.2.5676 Tainted: G W 5.15.185-syzkaller-00339-ge678c93d43cc #0 [ 933.191764][T18167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 933.191777][T18167] Call Trace: [ 933.191784][T18167] [ 933.191792][T18167] __dump_stack+0x21/0x30 [ 933.191814][T18167] dump_stack_lvl+0xee/0x150 [ 933.191833][T18167] ? show_regs_print_info+0x20/0x20 [ 933.262739][T18167] ? load_image+0x3a0/0x3a0 [ 933.267256][T18167] print_address_description+0x7f/0x2c0 [ 933.272812][T18167] ? tc_setup_flow_action+0x870/0x3240 [ 933.278277][T18167] kasan_report+0xf1/0x140 [ 933.282700][T18167] ? tc_setup_flow_action+0x870/0x3240 [ 933.288186][T18167] __asan_report_load8_noabort+0x14/0x20 [ 933.293849][T18167] tc_setup_flow_action+0x870/0x3240 [ 933.299253][T18167] mall_replace_hw_filter+0x293/0x820 [ 933.304653][T18167] ? pcpu_block_update_hint_alloc+0x8c1/0xc50 [ 933.310758][T18167] ? mall_set_parms+0x520/0x520 [ 933.315766][T18167] ? tcf_exts_destroy+0xb0/0xb0 [ 933.320657][T18167] ? mall_set_parms+0x1e8/0x520 [ 933.325534][T18167] mall_change+0x526/0x740 [ 933.329974][T18167] ? __kasan_check_write+0x14/0x20 [ 933.335109][T18167] ? mall_get+0xa0/0xa0 [ 933.339286][T18167] ? tcf_chain_tp_insert_unique+0xac1/0xc10 [ 933.345204][T18167] tc_new_tfilter+0x12a2/0x1870 [ 933.350089][T18167] ? tcf_gate_entry_destructor+0x20/0x20 [ 933.355837][T18167] ? security_capable+0x87/0xb0 [ 933.360706][T18167] ? ns_capable+0x8c/0xf0 [ 933.365055][T18167] ? netlink_net_capable+0x125/0x160 [ 933.370468][T18167] ? tcf_gate_entry_destructor+0x20/0x20 [ 933.376118][T18167] rtnetlink_rcv_msg+0x81b/0xb90 [ 933.381075][T18167] ? rtnetlink_bind+0x80/0x80 [ 933.385775][T18167] ? memcpy+0x56/0x70 [ 933.389777][T18167] ? avc_has_perm_noaudit+0x2f4/0x460 [ 933.395174][T18167] ? arch_stack_walk+0xee/0x140 [ 933.400056][T18167] ? avc_denied+0x1b0/0x1b0 [ 933.404577][T18167] ? stack_trace_save+0x98/0xe0 [ 933.409451][T18167] ? avc_has_perm+0x158/0x240 [ 933.414151][T18167] ? avc_has_perm_noaudit+0x460/0x460 [ 933.419631][T18167] ? x64_sys_call+0x4b/0x9a0 [ 933.424242][T18167] ? selinux_nlmsg_lookup+0x416/0x4c0 [ 933.429634][T18167] netlink_rcv_skb+0x1e0/0x430 [ 933.434567][T18167] ? rtnetlink_bind+0x80/0x80 [ 933.439266][T18167] ? netlink_ack+0xb60/0xb60 [ 933.443997][T18167] ? __netlink_lookup+0x387/0x3b0 [ 933.449071][T18167] rtnetlink_rcv+0x1c/0x20 [ 933.453508][T18167] netlink_unicast+0x87c/0xa40 [ 933.458321][T18167] netlink_sendmsg+0x86a/0xb70 [ 933.463106][T18167] ? netlink_getsockopt+0x530/0x530 [ 933.468323][T18167] ? security_socket_sendmsg+0x82/0xa0 [ 933.473806][T18167] ? netlink_getsockopt+0x530/0x530 [ 933.479020][T18167] ____sys_sendmsg+0x5a2/0x8c0 [ 933.483805][T18167] ? __sys_sendmsg_sock+0x40/0x40 [ 933.488963][T18167] ? import_iovec+0x7c/0xb0 [ 933.493491][T18167] ___sys_sendmsg+0x1f0/0x260 [ 933.498192][T18167] ? __sys_sendmsg+0x250/0x250 [ 933.502971][T18167] ? sock_show_fdinfo+0xa0/0xa0 [ 933.507838][T18167] ? __fdget+0x1a1/0x230 [ 933.512096][T18167] __x64_sys_sendmsg+0x1e2/0x2a0 [ 933.517044][T18167] ? ___sys_sendmsg+0x260/0x260 [ 933.521907][T18167] ? __kasan_check_write+0x14/0x20 [ 933.527029][T18167] ? switch_fpu_return+0x15d/0x2c0 [ 933.532152][T18167] x64_sys_call+0x4b/0x9a0 [ 933.536576][T18167] do_syscall_64+0x4c/0xa0 [ 933.540996][T18167] ? clear_bhb_loop+0x50/0xa0 [ 933.545691][T18167] ? clear_bhb_loop+0x50/0xa0 [ 933.550393][T18167] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 933.556306][T18167] RIP: 0033:0x7f25e87cf929 [ 933.560740][T18167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 933.580354][T18167] RSP: 002b:00007f25e6e38038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 933.588925][T18167] RAX: ffffffffffffffda RBX: 00007f25e89f6fa0 RCX: 00007f25e87cf929 [ 933.596952][T18167] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000005 [ 933.605024][T18167] RBP: 00007f25e8851b39 R08: 0000000000000000 R09: 0000000000000000 [ 933.613027][T18167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 933.621009][T18167] R13: 0000000000000000 R14: 00007f25e89f6fa0 R15: 00007ffdb29eccb8 [ 933.628999][T18167] [ 933.632024][T18167] [ 933.634350][T18167] Allocated by task 18167: [ 933.638761][T18167] __kasan_kmalloc+0xda/0x110 [ 933.643446][T18167] __kmalloc+0x13d/0x2c0 [ 933.647695][T18167] tcf_idr_create+0x5f/0x790 [ 933.652291][T18167] tcf_idr_create_from_flags+0x61/0x70 [ 933.657761][T18167] tcf_gact_init+0x346/0x580 [ 933.662362][T18167] tcf_action_init_1+0x3f7/0x6a0 [ 933.667306][T18167] tcf_action_init+0x1e9/0x710 [ 933.672080][T18167] tcf_exts_validate+0x217/0x520 [ 933.677024][T18167] mall_set_parms+0x48/0x520 [ 933.681617][T18167] mall_change+0x45a/0x740 [ 933.686063][T18167] tc_new_tfilter+0x12a2/0x1870 [ 933.690923][T18167] rtnetlink_rcv_msg+0x81b/0xb90 [ 933.695861][T18167] netlink_rcv_skb+0x1e0/0x430 [ 933.700712][T18167] rtnetlink_rcv+0x1c/0x20 [ 933.705131][T18167] netlink_unicast+0x87c/0xa40 [ 933.709900][T18167] netlink_sendmsg+0x86a/0xb70 [ 933.714672][T18167] ____sys_sendmsg+0x5a2/0x8c0 [ 933.719439][T18167] ___sys_sendmsg+0x1f0/0x260 [ 933.724123][T18167] __x64_sys_sendmsg+0x1e2/0x2a0 [ 933.729064][T18167] x64_sys_call+0x4b/0x9a0 [ 933.733489][T18167] do_syscall_64+0x4c/0xa0 [ 933.737996][T18167] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 933.743898][T18167] [ 933.746275][T18167] The buggy address belongs to the object at ffff88813d2dc300 [ 933.746275][T18167] which belongs to the cache kmalloc-192 of size 192 [ 933.760336][T18167] The buggy address is located 0 bytes to the right of [ 933.760336][T18167] 192-byte region [ffff88813d2dc300, ffff88813d2dc3c0) [ 933.773969][T18167] The buggy address belongs to the page: [ 933.779605][T18167] page:ffffea0004f4b700 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88813d2dc800 pfn:0x13d2dc [ 933.791160][T18167] flags: 0x4000000000000200(slab|zone=1) [ 933.796824][T18167] raw: 4000000000000200 ffffea000454dd80 0000000c0000000c ffff888100042c00 [ 933.805462][T18167] raw: ffff88813d2dc800 000000008010000e 00000001ffffffff 0000000000000000 [ 933.814048][T18167] page dumped because: kasan: bad access detected [ 933.820460][T18167] page_owner tracks the page as allocated [ 933.826175][T18167] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 9856, ts 703088543028, free_ts 702802070870 [ 933.842334][T18167] post_alloc_hook+0x192/0x1b0 [ 933.847119][T18167] prep_new_page+0x1c/0x110 [ 933.851623][T18167] get_page_from_freelist+0x2cc5/0x2d50 [ 933.857170][T18167] __alloc_pages+0x18f/0x440 [ 933.861765][T18167] new_slab+0xa1/0x4d0 [ 933.865835][T18167] ___slab_alloc+0x381/0x810 [ 933.870431][T18167] __slab_alloc+0x49/0x90 [ 933.874763][T18167] kmem_cache_alloc_trace+0x146/0x270 [ 933.880137][T18167] create_worker+0xe7/0x680 [ 933.884643][T18167] worker_thread+0x4a6/0x1200 [ 933.889331][T18167] kthread+0x411/0x500 [ 933.893406][T18167] ret_from_fork+0x1f/0x30 [ 933.897868][T18167] page last free stack trace: [ 933.902536][T18167] free_unref_page_prepare+0x542/0x550 [ 933.908007][T18167] free_unref_page+0xa2/0x550 [ 933.912710][T18167] __free_pages+0x6c/0x100 [ 933.917133][T18167] __vunmap+0x84d/0x9e0 [ 933.921291][T18167] vfree+0x8b/0xc0 [ 933.925028][T18167] packet_set_ring+0x1892/0x2400 [ 933.929971][T18167] packet_release+0x73a/0xc90 [ 933.934652][T18167] sock_close+0xe0/0x270 [ 933.938898][T18167] __fput+0x20b/0x8b0 [ 933.942886][T18167] ____fput+0x15/0x20 [ 933.947043][T18167] task_work_run+0x127/0x190 [ 933.951656][T18167] exit_to_user_mode_loop+0xd0/0xe0 [ 933.956885][T18167] exit_to_user_mode_prepare+0x5a/0xa0 [ 933.962349][T18167] syscall_exit_to_user_mode+0x1a/0x30 [ 933.967827][T18167] do_syscall_64+0x58/0xa0 [ 933.972242][T18167] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 933.978155][T18167] [ 933.980478][T18167] Memory state around the buggy address: [ 933.986112][T18167] ffff88813d2dc280: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc [ 933.994181][T18167] ffff88813d2dc300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 934.002239][T18167] >ffff88813d2dc380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 934.010303][T18167] ^ [ 934.016451][T18167] ffff88813d2dc400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 934.024509][T18167] ffff88813d2dc480: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 934.032573][T18167] ================================================================== [ 934.040628][T18167] Disabling lock debugging due to kernel taint [ 934.072857][ T30] kauditd_printk_skb: 892 callbacks suppressed [ 934.072873][ T30] audit: type=1400 audit(1750530024.432:11896): avc: denied { read } for pid=83 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 934.102349][ T30] audit: type=1400 audit(1750530024.432:11897): avc: denied { search } for pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 934.120505][T18165] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,auto_da_alloc,minixdf,,errors=continue. Quota mode: writeback. [ 934.124024][ T30] audit: type=1400 audit(1750530024.432:11898): avc: denied { append } for pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 934.138046][T18165] ext4 filesystem being mounted at /547/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 934.160138][ T30] audit: type=1400 audit(1750530024.432:11899): avc: denied { open } for pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 934.194586][ T30] audit: type=1400 audit(1750530024.432:11900): avc: denied { getattr } for pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 934.233245][ T30] audit: type=1400 audit(1750530024.592:11901): avc: denied { create } for pid=18164 comm="syz.4.5675" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1