last executing test programs: 2m25.671663664s ago: executing program 3 (id=1249): syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8}, 0x94) r0 = syz_io_uring_setup(0x11d2, &(0x7f0000002100)={0x0, 0x7735, 0x80, 0x0, 0x351}, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) 2m25.478623483s ago: executing program 3 (id=1258): r0 = socket$inet6(0xa, 0x3, 0x5) sendmmsg(r0, &(0x7f0000001500)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0x0, 0x3}, 0x80, 0x0}, 0x5b4}, {{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x108}}], 0x2, 0xc040) 2m25.40207124s ago: executing program 3 (id=1262): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) clock_getres(0xfffffffffffffff1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x26) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) r1 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff) stat(&(0x7f0000004400)='./file0\x00', &(0x7f0000004440)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000044c0)=0x0) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) stat(0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}, {&(0x7f00000009c0)=ANY=[@ANYRESOCT, @ANYRES32=r4, @ANYBLOB="040094807a026c57d2654d115e528c1459241cdf02597f14d35c3655073c5f407b4160b64e80e167c709d80d9da587820eeb0f3c363a773f519c2717597d2217f73d756a1e5262327a0d6705cffb6119d2df818584899aaf8d7b874dbb99330a6d2593829a3125c105c65840af5555000d003f0026e4b56b1866ada1d6000000ae69a5084963450371edc84dc99933e5f3798214db2bbd9046f0ccf707e29850c523bbf617b1d7ef1a551fb4d16bc02c3b80b31afd787c9d7b26e5ddbb196f76b5ae845fa547821e75e7ce9e57909e40c4879551d2f2238d4b261e66380a5ae73b551539b77a6588ca710abc8bcf5659e97a7c436980198477bba6e6a869a636c008a123467d4ebde947f09e3e18471413aa"], 0x2cc}], 0x2, 0x0, 0x0, 0x20000001}, 0x0) r5 = getgid() lchown(0x0, 0x0, r5) r6 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$PIO_UNIMAPCLR(r6, 0x4b68, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00'}) socket$caif_stream(0x25, 0x1, 0x4) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004640), 0x0, 0x40001) syz_open_procfs(r2, &(0x7f0000000080)='net/fib_trie\x00') write$binfmt_misc(r1, &(0x7f0000000040), 0x0) r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 2m25.10332411s ago: executing program 3 (id=1267): sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x80, &(0x7f0000000140), 0x1, 0x4dd, &(0x7f0000000240)="$eJzs3VFrHFsdAPD/TLL3pm2um4si14K3xUbSot1NGtsGkVpB9Kmg1vcYk00I2WRDdlObUDTFDyCIqOCTT74IfgBB+hFEKOi7aFFEW33wQTuysxPbtLtJJGnWu/n94HTOmTM7/3Om2bM7O4eZAE6tixFxOyKGIuJKRJSL9WmRZovU3u7Z0wfz7ZRElt39axJJsW53X+3ycESci4idiBiJiK99OeKbyetxm1vbK3P1em2jKFdbq+vV5tb21eXVuaXaUm1tenrqxszNmeszk1nhSP08HxG3vvjkh9/72Zdu/erT3/r97J8vf7vdrM99tNPuiJg/UoAeOvsu5cdiV/sYbbyJYH0wVPSn1O+GAABwKOMRcSkiPpF//y/HUP5tDgAAABgk2edH419JRAYAAAAMrDQiRiNJK8V839FI00qlM4f3I3E2rTearU8tNjbXFtp1EWNRSheX67XJYq7wWJSSdnkqz78oX3ulPB0R70bED8pn8nJlvlFf6PePHwAAAHBKnLuw9/z/H+U0zwMAAAADZqxnAQAAABgUTvkBAABg8Dn/BwAAgIH2lTt32inbfY73wr2tzZXGvasLteZKZXVzvjLf2FivLDUaS/k9+1YP2l+90Vj/TKxt3q+2as1Wtbm1Pbva2FxrzS7veQQ2AAAAcILevfDod0lE7Hz2TJ6iuA8gwB5/7HcDgOM01O8GAH0z3O8GAH1TOnALIwQMuuSA+p6Td359/G0BAADejImPvX79/62i7uDfBoAPMnN9AOD0cXUPTq+SGYBw6o13Fm/3qj/69f8s+58bBQAAHKvRPCVppbgWOBppWqlEvJM/FqCULC7Xa5MR8aGI+G259Ha7PJW/MjlwzjAAAAAAAAAAAAAAAAAAAAAAAAAA0JFlSWQAAADAQItI/5Tkd/OPmCiPj776+8BbyT/L8aQo/OTuj+7PtVobU+31fyvn9RHR+nGx/lrmkQAAAADwf6Bznl4sp/rdGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzbOnD+Z300nG/csXImKsW/zhGMmXI1GKiLN/T2L4pdclETF0DPF3HkbEe93iJ/E8y7KxohXd4p95w/HH8kPTPX4aEeeOIT6cZo/a48/tbu+/NC7my+7vv+EiHVXv8S/97/g31GP8eeeQMc4//kW1Z/yHEeeHu48/u/GTHvEvHTL+N76+vd2rLvtpxETXz59kT6xqa3W92tzavrq8OrdUW6qtTU9P3Zi5OXN9ZrK6uFyvFf92jfH9j//y+X79P9sj/tgB/R8/ZP///fj+0w93sqVu8S9f6v75+16P+Gnx2ffJIt+un9jN73TyL3v/5795f7/+L/To/0H//5cP2f8rX/3uHw65KQBwAppb2ytz9XptY5/MyCG2kZE5Sib7Tufv8Wj7OeLLX8tk/T4sfcz0e2QCAACO24sv/f1uCQAAAAAAAAAAAAAAAAAAAJxeJ3E7sVdj7vSnqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+/pPAAAA//+e1d5O") ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0xf503, 0x0) syz_clone(0x840000, &(0x7f0000000080)="ae10fb5370e6f036780a9804a86f32a7a3535332ee9a9c7d955eaf6ad211ee29ea3398a5e567a5dfaeff04d74d93cc5b910ba85c7a337045d234eb5b36d4", 0x3e, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000740)="ff60e596bf4d63641ac27cbed5064bb540d5d33e47e41601e1ccd1521e31af594d5ef466f66fb8d76e044435aa1268a3b68d61ba03d5ac2aac917025c7e51438866dbcd77b63766d547e5bc7e4dd6273126e9e43dcdc4a1ee46377d4306bc89cf14f76c95e6041219082be88005addd67ac7101403a34a3659718556") 2m24.827953997s ago: executing program 3 (id=1270): syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8}, 0x94) r0 = syz_io_uring_setup(0x11d2, &(0x7f0000002100)={0x0, 0x7735, 0x80, 0x0, 0x351}, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) 2m23.78784771s ago: executing program 3 (id=1291): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = syz_open_dev$usbfs(0x0, 0x76, 0x101301) ioctl$USBDEVFS_SUBMITURB(r0, 0x802c550a, &(0x7f0000000280)=@urb_type_bulk={0x3, {0x2, 0x1}, 0x5, 0x82, &(0x7f0000000700)="6ebfd2984dcc34ead998d87e77fc16f893433301e400f1718a461ff743c5254150b37e2d3329acd26785c3e8495626e8690e6a48f4df999ac7f9261608a148cfb38a9061a2be0a048f327ab4dc5a3b2e7a1a2629d4b57322eb7d4b445952b6b1e713f0c82676822028b5de87df85f4cb17e1b44c4aaebbdfb1cde6bfae4d4d544e95b47b7c4d6ca7ec7f7665745b53471ca26542e91975764f558ebb0504e583acf2faa23e0803a323a9ccb9612f30b2e3d2b0ff6af426d15660a88958037de380abef65a92f7cac54b65f477a3e5dfc", 0xd0, 0xffffff7f, 0x8000, 0x9, 0x1, 0x4, &(0x7f0000000600)="ba4cfe664da6785af6d63dff30f4a64af503738c3e3e3d3342ee9b8ae2b8e78a6a60ff5fbf96618ce3148027082ba188e0f873f1260b76c7ef607d358d9ef5c1a0d5793b2c34d9d3b34f91062e504a25f70cbff5ede6159444d00631d6301d280fd88828d8c806a418c4b962641cc09ec91018c682606df0abe2fab30e6b93c7f860e8e3a3b1c6f1b6aaa6fee63954b768b55395c8ea00619a"}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0) ftruncate(r1, 0x2000009) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000004c0)='initcall_finish\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0) pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1) 2m23.778272081s ago: executing program 32 (id=1291): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = syz_open_dev$usbfs(0x0, 0x76, 0x101301) ioctl$USBDEVFS_SUBMITURB(r0, 0x802c550a, &(0x7f0000000280)=@urb_type_bulk={0x3, {0x2, 0x1}, 0x5, 0x82, &(0x7f0000000700)="6ebfd2984dcc34ead998d87e77fc16f893433301e400f1718a461ff743c5254150b37e2d3329acd26785c3e8495626e8690e6a48f4df999ac7f9261608a148cfb38a9061a2be0a048f327ab4dc5a3b2e7a1a2629d4b57322eb7d4b445952b6b1e713f0c82676822028b5de87df85f4cb17e1b44c4aaebbdfb1cde6bfae4d4d544e95b47b7c4d6ca7ec7f7665745b53471ca26542e91975764f558ebb0504e583acf2faa23e0803a323a9ccb9612f30b2e3d2b0ff6af426d15660a88958037de380abef65a92f7cac54b65f477a3e5dfc", 0xd0, 0xffffff7f, 0x8000, 0x9, 0x1, 0x4, &(0x7f0000000600)="ba4cfe664da6785af6d63dff30f4a64af503738c3e3e3d3342ee9b8ae2b8e78a6a60ff5fbf96618ce3148027082ba188e0f873f1260b76c7ef607d358d9ef5c1a0d5793b2c34d9d3b34f91062e504a25f70cbff5ede6159444d00631d6301d280fd88828d8c806a418c4b962641cc09ec91018c682606df0abe2fab30e6b93c7f860e8e3a3b1c6f1b6aaa6fee63954b768b55395c8ea00619a"}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0) ftruncate(r1, 0x2000009) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000004c0)='initcall_finish\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0) pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1) 1.378276474s ago: executing program 2 (id=3251): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYRESDEC, @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRESOCT], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) fdatasync(r0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 1.070403474s ago: executing program 2 (id=3266): sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005"], 0xa8}}, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8924, &(0x7f00000000c0)={'wlan0\x00', 0x1}) 1.004454601s ago: executing program 0 (id=3269): unshare(0x2a020480) r0 = add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="8e", 0x1, 0xffffffffffffffff) pipe2$watch_queue(&(0x7f0000000240)={0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x0) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r0, r2, 0x9f) 983.044063ms ago: executing program 0 (id=3272): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000800)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000200000002000000007000000000000000100000d"], 0x0, 0x3f, 0x0, 0x8}, 0x28) 948.124056ms ago: executing program 2 (id=3274): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/slabinfo\x00', 0x41, 0x0) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, 0x0, 0x0) 918.177859ms ago: executing program 0 (id=3276): openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) socket$inet(0xa, 0x801, 0x84) socket$inet(0xa, 0x801, 0x84) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) close(0x4) 917.66034ms ago: executing program 2 (id=3278): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000001c0)={0x84, r1, 0x1, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x68, 0x33, @beacon={{{}, {0xde1}}, 0x3, @random=0x1, 0x1, @void, @val, @void, @val={0x4, 0x6, {0xf8, 0x97, 0x2, 0x2}}, @void, @void, @void, @val={0x2a, 0x1, {0x1, 0x1, 0x1}}, @val={0x3c, 0x4, {0x1, 0x6, 0x34}}, @val={0x2d, 0x1a, {0x4000, 0x0, 0x3, 0x0, {0x88d, 0xf30, 0x0, 0x49, 0x0, 0x1, 0x1, 0x3}, 0x7, 0x7, 0x4}}, @val={0x72, 0x6}, @val={0x71, 0x7, {0x0, 0x0, 0x1, 0x0, 0x2, 0xf6}}, @void}}]}, 0x84}, 0x1, 0x0, 0x0, 0x4008040}, 0x0) 826.302109ms ago: executing program 2 (id=3280): openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x100, 0x100, 0x9, 0x1, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0x8, r0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x3, r0}, 0x38) 825.476329ms ago: executing program 0 (id=3282): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000001480)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r1, 0x107, 0x14, 0x0, &(0x7f0000000040)) 775.797944ms ago: executing program 2 (id=3283): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x32) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10) write(r1, &(0x7f00000001c0)="49bda8f11851b8436b", 0x9) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7ffffffffffffffd) 775.188274ms ago: executing program 0 (id=3286): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) shutdown(r0, 0x0) 758.849385ms ago: executing program 0 (id=3288): r0 = syz_usb_connect$rtl8150(0x0, 0x3f, &(0x7f0000001d40)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xbda, 0x8150, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0) syz_usb_disconnect(r0) r1 = syz_usb_connect$cdc_ecm(0x5, 0x4d, &(0x7f00000025c0)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0xa0, 0x30, 0x18, [{{0x9, 0x4, 0x0, 0x8, 0x3, 0x2, 0x6, 0x0, 0x38, {{0x5}, {0x5, 0x24, 0x0, 0xd1a}, {0xd, 0x24, 0xf, 0x1, 0x1, 0x81, 0x6, 0x5b}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x200, 0x4, 0x6, 0x31}}, {{0x9, 0x5, 0x3, 0x2, 0x40, 0xe, 0x5e, 0x9}}}}}]}}]}}, 0x0) syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0) syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f0000005040)={0x18, 0x0, 0x0, 0x0, 0x0, &(0x7f0000005000)={0x40, 0x5, 0x1, 'v'}}) 667.295664ms ago: executing program 5 (id=3293): r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000003040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000003140)={&(0x7f0000003080)={0x28, r0, 0xe6e964277ae08d57, 0x70bd2d, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x8040000}, 0x40080) 633.514508ms ago: executing program 5 (id=3295): r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$link(0x8, r0, 0xfffffffffffffffd) 583.315333ms ago: executing program 5 (id=3299): unshare(0x20000400) pipe(&(0x7f0000000100)={0xffffffffffffffff}) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB='.\x00'], 0x20) 564.551885ms ago: executing program 5 (id=3300): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x7c}}, 0x0) sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000040a0102"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x0) 557.761655ms ago: executing program 1 (id=3301): setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x119, 0x41, 0x0, 0x0) 504.95616ms ago: executing program 5 (id=3302): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) 504.57587ms ago: executing program 4 (id=3303): setxattr$trusted_overlay_upper(0x0, &(0x7f0000000280), &(0x7f000000a440)=ANY=[], 0x90f, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0) 504.43822ms ago: executing program 1 (id=3304): pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r0, 0x0, 0xffff, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000000)={0xc, 0x8, 0xfa00, {0x0}}, 0x10) sendmmsg$unix(r2, &(0x7f0000003d00)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000340)="18", 0x1}], 0x1, 0x0, 0x0, 0x24004040}}], 0x1, 0x0) 504.24033ms ago: executing program 5 (id=3305): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000640)={0x44, &(0x7f0000000200)={0x40, 0xf, 0x28, "f0803bb547c4"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000440)={0x34, &(0x7f00000002c0)={0x40, 0x8, 0x2, "2bec"}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000300)={0x40, 0x11, 0x2, "b9d5"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$sierra_net(r0, 0x0, &(0x7f00000005c0)={0x10, &(0x7f0000000540)={0x0, 0x0, 0x2, 'Sl'}, 0x0, 0x0}) 455.999045ms ago: executing program 4 (id=3306): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000009c0)=ANY=[@ANYBLOB="180200000000ff0100000000000000008500000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000001700000095"], &(0x7f0000000480)='GPL\x00'}, 0x94) 455.360185ms ago: executing program 4 (id=3307): capget(&(0x7f0000000040)={0x19980330, 0xffffffffffffffff}, &(0x7f00000000c0)={0x1, 0x7fff, 0x800, 0x1c13, 0x8, 0x7ff}) 426.380998ms ago: executing program 4 (id=3308): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./bus\x00', 0x1200840, &(0x7f0000000100)=ANY=[@ANYBLOB="757466383d312c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c696f636861727365743d73703836322c696f636861727365743d63703433372c73686f72746e616d653d77696e39352c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c756e695f786c6174653d302c003c24d06816418f4be78ed4fbfe47efc82f966a602a8db43ad053c978bbd3501706515140ef63c2a58653ced497550b22917b09702604bc162c57e05beec5bb0c11fc2f9238b25e4527e24bab534e9ba458d92a597c3fee89f57053a4a1535771c9877b3ab101fb26937779cff75a95a296fafddf11280fafeb9bd5f2da4a88b43f3e4d5b1a9aed1f659d88f914548fba990603b0d4f14adda86d459c62701d3d6f007c7e50da9608a03eff5843f6739a8ec5ff33791394a5c075018b5d92bbd7d9874589f3561fbdfc44653bb6c56b522a3413"], 0x3, 0x37c, &(0x7f0000000ec0)="$eJzs3TGIW2UcAPB/7uUud9J6NwiiIEQ3QY+2CqKLV8oVilmqhKqDGGyr5XIWehhsh6bnIo6Co05uDjo4dHMRFOnm4GoFqYqDditY+uTlvSQvl+Q8Kmkt/n5D+Pf7/v/vfS/5aL7Lke9eX4uNk/Nx+vr1a7G4WInq2pG1uFGJlUii71KMW5jQBgDcG26kafyZ5iK+2ktJZfazAgBmqff+/+b+Ust73+yWn+bv/vOznhcAMDvFz/9L5bZkR87itOKzM5sWADBDo5//R8RjYymlX/VXx/YGAMC956VXXn3hcCPixXp9MWLz/U6z04znhv2HT8eZaMepOBDLcTMi3yhkD5Xe49FjjfUD9Xq9G7+sRDOr6DQjNrudZr5TOJz06mtxMJZjpagvdhtpmiZHv2ysH6z3RMSlbu/6sVnpNOdjKatfijM/3hen4lDU44Gx+ohjjfXBnqS52a+fj9gefm6RzX81luP7N+JstONkZLX9bU1j/eLBev1I2thXGdZ3O81aLy839RMQAAAAAAAAAAAAAAAAAAAAAAC4Lav1gZXB+Tnp8Pye1dUJ/b3zcfL64nyg7fx8oLSWRpr+8e6TzQ+SGDkfqHfAz0h9Nebu7q0DAAAAAAAAAAAAAAAAAADAf8bW+YVotdunzm2dv7BRDrrnts7PRUTW8vZ3n3+9FKM5S8UAo1UjQbVIKXXVh1Vp0k9Ok5GcIkiyi1eqectnlwczLufUBncxcRq16V3t9v5Hf/74wkZ/1EeS/si3hjlJTLyvC8mOaZSDzfvzAac/LbsEh/4h52qaptPKL742XhWViOrUqd5mkGbBt9feeuiprf4iSHOPP7F84upHn/620WpnV8602wvntm6mG63i35MX2/QgKa2fSrHYKuWVUG09fev4vikjb4+2tJIffn/54Q+vFC1zu79M6Ykrw5Z3JuQk+UW/2Nm1kAfZNAddz2dB9hyNjzM/YfFPCp6Jf/XCPfjJWuvyxZ9+3WtV6T8JB3UAAAAAAAAAAAAAAAAAAMAdUfqueKH4su/8blXPHp/9zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgzhn+/f9BEHPbO1r2FvzVjX7Lieh31bIBY6F0xZW7eLcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPxf/R0AAP//KWlfjg==") mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x42, 0x17) syz_open_dev$evdev(&(0x7f0000000200), 0x0, 0x40000) 384.231262ms ago: executing program 1 (id=3309): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000140)) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x8, @local}, 0x10) setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000080)=0x2cd, 0x4) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e22, @multicast1}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000040)=0xfffffffc, 0x4) recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0) 179.929752ms ago: executing program 4 (id=3310): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000c00)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELCHAIN={0x20, 0x5, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14}}, 0x68}}, 0x0) 179.606052ms ago: executing program 4 (id=3311): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) clock_nanosleep(0x2, 0x0, 0x0, 0xfffffffffffffffe) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil) syz_usb_connect$hid(0x0, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB="1201000000000020ac050f0222000182830109022400010100000009040000020301020009210005000122000009058103"], 0x0) syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x143402) 171.612723ms ago: executing program 1 (id=3312): r0 = socket$inet6(0xa, 0x5, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x10, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007baaf8ff00000000b7080000341200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008"], 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket(0x2, 0x80805, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, 0xfffffffffffffffe, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000880)={r1, 0x2f, 0x28, 0x0, &(0x7f0000000640)="c1dfb080cd21d308098e000081007e2288a8", 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e21, @private=0xa010101}], 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x0, @loopback}, @in6={0xa, 0x0, 0x0, @private0}], 0x2c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000000)=[@in={0x2, 0x0, @loopback}, @in6={0xa, 0x4e21, 0xfa9, @private1, 0x9}], 0x2c) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = inotify_init1(0x0) inotify_add_watch(r4, 0x0, 0x70000010) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r3, &(0x7f00000030c0)={0x0, 0x0, &(0x7f0000003080)={&(0x7f0000000100)=ANY=[@ANYBLOB="680000000301010800000000000000000a00000050000280140001"], 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x20004182) 120.236689ms ago: executing program 1 (id=3313): clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) futex(&(0x7f0000000040)=0x1, 0x6, 0x0, &(0x7f00000000c0)={r0, r1+60000000}, 0x0, 0x0) 0s ago: executing program 1 (id=3314): syz_usb_connect$printer(0x3, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000300000010b804020240000102030109021b000101b280000904"], &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0}) kernel console output (not intermixed with test programs): ][T11129] syz.4.2600: attempt to access beyond end of device [ 227.032608][T11129] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 227.032665][T11129] syz.4.2600: attempt to access beyond end of device [ 227.032665][T11129] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 227.032710][T11129] syz.4.2600: attempt to access beyond end of device [ 227.032710][T11129] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 227.047289][T11120] syz.4.2600: attempt to access beyond end of device [ 227.047289][T11120] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 227.134220][T11132] SELinux: failed to load policy [ 227.358802][T11143] loop2: detected capacity change from 0 to 512 [ 227.394957][T11143] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 227.403324][T11143] EXT4-fs error (device loop2): ext4_get_branch:178: inode #13: block 1024: comm syz.2.2605: invalid block [ 227.419096][T11148] netlink: 256 bytes leftover after parsing attributes in process `syz.5.2607'. [ 227.424309][T11143] EXT4-fs (loop2): Remounting filesystem read-only [ 227.428227][T11148] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2607'. [ 227.444442][T11143] EXT4-fs (loop2): 1 truncate cleaned up [ 227.450469][T11143] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 227.813941][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.948729][T11159] loop5: detected capacity change from 0 to 128 [ 228.008448][T11159] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 228.016404][T11159] FAT-fs (loop5): Filesystem has been set read-only [ 228.043467][T11159] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 228.051487][T11159] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 228.478989][T11175] SELinux: failed to load policy [ 228.582640][T11188] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2620'. [ 228.601463][T11190] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2621'. [ 228.610796][T11190] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2621'. [ 228.696195][T11197] loop1: detected capacity change from 0 to 512 [ 228.715087][T11197] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 228.748479][T11197] ext4 filesystem being mounted at /518/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 228.759403][ T57] Bluetooth: hci0: Frame reassembly failed (-84) [ 228.771911][T11197] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #2: comm syz.1.2624: corrupted inode contents [ 228.800121][T11197] EXT4-fs error (device loop1): ext4_dirty_inode:6509: inode #2: comm syz.1.2624: mark_inode_dirty error [ 228.811993][T11197] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #2: comm syz.1.2624: corrupted inode contents [ 228.824403][T11197] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.2624: mark_inode_dirty error [ 228.869851][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.034784][T11208] SELinux: failed to load policy [ 229.103601][T11224] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2633'. [ 229.184804][T11232] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2636'. [ 229.275667][ T2623] Bluetooth: hci1: Frame reassembly failed (-84) [ 229.287007][T11237] loop5: detected capacity change from 0 to 128 [ 229.300378][T11237] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 229.308487][T11237] FAT-fs (loop5): Filesystem has been set read-only [ 229.315928][T11237] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 229.323799][T11237] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 229.588404][T11250] loop4: detected capacity change from 0 to 1024 [ 229.595412][T11250] EXT4-fs: Ignoring removed oldalloc option [ 229.601371][T11250] EXT4-fs: Ignoring removed bh option [ 229.616626][T11250] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 229.645437][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.713166][T11254] SELinux: failed to load policy [ 229.846245][T11260] loop4: detected capacity change from 0 to 512 [ 229.856022][T11260] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 229.879845][T11260] ext4 filesystem being mounted at /538/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 229.897939][T11260] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #2: comm syz.4.2646: corrupted inode contents [ 229.911345][T11260] EXT4-fs error (device loop4): ext4_dirty_inode:6509: inode #2: comm syz.4.2646: mark_inode_dirty error [ 229.923177][T11260] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #2: comm syz.4.2646: corrupted inode contents [ 229.952078][T11260] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.2646: mark_inode_dirty error [ 229.992183][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.039930][ T3449] Bluetooth: hci2: Frame reassembly failed (-84) [ 230.048589][T11264] loop1: detected capacity change from 0 to 8192 [ 230.804138][ T5016] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 230.934783][ T2623] Bluetooth: hci0: Frame reassembly failed (-84) [ 231.262834][T11286] loop5: detected capacity change from 0 to 1024 [ 231.269598][T11286] EXT4-fs: Ignoring removed oldalloc option [ 231.275555][T11286] EXT4-fs: Ignoring removed bh option [ 231.296261][T11286] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 231.314144][ T3685] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 231.322644][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.344869][T11291] veth30: entered promiscuous mode [ 231.350059][T11291] veth30: entered allmulticast mode [ 231.373279][T11291] lo speed is unknown, defaulting to 1000 [ 231.439480][T11298] __nla_validate_parse: 3 callbacks suppressed [ 231.439499][T11298] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2657'. [ 231.448073][T11293] SELinux: failed to load policy [ 231.454853][T11298] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2657'. [ 231.563178][T11309] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.605931][T11309] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.665737][T11309] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.739011][ T29] kauditd_printk_skb: 159 callbacks suppressed [ 231.739032][ T29] audit: type=1400 audit(1760486160.205:7647): avc: denied { read append } for pid=11313 comm="syz.0.2662" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 231.769376][ T29] audit: type=1400 audit(1760486160.205:7648): avc: denied { open } for pid=11313 comm="syz.0.2662" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 231.770407][T11309] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.793010][ T29] audit: type=1400 audit(1760486160.225:7649): avc: denied { ioctl } for pid=11313 comm="syz.0.2662" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 231.891087][ T52] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.901946][ T52] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.913882][ T52] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.927001][ T52] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.124212][ T6731] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 232.124325][ T4346] Bluetooth: hci2: command 0x1003 tx timeout [ 232.604250][T11335] SELinux: failed to load policy [ 232.695910][T11343] loop4: detected capacity change from 0 to 128 [ 232.705200][T11343] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 232.713050][T11343] FAT-fs (loop4): Filesystem has been set read-only [ 232.719925][T11343] bio_check_eod: 47348 callbacks suppressed [ 232.719947][T11343] syz.4.2673: attempt to access beyond end of device [ 232.719947][T11343] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 232.745624][T11343] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 232.753529][T11343] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 232.762064][T11343] syz.4.2673: attempt to access beyond end of device [ 232.762064][T11343] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 232.776481][T11343] syz.4.2673: attempt to access beyond end of device [ 232.776481][T11343] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 232.790406][T11343] syz.4.2673: attempt to access beyond end of device [ 232.790406][T11343] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 232.804495][T11343] syz.4.2673: attempt to access beyond end of device [ 232.804495][T11343] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 232.818230][ T12] Bluetooth: hci1: Frame reassembly failed (-84) [ 232.824842][T11343] syz.4.2673: attempt to access beyond end of device [ 232.824842][T11343] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 232.838698][T11343] syz.4.2673: attempt to access beyond end of device [ 232.838698][T11343] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 232.852644][T11343] syz.4.2673: attempt to access beyond end of device [ 232.852644][T11343] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 232.866429][T11343] syz.4.2673: attempt to access beyond end of device [ 232.866429][T11343] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 232.880986][T11343] syz.4.2673: attempt to access beyond end of device [ 232.880986][T11343] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 232.901535][T11351] loop2: detected capacity change from 0 to 512 [ 232.909671][T11351] EXT4-fs (loop2): orphan cleanup on readonly fs [ 232.919017][T11351] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2677: bg 0: block 248: padding at end of block bitmap is not set [ 232.933793][T11351] Quota error (device loop2): write_blk: dquota write failed [ 232.941231][T11351] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 232.951314][T11351] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.2677: Failed to acquire dquot type 1 [ 232.963404][T11351] EXT4-fs (loop2): 1 truncate cleaned up [ 232.969958][T11351] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 232.994187][ T5016] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 232.994205][ T4346] Bluetooth: hci0: command 0x1003 tx timeout [ 233.096029][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.125483][T11355] loop2: detected capacity change from 0 to 512 [ 233.136788][T11355] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 233.149970][T11355] ext4 filesystem being mounted at /504/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 233.227838][T11355] SELinux: failed to load policy [ 233.268437][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.919258][T11365] loop4: detected capacity change from 0 to 8192 [ 234.190434][ T3449] Bluetooth: hci0: Frame reassembly failed (-84) [ 234.629715][T11373] SELinux: failed to load policy [ 234.844272][ T4346] Bluetooth: hci1: command 0x1003 tx timeout [ 234.872374][T11379] loop4: detected capacity change from 0 to 1024 [ 234.880245][T11379] EXT4-fs: Ignoring removed oldalloc option [ 234.886385][T11379] EXT4-fs: Ignoring removed bh option [ 234.898027][T11379] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 234.924153][ T6731] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 234.987559][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.535948][T11398] netlink: 72 bytes leftover after parsing attributes in process `syz.5.2692'. [ 235.546662][T11398] loop5: detected capacity change from 0 to 128 [ 235.555999][T11398] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 235.564077][T11398] FAT-fs (loop5): Filesystem has been set read-only [ 235.571081][T11398] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 235.579070][T11398] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 235.975171][T11408] veth24: entered promiscuous mode [ 235.980770][T11408] veth24: entered allmulticast mode [ 236.011759][T11408] lo speed is unknown, defaulting to 1000 [ 236.204149][ T5016] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 236.398843][T11422] veth26: entered promiscuous mode [ 236.404019][T11422] veth26: entered allmulticast mode [ 236.447244][T11422] lo speed is unknown, defaulting to 1000 [ 236.459340][T11426] loop5: detected capacity change from 0 to 512 [ 236.476224][T11426] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 236.489054][T11426] ext4 filesystem being mounted at /265/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 236.501783][T11426] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.2703: corrupted inode contents [ 236.514476][T11426] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #2: comm syz.5.2703: mark_inode_dirty error [ 236.526698][T11426] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.2703: corrupted inode contents [ 236.527906][T11433] loop4: detected capacity change from 0 to 128 [ 236.538922][T11426] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.2703: mark_inode_dirty error [ 236.548388][T11433] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 236.563798][T11433] FAT-fs (loop4): Filesystem has been set read-only [ 236.570533][T11433] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 236.578635][T11433] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 236.587728][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.609566][T11435] loop5: detected capacity change from 0 to 512 [ 236.640006][T11435] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 236.659220][T11435] ext4 filesystem being mounted at /266/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 236.694907][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.751366][T11441] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 236.774496][T11441] SELinux: failed to load policy [ 237.003945][T11449] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2710'. [ 237.132466][ T2623] Bluetooth: hci1: Frame reassembly failed (-84) [ 237.244956][T11456] loop5: detected capacity change from 0 to 32768 [ 237.256006][T11464] loop1: detected capacity change from 0 to 512 [ 237.264538][T11464] EXT4-fs (loop1): orphan cleanup on readonly fs [ 237.271912][T11464] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2715: bg 0: block 248: padding at end of block bitmap is not set [ 237.287642][T11464] Quota error (device loop1): write_blk: dquota write failed [ 237.295199][T11464] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 237.305251][T11464] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.2715: Failed to acquire dquot type 1 [ 237.317290][T11456] loop5: p1 p3 < p5 p6 > [ 237.321656][T11456] loop5: partition table partially beyond EOD, truncated [ 237.329519][T11464] EXT4-fs (loop1): 1 truncate cleaned up [ 237.336084][T11464] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 237.350535][ T29] audit: type=1326 audit(1760486165.815:7650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11455 comm="syz.5.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 237.374196][ T29] audit: type=1326 audit(1760486165.815:7651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11455 comm="syz.5.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 237.398999][ T29] audit: type=1326 audit(1760486165.865:7652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11455 comm="syz.5.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 237.422709][ T29] audit: type=1326 audit(1760486165.865:7653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11455 comm="syz.5.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 237.446291][ T29] audit: type=1326 audit(1760486165.865:7654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11455 comm="syz.5.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 237.470119][ T29] audit: type=1326 audit(1760486165.865:7655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11455 comm="syz.5.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 237.493912][ T29] audit: type=1326 audit(1760486165.865:7656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11455 comm="syz.5.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 237.517871][ T29] audit: type=1326 audit(1760486165.865:7657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11455 comm="syz.5.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 237.575703][T11468] loop4: detected capacity change from 0 to 2048 [ 237.585835][T11468] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 237.613224][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.624237][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.676214][T11477] loop1: detected capacity change from 0 to 512 [ 237.685751][T11474] SELinux: failed to load policy [ 237.702224][T11472] loop5: detected capacity change from 0 to 8192 [ 237.710934][T11477] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 237.724030][T11477] ext4 filesystem being mounted at /530/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 237.754016][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.772369][T11482] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.816074][T11482] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.875804][T11482] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.946023][T11482] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.033130][ T12] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 238.048069][ T12] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 238.061075][ T2623] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 238.076505][ T52] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 238.434148][ T6731] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 238.434167][ T4346] Bluetooth: hci0: command 0x1003 tx timeout [ 238.573257][T11498] loop5: detected capacity change from 0 to 8192 [ 238.645142][T11500] loop1: detected capacity change from 0 to 32768 [ 238.675013][T11500] loop1: p1 p3 < p5 p6 > [ 238.679387][T11500] loop1: partition table partially beyond EOD, truncated [ 238.765980][T11504] veth26: entered promiscuous mode [ 238.771259][T11504] veth26: entered allmulticast mode [ 238.796684][T11504] lo speed is unknown, defaulting to 1000 [ 238.871982][T11507] loop1: detected capacity change from 0 to 2048 [ 238.886316][T11507] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 238.913966][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.095521][T11516] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 239.106636][T11516] SELinux: failed to load policy [ 239.122666][T11513] SELinux: failed to load policy [ 239.154168][ T6731] Bluetooth: hci1: command 0x1003 tx timeout [ 239.160375][ T5016] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 239.321323][T11524] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2736'. [ 239.402555][T11526] loop1: detected capacity change from 0 to 8192 [ 240.216513][T11543] loop2: detected capacity change from 0 to 512 [ 240.235889][T11543] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 240.248610][T11543] ext4 filesystem being mounted at /512/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 240.260787][T11543] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.2751: corrupted inode contents [ 240.272965][T11543] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #2: comm syz.2.2751: mark_inode_dirty error [ 240.284997][T11543] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.2751: corrupted inode contents [ 240.297501][T11543] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.2751: mark_inode_dirty error [ 240.327547][T11549] netlink: 256 bytes leftover after parsing attributes in process `syz.5.2743'. [ 240.336852][T11549] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2743'. [ 240.349880][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.376522][T11554] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.425880][T11554] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.476148][T11554] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.518478][T11557] SELinux: failed to load policy [ 240.540368][T11563] loop1: detected capacity change from 0 to 2048 [ 240.555937][T11563] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 240.569127][T11554] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.590597][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.637367][ T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.729248][ T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.757187][ T12] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.785971][ T12] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.822455][T11570] loop1: detected capacity change from 0 to 8192 [ 240.995137][T11567] loop5: detected capacity change from 0 to 32768 [ 241.024692][T11567] loop5: p1 p3 < p5 p6 > [ 241.029080][T11567] loop5: partition table partially beyond EOD, truncated [ 241.088993][T11574] lo speed is unknown, defaulting to 1000 [ 241.369222][T11574] chnl_net:caif_netlink_parms(): no params data found [ 241.404062][T11590] loop4: detected capacity change from 0 to 8192 [ 241.569906][ T3449] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 241.579870][ T3449] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.615336][T11574] bridge0: port 1(bridge_slave_0) entered blocking state [ 241.622469][T11574] bridge0: port 1(bridge_slave_0) entered disabled state [ 241.634816][T11603] loop1: detected capacity change from 0 to 128 [ 241.641982][T11574] bridge_slave_0: entered allmulticast mode [ 241.643688][T11603] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 241.649812][T11574] bridge_slave_0: entered promiscuous mode [ 241.655876][T11603] FAT-fs (loop1): Filesystem has been set read-only [ 241.669474][ T3449] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 241.679386][ T3449] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.691488][T11574] bridge0: port 2(bridge_slave_1) entered blocking state [ 241.698672][T11574] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.706515][T11574] bridge_slave_1: entered allmulticast mode [ 241.713772][T11574] bridge_slave_1: entered promiscuous mode [ 241.841851][T11574] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 241.865283][ T3449] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 241.875138][ T3449] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.998846][T11574] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 242.046722][ T3449] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 242.056589][ T3449] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.092267][T11603] bio_check_eod: 61150 callbacks suppressed [ 242.092285][T11603] syz.1.2758: attempt to access beyond end of device [ 242.092285][T11603] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 242.112580][T11603] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 242.120589][T11603] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 242.128793][T11603] syz.1.2758: attempt to access beyond end of device [ 242.128793][T11603] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 242.142303][T11603] syz.1.2758: attempt to access beyond end of device [ 242.142303][T11603] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 242.156157][T11603] syz.1.2758: attempt to access beyond end of device [ 242.156157][T11603] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 242.169651][T11603] syz.1.2758: attempt to access beyond end of device [ 242.169651][T11603] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 242.183049][T11603] syz.1.2758: attempt to access beyond end of device [ 242.183049][T11603] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 242.196701][T11603] syz.1.2758: attempt to access beyond end of device [ 242.196701][T11603] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 242.198361][T11574] team0: Port device team_slave_0 added [ 242.210356][T11603] syz.1.2758: attempt to access beyond end of device [ 242.210356][T11603] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 242.229278][T11603] syz.1.2758: attempt to access beyond end of device [ 242.229278][T11603] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 242.232997][T11574] team0: Port device team_slave_1 added [ 242.242765][T11603] syz.1.2758: attempt to access beyond end of device [ 242.242765][T11603] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 242.292216][T11574] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 242.299330][T11574] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 242.325717][T11574] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 242.463113][ T29] kauditd_printk_skb: 228 callbacks suppressed [ 242.463203][ T29] audit: type=1326 audit(1760486170.925:7886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11610 comm="syz.5.2761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 242.497793][ T3449] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 242.529810][ T29] audit: type=1326 audit(1760486170.965:7887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11610 comm="syz.5.2761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 242.553882][ T29] audit: type=1326 audit(1760486170.965:7888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11610 comm="syz.5.2761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 242.577767][ T29] audit: type=1326 audit(1760486170.965:7889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11610 comm="syz.5.2761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 242.601676][ T29] audit: type=1326 audit(1760486170.965:7890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11610 comm="syz.5.2761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 242.625406][ T29] audit: type=1326 audit(1760486170.965:7891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11610 comm="syz.5.2761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 242.649475][ T29] audit: type=1326 audit(1760486170.965:7892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11610 comm="syz.5.2761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 242.673951][ T29] audit: type=1326 audit(1760486170.965:7893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11610 comm="syz.5.2761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 242.697964][ T29] audit: type=1326 audit(1760486170.965:7894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11610 comm="syz.5.2761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 242.698181][T11615] loop5: detected capacity change from 0 to 512 [ 242.721594][ T29] audit: type=1326 audit(1760486170.965:7895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11610 comm="syz.5.2761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 242.752196][ T3449] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 242.763045][ T3449] bond0 (unregistering): Released all slaves [ 242.773247][T11615] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 242.786163][T11615] ext4 filesystem being mounted at /281/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 242.796921][T11617] loop1: detected capacity change from 0 to 32768 [ 242.797263][T11574] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 242.807477][T11615] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.2762: corrupted inode contents [ 242.810371][T11574] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 242.810427][T11574] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 242.860162][T11615] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #2: comm syz.5.2762: mark_inode_dirty error [ 242.871925][T11615] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.2762: corrupted inode contents [ 242.886464][T11617] loop1: p1 p3 < p5 p6 > [ 242.891025][T11617] loop1: partition table partially beyond EOD, truncated [ 242.894381][T11615] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.2762: mark_inode_dirty error [ 242.926033][T11574] hsr_slave_0: entered promiscuous mode [ 242.933696][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 242.933736][T11574] hsr_slave_1: entered promiscuous mode [ 242.949690][T11574] debugfs: 'hsr0' already exists in 'hsr' [ 242.955737][T11574] Cannot create hsr debugfs directory [ 242.965497][ T3449] hsr_slave_0: left promiscuous mode [ 242.970602][T11625] loop5: detected capacity change from 0 to 512 [ 242.977556][ T3449] hsr_slave_1: left promiscuous mode [ 242.986914][ T3449] veth1_macvtap: left promiscuous mode [ 242.988959][T11625] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 242.992680][ T3449] veth0_macvtap: left promiscuous mode [ 243.011037][ T3449] veth1_vlan: left promiscuous mode [ 243.015101][T11625] ext4 filesystem being mounted at /282/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 243.016679][ T3449] veth0_vlan: left promiscuous mode [ 243.049558][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 243.085415][T11631] loop5: detected capacity change from 0 to 1024 [ 243.092602][T11631] EXT4-fs: Ignoring removed oldalloc option [ 243.098880][T11631] EXT4-fs: Ignoring removed bh option [ 243.125859][T11631] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 243.157367][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 243.169427][ T3449] team0 (unregistering): Port device team_slave_1 removed [ 243.179933][ T3449] team0 (unregistering): Port device team_slave_0 removed [ 243.183287][ T57] Bluetooth: hci0: Frame reassembly failed (-84) [ 243.218273][T11629] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2765'. [ 243.283232][T11642] netlink: 'syz.1.2769': attribute type 1 has an invalid length. [ 243.291101][T11642] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2769'. [ 243.371297][T11647] SELinux: failed to load policy [ 243.426135][T11654] loop4: detected capacity change from 0 to 512 [ 243.436271][T11654] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 243.449082][T11654] ext4 filesystem being mounted at /564/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 243.461798][T11654] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #2: comm syz.4.2774: corrupted inode contents [ 243.484618][T11654] EXT4-fs error (device loop4): ext4_dirty_inode:6509: inode #2: comm syz.4.2774: mark_inode_dirty error [ 243.496942][T11654] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #2: comm syz.4.2774: corrupted inode contents [ 243.509456][T11654] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.2774: mark_inode_dirty error [ 243.537324][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 243.568882][T11661] loop4: detected capacity change from 0 to 512 [ 243.598426][T11661] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 243.611155][T11661] ext4 filesystem being mounted at /565/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 243.656099][T11574] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 243.665925][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 243.670736][T11574] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 243.685188][T11574] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 243.696456][T11574] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 243.705809][T11668] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2778'. [ 243.715168][T11658] loop2: detected capacity change from 0 to 32768 [ 243.715668][T11668] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2778'. [ 243.744911][T11658] loop2: p1 p3 < p5 p6 > [ 243.749475][T11658] loop2: partition table partially beyond EOD, truncated [ 243.761799][T11574] 8021q: adding VLAN 0 to HW filter on device bond0 [ 243.777522][T11574] 8021q: adding VLAN 0 to HW filter on device team0 [ 243.787045][T11676] loop4: detected capacity change from 0 to 2048 [ 243.798775][ T3449] bridge0: port 1(bridge_slave_0) entered blocking state [ 243.805892][ T3449] bridge0: port 1(bridge_slave_0) entered forwarding state [ 243.815995][T11676] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 243.817993][ T3449] bridge0: port 2(bridge_slave_1) entered blocking state [ 243.835396][ T3449] bridge0: port 2(bridge_slave_1) entered forwarding state [ 243.900382][T11680] lo speed is unknown, defaulting to 1000 [ 243.979524][T11574] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 243.993505][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.007620][T11687] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.037918][T11693] loop4: detected capacity change from 0 to 512 [ 244.050015][T11693] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 244.059137][T11693] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 1024: comm syz.4.2782: invalid block [ 244.072387][T11693] EXT4-fs (loop4): Remounting filesystem read-only [ 244.073388][T11687] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.079863][T11693] EXT4-fs (loop4): 1 truncate cleaned up [ 244.095619][T11693] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 244.108838][T11574] veth0_vlan: entered promiscuous mode [ 244.126920][T11574] veth1_vlan: entered promiscuous mode [ 244.143502][T11574] veth0_macvtap: entered promiscuous mode [ 244.151306][T11574] veth1_macvtap: entered promiscuous mode [ 244.162921][T11574] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 244.176351][T11687] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.190962][T11574] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 244.201979][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.213869][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.222843][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.237812][T11687] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.249289][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.921570][T11724] SELinux: failed to load policy [ 244.934910][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.963713][ T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.987378][ T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.007009][ T12] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.015838][ T12] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.028429][T11732] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2795'. [ 245.037581][T11732] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2795'. [ 245.181779][T11740] SELinux: policydb magic number 0x75636573 does not match expected magic number 0xf97cff8c [ 245.192311][T11740] SELinux: failed to load policy [ 245.234210][ T5016] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 245.240555][ T6731] Bluetooth: hci0: command 0x1003 tx timeout [ 245.269800][T11738] loop4: detected capacity change from 0 to 8192 [ 245.377963][T11749] SELinux: failed to load policy [ 245.707503][ T57] Bluetooth: hci0: Frame reassembly failed (-84) [ 245.783640][T11761] loop5: detected capacity change from 0 to 2048 [ 245.807230][T11761] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 245.913832][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 246.037356][T11766] netlink: 52 bytes leftover after parsing attributes in process `syz.5.2808'. [ 246.074808][T11769] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2809'. [ 246.083921][T11769] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2809'. [ 246.110503][T11771] loop5: detected capacity change from 0 to 512 [ 246.126835][T11771] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 246.139701][T11771] ext4 filesystem being mounted at /287/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 246.198240][T11777] loop5: detected capacity change from 0 to 128 [ 246.206909][T11777] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 246.214851][T11777] FAT-fs (loop5): Filesystem has been set read-only [ 246.221684][T11777] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 246.229813][T11777] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 246.529732][T11786] loop4: detected capacity change from 0 to 128 [ 246.540378][T11786] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 246.548306][T11786] FAT-fs (loop4): Filesystem has been set read-only [ 246.555125][T11786] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 246.562959][T11786] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 247.058551][T11789] loop2: detected capacity change from 0 to 512 [ 247.071392][T11791] netlink: 'syz.5.2816': attribute type 1 has an invalid length. [ 247.079327][T11791] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2816'. [ 247.089688][T11789] ext4 filesystem being mounted at /519/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 247.094171][T11786] bio_check_eod: 48289 callbacks suppressed [ 247.094193][T11786] syz.4.2814: attempt to access beyond end of device [ 247.094193][T11786] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 247.102418][T11789] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.2815: corrupted inode contents [ 247.106531][T11786] syz.4.2814: attempt to access beyond end of device [ 247.106531][T11786] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 247.119946][T11789] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #2: comm syz.2.2815: mark_inode_dirty error [ 247.131421][T11786] syz.4.2814: attempt to access beyond end of device [ 247.131421][T11786] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 247.145139][T11789] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.2815: corrupted inode contents [ 247.157875][T11786] syz.4.2814: attempt to access beyond end of device [ 247.157875][T11786] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 247.169691][T11789] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.2815: mark_inode_dirty error [ 247.181234][T11786] syz.4.2814: attempt to access beyond end of device [ 247.181234][T11786] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 247.219274][T11786] syz.4.2814: attempt to access beyond end of device [ 247.219274][T11786] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 247.241880][T11786] syz.4.2814: attempt to access beyond end of device [ 247.241880][T11786] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 247.255422][T11786] syz.4.2814: attempt to access beyond end of device [ 247.255422][T11786] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 247.263321][T11797] loop5: detected capacity change from 0 to 512 [ 247.268988][T11786] syz.4.2814: attempt to access beyond end of device [ 247.268988][T11786] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 247.288393][T11786] syz.4.2814: attempt to access beyond end of device [ 247.288393][T11786] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 247.303553][T11797] ext4 filesystem being mounted at /290/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 247.513540][T11801] loop2: detected capacity change from 0 to 32768 [ 247.574390][ T29] kauditd_printk_skb: 279 callbacks suppressed [ 247.574409][ T29] audit: type=1326 audit(1760486176.035:8175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11798 comm="syz.2.2817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ac896eec9 code=0x7ffc0000 [ 247.604384][ T29] audit: type=1326 audit(1760486176.035:8176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11798 comm="syz.2.2817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2ac896eec9 code=0x7ffc0000 [ 247.628046][ T29] audit: type=1326 audit(1760486176.035:8177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11798 comm="syz.2.2817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ac896eec9 code=0x7ffc0000 [ 247.660228][ T29] audit: type=1326 audit(1760486176.115:8178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11798 comm="syz.2.2817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ac896eec9 code=0x7ffc0000 [ 247.683918][ T29] audit: type=1326 audit(1760486176.115:8179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11798 comm="syz.2.2817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ac896eec9 code=0x7ffc0000 [ 247.693923][T11801] loop2: p1 p3 < p5 p6 > [ 247.707683][ T29] audit: type=1326 audit(1760486176.115:8180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11798 comm="syz.2.2817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ac896eec9 code=0x7ffc0000 [ 247.707726][ T29] audit: type=1326 audit(1760486176.125:8181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11798 comm="syz.2.2817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ac896eec9 code=0x7ffc0000 [ 247.712092][T11801] loop2: partition table partially beyond EOD, truncated [ 247.735776][ T29] audit: type=1326 audit(1760486176.125:8182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11798 comm="syz.2.2817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ac896eec9 code=0x7ffc0000 [ 247.735813][ T29] audit: type=1326 audit(1760486176.125:8183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11798 comm="syz.2.2817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ac896eec9 code=0x7ffc0000 [ 247.735847][ T29] audit: type=1326 audit(1760486176.125:8184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11798 comm="syz.2.2817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ac896eec9 code=0x7ffc0000 [ 247.759909][ T6731] Bluetooth: hci0: command 0x1003 tx timeout [ 247.774314][ T5016] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 247.877422][ T31] Bluetooth: hci0: Frame reassembly failed (-84) [ 248.559152][T11834] loop5: detected capacity change from 0 to 512 [ 248.578752][T11834] ext4 filesystem being mounted at /295/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 248.597411][T11834] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.2828: corrupted inode contents [ 248.611568][T11834] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #2: comm syz.5.2828: mark_inode_dirty error [ 248.625043][T11834] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.2828: corrupted inode contents [ 248.639070][T11834] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.2828: mark_inode_dirty error [ 248.935684][T11840] loop5: detected capacity change from 0 to 512 [ 248.965177][T11840] ext4 filesystem being mounted at /296/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 249.074555][T11849] __nla_validate_parse: 6 callbacks suppressed [ 249.074571][T11849] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2833'. [ 249.256003][T11863] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2838'. [ 249.256061][T11863] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2838'. [ 249.302181][T11856] loop2: detected capacity change from 0 to 32768 [ 249.325770][T11861] SELinux: failed to load policy [ 249.331084][T11867] SELinux: policydb magic number 0x80 does not match expected magic number 0xf97cff8c [ 249.341334][T11867] SELinux: failed to load policy [ 249.346467][T11856] loop2: p1 p3 < p5 p6 > [ 249.350812][T11856] loop2: partition table partially beyond EOD, truncated [ 249.431459][T11872] lo speed is unknown, defaulting to 1000 [ 249.523106][T11880] loop5: detected capacity change from 0 to 128 [ 249.532137][T11880] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 249.540127][T11880] FAT-fs (loop5): Filesystem has been set read-only [ 249.548722][T11880] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 249.556882][T11880] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 249.640324][T11882] SELinux: failed to load policy [ 249.980225][ T5016] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 250.387987][T11897] loop5: detected capacity change from 0 to 512 [ 250.417766][T11902] netlink: 'syz.2.2853': attribute type 1 has an invalid length. [ 250.425618][T11902] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2853'. [ 250.436140][T11897] ext4 filesystem being mounted at /303/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 250.454913][T11897] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.2851: corrupted inode contents [ 250.476259][T11897] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #2: comm syz.5.2851: mark_inode_dirty error [ 250.504515][T11897] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.2851: corrupted inode contents [ 250.524415][T11897] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.2851: mark_inode_dirty error [ 250.581255][T11911] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2855'. [ 250.597364][T11899] loop1: detected capacity change from 0 to 32768 [ 250.608344][T11911] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2855'. [ 250.609445][T11914] loop4: detected capacity change from 0 to 512 [ 250.638475][T11914] ext4 filesystem being mounted at /579/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 250.655382][T11899] loop1: p1 p3 < p5 p6 > [ 250.659873][T11899] loop1: partition table partially beyond EOD, truncated [ 250.701334][T11911] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2855'. [ 250.724905][T11921] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2857'. [ 250.734540][T11921] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2857'. [ 250.872462][T11934] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2864'. [ 250.939665][T11941] loop5: detected capacity change from 0 to 512 [ 250.955764][T11941] ext4 filesystem being mounted at /306/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 251.024455][ T57] Bluetooth: hci0: Frame reassembly failed (-84) [ 251.104209][T11945] loop1: detected capacity change from 0 to 8192 [ 251.283434][T11952] loop2: detected capacity change from 0 to 32768 [ 251.325006][T11952] loop2: p1 p3 < p5 p6 > [ 251.329589][T11952] loop2: partition table partially beyond EOD, truncated [ 251.366968][T11957] SELinux: failed to load policy [ 251.493764][T11961] SELinux: failed to load policy [ 251.518032][T11966] loop4: detected capacity change from 0 to 128 [ 251.537166][T11966] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 251.545181][T11966] FAT-fs (loop4): Filesystem has been set read-only [ 251.557365][T11966] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 251.565313][T11966] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 251.754593][ T57] Bluetooth: hci1: Frame reassembly failed (-84) [ 252.104141][T11966] bio_check_eod: 31164 callbacks suppressed [ 252.104161][T11966] syz.4.2873: attempt to access beyond end of device [ 252.104161][T11966] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 252.123555][T11966] syz.4.2873: attempt to access beyond end of device [ 252.123555][T11966] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 252.137202][T11966] syz.4.2873: attempt to access beyond end of device [ 252.137202][T11966] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 252.150645][T11966] syz.4.2873: attempt to access beyond end of device [ 252.150645][T11966] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 252.164111][T11966] syz.4.2873: attempt to access beyond end of device [ 252.164111][T11966] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 252.177499][T11966] syz.4.2873: attempt to access beyond end of device [ 252.177499][T11966] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 252.191050][T11966] syz.4.2873: attempt to access beyond end of device [ 252.191050][T11966] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 252.204526][T11966] syz.4.2873: attempt to access beyond end of device [ 252.204526][T11966] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 252.217930][T11966] syz.4.2873: attempt to access beyond end of device [ 252.217930][T11966] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 252.231389][T11966] syz.4.2873: attempt to access beyond end of device [ 252.231389][T11966] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 252.265138][T11993] loop2: detected capacity change from 0 to 32768 [ 252.324582][T11993] loop2: p1 p3 < p5 p6 > [ 252.329009][T11993] loop2: partition table partially beyond EOD, truncated [ 252.385713][T11997] loop4: detected capacity change from 0 to 512 [ 252.396160][T11997] ext4 filesystem being mounted at /583/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 252.462837][T11997] SELinux: failed to load policy [ 252.491323][T12005] loop4: detected capacity change from 0 to 128 [ 252.500148][T12005] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 252.508115][T12005] FAT-fs (loop4): Filesystem has been set read-only [ 252.514880][T12005] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 252.522815][T12005] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 252.966195][T12009] loop1: detected capacity change from 0 to 512 [ 252.993892][T12009] ext4 filesystem being mounted at /568/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 253.084235][ T6731] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 253.278596][T12016] loop1: detected capacity change from 0 to 8192 [ 253.427758][ T57] Bluetooth: hci0: Frame reassembly failed (-84) [ 253.794340][ T6731] Bluetooth: hci1: command 0x1003 tx timeout [ 253.794585][ T5016] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 254.154995][T12029] SELinux: failed to load policy [ 254.233359][ T29] kauditd_printk_skb: 165 callbacks suppressed [ 254.233377][ T29] audit: type=1326 audit(1760486182.695:8350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12034 comm="syz.1.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d15f5eec9 code=0x7ffc0000 [ 254.264393][T12032] loop5: detected capacity change from 0 to 32768 [ 254.271119][ T29] audit: type=1326 audit(1760486182.725:8351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12034 comm="syz.1.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d15f5eec9 code=0x7ffc0000 [ 254.285646][T12035] loop1: detected capacity change from 0 to 2048 [ 254.294881][ T29] audit: type=1326 audit(1760486182.735:8352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12034 comm="syz.1.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d15f5eec9 code=0x7ffc0000 [ 254.325218][ T29] audit: type=1326 audit(1760486182.735:8353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12034 comm="syz.1.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d15f5eec9 code=0x7ffc0000 [ 254.348780][ T29] audit: type=1326 audit(1760486182.735:8354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12034 comm="syz.1.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d15f5eec9 code=0x7ffc0000 [ 254.372444][ T29] audit: type=1326 audit(1760486182.735:8355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12034 comm="syz.1.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d15f5eec9 code=0x7ffc0000 [ 254.396021][ T29] audit: type=1326 audit(1760486182.735:8356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12034 comm="syz.1.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d15f5eec9 code=0x7ffc0000 [ 254.400012][T12041] netlink: 'syz.0.2898': attribute type 1 has an invalid length. [ 254.423969][ T29] audit: type=1326 audit(1760486182.735:8357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12034 comm="syz.1.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f9d15f5eec9 code=0x7ffc0000 [ 254.427673][T12041] __nla_validate_parse: 6 callbacks suppressed [ 254.427691][T12041] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2898'. [ 254.451225][ T29] audit: type=1326 audit(1760486182.735:8358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12034 comm="syz.1.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d15f5eec9 code=0x7ffc0000 [ 254.459076][ T4346] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 254.466642][ T29] audit: type=1326 audit(1760486182.735:8359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12034 comm="syz.1.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9d15f5eec9 code=0x7ffc0000 [ 254.499991][T12035] EXT4-fs mount: 19 callbacks suppressed [ 254.500035][T12035] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.534741][T12032] loop5: p1 p3 < p5 p6 > [ 254.542550][T12032] loop5: partition table partially beyond EOD, truncated [ 254.660612][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.890437][T12057] SELinux: failed to load policy [ 255.146759][T12066] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2906'. [ 255.219872][T12066] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2906'. [ 255.299391][T12068] SELinux: failed to load policy [ 255.309557][T12070] loop5: detected capacity change from 0 to 512 [ 255.341075][T12070] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 255.354185][T12070] ext4 filesystem being mounted at /313/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 255.381558][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.406202][T12076] netlink: 'syz.5.2910': attribute type 1 has an invalid length. [ 255.414009][T12076] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2910'. [ 255.554147][ T3685] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 255.560494][ T5016] Bluetooth: hci0: command 0x1003 tx timeout [ 256.019687][T12081] loop5: detected capacity change from 0 to 32768 [ 256.074628][T12081] loop5: p1 p3 < p5 p6 > [ 256.079030][T12081] loop5: partition table partially beyond EOD, truncated [ 256.145843][T12098] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 256.155606][T12098] SELinux: failed to load policy [ 256.201770][ T31] Bluetooth: hci0: Frame reassembly failed (-84) [ 256.217769][T12105] netlink: 'syz.0.2921': attribute type 1 has an invalid length. [ 256.225599][T12105] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2921'. [ 256.429104][T12112] loop4: detected capacity change from 0 to 8192 [ 257.014775][T12122] loop1: detected capacity change from 0 to 512 [ 257.054910][T12122] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 257.084721][T12122] ext4 filesystem being mounted at /577/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 257.097298][T12122] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #2: comm syz.1.2926: corrupted inode contents [ 257.111033][T12122] EXT4-fs error (device loop1): ext4_dirty_inode:6509: inode #2: comm syz.1.2926: mark_inode_dirty error [ 257.152869][T12122] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #2: comm syz.1.2926: corrupted inode contents [ 257.213134][T12122] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.2926: mark_inode_dirty error [ 257.256253][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.372014][T12139] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 257.398474][T12139] SELinux: failed to load policy [ 257.438586][T12145] veth28: entered promiscuous mode [ 257.444028][T12145] veth28: entered allmulticast mode [ 257.467078][T12145] lo speed is unknown, defaulting to 1000 [ 257.961447][T12159] veth32: entered promiscuous mode [ 257.966936][T12159] veth32: entered allmulticast mode [ 257.998046][T12159] lo speed is unknown, defaulting to 1000 [ 258.006582][T12161] loop1: detected capacity change from 0 to 128 [ 258.015731][T12161] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 258.023621][T12161] FAT-fs (loop1): Filesystem has been set read-only [ 258.030796][T12161] bio_check_eod: 33924 callbacks suppressed [ 258.030814][T12161] syz.1.2938: attempt to access beyond end of device [ 258.030814][T12161] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 258.050789][T12161] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 258.058685][T12161] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 258.067001][T12161] syz.1.2938: attempt to access beyond end of device [ 258.067001][T12161] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 258.080900][T12161] syz.1.2938: attempt to access beyond end of device [ 258.080900][T12161] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 258.094585][T12161] syz.1.2938: attempt to access beyond end of device [ 258.094585][T12161] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 258.108274][T12161] syz.1.2938: attempt to access beyond end of device [ 258.108274][T12161] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 258.121872][T12161] syz.1.2938: attempt to access beyond end of device [ 258.121872][T12161] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 258.135399][T12161] syz.1.2938: attempt to access beyond end of device [ 258.135399][T12161] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 258.149648][T12161] syz.1.2938: attempt to access beyond end of device [ 258.149648][T12161] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 258.151577][T12164] loop5: detected capacity change from 0 to 512 [ 258.163362][T12161] syz.1.2938: attempt to access beyond end of device [ 258.163362][T12161] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 258.183084][T12161] syz.1.2938: attempt to access beyond end of device [ 258.183084][T12161] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 258.185923][T12164] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.215407][T12164] ext4 filesystem being mounted at /323/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 258.238404][T12164] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.2939: corrupted inode contents [ 258.250615][T12164] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #2: comm syz.5.2939: mark_inode_dirty error [ 258.294275][ T3685] Bluetooth: hci0: command 0x1003 tx timeout [ 258.300445][ T5016] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 258.313865][T12164] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.2939: corrupted inode contents [ 258.326872][T12164] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.2939: mark_inode_dirty error [ 258.343259][T12170] netlink: 'syz.4.2941': attribute type 1 has an invalid length. [ 258.351054][T12170] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2941'. [ 258.370230][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.422582][T12172] loop5: detected capacity change from 0 to 512 [ 258.448986][T12172] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.461959][T12172] ext4 filesystem being mounted at /324/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 258.474988][T12172] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.2942: corrupted inode contents [ 258.487651][T12172] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #2: comm syz.5.2942: mark_inode_dirty error [ 258.499386][T12172] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.2942: corrupted inode contents [ 258.511605][T12172] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.2942: mark_inode_dirty error [ 258.547206][T12178] SELinux: failed to load policy [ 258.566017][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.771622][T12192] veth2: entered promiscuous mode [ 258.776886][T12192] veth2: entered allmulticast mode [ 258.815713][T12192] lo speed is unknown, defaulting to 1000 [ 258.920953][ T3449] Bluetooth: hci0: Frame reassembly failed (-84) [ 259.240505][ T29] kauditd_printk_skb: 198 callbacks suppressed [ 259.240589][ T29] audit: type=1326 audit(1760486187.585:8558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12199 comm="syz.0.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b0a7eec9 code=0x7ffc0000 [ 259.270892][ T29] audit: type=1326 audit(1760486187.585:8559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12199 comm="syz.0.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b0a7eec9 code=0x7ffc0000 [ 259.294698][ T29] audit: type=1326 audit(1760486187.585:8560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12199 comm="syz.0.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22b0a7eec9 code=0x7ffc0000 [ 259.318453][ T29] audit: type=1326 audit(1760486187.585:8561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12199 comm="syz.0.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b0a7eec9 code=0x7ffc0000 [ 259.342053][ T29] audit: type=1326 audit(1760486187.585:8562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12199 comm="syz.0.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b0a7eec9 code=0x7ffc0000 [ 259.365626][ T29] audit: type=1326 audit(1760486187.585:8563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12199 comm="syz.0.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22b0a7eec9 code=0x7ffc0000 [ 259.389294][ T29] audit: type=1326 audit(1760486187.585:8564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12199 comm="syz.0.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b0a7eec9 code=0x7ffc0000 [ 259.412940][ T29] audit: type=1326 audit(1760486187.585:8565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12199 comm="syz.0.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b0a7eec9 code=0x7ffc0000 [ 259.436612][ T29] audit: type=1326 audit(1760486187.585:8566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12199 comm="syz.0.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f22b0a7eec9 code=0x7ffc0000 [ 259.460170][ T29] audit: type=1326 audit(1760486187.595:8567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12199 comm="syz.0.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b0a7eec9 code=0x7ffc0000 [ 259.555710][T12208] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2955'. [ 259.565293][T12208] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2955'. [ 259.675309][T12214] loop4: detected capacity change from 0 to 512 [ 259.686094][T12214] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 259.699854][T12214] ext4 filesystem being mounted at /596/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 259.712047][T12214] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #2: comm syz.4.2957: corrupted inode contents [ 259.724962][T12214] EXT4-fs error (device loop4): ext4_dirty_inode:6509: inode #2: comm syz.4.2957: mark_inode_dirty error [ 259.737258][T12214] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #2: comm syz.4.2957: corrupted inode contents [ 259.749574][T12214] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.2957: mark_inode_dirty error [ 259.774055][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.797440][T12219] SELinux: policydb magic number 0x80 does not match expected magic number 0xf97cff8c [ 259.808108][T12219] SELinux: failed to load policy [ 260.046466][T12225] SELinux: policydb magic number 0x80 does not match expected magic number 0xf97cff8c [ 260.056485][T12225] SELinux: failed to load policy [ 260.130611][T12235] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.169099][T12235] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.228245][T12235] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.288882][T12235] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.351982][ T2623] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.368306][ T2623] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.385477][ T2623] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.405069][ T2623] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.486302][T12239] loop1: detected capacity change from 0 to 8192 [ 260.517045][T12242] netlink: 'syz.5.2966': attribute type 1 has an invalid length. [ 260.524886][T12242] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2966'. [ 260.965735][T12255] lo speed is unknown, defaulting to 1000 [ 260.994170][ T3685] Bluetooth: hci0: command 0x1003 tx timeout [ 261.000372][ T5016] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 261.279487][T12267] SELinux: policydb magic number 0x80 does not match expected magic number 0xf97cff8c [ 261.291612][T12257] lo speed is unknown, defaulting to 1000 [ 261.298032][T12267] SELinux: failed to load policy [ 261.457586][T12257] chnl_net:caif_netlink_parms(): no params data found [ 261.479653][T12273] SELinux: failed to load policy [ 261.503834][T12257] bridge0: port 1(bridge_slave_0) entered blocking state [ 261.511097][T12257] bridge0: port 1(bridge_slave_0) entered disabled state [ 261.518453][T12257] bridge_slave_0: entered allmulticast mode [ 261.524970][T12257] bridge_slave_0: entered promiscuous mode [ 261.532103][T12257] bridge0: port 2(bridge_slave_1) entered blocking state [ 261.539266][T12257] bridge0: port 2(bridge_slave_1) entered disabled state [ 261.563574][T12257] bridge_slave_1: entered allmulticast mode [ 261.570890][T12257] bridge_slave_1: entered promiscuous mode [ 261.596903][ T31] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.610248][T12257] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 261.623664][T12257] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 261.646845][ T31] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.658922][T12257] team0: Port device team_slave_0 added [ 261.666574][T12257] team0: Port device team_slave_1 added [ 261.685127][T12257] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 261.692180][T12257] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 261.718648][T12257] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 261.734666][T12257] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 261.741708][T12257] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 261.767872][T12257] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 261.780807][ T31] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.813222][T12257] hsr_slave_0: entered promiscuous mode [ 261.819876][T12257] hsr_slave_1: entered promiscuous mode [ 261.827068][T12257] debugfs: 'hsr0' already exists in 'hsr' [ 261.833100][T12257] Cannot create hsr debugfs directory [ 261.840969][ T31] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.920691][T12294] loop1: detected capacity change from 0 to 512 [ 261.936380][T12294] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 261.950072][T12294] ext4 filesystem being mounted at /587/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 261.964019][T12294] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #2: comm syz.1.2981: corrupted inode contents [ 261.976658][T12294] EXT4-fs error (device loop1): ext4_dirty_inode:6509: inode #2: comm syz.1.2981: mark_inode_dirty error [ 261.988486][T12294] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #2: comm syz.1.2981: corrupted inode contents [ 262.001448][T12294] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.2981: mark_inode_dirty error [ 262.037459][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.059056][ T31] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 262.070051][ T31] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 262.080862][ T31] bond0 (unregistering): Released all slaves [ 262.096769][T12299] loop2: detected capacity change from 0 to 512 [ 262.107727][T12299] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 262.116677][T12299] EXT4-fs error (device loop2): ext4_get_branch:178: inode #13: block 1024: comm syz.2.2983: invalid block [ 262.131035][T12299] EXT4-fs (loop2): Remounting filesystem read-only [ 262.137973][T12299] EXT4-fs (loop2): 1 truncate cleaned up [ 262.144430][T12299] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 262.157201][ T31] hsr_slave_0: left promiscuous mode [ 262.166302][ T31] hsr_slave_1: left promiscuous mode [ 262.172183][ T31] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 262.179714][ T31] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 262.187910][ T31] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 262.195467][ T31] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 262.208673][ T31] veth1_macvtap: left promiscuous mode [ 262.214619][ T31] veth0_macvtap: left promiscuous mode [ 262.220507][ T31] veth1_vlan: left promiscuous mode [ 262.226297][ T31] veth0_vlan: left promiscuous mode [ 262.292090][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.373942][ T31] pim6reg (unregistering): left allmulticast mode [ 262.404198][T12315] netlink: 'syz.2.2988': attribute type 1 has an invalid length. [ 262.412042][T12315] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2988'. [ 262.461582][ T31] team0 (unregistering): Port device team_slave_1 removed [ 262.475506][T12312] SELinux: failed to load policy [ 262.484525][ T3449] Bluetooth: hci0: Frame reassembly failed (-84) [ 262.491990][ T31] team0 (unregistering): Port device team_slave_0 removed [ 262.503795][T12320] loop1: detected capacity change from 0 to 128 [ 262.512507][T12320] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 262.520416][T12320] FAT-fs (loop1): Filesystem has been set read-only [ 262.531878][T12320] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 262.539871][T12320] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 262.656993][T12326] loop5: detected capacity change from 0 to 512 [ 262.676590][T12326] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 262.690188][T12326] ext4 filesystem being mounted at /340/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 262.729589][T12326] SELinux: policydb magic number 0x75636573 does not match expected magic number 0xf97cff8c [ 262.740272][T12326] SELinux: failed to load policy [ 262.759345][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.782512][T12330] loop5: detected capacity change from 0 to 512 [ 262.797680][T12330] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 262.808180][T12257] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 262.817204][T12330] ext4 filesystem being mounted at /341/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 262.831303][T12257] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 262.840834][T12257] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 262.850039][T12257] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 262.860554][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.940852][T12257] 8021q: adding VLAN 0 to HW filter on device bond0 [ 262.965882][T12257] 8021q: adding VLAN 0 to HW filter on device team0 [ 262.986122][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 262.993325][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 263.017791][ T3449] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.025082][ T3449] bridge0: port 2(bridge_slave_1) entered forwarding state [ 263.034158][T12320] bio_check_eod: 25233 callbacks suppressed [ 263.034191][T12320] syz.1.2990: attempt to access beyond end of device [ 263.034191][T12320] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 263.054555][T12320] syz.1.2990: attempt to access beyond end of device [ 263.054555][T12320] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 263.068533][T12320] syz.1.2990: attempt to access beyond end of device [ 263.068533][T12320] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 263.082225][T12320] syz.1.2990: attempt to access beyond end of device [ 263.082225][T12320] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 263.096514][T12320] syz.1.2990: attempt to access beyond end of device [ 263.096514][T12320] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 263.112707][T12320] syz.1.2990: attempt to access beyond end of device [ 263.112707][T12320] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 263.133255][T12320] syz.1.2990: attempt to access beyond end of device [ 263.133255][T12320] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 263.157355][T12320] syz.1.2990: attempt to access beyond end of device [ 263.157355][T12320] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 263.171077][T12320] syz.1.2990: attempt to access beyond end of device [ 263.171077][T12320] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 263.184853][T12320] syz.1.2990: attempt to access beyond end of device [ 263.184853][T12320] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 263.197417][T12257] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 263.530259][T12257] veth0_vlan: entered promiscuous mode [ 263.546444][T12257] veth1_vlan: entered promiscuous mode [ 263.562019][T12257] veth0_macvtap: entered promiscuous mode [ 263.569644][T12257] veth1_macvtap: entered promiscuous mode [ 263.582383][T12257] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 263.592108][T12257] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 263.612910][ T57] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.622358][ T57] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.632280][ T57] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.643038][ T57] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.833946][ T57] Bluetooth: hci1: Frame reassembly failed (-84) [ 263.881677][T12378] loop1: detected capacity change from 0 to 8192 [ 264.514128][ T4346] Bluetooth: hci0: command 0x1003 tx timeout [ 264.514154][ T5016] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 264.917344][T12404] SELinux: failed to load policy [ 264.922978][T12410] SELinux: policydb magic number 0x75636573 does not match expected magic number 0xf97cff8c [ 264.934095][T12410] SELinux: failed to load policy [ 265.073062][T12422] loop2: detected capacity change from 0 to 512 [ 265.086602][T12422] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 265.099857][T12422] ext4 filesystem being mounted at /544/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 265.115950][T12422] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.3016: corrupted inode contents [ 265.128493][T12422] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #2: comm syz.2.3016: mark_inode_dirty error [ 265.140204][T12422] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.3016: corrupted inode contents [ 265.152706][T12422] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.3016: mark_inode_dirty error [ 265.182623][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.255173][T12429] loop2: detected capacity change from 0 to 8192 [ 265.491338][T12437] SELinux: failed to load policy [ 265.599163][ T29] kauditd_printk_skb: 43 callbacks suppressed [ 265.599183][ T29] audit: type=1326 audit(1760486194.065:8611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12448 comm="syz.4.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc22dafeec9 code=0x7ffc0000 [ 265.629157][ T29] audit: type=1326 audit(1760486194.065:8612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12448 comm="syz.4.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc22dafeec9 code=0x7ffc0000 [ 265.664256][ T29] audit: type=1326 audit(1760486194.135:8613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12448 comm="syz.4.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc22dafeec9 code=0x7ffc0000 [ 265.699381][T12449] loop4: detected capacity change from 0 to 2048 [ 265.707128][ T29] audit: type=1326 audit(1760486194.135:8614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12448 comm="syz.4.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc22dafeec9 code=0x7ffc0000 [ 265.731070][ T29] audit: type=1326 audit(1760486194.135:8615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12448 comm="syz.4.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc22dafeec9 code=0x7ffc0000 [ 265.754752][ T29] audit: type=1326 audit(1760486194.155:8616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12448 comm="syz.4.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc22dafeec9 code=0x7ffc0000 [ 265.778594][ T29] audit: type=1326 audit(1760486194.155:8617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12448 comm="syz.4.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc22dafeec9 code=0x7ffc0000 [ 265.802275][ T29] audit: type=1326 audit(1760486194.155:8618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12448 comm="syz.4.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc22dafeec9 code=0x7ffc0000 [ 265.826203][ T29] audit: type=1326 audit(1760486194.155:8619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12448 comm="syz.4.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7fc22dafeec9 code=0x7ffc0000 [ 265.849944][ T29] audit: type=1326 audit(1760486194.155:8620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12448 comm="syz.4.3026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc22dafeec9 code=0x7ffc0000 [ 265.874286][ T3685] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 265.891547][T12449] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 265.981477][T12257] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.114865][T12461] loop4: detected capacity change from 0 to 8192 [ 266.223888][T12467] SELinux: failed to load policy [ 266.491387][T12474] loop2: detected capacity change from 0 to 32768 [ 266.557879][T12474] loop2: p1 p3 < p5 p6 > [ 266.562438][T12474] loop2: partition table partially beyond EOD, truncated [ 266.861195][T12489] lo speed is unknown, defaulting to 1000 [ 267.047939][T12508] SELinux: failed to load policy [ 267.064067][T12489] chnl_net:caif_netlink_parms(): no params data found [ 267.116083][T12515] netlink: 256 bytes leftover after parsing attributes in process `syz.4.3046'. [ 267.125348][T12515] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3046'. [ 267.187457][T12489] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.194749][T12489] bridge0: port 1(bridge_slave_0) entered disabled state [ 267.222429][T12489] bridge_slave_0: entered allmulticast mode [ 267.235124][T12489] bridge_slave_0: entered promiscuous mode [ 267.249830][T12489] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.256968][T12489] bridge0: port 2(bridge_slave_1) entered disabled state [ 267.264663][ T52] Bluetooth: hci0: Frame reassembly failed (-84) [ 267.284067][T12489] bridge_slave_1: entered allmulticast mode [ 267.291676][T12489] bridge_slave_1: entered promiscuous mode [ 267.402005][T12489] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 267.443905][T12489] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 267.543144][T12489] team0: Port device team_slave_0 added [ 267.566142][T12489] team0: Port device team_slave_1 added [ 267.602257][ T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 267.630218][ T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 267.656564][ T57] bond0 (unregistering): Released all slaves [ 267.718584][T12489] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 267.725836][T12489] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 267.751925][T12489] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 267.764583][ T57] tipc: Disabling bearer [ 267.769662][ T57] tipc: Left network mode [ 267.775843][T12489] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 267.782817][T12489] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 267.809159][T12489] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 267.826061][ T57] hsr_slave_0: left promiscuous mode [ 267.831793][ T57] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 267.844397][ T57] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 267.886707][ T57] pim6reg (unregistering): left allmulticast mode [ 267.921070][ T57] team0 (unregistering): Port device team_slave_1 removed [ 267.932441][ T57] team0 (unregistering): Port device team_slave_0 removed [ 267.997590][T12489] hsr_slave_0: entered promiscuous mode [ 268.005508][T12531] loop5: detected capacity change from 0 to 32768 [ 268.012276][T12489] hsr_slave_1: entered promiscuous mode [ 268.018556][T12489] debugfs: 'hsr0' already exists in 'hsr' [ 268.024560][T12489] Cannot create hsr debugfs directory [ 268.059620][T12531] loop5: p1 p3 < p5 p6 > [ 268.064039][T12531] loop5: partition table partially beyond EOD, truncated [ 268.157688][T12547] loop5: detected capacity change from 0 to 164 [ 268.164944][T12547] ISOFS: unable to read i-node block [ 268.170371][T12547] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 268.266394][T12552] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3058'. [ 268.276088][T12552] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3058'. [ 268.310876][T12555] netlink: 'syz.5.3056': attribute type 1 has an invalid length. [ 268.342363][T12555] 8021q: adding VLAN 0 to HW filter on device bond1 [ 268.362611][T12547] macvlan1: entered promiscuous mode [ 268.380977][T12547] ipvlan0: entered promiscuous mode [ 268.387864][T12547] ipvlan0: left promiscuous mode [ 268.405749][T12547] macvlan1: left promiscuous mode [ 268.447747][T12489] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 268.464880][T12489] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 268.475852][T12489] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 268.476170][T12547] FAULT_INJECTION: forcing a failure. [ 268.476170][T12547] name failslab, interval 1, probability 0, space 0, times 0 [ 268.495495][T12547] CPU: 0 UID: 0 PID: 12547 Comm: syz.5.3056 Not tainted syzkaller #0 PREEMPT(voluntary) [ 268.495563][T12547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 268.495582][T12547] Call Trace: [ 268.495589][T12547] [ 268.495596][T12547] __dump_stack+0x1d/0x30 [ 268.495618][T12547] dump_stack_lvl+0xe8/0x140 [ 268.495642][T12547] dump_stack+0x15/0x1b [ 268.495697][T12547] should_fail_ex+0x265/0x280 [ 268.495732][T12547] ? resv_map_alloc+0x32/0x190 [ 268.495792][T12547] should_failslab+0x8c/0xb0 [ 268.495828][T12547] __kmalloc_cache_noprof+0x4c/0x4a0 [ 268.495867][T12547] ? vfs_write+0x7e8/0x960 [ 268.495891][T12547] resv_map_alloc+0x32/0x190 [ 268.496023][T12547] hugetlbfs_get_inode+0x67/0x370 [ 268.496081][T12547] hugetlb_file_setup+0x192/0x3d0 [ 268.496113][T12547] ksys_mmap_pgoff+0x157/0x310 [ 268.496150][T12547] x64_sys_call+0x14a3/0x3000 [ 268.496187][T12547] do_syscall_64+0xd2/0x200 [ 268.496310][T12547] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 268.496343][T12547] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 268.496374][T12547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.496402][T12547] RIP: 0033:0x7ffa0992eec9 [ 268.496420][T12547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.496503][T12547] RSP: 002b:00007ffa0838f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 268.496524][T12547] RAX: ffffffffffffffda RBX: 00007ffa09b85fa0 RCX: 00007ffa0992eec9 [ 268.496537][T12547] RDX: 0000000000000002 RSI: 0000000000ff5000 RDI: 0000200000000000 [ 268.496587][T12547] RBP: 00007ffa0838f090 R08: ffffffffffffffff R09: 0000000000000000 [ 268.496605][T12547] R10: 000000000004c831 R11: 0000000000000246 R12: 0000000000000001 [ 268.496621][T12547] R13: 00007ffa09b86038 R14: 00007ffa09b85fa0 R15: 00007ffca5dd8338 [ 268.496698][T12547] [ 268.500073][T12558] SELinux: failed to load policy [ 268.697012][T12489] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 268.728497][T12568] loop5: detected capacity change from 0 to 164 [ 268.735092][T12568] iso9660: Unknown parameter '00000000000000000000000' [ 268.800769][T12489] 8021q: adding VLAN 0 to HW filter on device bond0 [ 268.830394][T12489] 8021q: adding VLAN 0 to HW filter on device team0 [ 268.848608][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 268.855822][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 268.867437][ T3449] bridge0: port 2(bridge_slave_1) entered blocking state [ 268.874557][ T3449] bridge0: port 2(bridge_slave_1) entered forwarding state [ 269.032105][T12489] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 269.045174][T12580] loop2: detected capacity change from 0 to 32768 [ 269.105856][T12580] loop2: p1 p3 < p5 p6 > [ 269.110235][T12580] loop2: partition table partially beyond EOD, truncated [ 269.137289][T12489] veth0_vlan: entered promiscuous mode [ 269.146281][T12489] veth1_vlan: entered promiscuous mode [ 269.163262][T12489] veth0_macvtap: entered promiscuous mode [ 269.171899][T12489] veth1_macvtap: entered promiscuous mode [ 269.183848][T12489] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 269.197394][T12489] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 269.209135][ T31] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.221378][ T31] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.232280][ T31] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.245451][ T31] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.255955][T12603] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3069'. [ 269.265328][T12603] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3069'. [ 269.314215][ T3685] Bluetooth: hci0: command 0x1003 tx timeout [ 269.320417][ T5016] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 269.362176][T12606] SELinux: failed to load policy [ 269.395558][T12608] loop2: detected capacity change from 0 to 512 [ 269.413154][T12612] C: renamed from team_slave_0 (while UP) [ 269.421126][T12612] netlink: 'syz.1.3072': attribute type 3 has an invalid length. [ 269.428386][T12608] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 269.428946][T12612] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3072'. [ 269.445536][T12608] ext4 filesystem being mounted at /561/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 269.525702][T12620] netlink: 'syz.0.3074': attribute type 1 has an invalid length. [ 269.533541][T12620] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3074'. [ 269.541515][T12608] SELinux: failed to load policy [ 269.550960][T12617] SELinux: policydb magic number 0x80 does not match expected magic number 0xf97cff8c [ 269.571570][T12617] SELinux: failed to load policy [ 269.590422][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 269.952045][T12657] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3088'. [ 270.003791][T12661] loop1: detected capacity change from 0 to 128 [ 270.012164][T12661] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 270.020129][T12661] FAT-fs (loop1): Filesystem has been set read-only [ 270.027511][T12661] bio_check_eod: 4683 callbacks suppressed [ 270.027527][T12661] syz.1.3089: attempt to access beyond end of device [ 270.027527][T12661] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 270.051400][T12661] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 270.059407][T12661] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 270.074770][T12661] syz.1.3089: attempt to access beyond end of device [ 270.074770][T12661] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 270.088584][T12661] syz.1.3089: attempt to access beyond end of device [ 270.088584][T12661] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 270.102048][T12661] syz.1.3089: attempt to access beyond end of device [ 270.102048][T12661] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 270.102104][T12661] syz.1.3089: attempt to access beyond end of device [ 270.102104][T12661] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 270.102153][T12661] syz.1.3089: attempt to access beyond end of device [ 270.102153][T12661] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 270.102228][T12661] syz.1.3089: attempt to access beyond end of device [ 270.102228][T12661] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 270.102273][T12661] syz.1.3089: attempt to access beyond end of device [ 270.102273][T12661] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 270.102313][T12661] syz.1.3089: attempt to access beyond end of device [ 270.102313][T12661] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 270.102375][T12661] syz.1.3089: attempt to access beyond end of device [ 270.102375][T12661] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 270.241317][T12663] SELinux: failed to load policy [ 270.342093][T12670] loop5: detected capacity change from 0 to 512 [ 270.360273][T12670] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 270.373201][T12670] ext4 filesystem being mounted at /360/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 270.401805][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.529354][T12676] loop5: detected capacity change from 0 to 2048 [ 270.546387][T12676] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 270.609748][ T29] kauditd_printk_skb: 291 callbacks suppressed [ 270.609769][ T29] audit: type=1326 audit(1760486199.025:8912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12675 comm="syz.5.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ffa0992d710 code=0x7ffc0000 [ 270.639979][ T29] audit: type=1326 audit(1760486199.025:8913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12675 comm="syz.5.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7ffa0992dc17 code=0x7ffc0000 [ 270.663498][ T29] audit: type=1326 audit(1760486199.025:8914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12675 comm="syz.5.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ffa0992d710 code=0x7ffc0000 [ 270.687314][ T29] audit: type=1326 audit(1760486199.025:8915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12675 comm="syz.5.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 270.711108][ T29] audit: type=1326 audit(1760486199.025:8916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12675 comm="syz.5.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 270.734872][ T29] audit: type=1326 audit(1760486199.025:8917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12675 comm="syz.5.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 270.758542][ T29] audit: type=1326 audit(1760486199.025:8918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12675 comm="syz.5.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 270.782302][ T29] audit: type=1326 audit(1760486199.025:8919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12675 comm="syz.5.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 270.805923][ T29] audit: type=1326 audit(1760486199.025:8920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12675 comm="syz.5.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 270.829891][ T29] audit: type=1326 audit(1760486199.025:8921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12675 comm="syz.5.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0992eec9 code=0x7ffc0000 [ 270.908100][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.941439][T12695] netlink: 31 bytes leftover after parsing attributes in process `syz.5.3099'. [ 271.102596][T12705] SELinux: failed to load policy [ 271.163147][T12716] loop5: detected capacity change from 0 to 512 [ 271.195248][T12720] loop2: detected capacity change from 0 to 128 [ 271.206077][T12716] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 271.237172][T12716] ext4 filesystem being mounted at /366/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 271.250246][T12720] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 271.258235][T12720] FAT-fs (loop2): Filesystem has been set read-only [ 271.269618][T12724] loop1: detected capacity change from 0 to 512 [ 271.284377][T12720] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 271.292454][T12720] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 271.305122][T12716] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.3107: corrupted inode contents [ 271.325117][T12716] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #2: comm syz.5.3107: mark_inode_dirty error [ 271.325863][T12724] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 271.354907][T12716] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.3107: corrupted inode contents [ 271.377080][ T3449] Bluetooth: hci0: Frame reassembly failed (-84) [ 271.390784][T12716] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.3107: mark_inode_dirty error [ 271.425383][T12724] ext4 filesystem being mounted at /12/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 271.491839][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.511523][T12724] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #2: comm syz.1.3110: corrupted inode contents [ 271.548200][T12724] EXT4-fs error (device loop1): ext4_dirty_inode:6509: inode #2: comm syz.1.3110: mark_inode_dirty error [ 271.571947][T12724] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #2: comm syz.1.3110: corrupted inode contents [ 271.582138][T12736] loop5: detected capacity change from 0 to 128 [ 271.591235][T12724] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.3110: mark_inode_dirty error [ 271.619494][T12736] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 271.627459][T12736] FAT-fs (loop5): Filesystem has been set read-only [ 271.654124][T12736] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 271.662019][T12736] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 271.685405][T12489] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.695372][ T3449] Bluetooth: hci1: Frame reassembly failed (-84) [ 272.171180][T12751] SELinux: failed to load policy [ 272.256969][T12756] FAULT_INJECTION: forcing a failure. [ 272.256969][T12756] name failslab, interval 1, probability 0, space 0, times 0 [ 272.269858][T12756] CPU: 0 UID: 0 PID: 12756 Comm: syz.2.3120 Not tainted syzkaller #0 PREEMPT(voluntary) [ 272.269885][T12756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 272.269897][T12756] Call Trace: [ 272.269904][T12756] [ 272.269961][T12756] __dump_stack+0x1d/0x30 [ 272.269986][T12756] dump_stack_lvl+0xe8/0x140 [ 272.270005][T12756] dump_stack+0x15/0x1b [ 272.270022][T12756] should_fail_ex+0x265/0x280 [ 272.270097][T12756] should_failslab+0x8c/0xb0 [ 272.270126][T12756] kmem_cache_alloc_noprof+0x50/0x480 [ 272.270188][T12756] ? audit_log_start+0x342/0x720 [ 272.270216][T12756] audit_log_start+0x342/0x720 [ 272.270241][T12756] ? kstrtouint+0x76/0xc0 [ 272.270283][T12756] audit_seccomp+0x48/0x100 [ 272.270325][T12756] ? __seccomp_filter+0x82d/0x1250 [ 272.270390][T12756] __seccomp_filter+0x83e/0x1250 [ 272.270422][T12756] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 272.270462][T12756] ? vfs_write+0x7e8/0x960 [ 272.270548][T12756] __secure_computing+0x82/0x150 [ 272.270577][T12756] syscall_trace_enter+0xcf/0x1e0 [ 272.270616][T12756] do_syscall_64+0xac/0x200 [ 272.270803][T12756] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 272.270912][T12756] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 272.270937][T12756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.270972][T12756] RIP: 0033:0x7f2ac896eec9 [ 272.270993][T12756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.271074][T12756] RSP: 002b:00007f2ac73d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f1 [ 272.271100][T12756] RAX: ffffffffffffffda RBX: 00007f2ac8bc5fa0 RCX: 00007f2ac896eec9 [ 272.271117][T12756] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 272.271134][T12756] RBP: 00007f2ac73d7090 R08: 0000000000000000 R09: 0000000000000000 [ 272.271155][T12756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 272.271173][T12756] R13: 00007f2ac8bc6038 R14: 00007f2ac8bc5fa0 R15: 00007ffce450f248 [ 272.271211][T12756] [ 272.515127][T12758] netlink: 272 bytes leftover after parsing attributes in process `syz.2.3121'. [ 272.707974][T12764] loop2: detected capacity change from 0 to 512 [ 272.737547][T12764] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 272.759435][T12764] ext4 filesystem being mounted at /574/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 272.771868][T12764] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.3124: corrupted inode contents [ 272.784043][T12764] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #2: comm syz.2.3124: mark_inode_dirty error [ 272.795911][T12764] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.3124: corrupted inode contents [ 272.814405][T12764] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.3124: mark_inode_dirty error [ 272.842979][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.879086][T12771] loop2: detected capacity change from 0 to 2048 [ 272.901826][T12771] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 272.984523][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.010706][T12780] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.038192][T12778] loop1: detected capacity change from 0 to 8192 [ 273.046692][T12780] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.096357][T12780] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.158738][T12780] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.251341][ T2623] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.271370][ T2623] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.280394][ T2623] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.291992][ T2623] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.385533][T12801] loop1: detected capacity change from 0 to 128 [ 273.394261][ T4346] Bluetooth: hci0: command 0x1003 tx timeout [ 273.394287][ T5016] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 273.399659][T12801] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 273.414614][T12801] FAT-fs (loop1): Filesystem has been set read-only [ 273.421291][T12801] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 273.429156][T12801] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 273.714365][ T5016] Bluetooth: hci1: command 0x1003 tx timeout [ 273.720723][ T3685] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 274.257148][T12809] loop5: detected capacity change from 0 to 2048 [ 274.286275][T12809] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.301781][T12813] usb usb8: usbfs: process 12813 (syz.4.3141) did not claim interface 0 before use [ 274.380005][T12813] SELinux: failed to load policy [ 274.398933][ T7364] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.425871][T12820] loop1: detected capacity change from 0 to 8192 [ 274.462647][ T3449] Bluetooth: hci0: Frame reassembly failed (-84) [ 274.479928][T12825] loop4: detected capacity change from 0 to 512 [ 274.500163][T12825] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.513797][T12825] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 274.535516][T12825] SELinux: policydb magic number 0x75636573 does not match expected magic number 0xf97cff8c [ 274.549993][T12825] SELinux: failed to load policy [ 274.561681][T12827] loop1: detected capacity change from 0 to 8192 [ 274.569529][T12257] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.589434][T12838] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3149'. [ 274.603496][T12839] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3148'. [ 275.391702][T12857] loop1: detected capacity change from 0 to 8192 [ 275.991386][T12880] usb usb8: usbfs: process 12880 (syz.1.3163) did not claim interface 0 before use [ 276.002746][T12880] SELinux: policydb magic number 0x40 does not match expected magic number 0xf97cff8c [ 276.012779][T12880] SELinux: failed to load policy [ 276.022834][ T29] kauditd_printk_skb: 315 callbacks suppressed [ 276.022852][ T29] audit: type=1326 audit(1760486204.485:9235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12879 comm="syz.1.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f582945af79 code=0x7ffc0000 [ 276.053174][ T29] audit: type=1326 audit(1760486204.515:9236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12879 comm="syz.1.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58294beec9 code=0x7ffc0000 [ 276.076860][ T29] audit: type=1326 audit(1760486204.515:9237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12879 comm="syz.1.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58294beec9 code=0x7ffc0000 [ 276.100439][ T29] audit: type=1326 audit(1760486204.515:9238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12879 comm="syz.1.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7f58294beec9 code=0x7ffc0000 [ 276.124382][ T29] audit: type=1326 audit(1760486204.515:9239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12879 comm="syz.1.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58294beec9 code=0x7ffc0000 [ 276.147988][ T29] audit: type=1326 audit(1760486204.515:9240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12879 comm="syz.1.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58294beec9 code=0x7ffc0000 [ 276.172813][ T29] audit: type=1326 audit(1760486204.515:9241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12879 comm="syz.1.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f58294beec9 code=0x7ffc0000 [ 276.196486][ T29] audit: type=1326 audit(1760486204.515:9242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12879 comm="syz.1.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58294beec9 code=0x7ffc0000 [ 276.220185][ T29] audit: type=1326 audit(1760486204.515:9243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12879 comm="syz.1.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58294beec9 code=0x7ffc0000 [ 276.243785][ T29] audit: type=1326 audit(1760486204.515:9244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12879 comm="syz.1.3163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f58294beec9 code=0x7ffc0000 [ 276.339351][T12893] loop4: detected capacity change from 0 to 8192 [ 276.360650][T12890] loop2: detected capacity change from 0 to 8192 [ 276.438227][ T52] Bluetooth: hci1: Frame reassembly failed (-84) [ 276.514141][ T3685] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 277.457543][T12933] netlink: 'syz.1.3182': attribute type 1 has an invalid length. [ 277.465513][T12933] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3182'. [ 277.536656][T12937] netlink: 'syz.0.3181': attribute type 1 has an invalid length. [ 277.544573][T12937] netlink: 5452 bytes leftover after parsing attributes in process `syz.0.3181'. [ 277.618807][T12942] netlink: 'syz.1.3185': attribute type 1 has an invalid length. [ 277.626946][T12942] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3185'. [ 277.657842][T12944] loop1: detected capacity change from 0 to 512 [ 277.676666][T12944] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 277.689765][T12944] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 277.702666][T12944] SELinux: policydb magic number 0x75636573 does not match expected magic number 0xf97cff8c [ 277.719651][T12944] SELinux: failed to load policy [ 277.739915][T12489] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.099592][ T3449] Bluetooth: hci0: Frame reassembly failed (-84) [ 278.260244][T12962] loop1: detected capacity change from 0 to 8192 [ 278.358524][T12972] netlink: 'syz.1.3196': attribute type 1 has an invalid length. [ 278.366814][T12972] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3196'. [ 278.405198][T12976] loop1: detected capacity change from 0 to 512 [ 278.416288][T12976] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 278.429181][T12976] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 278.441532][T12976] SELinux: policydb magic number 0x75636573 does not match expected magic number 0xf97cff8c [ 278.452881][T12976] SELinux: failed to load policy [ 278.469514][T12489] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.514132][ T3685] Bluetooth: hci1: command 0x1003 tx timeout [ 278.514132][ T5016] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 278.606053][T13004] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 278.614812][T13004] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 279.006394][T13025] netlink: 'syz.2.3219': attribute type 13 has an invalid length. [ 279.134235][T13025] batman_adv: batadv0: Interface deactivated: dummy0 [ 279.192869][T13025] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 279.209739][T13025] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 279.278772][ T52] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.298493][ T52] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.316373][ T52] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.328096][ T52] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.470980][T13065] IPv6: NLM_F_CREATE should be specified when creating new route [ 279.562457][T13079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 279.587574][T13079] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 279.606308][T13082] 9pnet_fd: Insufficient options for proto=fd [ 279.619822][T13084] sg_write: process 85 (syz.4.3235) changed security contexts after opening file descriptor, this is not allowed. [ 279.749836][T13097] loop4: detected capacity change from 0 to 512 [ 279.772906][T13097] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 279.798274][T13097] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.3239: bad orphan inode 11 [ 279.815165][T13097] ext4_test_bit(bit=10, block=4) = 1 [ 279.820522][T13097] is_bad_inode(inode)=0 [ 279.824751][T13097] NEXT_ORPHAN(inode)=2080374784 [ 279.829628][T13097] max_ino=32 [ 279.833014][T13097] i_nlink=0 [ 279.847410][T13097] EXT4-fs (loop4): 1 truncate cleaned up [ 279.853805][T13097] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 279.877593][T13097] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.932768][T13109] loop1: detected capacity change from 0 to 1024 [ 279.947280][T13109] EXT4-fs: Ignoring removed bh option [ 279.959761][T13109] EXT4-fs: inline encryption not supported [ 279.974508][T13109] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 280.006440][T13109] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 2: comm syz.1.3241: lblock 2 mapped to illegal pblock 2 (length 1) [ 280.022855][T13109] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 48: comm syz.1.3241: lblock 0 mapped to illegal pblock 48 (length 1) [ 280.047260][T13109] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.3241: Failed to acquire dquot type 0 [ 280.059691][T13109] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6305: Corrupt filesystem [ 280.084420][T13109] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.3241: mark_inode_dirty error [ 280.102941][T13109] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 280.106827][T13137] tipc: Started in network mode [ 280.118806][T13137] tipc: Node identity 2, cluster identity 2048 [ 280.125212][T13137] tipc: Node number set to 2 [ 280.125944][T13109] EXT4-fs (loop1): 1 orphan inode deleted [ 280.130894][ T5016] Bluetooth: hci0: command 0x1003 tx timeout [ 280.142060][ T4346] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 280.149088][T13137] tipc: Cannot configure node identity twice [ 280.155741][ T31] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1) [ 280.162731][T13109] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 280.184764][ T31] EXT4-fs error (device loop1): ext4_release_dquot:6981: comm kworker/u8:1: Failed to release dquot type 0 [ 280.198685][T13109] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.210203][T13109] EXT4-fs error (device loop1): __ext4_get_inode_loc:4832: comm syz.1.3241: Invalid inode table block 1 in block_group 0 [ 280.295415][T13109] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6305: Corrupt filesystem [ 280.309182][T13109] EXT4-fs error (device loop1): ext4_quota_off:7229: inode #3: comm syz.1.3241: mark_inode_dirty error [ 280.359849][T13180] loop2: detected capacity change from 0 to 128 [ 280.367816][T13178] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3249'. [ 280.380989][T13178] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3249'. [ 280.426303][T13186] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 280.445428][T13186] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 280.454653][T13187] bio_check_eod: 69077 callbacks suppressed [ 280.454669][T13187] syz.2.3251: attempt to access beyond end of device [ 280.454669][T13187] loop2: rw=2049, sector=153, nr_sectors = 8 limit=128 [ 280.486402][T13187] syz.2.3251: attempt to access beyond end of device [ 280.486402][T13187] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 280.500160][T13187] syz.2.3251: attempt to access beyond end of device [ 280.500160][T13187] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 280.525236][T13187] syz.2.3251: attempt to access beyond end of device [ 280.525236][T13187] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 280.543922][T13187] syz.2.3251: attempt to access beyond end of device [ 280.543922][T13187] loop2: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 280.557802][T13187] syz.2.3251: attempt to access beyond end of device [ 280.557802][T13187] loop2: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 280.587418][T13187] syz.2.3251: attempt to access beyond end of device [ 280.587418][T13187] loop2: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 280.601365][T13187] syz.2.3251: attempt to access beyond end of device [ 280.601365][T13187] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 280.616320][T13187] syz.2.3251: attempt to access beyond end of device [ 280.616320][T13187] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 280.631140][T13187] syz.2.3251: attempt to access beyond end of device [ 280.631140][T13187] loop2: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 280.662426][T13209] netlink: 196 bytes leftover after parsing attributes in process `syz.0.3265'. [ 280.673290][T13207] loop1: detected capacity change from 0 to 2048 [ 280.682048][T13209] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3265'. [ 280.692109][T13209] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 280.721632][T13213] netlink: 100 bytes leftover after parsing attributes in process `syz.5.3268'. [ 280.724659][T13207] loop1: p1 < > p4 < > [ 280.735320][T13207] loop1: partition table partially beyond EOD, truncated [ 280.743580][T13207] loop1: p1 start 134217735 is beyond EOD, truncated [ 280.830629][T13233] loop1: detected capacity change from 0 to 512 [ 280.843599][T13233] EXT4-fs: Ignoring removed mblk_io_submit option [ 280.852215][T13233] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 280.865133][T13233] EXT4-fs (loop1): 1 truncate cleaned up [ 280.871429][T13233] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.895605][T13233] EXT4-fs (loop1): shut down requested (2) [ 280.936057][T12489] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.943389][T13250] loop2: detected capacity change from 0 to 128 [ 281.017148][T13263] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 281.043068][T13263] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 281.259144][T13301] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 281.267726][T13263] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 281.278111][T13301] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 281.289195][T13263] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 281.307653][T13306] capability: warning: `syz.4.3307' uses 32-bit capabilities (legacy support in use) [ 281.337547][T13308] loop4: detected capacity change from 0 to 256 [ 281.357132][T13308] FAT-fs (loop4): Directory bread(block 64) failed [ 281.374479][T13308] FAT-fs (loop4): Directory bread(block 65) failed [ 281.381393][T13308] FAT-fs (loop4): Directory bread(block 66) failed [ 281.388065][ T29] kauditd_printk_skb: 80 callbacks suppressed [ 281.388083][ T29] audit: type=1400 audit(1760486209.845:9322): avc: denied { name_bind } for pid=13310 comm="syz.1.3309" src=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=udp_socket permissive=1 [ 281.416599][T13308] FAT-fs (loop4): Directory bread(block 67) failed [ 281.423302][T13308] FAT-fs (loop4): Directory bread(block 68) failed [ 281.430088][T13308] FAT-fs (loop4): Directory bread(block 69) failed [ 281.436794][T13308] FAT-fs (loop4): Directory bread(block 70) failed [ 281.443508][T13308] FAT-fs (loop4): Directory bread(block 71) failed [ 281.450242][T13308] FAT-fs (loop4): Directory bread(block 72) failed [ 281.457114][T13308] FAT-fs (loop4): Directory bread(block 73) failed [ 281.563173][T13316] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 281.572208][T13316] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 281.604854][T13318] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3312'. [ 281.613939][T13318] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3312'. [ 281.718789][T13322] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 281.727456][T13322] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 281.771272][T13266] ================================================================== [ 281.779426][T13266] BUG: KCSAN: data-race in filemap_splice_read / filemap_splice_read [ 281.783607][T13250] Buffer I/O error on dev loop2, logical block 128, lost async page write [ 281.787603][T13266] [ 281.787612][T13266] write to 0xffff88811c49cee8 of 8 bytes by task 13250 on cpu 1: [ 281.787634][T13266] filemap_splice_read+0x4f4/0x740 [ 281.811311][T13266] splice_direct_to_actor+0x26f/0x680 [ 281.816712][T13266] do_splice_direct+0xda/0x150 [ 281.821669][T13266] do_sendfile+0x380/0x650 [ 281.826135][T13266] __x64_sys_sendfile64+0x105/0x150 [ 281.831447][T13266] x64_sys_call+0x2bb4/0x3000 [ 281.836135][T13266] do_syscall_64+0xd2/0x200 [ 281.840661][T13266] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.846690][T13266] [ 281.849023][T13266] write to 0xffff88811c49cee8 of 8 bytes by task 13266 on cpu 0: [ 281.856743][T13266] filemap_splice_read+0x4f4/0x740 [ 281.861880][T13266] splice_direct_to_actor+0x26f/0x680 [ 281.867270][T13266] do_splice_direct+0xda/0x150 [ 281.872134][T13266] do_sendfile+0x380/0x650 [ 281.876573][T13266] __x64_sys_sendfile64+0x105/0x150 [ 281.881840][T13266] x64_sys_call+0x2bb4/0x3000 [ 281.886535][T13266] do_syscall_64+0xd2/0x200 [ 281.891108][T13266] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.897114][T13266] [ 281.899454][T13266] value changed: 0x0000000000003d50 -> 0x0000000000003d59 [ 281.906668][T13266] [ 281.909013][T13266] Reported by Kernel Concurrency Sanitizer on: [ 281.915172][T13266] CPU: 0 UID: 0 PID: 13266 Comm: syz.2.3283 Not tainted syzkaller #0 PREEMPT(voluntary) [ 281.925019][T13266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 281.935091][T13266] ==================================================================