last executing test programs: 1.985342722s ago: executing program 0 (id=1829): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x9, 0xf4039, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x6}, 0x204, 0x1, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x51031, 0xffffffffffffffff, 0x0) mlock2(&(0x7f0000b16000/0x1000)=nil, 0x1000, 0x1) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) 1.865757283s ago: executing program 0 (id=1824): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) 1.019510433s ago: executing program 2 (id=1860): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) r2 = socket(0x10, 0x3, 0x0) connect$netlink(r2, &(0x7f0000000300)=@proc={0x10, 0x0, 0x25dfdffc}, 0xc) sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}}, 0x0) 1.001773135s ago: executing program 0 (id=1861): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x82}, 0x18) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x5) fcntl$notify(r2, 0x402, 0x8000003d) 961.735199ms ago: executing program 2 (id=1862): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x58130, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={0x0, 0x4}, 0x81203, 0x10000, 0xbdf7, 0x5, 0x4, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0) flock(r0, 0x5) r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) flock(r1, 0x2) dup3(r1, r0, 0x0) 920.673203ms ago: executing program 0 (id=1864): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x2}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10) ioctl$TIOCSSOFTCAR(r0, 0x5453, 0x0) 900.495775ms ago: executing program 4 (id=1866): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000004c0)='kfree\x00', r1, 0x0, 0x7}, 0x18) syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x208a022, 0x0, 0x1, 0x0, &(0x7f0000000000)) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0) umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x0) 849.24906ms ago: executing program 3 (id=1867): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000040000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket(0x10, 0x3, 0x9) connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="1400"], 0x28}}, 0x0) 848.59896ms ago: executing program 4 (id=1868): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 840.216371ms ago: executing program 0 (id=1869): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_pidfd_open(r0, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0xe000202b}) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0) epoll_pwait(r2, &(0x7f00000000c0)=[{}], 0x1, 0xd92d, 0x0, 0x0) 744.973049ms ago: executing program 2 (id=1870): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001bc0)={0x18, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18) recvmmsg(0xffffffffffffffff, &(0x7f0000006940)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000003c0)=""/6, 0x6}], 0x1}, 0x3}], 0x1, 0x40, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$sock(r1, &(0x7f00000044c0), 0x4000000000001c0, 0x0) recvfrom(r2, &(0x7f0000000040)=""/60, 0x3c, 0x40, 0x0, 0x0) 697.377064ms ago: executing program 2 (id=1871): syz_read_part_table(0x60e, &(0x7f00000007c0)="$eJzs3D9olGccB/DvJbk7o9A4OLnUOHQSiuLoDVWSq2IhnJZCcLD/EGmmCIGTHqbo0GaImEE6dpHCdYhxUjM4KQqdizi0CBlcCnaR2iFX7u4luUAplkZK8fMZ7ve8Lz+e7/uDZ30u/K8NpVysOtVeefeTv+3vjG2u5/Nhe2LyeKfT6ZxOSjmTcsbLb60kGcnWXbM/SWVgnxvf7Vz95rf3y+0np168c/b+wtDGntXsTrJrsDmjf/Up1X82Ka/Dcu3BWC3JYveh3lpb/yi5+XyicefkwtLKifKxz7rvLyUPi/7+wRjNhTRzMV/k45FXjvpqc1nakj9/Zba+2Kydf1xvrX3bfnpwfW99+Pa5Iy/3rV69dyiZ60ZMpXfYN1X+5eAD+ZcH8ufGr00vtY4euLXn+uHm3UeNZ8O/d/qKyPL25AIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Hosd3+uzNYXm7Xzj+utta9/+vGDm88nGndOLiytnKgc+7noe1jUkaJeSDMXU04yk5l8ntlXj5wuDebXHoxd3sj/Y2fy9OD63nr79rkjLydXr9471OsqZapbhrZj4q2WR9LLz+7+89z4teml1tEDt/ZcP9y8+6jxbLj/fqaaT3vjJqlu/2cAAAAAAAAAAAAAAAAAAADwhpuYPL5v6r3G6aSUMzuS/Ppl75Z9pzr6Q3o37/v2F7VS1Bs7+v8F0H5y6kXl7P2FX4pL8fOpZj7Jru+7nW9v5FzaGlve3Jn/0p8BAAD//83YiVM=") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x145402, 0x1d2) writev(r2, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x100000}], 0x1) 697.169394ms ago: executing program 3 (id=1872): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r3, 0x325, 0x400, 0x0, {0x8}}, 0x14}}, 0x4800) 633.49602ms ago: executing program 0 (id=1873): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001803000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf) ioctl$TCFLSH(r2, 0x400455c8, 0x0) 632.24032ms ago: executing program 3 (id=1883): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000380), 0x1, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18) kexec_load(0x4, 0xa, 0x0, 0x0) 556.072917ms ago: executing program 2 (id=1875): syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000d80)=ANY=[], 0x1, 0x36b, &(0x7f0000000a00)="$eJzs3U1vG1UXAODTvM1H85I6C4QECHFVNrCxkvAHGqFWQkQChRoVFkhTMgEr0zjyWEGuEHTHlt9RsWSHhPgDWcCeHbtsWHZRdVDsuPloCIvUHgrPI0X3xPce+4zHM7qb0dm//d3drc2yuZn1Yup6iqmImHoYsTiIhi4djlODeCaOux9vNW7/9tqHH3/y3ura2o31lG6u3np7JaV09fWfvvzq+2s/9/7/0Q9Xf5yNvcVP9/9Y+X3vpb2X9x/f+qJdpnaZtju9lKU7nU4vu1PkaaNdbjVT+qDIszJP7e0y756Y3yw6Ozv9lG1vLMzvdPOyTNl2P23l/dTrpF63n7LPs/Z2ajabaWE++DutB+vr2eownjtn3fVJFcQYdLur2cE1PPvUTOtBLQUBALW66P5/5pnu/6fD/n+Sju//+bc62P/PHF6/J9n/AwAAAAAAAAAAAADA8+BhVTWqqmqMxmr0kPDh/zWXx5g9df5P/dVdH+N17MG9uYji293Wbms4DudXN6MdReSxFI14dHBbGBnGN99du7GUBhZj4e43g/xrv0S0/ncyfzkasXh2/vIwPz3Jj4NxOuaP569EI148O3/lzPyZePONY/nNaMSvn0UnitgY3N6O8r9eTumd99dO5c8O1gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw39BMI6/GsO/9biviSuwe9u9vHi1YPNkff5j/pL/+UjTi0dn9+ZfO7M9/OV65XO+xAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBI2b+3lRVF3p1UMOr5P3hlZhT8ddal4fL7p6auxARrLop86lm94eOqqsZV6txkT+VFgumI885gdfgrufhnvRAR56yZjYj6v41/YlDXHQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqc9T0u+5KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqFPZv7eVFUXeHWNQ9zECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8T/4MAAD//yeQEY0=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x10a942, 0x9f667fd378a54ed4) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000f0000000000000c00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10) write$P9_RREADLINK(r0, &(0x7f0000000040)={0x10, 0x17, 0x2, {0xffffffffffffffc1, './file0'}}, 0xfffffdab) 555.803607ms ago: executing program 3 (id=1876): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x80228, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81) 458.573177ms ago: executing program 1 (id=1878): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], 0x0}, 0x94) r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000140)='GPL\x00'}, 0x94) r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8) close(r1) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0) 403.920522ms ago: executing program 4 (id=1879): bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) socket$caif_stream(0x25, 0x1, 0x0) r0 = syz_io_uring_setup(0xbda, &(0x7f0000000640)={0x0, 0x356e, 0x800, 0x1, 0x40000334}, &(0x7f00000006c0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1}) io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0) 391.801413ms ago: executing program 1 (id=1880): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="06000000040000009c0000000b"], 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x18) syz_clone(0xc920000, 0x0, 0x0, 0x0, 0x0, 0x0) 287.550533ms ago: executing program 1 (id=1881): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r1, 0x0, 0x100000001}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) 160.299495ms ago: executing program 3 (id=1882): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)="2e00000011008188040f80ec59acbc0413a181004000000004000000000000000e000a000d00000002800200121f", 0x2e}], 0x1}, 0x0) 160.019274ms ago: executing program 4 (id=1884): socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='kmem_cache_free\x00', r0}, 0x18) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000007c0)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x4000}}, {{@in=@dev={0xac, 0x14, 0x14, 0x1f}, 0x0, 0x6c}, 0x0, @in=@local, 0x200000, 0x0, 0x0, 0x0, 0x0, 0xbeaf}}, 0xe8) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @random="f368656e065b", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev}}}}}}, 0x0) 153.483185ms ago: executing program 1 (id=1885): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r1, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000001, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @mcast1}, 0x1c) 114.333219ms ago: executing program 2 (id=1886): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) sendmsg$inet(r0, &(0x7f0000000300)={&(0x7f0000000000)={0x2, 0x4e23, @loopback}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000840)="da", 0x1}], 0x1}, 0x20000000) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e24, 0x80000001, @loopback, 0x80000001}}, 0xfff, 0x6, 0x91, 0x400, 0x9}, &(0x7f0000000200)=0x98) 109.884819ms ago: executing program 4 (id=1887): syz_read_part_table(0x60e, &(0x7f00000007c0)="$eJzs3D9olGccB/DvJbk7o9A4OLnUOHQSiuLoDVWSq2IhnJZCcLD/EGmmCIGTHqbo0GaImEE6dpHCdYhxUjM4KQqdizi0CBlcCnaR2iFX7u4luUAplkZK8fMZ7ve8Lz+e7/uDZ30u/K8NpVysOtVeefeTv+3vjG2u5/Nhe2LyeKfT6ZxOSjmTcsbLb60kGcnWXbM/SWVgnxvf7Vz95rf3y+0np168c/b+wtDGntXsTrJrsDmjf/Up1X82Ka/Dcu3BWC3JYveh3lpb/yi5+XyicefkwtLKifKxz7rvLyUPi/7+wRjNhTRzMV/k45FXjvpqc1nakj9/Zba+2Kydf1xvrX3bfnpwfW99+Pa5Iy/3rV69dyiZ60ZMpXfYN1X+5eAD+ZcH8ufGr00vtY4euLXn+uHm3UeNZ8O/d/qKyPL25AIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Hosd3+uzNYXm7Xzj+utta9/+vGDm88nGndOLiytnKgc+7noe1jUkaJeSDMXU04yk5l8ntlXj5wuDebXHoxd3sj/Y2fy9OD63nr79rkjLydXr9471OsqZapbhrZj4q2WR9LLz+7+89z4teml1tEDt/ZcP9y8+6jxbLj/fqaaT3vjJqlu/2cAAAAAAAAAAAAAAAAAAADwhpuYPL5v6r3G6aSUMzuS/Ppl75Z9pzr6Q3o37/v2F7VS1Bs7+v8F0H5y6kXl7P2FX4pL8fOpZj7Jru+7nW9v5FzaGlve3Jn/0p8BAAD//83YiVM=") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x145402, 0x1d2) writev(r2, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x100000}], 0x1) 32.230827ms ago: executing program 3 (id=1888): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x32) write(r1, &(0x7f00000001c0)="49bda8f11851b8436bebb25ac5f8202ffb", 0x11) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7ffffffffffffffd) 31.493537ms ago: executing program 1 (id=1898): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xaf) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20) sigaltstack(0x0, 0x0) 9.951849ms ago: executing program 4 (id=1889): write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x2}}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12}, 0x94) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x401, 0x0, 0x10000, 0xb998, 0x0, "194f2f83c2e798c3584770116cddc8819592b1"}) write$binfmt_aout(r0, &(0x7f0000000000)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000080)={0xa04c, 0x35e8b531, 0x1, 0x8, 0x13, "53af0f0b4ecf6c29bf81c173f4a8f5f73eb62f"}) 0s ago: executing program 1 (id=1890): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x20000000000200}, 0x18) r2 = syz_io_uring_setup(0xfbe, &(0x7f0000000240)={0x0, 0x9a3e, 0x10000, 0x3, 0x285}, &(0x7f0000000000), &(0x7f0000000340)) io_uring_register$IORING_REGISTER_PROBE(r2, 0x8, &(0x7f0000000380), 0x0) kernel console output (not intermixed with test programs): 87] veth0_macvtap: entered promiscuous mode [ 54.795490][ T4187] veth1_macvtap: entered promiscuous mode [ 54.811748][ T4187] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.827972][ T4187] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.840112][ T3989] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.854427][ T3989] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.865907][ T3989] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.880204][ T3989] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.964757][ T4417] loop3: detected capacity change from 0 to 32768 [ 55.008625][ T4428] loop2: detected capacity change from 0 to 512 [ 55.016604][ T4428] EXT4-fs: inline encryption not supported [ 55.025424][ T4417] loop3: p1 p2 p3 < > p4 < p5 p6 > [ 55.033014][ T4417] loop3: p1 start 460800 is beyond EOD, truncated [ 55.040259][ T4417] loop3: p2 size 83886080 extends beyond EOD, truncated [ 55.049289][ T4428] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 55.050472][ T4417] loop3: p5 start 460800 is beyond EOD, truncated [ 55.066986][ T4417] loop3: p6 size 83886080 extends beyond EOD, truncated [ 55.104527][ T4428] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.357: invalid indirect mapped block 2683928664 (level 1) [ 55.121396][ T4428] EXT4-fs (loop2): 1 truncate cleaned up [ 55.133166][ T4428] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.169738][ C0] hrtimer: interrupt took 23508 ns [ 55.217023][ T4187] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.309422][ T4455] loop0: detected capacity change from 0 to 512 [ 55.323449][ T4455] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000) [ 55.334798][ T4455] FAT-fs (loop0): Filesystem has been set read-only [ 55.345295][ T4455] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000) [ 55.360125][ T4455] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000) [ 55.376753][ T4455] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000) [ 55.388956][ T4455] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000) [ 55.403306][ T4455] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000) [ 55.416728][ T4455] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000) [ 55.429766][ T4455] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000) [ 55.443489][ T4455] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000) [ 55.456157][ T4455] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 2178, start 8e210000) [ 55.644845][ T4471] __nla_validate_parse: 2 callbacks suppressed [ 55.644883][ T4471] netlink: 8 bytes leftover after parsing attributes in process `syz.3.376'. [ 55.720426][ T4473] 9p: Unknown access argument ý: -22 [ 55.770988][ T4478] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125 [ 55.815622][ T4482] netlink: 24 bytes leftover after parsing attributes in process `syz.2.381'. [ 55.980937][ T4488] loop1: detected capacity change from 0 to 128 [ 56.038061][ T4492] netlink: 20 bytes leftover after parsing attributes in process `syz.2.386'. [ 56.048693][ T4492] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 56.063162][ T4488] syz.1.384: attempt to access beyond end of device [ 56.063162][ T4488] loop1: rw=2049, sector=154, nr_sectors = 6 limit=128 [ 56.120702][ T4488] syz.1.384: attempt to access beyond end of device [ 56.120702][ T4488] loop1: rw=2049, sector=158, nr_sectors = 2 limit=128 [ 56.135967][ T4488] Buffer I/O error on dev loop1, logical block 79, lost async page write [ 56.163775][ T4488] syz.1.384: attempt to access beyond end of device [ 56.163775][ T4488] loop1: rw=2049, sector=160, nr_sectors = 2 limit=128 [ 56.178743][ T4488] Buffer I/O error on dev loop1, logical block 80, lost async page write [ 56.222719][ T4488] syz.1.384: attempt to access beyond end of device [ 56.222719][ T4488] loop1: rw=2049, sector=162, nr_sectors = 6 limit=128 [ 56.257504][ T4488] syz.1.384: attempt to access beyond end of device [ 56.257504][ T4488] loop1: rw=2049, sector=166, nr_sectors = 2 limit=128 [ 56.274229][ T4488] Buffer I/O error on dev loop1, logical block 83, lost async page write [ 56.304082][ T4488] syz.1.384: attempt to access beyond end of device [ 56.304082][ T4488] loop1: rw=2049, sector=168, nr_sectors = 2 limit=128 [ 56.318861][ T4488] Buffer I/O error on dev loop1, logical block 84, lost async page write [ 56.341008][ T4488] syz.1.384: attempt to access beyond end of device [ 56.341008][ T4488] loop1: rw=2049, sector=186, nr_sectors = 6 limit=128 [ 56.359323][ T4488] syz.1.384: attempt to access beyond end of device [ 56.359323][ T4488] loop1: rw=2049, sector=190, nr_sectors = 2 limit=128 [ 56.375259][ T4488] Buffer I/O error on dev loop1, logical block 95, lost async page write [ 56.386321][ T4488] syz.1.384: attempt to access beyond end of device [ 56.386321][ T4488] loop1: rw=2049, sector=192, nr_sectors = 2 limit=128 [ 56.401932][ T4488] Buffer I/O error on dev loop1, logical block 96, lost async page write [ 56.414380][ T4488] syz.1.384: attempt to access beyond end of device [ 56.414380][ T4488] loop1: rw=2049, sector=194, nr_sectors = 6 limit=128 [ 56.447114][ T4488] Buffer I/O error on dev loop1, logical block 99, lost async page write [ 56.459784][ T4514] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 56.469262][ T4488] Buffer I/O error on dev loop1, logical block 100, lost async page write [ 56.476909][ T4514] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 56.501071][ T4488] Buffer I/O error on dev loop1, logical block 111, lost async page write [ 56.514828][ T4488] Buffer I/O error on dev loop1, logical block 112, lost async page write [ 56.635245][ T4527] IPv6: Can't replace route, no match found [ 56.760093][ T4545] loop0: detected capacity change from 0 to 128 [ 56.829232][ T4552] bridge0: entered promiscuous mode [ 56.838486][ T4552] bridge0: port 3(macsec1) entered blocking state [ 56.845795][ T4552] bridge0: port 3(macsec1) entered disabled state [ 56.853851][ T4552] macsec1: entered allmulticast mode [ 56.859862][ T4552] bridge0: entered allmulticast mode [ 56.882534][ T4552] macsec1: left allmulticast mode [ 56.888833][ T4552] bridge0: left allmulticast mode [ 56.897111][ T4552] bridge0: left promiscuous mode [ 56.905121][ T4561] netlink: 'syz.4.416': attribute type 21 has an invalid length. [ 56.917234][ T4561] netlink: 156 bytes leftover after parsing attributes in process `syz.4.416'. [ 56.926913][ T4561] netlink: 4 bytes leftover after parsing attributes in process `syz.4.416'. [ 56.976299][ T4575] loop0: detected capacity change from 0 to 1024 [ 57.001081][ T4575] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=2842c018, mo2=0002] [ 57.015962][ T4575] System zones: 0-1, 3-12 [ 57.021684][ T4575] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 57.042592][ T29] kauditd_printk_skb: 93 callbacks suppressed [ 57.042611][ T29] audit: type=1326 audit(1762899300.018:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4581 comm="syz.2.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 57.086722][ T29] audit: type=1326 audit(1762899300.018:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4581 comm="syz.2.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 57.113530][ T29] audit: type=1326 audit(1762899300.018:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4581 comm="syz.2.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 57.138227][ T29] audit: type=1326 audit(1762899300.018:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4581 comm="syz.2.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 57.164309][ T29] audit: type=1326 audit(1762899300.018:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4581 comm="syz.2.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 57.164434][ T4592] loop4: detected capacity change from 0 to 512 [ 57.189334][ T29] audit: type=1400 audit(1762899300.058:529): avc: denied { block_suspend } for pid=4580 comm="syz.1.423" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 57.220150][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.222420][ T4591] netlink: 28 bytes leftover after parsing attributes in process `syz.2.426'. [ 57.239704][ T4591] netlink: 28 bytes leftover after parsing attributes in process `syz.2.426'. [ 57.249530][ T4591] netlink: 28 bytes leftover after parsing attributes in process `syz.2.426'. [ 57.275215][ T4592] EXT4-fs (loop4): 1 orphan inode deleted [ 57.282287][ T4592] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 57.290519][ T4600] 8021q: adding VLAN 0 to HW filter on device bond1 [ 57.296642][ T4591] netlink: 28 bytes leftover after parsing attributes in process `syz.2.426'. [ 57.313984][ T4591] netlink: 28 bytes leftover after parsing attributes in process `syz.2.426'. [ 57.324681][ T4592] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 57.404599][ T4592] EXT4-fs (loop4): shut down requested (0) [ 57.414319][ T4592] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 57.425010][ T4592] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 57.432548][ T4614] bond1: option ad_select: invalid value (40) [ 57.435592][ T29] audit: type=1400 audit(1762899300.418:530): avc: denied { rmdir } for pid=4589 comm="syz.4.427" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 57.466729][ T4618] sg_write: process 189 (syz.3.432) changed security contexts after opening file descriptor, this is not allowed. [ 57.489587][ T29] audit: type=1400 audit(1762899300.468:531): avc: denied { execute } for pid=4615 comm="syz.2.434" name="cgroup" dev="tmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=lnk_file permissive=1 [ 57.514868][ T4614] bond1 (unregistering): Released all slaves [ 57.526831][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.599936][ T3389] IPVS: starting estimator thread 0... [ 57.602620][ T4622] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 57.627460][ T29] audit: type=1326 audit(1762899300.598:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4632 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 57.653425][ T29] audit: type=1326 audit(1762899300.598:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4632 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 57.744334][ T4630] IPVS: using max 2352 ests per chain, 117600 per kthread [ 57.835249][ T4657] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 57.953255][ T4645] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 57.968462][ T4645] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 58.365932][ T4699] loop3: detected capacity change from 0 to 1024 [ 58.396529][ T4699] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 58.421569][ T4699] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: comm syz.3.466: inode #1310720: comm syz.3.466: iget: illegal inode # [ 58.438281][ T4699] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.466: error while reading EA inode 1310720 err=-117 [ 58.478751][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.559305][ T4714] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 58.630484][ T4724] IPv6: NLM_F_CREATE should be specified when creating new route [ 58.665630][ T4727] loop4: detected capacity change from 0 to 128 [ 58.716463][ T4727] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 58.731002][ T4727] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 58.742159][ T4727] FAT-fs (loop4): Filesystem has been set read-only [ 58.766435][ T4729] loop0: detected capacity change from 0 to 2048 [ 58.784572][ T4727] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 58.793703][ T4727] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 58.945856][ T4754] loop4: detected capacity change from 0 to 1024 [ 58.953034][ T4754] EXT4-fs: Ignoring removed orlov option [ 58.961654][ T4754] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.032659][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.114903][ T4767] loop1: detected capacity change from 0 to 2048 [ 59.436295][ T4816] loop1: detected capacity change from 0 to 128 [ 59.535388][ T4832] IPv6: NLM_F_CREATE should be specified when creating new route [ 59.557234][ T4834] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.597534][ T4836] loop1: detected capacity change from 0 to 512 [ 59.609382][ T4836] EXT4-fs (loop1): orphan cleanup on readonly fs [ 59.618218][ T4834] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.658941][ T4836] EXT4-fs warning (device loop1): ext4_xattr_inode_get:560: inode #11: comm +}[@: EA inode hash validation failed [ 59.698859][ T4836] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 59.729915][ T4836] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #15: comm +}[@: corrupted inode contents [ 59.767199][ T4836] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #15: comm +}[@: mark_inode_dirty error [ 59.782150][ T4834] team0: Port device netdevsim1 removed [ 59.803622][ T4834] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.817073][ T4836] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #15: comm +}[@: corrupted inode contents [ 59.832459][ T4836] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2996: inode #15: comm +}[@: mark_inode_dirty error [ 59.855294][ T4836] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2999: inode #15: comm +}[@: mark inode dirty (error -117) [ 59.868657][ T4836] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117) [ 59.879872][ T4836] EXT4-fs (loop1): 1 orphan inode deleted [ 59.880614][ T4834] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.887027][ T4836] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 59.912564][ T4865] netdevsim netdevsim4: Direct firmware load for þ failed with error -2 [ 59.955635][ T4871] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4871 comm=syz.2.547 [ 59.972672][ T179] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.988930][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.996583][ T3944] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.008887][ T3944] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.024825][ T3944] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.088713][ T4885] Illegal XDP return value 4294967262 on prog (id 333) dev syz_tun, expect packet loss! [ 60.210405][ T4907] program syz.3.564 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.272374][ T4917] loop4: detected capacity change from 0 to 128 [ 60.280215][ T4917] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 60.299380][ T4917] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 60.307553][ T4917] FAT-fs (loop4): Filesystem has been set read-only [ 60.375640][ T4936] xt_hashlimit: max too large, truncated to 1048576 [ 60.528825][ T4963] loop1: detected capacity change from 0 to 164 [ 60.538285][ T4963] ISOFS: unable to read i-node block [ 60.543826][ T4963] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 60.585206][ T4971] x_tables: duplicate underflow at hook 1 [ 60.733638][ T4989] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 60.781436][ T4996] loop0: detected capacity change from 0 to 128 [ 60.787080][ T4969] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 60.797792][ T4969] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 60.954875][ T5011] bridge0: port 4(bond0) entered blocking state [ 60.961572][ T5011] bridge0: port 4(bond0) entered disabled state [ 60.968708][ T5011] bond0: entered allmulticast mode [ 60.974111][ T5011] bond_slave_0: entered allmulticast mode [ 60.980119][ T5011] bond_slave_1: entered allmulticast mode [ 60.987926][ T5011] bond0: entered promiscuous mode [ 60.993276][ T5011] bond_slave_0: entered promiscuous mode [ 60.999635][ T5011] bond_slave_1: entered promiscuous mode [ 61.006140][ T5011] bridge0: port 4(bond0) entered blocking state [ 61.012656][ T5011] bridge0: port 4(bond0) entered forwarding state [ 61.081757][ T5020] sch_tbf: peakrate 7 is lower than or equals to rate 7 ! [ 61.160393][ T5027] bond2: option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 61.172438][ T5027] bond2 (unregistering): Released all slaves [ 61.293046][ T5036] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 61.305216][ T5036] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 61.340883][ T5038] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5038 comm=syz.0.625 [ 61.376122][ T5046] __nla_validate_parse: 19 callbacks suppressed [ 61.376184][ T5046] netlink: 64 bytes leftover after parsing attributes in process `syz.1.628'. [ 61.427059][ T5052] loop1: detected capacity change from 0 to 256 [ 61.436849][ T5054] sd 0:0:1:0: device reset [ 61.519357][ T5063] loop4: detected capacity change from 0 to 764 [ 61.528912][ T5063] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 61.545539][ T5063] Symlink component flag not implemented [ 61.552294][ T5063] Symlink component flag not implemented (7) [ 61.628099][ T5075] loop4: detected capacity change from 0 to 512 [ 61.661483][ T5079] netlink: 48 bytes leftover after parsing attributes in process `syz.3.645'. [ 61.678535][ T5075] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.643: bg 0: block 248: padding at end of block bitmap is not set [ 61.694486][ T5075] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.643: Failed to acquire dquot type 1 [ 61.711335][ T5075] EXT4-fs (loop4): 1 truncate cleaned up [ 61.726517][ T5075] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 61.761920][ T5087] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 61.768502][ T5087] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 61.776308][ T5087] vhci_hcd vhci_hcd.0: Device attached [ 61.790505][ T5075] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.813640][ T5088] vhci_hcd: connection closed [ 61.814546][ T3982] vhci_hcd: stop threads [ 61.824032][ T3982] vhci_hcd: release socket [ 61.828607][ T3982] vhci_hcd: disconnect device [ 61.843199][ T5075] syz.4.643 (5075) used greatest stack depth: 9392 bytes left [ 61.853799][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.140686][ T29] kauditd_printk_skb: 230 callbacks suppressed [ 62.140704][ T29] audit: type=1400 audit(1762899305.118:762): avc: denied { write } for pid=5118 comm="syz.1.661" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 62.188691][ T29] audit: type=1400 audit(1762899305.118:763): avc: denied { connect } for pid=5118 comm="syz.1.661" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 62.209563][ T29] audit: type=1400 audit(1762899305.118:764): avc: denied { name_connect } for pid=5118 comm="syz.1.661" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 62.255389][ T29] audit: type=1400 audit(1762899305.218:765): avc: denied { mount } for pid=5120 comm="syz.1.662" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 62.491586][ T29] audit: type=1400 audit(1762899305.468:766): avc: denied { override_creds } for pid=5133 comm="syz.2.668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 62.693200][ T5151] netlink: 'syz.3.674': attribute type 1 has an invalid length. [ 62.728391][ T5151] 8021q: adding VLAN 0 to HW filter on device bond1 [ 62.733497][ T29] audit: type=1326 audit(1762899305.708:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5154 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 62.769418][ T36] kernel write not supported for file bpf-map (pid: 36 comm: kworker/1:1) [ 62.783428][ T29] audit: type=1326 audit(1762899305.738:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5154 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 62.807661][ T29] audit: type=1400 audit(1762899305.748:769): avc: denied { mounton } for pid=5157 comm="syz.4.678" path="/158/file0" dev="tmpfs" ino=837 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 62.831670][ T29] audit: type=1326 audit(1762899305.748:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5154 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 62.856882][ T29] audit: type=1326 audit(1762899305.748:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5154 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 62.985327][ T5180] netlink: 80 bytes leftover after parsing attributes in process `syz.0.689'. [ 63.004879][ T5178] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 63.038306][ T5178] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 63.084845][ T5190] IPv6: Can't replace route, no match found [ 63.139734][ T5194] netlink: 'syz.1.695': attribute type 13 has an invalid length. [ 63.224757][ T5194] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 63.245028][ T5201] netlink: 4 bytes leftover after parsing attributes in process `syz.3.698'. [ 63.254733][ T5201] netlink: 16 bytes leftover after parsing attributes in process `syz.3.698'. [ 63.315790][ T5204] netlink: 52 bytes leftover after parsing attributes in process `syz.1.699'. [ 63.345617][ T5205] macvlan1: entered promiscuous mode [ 63.365972][ T5205] macvlan1: left promiscuous mode [ 63.387482][ T5207] syzkaller1: entered promiscuous mode [ 63.394462][ T5207] syzkaller1: entered allmulticast mode [ 63.467305][ T5215] loop3: detected capacity change from 0 to 512 [ 63.506739][ T5215] EXT4-fs (loop3): too many log groups per flexible block group [ 63.506806][ T5215] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 63.506836][ T5215] EXT4-fs (loop3): mount failed [ 63.560587][ T5226] netlink: 4 bytes leftover after parsing attributes in process `syz.3.706'. [ 63.575804][ T5223] bond1: option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 63.588454][ T5223] bond1 (unregistering): Released all slaves [ 63.863297][ T5237] batadv1: entered promiscuous mode [ 63.863389][ T5237] batadv1: entered allmulticast mode [ 63.894456][ T5241] macvlan1: entered promiscuous mode [ 63.895770][ T5241] macvlan1: left promiscuous mode [ 63.929203][ T5243] netlink: 'syz.2.715': attribute type 1 has an invalid length. [ 63.959317][ T5245] sctp: [Deprecated]: syz.3.716 (pid 5245) Use of struct sctp_assoc_value in delayed_ack socket option. [ 63.959317][ T5245] Use struct sctp_sack_info instead [ 63.980341][ T10] kernel write not supported for file bpf-map (pid: 10 comm: kworker/0:1) [ 64.023442][ T5243] 8021q: adding VLAN 0 to HW filter on device bond1 [ 64.185349][ T5256] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.199793][ T5260] Invalid logical block size (-3398) [ 64.202156][ T5262] loop2: detected capacity change from 0 to 1024 [ 64.229802][ T5262] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 64.244909][ T5256] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.266094][ T4187] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.307740][ T5256] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.368633][ T5256] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.446228][ T3970] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.463134][ T3970] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.483751][ T3970] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.493879][ T3970] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.628787][ T5302] loop2: detected capacity change from 0 to 512 [ 64.655289][ T5302] EXT4-fs (loop2): too many log groups per flexible block group [ 64.668530][ T5302] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 64.677353][ T5302] EXT4-fs (loop2): mount failed [ 64.701780][ T5309] loop0: detected capacity change from 0 to 1764 [ 64.739757][ T5315] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5315 comm=syz.2.748 [ 64.755634][ T5315] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5315 comm=syz.2.748 [ 64.876167][ T5328] loop0: detected capacity change from 0 to 1024 [ 64.899936][ T5328] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.924344][ T5330] ALSA: seq fatal error: cannot create timer (-19) [ 64.936849][ T5334] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 64.940187][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.981040][ T5339] loop1: detected capacity change from 0 to 512 [ 64.988361][ T5339] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 65.092277][ T5354] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 65.105717][ T5353] netlink: 16 bytes leftover after parsing attributes in process `syz.2.763'. [ 65.129945][ T5357] batadv2: entered promiscuous mode [ 65.136273][ T5357] batadv2: entered allmulticast mode [ 65.168398][ T5364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.767'. [ 65.179656][ T5361] loop2: detected capacity change from 0 to 512 [ 65.190161][ T5366] loop3: detected capacity change from 0 to 512 [ 65.206825][ T5366] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.207002][ T5361] EXT4-fs error (device loop2): ext4_quota_enable:7136: inode #4: comm syz.2.769: iget: checksum invalid [ 65.221295][ T5366] ext4 filesystem being mounted at /150/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 65.238767][ T5371] loop1: detected capacity change from 0 to 512 [ 65.253895][ T5361] EXT4-fs error (device loop2): ext4_quota_enable:7139: comm syz.2.769: Bad quota inode: 4, type: 1 [ 65.266429][ T5361] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-74, ino=4). Please run e2fsck to fix. [ 65.284617][ T5361] EXT4-fs (loop2): mount failed [ 65.287879][ T5371] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 65.303069][ T5371] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it [ 65.314160][ T5371] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.771: Corrupt directory, running e2fsck is recommended [ 65.329297][ T5371] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 65.340803][ T5371] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.771: corrupted in-inode xattr: invalid ea_ino [ 65.374442][ T5379] loop4: detected capacity change from 0 to 512 [ 65.382158][ T5379] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 65.402817][ T5378] loop0: detected capacity change from 0 to 1024 [ 65.405860][ T5371] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.771: couldn't read orphan inode 15 (err -117) [ 65.426797][ T5371] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.462749][ T5371] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 65.465055][ T5378] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 65.475203][ T5371] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it [ 65.501189][ T5371] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.771: Corrupt directory, running e2fsck is recommended [ 65.518400][ T5378] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 65.524526][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.551201][ T5371] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 65.562849][ T5378] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.774: bg 0: block 112: padding at end of block bitmap is not set [ 65.564481][ T5371] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it [ 65.590601][ T5371] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.771: Corrupt directory, running e2fsck is recommended [ 65.597223][ T5378] EXT4-fs error (device loop0): ext4_free_blocks:6706: comm syz.0.774: Freeing blocks not in datazone - block = 0, count = 16 [ 65.633856][ T5371] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 65.647132][ T5371] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it [ 65.657834][ T5371] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.771: Corrupt directory, running e2fsck is recommended [ 65.682948][ T5371] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 65.720146][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 65.722909][ T5393] loop3: detected capacity change from 0 to 512 [ 65.730613][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.757577][ T5393] EXT4-fs: Ignoring removed nobh option [ 65.820007][ T5397] loop0: detected capacity change from 0 to 128 [ 65.834682][ T5393] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.778: corrupted inode contents [ 65.849965][ T5393] EXT4-fs (loop3): Remounting filesystem read-only [ 65.858740][ T5393] EXT4-fs (loop3): 1 truncate cleaned up [ 65.865223][ T5393] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.882286][ T5407] loop2: detected capacity change from 0 to 512 [ 65.921467][ T5393] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 65.933546][ T5407] EXT4-fs: dax option not supported [ 65.988968][ T5409] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.009678][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.057337][ T5413] loop2: detected capacity change from 0 to 1024 [ 66.064424][ T5411] loop0: detected capacity change from 0 to 512 [ 66.091552][ T5409] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.106751][ T5413] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.121305][ T5411] EXT4-fs (loop0): too many log groups per flexible block group [ 66.130944][ T5411] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 66.138428][ T5411] EXT4-fs (loop0): mount failed [ 66.157657][ T5409] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.160156][ T4187] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.234361][ T5409] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.304235][ T3993] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.350577][ T3993] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.374126][ T3993] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.387842][ T3993] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.411464][ T5443] loop0: detected capacity change from 0 to 512 [ 66.427742][ T5443] journal_path: Non-blockdev passed as './bus' [ 66.434289][ T5443] EXT4-fs: error: could not find journal device path [ 66.509842][ T5454] netlink: 4 bytes leftover after parsing attributes in process `syz.3.806'. [ 66.535446][ T5458] xt_hashlimit: max too large, truncated to 1048576 [ 66.548562][ T5458] xt_CT: You must specify a L4 protocol and not use inversions on it [ 66.578109][ T5462] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 66.659039][ T5474] loop1: detected capacity change from 0 to 512 [ 66.678772][ T5474] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.695599][ T5474] ext4 filesystem being mounted at /181/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 66.712150][ T5474] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.817: corrupted inode contents [ 66.724775][ T5474] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #2: comm syz.1.817: mark_inode_dirty error [ 66.736411][ T5474] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.817: corrupted inode contents [ 66.748470][ T5474] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.817: mark_inode_dirty error [ 66.806244][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.822411][ T5482] loop4: detected capacity change from 0 to 1024 [ 66.834121][ T5482] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.920602][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.150881][ T29] kauditd_printk_skb: 181 callbacks suppressed [ 67.150899][ T29] audit: type=1400 audit(1762899310.128:951): avc: denied { append } for pid=5513 comm="syz.3.831" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 67.157897][ T5510] loop4: detected capacity change from 0 to 2048 [ 67.191944][ T5512] hub 9-0:1.0: USB hub found [ 67.196792][ T5512] hub 9-0:1.0: 8 ports detected [ 67.209852][ T29] audit: type=1400 audit(1762899310.188:952): avc: denied { append } for pid=5509 comm="syz.4.832" path="/180/file1/cgroup.controllers" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 67.273764][ T29] audit: type=1400 audit(1762899310.248:953): avc: denied { map } for pid=5509 comm="syz.4.832" path="/180/file1/cgroup.controllers" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 67.303041][ T29] audit: type=1400 audit(1762899310.278:954): avc: denied { create } for pid=5523 comm="syz.2.835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 67.392503][ T3993] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 67.408002][ T3993] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1396 with error 28 [ 67.420645][ T3993] EXT4-fs (loop4): This should not happen!! Data will be lost [ 67.420645][ T3993] [ 67.430336][ T3993] EXT4-fs (loop4): Total free blocks count 0 [ 67.436365][ T3993] EXT4-fs (loop4): Free/Dirty block details [ 67.442295][ T3993] EXT4-fs (loop4): free_blocks=2415919504 [ 67.448200][ T3993] EXT4-fs (loop4): dirty_blocks=1408 [ 67.453608][ T3993] EXT4-fs (loop4): Block reservation details [ 67.459728][ T3993] EXT4-fs (loop4): i_reserved_data_blocks=88 [ 67.466465][ T29] audit: type=1326 audit(1762899310.408:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5533 comm="syz.2.840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 67.489946][ T29] audit: type=1326 audit(1762899310.408:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5533 comm="syz.2.840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 67.513251][ T29] audit: type=1326 audit(1762899310.408:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5533 comm="syz.2.840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 67.536531][ T29] audit: type=1326 audit(1762899310.408:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5533 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 67.559990][ T29] audit: type=1326 audit(1762899310.408:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5533 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 67.583844][ T29] audit: type=1326 audit(1762899310.408:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5533 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c6e8ff6c9 code=0x7ffc0000 [ 67.641656][ T5538] loop4: detected capacity change from 0 to 4096 [ 67.870311][ T5574] hub 9-0:1.0: USB hub found [ 67.876685][ T5574] hub 9-0:1.0: 8 ports detected [ 67.934446][ T5578] netlink: 4 bytes leftover after parsing attributes in process `syz.2.859'. [ 67.975191][ T5576] loop3: detected capacity change from 0 to 2048 [ 68.024777][ T5576] loop3: p1 p3 [ 68.028317][ T5576] loop3: p1 start 458752 is beyond EOD, truncated [ 68.034881][ T5576] loop3: p3 start 8388352 is beyond EOD, truncated [ 68.216254][ T5614] loop3: detected capacity change from 0 to 512 [ 68.226693][ T5614] ext4 filesystem being mounted at /172/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 68.266764][ T5614] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.879: corrupted inode contents [ 68.287673][ T5614] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #2: comm syz.3.879: mark_inode_dirty error [ 68.299768][ T5614] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.879: corrupted inode contents [ 68.325397][ T5623] netlink: 4 bytes leftover after parsing attributes in process `syz.0.882'. [ 68.379845][ T5628] netlink: 8 bytes leftover after parsing attributes in process `syz.3.884'. [ 68.703669][ T5657] loop1: detected capacity change from 0 to 128 [ 68.721577][ T5657] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 68.738654][ T5657] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 68.872396][ T5672] geneve0: entered allmulticast mode [ 68.922379][ T5680] atomic_op ffff8881194fd528 conn xmit_atomic 0000000000000000 [ 69.039511][ T5697] netlink: 'syz.3.916': attribute type 3 has an invalid length. [ 69.331403][ T5740] loop2: detected capacity change from 0 to 512 [ 69.362090][ T5740] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.935: couldn't read orphan inode 26 (err -116) [ 69.381192][ T5740] ext4 filesystem being mounted at /131/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.892276][ T5761] loop3: detected capacity change from 0 to 2048 [ 69.930061][ T5763] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5763 comm=syz.1.944 [ 69.948160][ T5761] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 70.186088][ T5779] SELinux: Context Ü is not valid (left unmapped). [ 70.258574][ T5787] sch_tbf: peakrate 7 is lower than or equals to rate 7 ! [ 70.286666][ T5788] loop4: detected capacity change from 0 to 512 [ 70.302073][ T5788] EXT4-fs (loop4): orphan cleanup on readonly fs [ 70.324424][ T5788] EXT4-fs warning (device loop4): ext4_xattr_inode_get:560: inode #11: comm syz.4.952: EA inode hash validation failed [ 70.337924][ T5788] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.952: corrupted inode contents [ 70.351167][ T5788] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #15: comm syz.4.952: mark_inode_dirty error [ 70.364066][ T5788] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.952: corrupted inode contents [ 70.375533][ T5799] loop0: detected capacity change from 0 to 2048 [ 70.377911][ T5788] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2996: inode #15: comm syz.4.952: mark_inode_dirty error [ 70.397106][ T5788] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2999: inode #15: comm syz.4.952: mark inode dirty (error -117) [ 70.412123][ T5788] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117) [ 70.421842][ T5788] EXT4-fs (loop4): 1 orphan inode deleted [ 70.522672][ T5811] syzkaller1: entered promiscuous mode [ 70.528450][ T5811] syzkaller1: entered allmulticast mode [ 70.574802][ T3982] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 70.600129][ T3982] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1474 with error 28 [ 70.614398][ T3982] EXT4-fs (loop0): This should not happen!! Data will be lost [ 70.614398][ T3982] [ 70.624836][ T3982] EXT4-fs (loop0): Total free blocks count 0 [ 70.631340][ T3982] EXT4-fs (loop0): Free/Dirty block details [ 70.639174][ T3982] EXT4-fs (loop0): free_blocks=2415919504 [ 70.645689][ T3982] EXT4-fs (loop0): dirty_blocks=1488 [ 70.651398][ T3982] EXT4-fs (loop0): Block reservation details [ 70.657640][ T3982] EXT4-fs (loop0): i_reserved_data_blocks=93 [ 70.943541][ T5850] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 71.133748][ T5868] pim6reg1: entered promiscuous mode [ 71.139517][ T5868] pim6reg1: entered allmulticast mode [ 71.155828][ T5870] netlink: 8 bytes leftover after parsing attributes in process `syz.3.991'. [ 71.166333][ T5870] netlink: 4 bytes leftover after parsing attributes in process `syz.3.991'. [ 71.180359][ T3951] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 71.199389][ T3951] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 71.211585][ T5872] netlink: 'syz.3.992': attribute type 34 has an invalid length. [ 71.224056][ T3951] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 71.256216][ T3951] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 71.266941][ T30] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.315729][ T30] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.365987][ T30] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.425610][ T30] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.503504][ T30] bond0: left allmulticast mode [ 71.508986][ T30] bond_slave_0: left allmulticast mode [ 71.514741][ T30] bond_slave_1: left allmulticast mode [ 71.520656][ T30] bond0: left promiscuous mode [ 71.525769][ T30] bond_slave_0: left promiscuous mode [ 71.531593][ T30] bond_slave_1: left promiscuous mode [ 71.537403][ T30] bridge0: port 4(bond0) entered disabled state [ 71.544997][ T30] batadv1: left allmulticast mode [ 71.550391][ T30] batadv1: left promiscuous mode [ 71.555542][ T30] bridge0: port 3(batadv1) entered disabled state [ 71.563051][ T30] bridge_slave_1: left allmulticast mode [ 71.568911][ T30] bridge_slave_1: left promiscuous mode [ 71.574928][ T30] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.592988][ T30] bridge_slave_0: left allmulticast mode [ 71.598961][ T30] bridge_slave_0: left promiscuous mode [ 71.605406][ T30] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.706667][ T30] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 71.725000][ T30] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 71.737419][ T30] bond0 (unregistering): Released all slaves [ 71.755952][ T30] bond1 (unregistering): Released all slaves [ 71.800112][ T30] IPVS: stopping backup sync thread 5354 ... [ 71.818161][ T30] hsr_slave_0: left promiscuous mode [ 71.833107][ T30] hsr_slave_1: left promiscuous mode [ 71.851681][ T30] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 71.859570][ T30] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 71.871141][ T30] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 71.879031][ T30] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 71.896779][ T5930] loop3: detected capacity change from 0 to 512 [ 71.908186][ T30] veth1_macvtap: left promiscuous mode [ 71.913802][ T30] veth0_macvtap: left promiscuous mode [ 71.934720][ T5930] ext4 filesystem being mounted at /206/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 71.965968][ T5935] netlink: 'syz.1.1016': attribute type 3 has an invalid length. [ 71.974393][ T5930] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 71.994660][ T5930] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 72.047554][ T30] team0 (unregistering): Port device team_slave_1 removed [ 72.073622][ T30] team0 (unregistering): Port device team_slave_0 removed [ 72.160593][ T5956] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 72.167793][ T5956] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 72.176311][ T5956] vhci_hcd vhci_hcd.0: Device attached [ 72.242842][ T5879] chnl_net:caif_netlink_parms(): no params data found [ 72.250970][ T5965] rdma_op ffff88811a7bfd80 conn xmit_rdma 0000000000000000 [ 72.278060][ T5956] vhci_hcd vhci_hcd.0: port 0 already used [ 72.289801][ T5957] vhci_hcd: connection closed [ 72.291067][ T3982] vhci_hcd: stop threads [ 72.300406][ T3982] vhci_hcd: release socket [ 72.304987][ T3982] vhci_hcd: disconnect device [ 72.347946][ T5879] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.355634][ T5879] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.371077][ T5980] loop2: detected capacity change from 0 to 1024 [ 72.378165][ T5879] bridge_slave_0: entered allmulticast mode [ 72.394273][ T5980] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 72.405289][ T5879] bridge_slave_0: entered promiscuous mode [ 72.422101][ T5879] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.429763][ T5879] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.440222][ T5879] bridge_slave_1: entered allmulticast mode [ 72.448035][ T5879] bridge_slave_1: entered promiscuous mode [ 72.462707][ T5980] EXT4-fs mount: 16 callbacks suppressed [ 72.462729][ T5980] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.487735][ T29] kauditd_printk_skb: 300 callbacks suppressed [ 72.487754][ T29] audit: type=1400 audit(1762899315.468:1260): avc: denied { read write } for pid=5979 comm="syz.2.1031" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 72.520477][ T29] audit: type=1400 audit(1762899315.468:1261): avc: denied { open } for pid=5979 comm="syz.2.1031" path="/158/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 72.548147][ T5980] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #11: comm syz.2.1031: missing EA_INODE flag [ 72.548362][ T5879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.575842][ T5879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.585808][ T5980] EXT4-fs (loop2): Remounting filesystem read-only [ 72.600667][ T5980] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 72.643095][ T29] audit: type=1400 audit(1762899315.618:1262): avc: denied { ioctl } for pid=5979 comm="syz.2.1031" path="/158/file1/file1" dev="loop2" ino=15 ioctlcmd=0x5829 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 72.691857][ T5879] team0: Port device team_slave_0 added [ 72.699419][ T5879] team0: Port device team_slave_1 added [ 72.711446][ T4187] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.747788][ T5997] loop4: detected capacity change from 0 to 512 [ 72.758911][ T5998] loop3: detected capacity change from 0 to 512 [ 72.767778][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.775655][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 72.803068][ T5879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.815047][ T5997] EXT4-fs: test_dummy_encryption option not supported [ 72.824509][ T6000] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1037'. [ 72.843985][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.852546][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 72.852568][ T29] audit: type=1400 audit(1762899315.818:1263): avc: denied { read } for pid=5996 comm="syz.4.1039" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 72.852607][ T29] audit: type=1400 audit(1762899315.818:1264): avc: denied { open } for pid=5996 comm="syz.4.1039" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 72.879871][ T5879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.904908][ T29] audit: type=1400 audit(1762899315.818:1265): avc: denied { ioctl } for pid=5996 comm="syz.4.1039" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 73.092967][ T29] audit: type=1400 audit(1762899316.048:1266): avc: denied { read write } for pid=6004 comm="syz.4.1041" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 73.119392][ T29] audit: type=1400 audit(1762899316.048:1267): avc: denied { open } for pid=6004 comm="syz.4.1041" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 73.147322][ T5879] hsr_slave_0: entered promiscuous mode [ 73.154468][ T5879] hsr_slave_1: entered promiscuous mode [ 73.174423][ T6012] loop4: detected capacity change from 0 to 512 [ 73.196701][ T6012] Quota error (device loop4): v2_read_file_info: Free block number 1 out of range (1, 6). [ 73.224074][ T29] audit: type=1326 audit(1762899316.188:1268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6017 comm="syz.3.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55bd47f6c9 code=0x7ffc0000 [ 73.306305][ T6012] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 73.384553][ T6022] loop3: detected capacity change from 0 to 2048 [ 73.403085][ T6012] EXT4-fs (loop4): mount failed [ 73.439372][ T6031] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1052'. [ 73.458487][ T6022] loop3: p1 p3 [ 73.462278][ T6022] loop3: p1 start 458752 is beyond EOD, truncated [ 73.469580][ T6022] loop3: p3 start 8388352 is beyond EOD, truncated [ 73.684452][ T6049] loop2: detected capacity change from 0 to 1024 [ 73.711533][ T6049] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 73.722804][ T6049] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 73.764913][ T6049] JBD2: no valid journal superblock found [ 73.771580][ T6049] EXT4-fs (loop2): Could not load journal inode [ 73.792919][ T5879] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 73.807087][ T5879] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 73.807109][ T6049] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 73.836258][ T5879] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 73.856191][ T5879] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 73.927330][ T5879] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.943076][ T5879] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.985211][ T30] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.992747][ T30] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.002652][ T30] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.010309][ T30] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.127514][ T5879] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.256565][ T5879] veth0_vlan: entered promiscuous mode [ 74.265379][ T5879] veth1_vlan: entered promiscuous mode [ 74.287676][ T5879] veth0_macvtap: entered promiscuous mode [ 74.314325][ T5879] veth1_macvtap: entered promiscuous mode [ 74.314720][ T6089] loop2: detected capacity change from 0 to 1024 [ 74.342975][ T6089] EXT4-fs: Ignoring removed nobh option [ 74.343466][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.359585][ T6091] loop3: detected capacity change from 0 to 1024 [ 74.379769][ T6089] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.380652][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.416121][ T6091] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 74.436817][ T3982] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.462549][ T6089] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt. [ 74.492744][ T3982] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.524063][ T3982] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.557713][ T3982] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.672154][ T4187] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.725502][ T6091] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.803125][ T6119] random: crng reseeded on system resumption [ 74.845852][ T6091] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.1069: missing EA_INODE flag [ 74.907839][ T6091] EXT4-fs (loop3): Remounting filesystem read-only [ 75.054628][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.063970][ T6128] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 75.074031][ T6128] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 75.198255][ T3389] IPVS: starting estimator thread 0... [ 75.284241][ T6149] IPVS: stopping master sync thread 6150 ... [ 75.294033][ T6143] IPVS: using max 1728 ests per chain, 86400 per kthread [ 75.422129][ T6164] sd 0:0:1:0: device reset [ 75.510649][ T6175] loop3: detected capacity change from 0 to 2048 [ 75.520028][ T6179] loop0: detected capacity change from 0 to 512 [ 75.541517][ T6175] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.594391][ T6179] EXT4-fs: Ignoring removed nobh option [ 75.673888][ T6179] EXT4-fs (loop0): failed to initialize system zone (-117) [ 75.681432][ T6179] EXT4-fs (loop0): mount failed [ 75.690125][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.707488][ T6190] loop4: detected capacity change from 0 to 2048 [ 75.766833][ T6190] loop4: p1 < > p4 [ 75.771974][ T6190] loop4: p4 size 8388608 extends beyond EOD, truncated [ 75.857322][ T6198] infiniband syz!: set active [ 75.862670][ T6198] infiniband syz!: added team_slave_0 [ 75.869248][ T6202] batadv2: entered promiscuous mode [ 75.891287][ T6198] RDS/IB: syz!: added [ 75.901208][ T6198] smc: adding ib device syz! with port count 1 [ 75.909081][ T6198] smc: ib device syz! port 1 has no pnetid [ 75.935256][ T6210] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1120'. [ 76.195898][ T6218] loop4: detected capacity change from 0 to 128 [ 76.275728][ T6226] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6226 comm=syz.0.1126 [ 76.306378][ T6232] IPv6: Can't replace route, no match found [ 76.479380][ T6258] loop2: detected capacity change from 0 to 512 [ 76.487904][ T6258] EXT4-fs: Ignoring removed nobh option [ 76.495440][ T6261] netlink: 83992 bytes leftover after parsing attributes in process `syz.3.1141'. [ 76.496295][ T6258] EXT4-fs (loop2): failed to initialize system zone (-117) [ 76.510436][ T6263] dvmrp1: entered allmulticast mode [ 76.518070][ T6258] EXT4-fs (loop2): mount failed [ 76.523676][ T6261] netlink: zone id is out of range [ 76.529140][ T6261] netlink: zone id is out of range [ 76.540446][ T6263] dvmrp1: left allmulticast mode [ 76.547997][ T6261] netlink: zone id is out of range [ 76.558782][ T6261] netlink: zone id is out of range [ 76.577506][ T6261] netlink: set zone limit has 8 unknown bytes [ 76.706701][ T6283] loop2: detected capacity change from 0 to 2048 [ 76.729649][ T6283] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.750169][ T6290] loop3: detected capacity change from 0 to 1024 [ 76.758100][ T6290] EXT4-fs: Ignoring removed bh option [ 76.767795][ T4187] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.795371][ T6290] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.833039][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.888980][ T6304] loop1: detected capacity change from 0 to 256 [ 76.906492][ T6304] FAT-fs (loop1): Directory bread(block 64) failed [ 76.915544][ T6308] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1160'. [ 76.934327][ T6304] FAT-fs (loop1): Directory bread(block 65) failed [ 76.947901][ T6304] FAT-fs (loop1): Directory bread(block 66) failed [ 76.964046][ T6304] FAT-fs (loop1): Directory bread(block 67) failed [ 76.975351][ T6304] FAT-fs (loop1): Directory bread(block 68) failed [ 76.982112][ T6304] FAT-fs (loop1): Directory bread(block 69) failed [ 76.989449][ T6304] FAT-fs (loop1): Directory bread(block 70) failed [ 76.996335][ T6304] FAT-fs (loop1): Directory bread(block 71) failed [ 77.003284][ T6304] FAT-fs (loop1): Directory bread(block 72) failed [ 77.012746][ T6304] FAT-fs (loop1): Directory bread(block 73) failed [ 77.039642][ T6304] bio_check_eod: 148 callbacks suppressed [ 77.039657][ T6304] syz.1.1159: attempt to access beyond end of device [ 77.039657][ T6304] loop1: rw=2049, sector=1224, nr_sectors = 4 limit=256 [ 77.097591][ T6321] loop1: detected capacity change from 0 to 2048 [ 77.127459][ T6321] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.189508][ T6340] loop4: detected capacity change from 0 to 512 [ 77.199535][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.211860][ T6342] loop3: detected capacity change from 0 to 256 [ 77.219861][ T6340] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1173: inode has both inline data and extents flags [ 77.226062][ T6344] loop2: detected capacity change from 0 to 764 [ 77.250184][ T6340] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1173: couldn't read orphan inode 15 (err -117) [ 77.275074][ T6340] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.309434][ T6351] GUP no longer grows the stack in syz.3.1176 (6351): 200000004000-20000000a000 (200000002000) [ 77.319976][ T6351] CPU: 1 UID: 0 PID: 6351 Comm: syz.3.1176 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 77.320016][ T6351] Tainted: [W]=WARN [ 77.320024][ T6351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 77.320039][ T6351] Call Trace: [ 77.320049][ T6351] [ 77.320058][ T6351] __dump_stack+0x1d/0x30 [ 77.320086][ T6351] dump_stack_lvl+0xe8/0x140 [ 77.320175][ T6351] dump_stack+0x15/0x1b [ 77.320197][ T6351] __get_user_pages+0x1968/0x1ed0 [ 77.320238][ T6351] get_user_pages_remote+0x1d5/0x6c0 [ 77.320287][ T6351] __access_remote_vm+0x15c/0x590 [ 77.320321][ T6351] access_remote_vm+0x32/0x40 [ 77.320362][ T6351] proc_pid_cmdline_read+0x32b/0x6c0 [ 77.320398][ T6351] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 77.320431][ T6351] vfs_readv+0x3fb/0x690 [ 77.320488][ T6351] __x64_sys_preadv+0xfd/0x1c0 [ 77.320521][ T6351] x64_sys_call+0x282e/0x3000 [ 77.320554][ T6351] do_syscall_64+0xd2/0x200 [ 77.320578][ T6351] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 77.320668][ T6351] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 77.320706][ T6351] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.320769][ T6351] RIP: 0033:0x7f55bd47f6c9 [ 77.320788][ T6351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.320810][ T6351] RSP: 002b:00007f55bbedf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 77.320833][ T6351] RAX: ffffffffffffffda RBX: 00007f55bd6d5fa0 RCX: 00007f55bd47f6c9 [ 77.320848][ T6351] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003 [ 77.320882][ T6351] RBP: 00007f55bd501f91 R08: 0000000000000000 R09: 0000000000000000 [ 77.320896][ T6351] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 77.320910][ T6351] R13: 00007f55bd6d6038 R14: 00007f55bd6d5fa0 R15: 00007ffc7a16ca78 [ 77.320985][ T6351] [ 77.529582][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.554592][ T29] kauditd_printk_skb: 269 callbacks suppressed [ 77.554612][ T29] audit: type=1400 audit(1762899320.538:1538): avc: denied { read } for pid=6355 comm="syz.4.1178" name="ptp0" dev="devtmpfs" ino=247 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 77.584216][ T29] audit: type=1400 audit(1762899320.538:1539): avc: denied { open } for pid=6355 comm="syz.4.1178" path="/dev/ptp0" dev="devtmpfs" ino=247 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 77.674362][ T29] audit: type=1400 audit(1762899320.588:1540): avc: denied { create } for pid=6357 comm="syz.1.1179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 77.694708][ T29] audit: type=1400 audit(1762899320.598:1541): avc: denied { write } for pid=6357 comm="syz.1.1179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 77.714820][ T29] audit: type=1400 audit(1762899320.598:1542): avc: denied { ioctl } for pid=6355 comm="syz.4.1178" path="/dev/ptp0" dev="devtmpfs" ino=247 ioctlcmd=0x3d0e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 77.755382][ T29] audit: type=1400 audit(1762899320.698:1543): avc: denied { create } for pid=6371 comm="syz.2.1187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 77.776460][ T29] audit: type=1400 audit(1762899320.698:1544): avc: denied { ioctl } for pid=6371 comm="syz.2.1187" path="socket:[17495]" dev="sockfs" ino=17495 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 77.802242][ T29] audit: type=1400 audit(1762899320.718:1545): avc: denied { bind } for pid=6371 comm="syz.2.1187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 77.829070][ T6377] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1184'. [ 77.877089][ T6376] loop1: detected capacity change from 0 to 512 [ 77.885059][ T6376] EXT4-fs: Ignoring removed nobh option [ 77.902716][ T6376] EXT4-fs (loop1): failed to initialize system zone (-117) [ 77.920131][ T6386] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1192'. [ 77.922258][ T6376] EXT4-fs (loop1): mount failed [ 78.004274][ T29] audit: type=1400 audit(1762899320.978:1546): avc: denied { create } for pid=6389 comm="syz.4.1193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 78.024496][ T29] audit: type=1400 audit(1762899320.978:1547): avc: denied { connect } for pid=6389 comm="syz.4.1193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 78.361086][ T6416] netlink: 'syz.3.1204': attribute type 15 has an invalid length. [ 78.369377][ T6416] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1204'. [ 78.387897][ T6416] netlink: 'syz.3.1204': attribute type 15 has an invalid length. [ 78.391101][ T30] netdevsim netdevsim3 eth0: set [0, 1] type 1 family 0 port 2816 - 0 [ 78.396036][ T6416] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1204'. [ 78.418347][ T30] netdevsim netdevsim3 eth1: set [0, 1] type 1 family 0 port 2816 - 0 [ 78.468384][ T30] netdevsim netdevsim3 eth2: set [0, 1] type 1 family 0 port 2816 - 0 [ 78.480475][ T30] netdevsim netdevsim3 eth3: set [0, 1] type 1 family 0 port 2816 - 0 [ 78.490794][ T6424] SELinux: policydb version 1280 does not match my version range 15-35 [ 78.499611][ T6424] SELinux: failed to load policy [ 78.580981][ T6436] 9pnet_rdma: rdma_create_trans (6436): problem binding to privport: 13 [ 78.716055][ T6457] loop4: detected capacity change from 0 to 256 [ 78.731226][ T6455] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125 [ 78.732978][ T6457] FAT-fs (loop4): Directory bread(block 64) failed [ 78.746011][ T6457] FAT-fs (loop4): Directory bread(block 65) failed [ 78.752674][ T6457] FAT-fs (loop4): Directory bread(block 66) failed [ 78.766424][ T6457] FAT-fs (loop4): Directory bread(block 67) failed [ 78.773305][ T6457] FAT-fs (loop4): Directory bread(block 68) failed [ 78.776391][ T6463] loop0: detected capacity change from 0 to 256 [ 78.780224][ T6461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1225'. [ 78.788786][ T6457] FAT-fs (loop4): Directory bread(block 69) failed [ 78.808900][ T6457] FAT-fs (loop4): Directory bread(block 70) failed [ 78.811085][ T6463] FAT-fs (loop0): Directory bread(block 64) failed [ 78.817942][ T6457] FAT-fs (loop4): Directory bread(block 71) failed [ 78.829703][ T6463] FAT-fs (loop0): Directory bread(block 65) failed [ 78.836859][ T6463] FAT-fs (loop0): Directory bread(block 66) failed [ 78.843721][ T6461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1225'. [ 78.847474][ T6457] FAT-fs (loop4): Directory bread(block 72) failed [ 78.853693][ T6463] FAT-fs (loop0): Directory bread(block 67) failed [ 78.870288][ T6457] FAT-fs (loop4): Directory bread(block 73) failed [ 78.889112][ T6463] FAT-fs (loop0): Directory bread(block 68) failed [ 78.898342][ T6463] FAT-fs (loop0): Directory bread(block 69) failed [ 78.932058][ T3948] Bluetooth: hci0: Frame reassembly failed (-84) [ 78.934226][ T6463] FAT-fs (loop0): Directory bread(block 70) failed [ 78.954708][ T6463] FAT-fs (loop0): Directory bread(block 71) failed [ 78.961345][ T6463] FAT-fs (loop0): Directory bread(block 72) failed [ 78.968506][ T6463] FAT-fs (loop0): Directory bread(block 73) failed [ 78.994499][ T6457] syz.4.1223: attempt to access beyond end of device [ 78.994499][ T6457] loop4: rw=2049, sector=1224, nr_sectors = 4 limit=256 [ 79.070122][ T6486] loop0: detected capacity change from 0 to 1024 [ 79.095099][ T6486] journal_path: Non-blockdev passed as './file1' [ 79.102037][ T6486] EXT4-fs: error: could not find journal device path [ 79.568999][ T6509] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 79.569013][ T6509] IPv6: NLM_F_CREATE should be set when creating new route [ 79.569039][ T6509] IPv6: NLM_F_CREATE should be set when creating new route [ 79.569053][ T6509] IPv6: NLM_F_CREATE should be set when creating new route [ 79.569188][ T6509] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 79.836902][ T6525] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1255'. [ 79.999147][ T6538] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 80.055980][ T6542] netlink: 'syz.2.1261': attribute type 21 has an invalid length. [ 80.074164][ T6542] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1261'. [ 80.083285][ T6542] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1261'. [ 80.515314][ T6570] vhci_hcd: invalid port number 96 [ 80.520672][ T6570] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 80.681123][ T6587] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1281'. [ 80.690189][ T6587] netlink: 'syz.1.1281': attribute type 2 has an invalid length. [ 80.763166][ T6593] sd 0:0:1:0: device reset [ 80.802331][ T6598] vhci_hcd: invalid port number 121 [ 80.807672][ T6598] vhci_hcd: default hub control req: 4000 v0051 i0079 l0 [ 80.966961][ T3501] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 80.990547][ T6610] loop0: detected capacity change from 0 to 128 [ 81.000698][ T6610] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 81.013401][ T6610] ext4 filesystem being mounted at /48/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 81.122046][ T5879] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 81.247705][ T6629] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1300'. [ 81.256810][ T6629] netlink: 'syz.0.1300': attribute type 6 has an invalid length. [ 81.280042][ T6629] netlink: 'syz.0.1300': attribute type 6 has an invalid length. [ 81.280482][ T3948] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 81.310555][ T3948] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 81.323561][ T3948] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 81.334339][ T3948] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 81.371250][ T6631] loop3: detected capacity change from 0 to 512 [ 81.401594][ T6631] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 81.413612][ T6631] EXT4-fs (loop3): 1 truncate cleaned up [ 81.423536][ T6631] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.439676][ T6631] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 81.468641][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.498709][ T6640] netlink: 'syz.0.1306': attribute type 10 has an invalid length. [ 81.511050][ T6640] batadv0: entered allmulticast mode [ 81.522131][ T6640] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.530900][ T6640] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 81.548184][ T6640] netlink: 'syz.0.1306': attribute type 10 has an invalid length. [ 81.556865][ T6640] batadv0: entered promiscuous mode [ 81.563600][ T6640] bond0: (slave batadv0): Releasing backup interface [ 81.595242][ T6640] bridge0: port 3(batadv0) entered blocking state [ 81.601862][ T6640] bridge0: port 3(batadv0) entered disabled state [ 81.736987][ T6664] netlink: 'syz.0.1316': attribute type 10 has an invalid length. [ 81.778973][ T6664] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 81.830651][ T6669] loop3: detected capacity change from 0 to 128 [ 81.837861][ T6669] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 81.865779][ T6669] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 81.873771][ T6669] FAT-fs (loop3): Filesystem has been set read-only [ 81.881158][ T6669] syz.3.1318: attempt to access beyond end of device [ 81.881158][ T6669] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 81.985811][ T5879] block device autoloading is deprecated and will be removed. [ 81.996081][ T6691] netlink: 'syz.3.1328': attribute type 3 has an invalid length. [ 82.040923][ T6698] tls_set_device_offload_rx: netdev not found [ 82.124104][ T3982] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 82.133368][ T3982] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 82.164618][ T6714] 9pnet_fd: p9_fd_create_tcp (6714): problem connecting socket to 127.0.0.1 [ 82.199683][ T6712] 9pnet: Could not find request transport: t [ 82.255146][ T6727] SELinux: failed to load policy [ 82.272892][ T6725] loop0: detected capacity change from 0 to 2048 [ 82.299337][ T6725] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.313392][ T6725] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.363732][ T5879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.445010][ T6754] loop3: detected capacity change from 0 to 1024 [ 82.451813][ T6754] EXT4-fs: inline encryption not supported [ 82.479344][ T6754] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.517701][ T36] kernel write not supported for file bpf-map (pid: 36 comm: kworker/1:1) [ 82.552309][ T3367] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 82.559830][ T3367] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 82.567465][ T3367] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 82.574995][ T3367] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 82.582433][ T3367] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 82.590077][ T3367] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 82.597661][ T3367] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 82.605334][ T3367] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 82.607313][ T5879] block device autoloading is deprecated and will be removed. [ 82.612743][ T3367] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 82.627947][ T3367] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 82.633980][ T29] kauditd_printk_skb: 187 callbacks suppressed [ 82.634014][ T29] audit: type=1326 audit(1762899325.608:1735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6768 comm="syz.4.1357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda53c9f6c9 code=0x7ffc0000 [ 82.666420][ T29] audit: type=1326 audit(1762899325.618:1736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6768 comm="syz.4.1357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7fda53c9f6c9 code=0x7ffc0000 [ 82.675345][ T3367] hid-generic 0000:0004:0000.0002: hidraw0: HID v0.00 Device [sy] on syz0 [ 82.690008][ T29] audit: type=1326 audit(1762899325.618:1737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6768 comm="syz.4.1357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda53c9f6c9 code=0x7ffc0000 [ 82.723960][ T29] audit: type=1326 audit(1762899325.618:1738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6768 comm="syz.4.1357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda53c9f6c9 code=0x7ffc0000 [ 82.783679][ T29] audit: type=1400 audit(1762899325.758:1739): avc: denied { name_bind } for pid=6774 comm="syz.4.1359" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 82.804820][ T29] audit: type=1400 audit(1762899325.758:1740): avc: denied { write } for pid=6774 comm="syz.4.1359" name="udplite6" dev="proc" ino=4026532715 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 82.849209][ T3367] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz0] on syz1 [ 82.878141][ T29] audit: type=1326 audit(1762899325.858:1741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6787 comm="syz.1.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce4409f6c9 code=0x7ffc0000 [ 82.901972][ T29] audit: type=1326 audit(1762899325.858:1742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6787 comm="syz.1.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce4409f6c9 code=0x7ffc0000 [ 82.927150][ T29] audit: type=1326 audit(1762899325.858:1743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6787 comm="syz.1.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce4409f6c9 code=0x7ffc0000 [ 82.951467][ T29] audit: type=1326 audit(1762899325.858:1744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6787 comm="syz.1.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fce4409f6c9 code=0x7ffc0000 [ 82.990816][ T6788] loop1: detected capacity change from 0 to 512 [ 82.999702][ T6788] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities [ 83.111594][ T6808] __nla_validate_parse: 10 callbacks suppressed [ 83.111610][ T6808] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1374'. [ 83.181556][ T6816] loop4: detected capacity change from 0 to 1024 [ 83.203839][ T6816] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (58532!=20869) [ 83.227926][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.240110][ T6822] program syz.1.1381 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 83.248114][ T6816] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002] [ 83.281545][ T6816] EXT4-fs (loop4): failed to initialize system zone (-117) [ 83.293650][ T6826] loop0: detected capacity change from 0 to 256 [ 83.312541][ T6816] EXT4-fs (loop4): mount failed [ 83.347871][ T6835] loop3: detected capacity change from 0 to 1024 [ 83.398877][ T6835] EXT4-fs: Ignoring removed orlov option [ 83.416813][ T6826] FAT-fs (loop0): Directory bread(block 64) failed [ 83.424868][ T6835] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.434106][ T6826] FAT-fs (loop0): Directory bread(block 65) failed [ 83.482498][ T6826] FAT-fs (loop0): Directory bread(block 66) failed [ 83.490282][ T6826] FAT-fs (loop0): Directory bread(block 67) failed [ 83.498196][ T6826] FAT-fs (loop0): Directory bread(block 68) failed [ 83.505593][ T6826] FAT-fs (loop0): Directory bread(block 69) failed [ 83.512581][ T6826] FAT-fs (loop0): Directory bread(block 70) failed [ 83.513503][ T6847] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1391'. [ 83.520005][ T6826] FAT-fs (loop0): Directory bread(block 71) failed [ 83.536774][ T6826] FAT-fs (loop0): Directory bread(block 72) failed [ 83.543717][ T6826] FAT-fs (loop0): Directory bread(block 73) failed [ 83.592518][ T6850] loop1: detected capacity change from 0 to 2048 [ 83.617108][ T6850] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.630291][ T6826] syz.0.1382: attempt to access beyond end of device [ 83.630291][ T6826] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 83.659970][ T6850] ext4 filesystem being mounted at /308/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.705026][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.726422][ T6860] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1396'. [ 83.777277][ T6867] validate_nla: 4 callbacks suppressed [ 83.777297][ T6867] netlink: 'syz.2.1399': attribute type 1 has an invalid length. [ 83.790962][ T6867] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1399'. [ 83.828866][ T6871] loop0: detected capacity change from 0 to 1024 [ 83.855919][ T6871] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.878699][ T6871] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.1401: Allocating blocks 465-513 which overlap fs metadata [ 83.894974][ T6871] EXT4-fs (loop0): pa ffff888106dd9540: logic 256, phys. 369, len 9 [ 83.903392][ T6871] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 3 [ 83.938136][ T6871] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt. [ 83.955315][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.985259][ T5879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.134640][ T6906] loop0: detected capacity change from 0 to 256 [ 84.155173][ T6906] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001) [ 84.163811][ T6906] FAT-fs (loop0): Filesystem has been set read-only [ 84.175513][ T3319] block device autoloading is deprecated and will be removed. [ 84.474784][ T6942] vhci_hcd: default hub control req: 2313 v4002 i0001 l0 [ 84.546135][ T6966] loop0: detected capacity change from 0 to 1024 [ 84.564771][ T6966] EXT4-fs: inline encryption not supported [ 84.574035][ T6968] loop1: detected capacity change from 0 to 2048 [ 84.585818][ T6966] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.618962][ T6968] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 84.662582][ T6968] ext4 filesystem being mounted at /321/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.689929][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.832650][ T7009] xt_hashlimit: max too large, truncated to 1048576 [ 84.855090][ T7009] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 84.892541][ T7023] loop3: detected capacity change from 0 to 512 [ 84.913733][ T7026] loop1: detected capacity change from 0 to 512 [ 84.920846][ T7026] journal_path: Non-blockdev passed as './bus' [ 84.921920][ T7023] ------------[ cut here ]------------ [ 84.927201][ T7026] EXT4-fs: error: could not find journal device path [ 84.939778][ T7023] EA inode 11 i_nlink=2 [ 84.940009][ T7023] WARNING: CPU: 1 PID: 7023 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380 [ 84.954680][ T7023] Modules linked in: [ 84.959034][ T7023] CPU: 1 UID: 0 PID: 7023 Comm: syz.3.1460 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 84.970808][ T7023] Tainted: [W]=WARN [ 84.974751][ T7023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 84.985551][ T7023] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380 [ 84.992489][ T7023] Code: 90 49 8d 7e 40 e8 06 fa b8 ff 4d 8b 6e 40 4c 89 e7 e8 1a f5 b8 ff 41 8b 56 48 48 c7 c7 d5 d2 55 86 4c 89 ee e8 87 f5 67 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 08 e4 b5 03 0f 1f 84 00 00 00 00 00 [ 85.012848][ T7023] RSP: 0018:ffffc90005d035a0 EFLAGS: 00010246 [ 85.019356][ T7023] RAX: 7b41b5d2328d7b00 RBX: ffff88811a08e010 RCX: 0000000000080000 [ 85.028479][ T7023] RDX: ffffc9000429a000 RSI: 000000000001413b RDI: 000000000001413c [ 85.036670][ T7023] RBP: 0000000000000002 R08: 0001c90005d03427 R09: 0000000000000000 [ 85.045108][ T7023] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88811a08dfc0 [ 85.053370][ T7023] R13: 000000000000000b R14: ffff88811a08df78 R15: 0000000000000001 [ 85.061469][ T7023] FS: 00007f55bbedf6c0(0000) GS:ffff8882aef13000(0000) knlGS:0000000000000000 [ 85.071074][ T7023] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.077766][ T7023] CR2: 00007fce3a726000 CR3: 000000011abe4000 CR4: 00000000003506f0 [ 85.085820][ T7023] DR0: 0000200000000300 DR1: 0000000000000000 DR2: 0000000000000000 [ 85.093854][ T7023] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 85.101933][ T7023] Call Trace: [ 85.105257][ T7023] [ 85.108264][ T7023] ext4_xattr_set_entry+0x77f/0x1020 [ 85.113735][ T7023] ext4_xattr_ibody_set+0x184/0x3c0 [ 85.119039][ T7023] ext4_expand_extra_isize_ea+0xcbb/0x11f0 [ 85.125360][ T7023] __ext4_expand_extra_isize+0x246/0x280 [ 85.131338][ T7023] __ext4_mark_inode_dirty+0x29d/0x3f0 [ 85.137192][ T7023] ext4_evict_inode+0x80e/0xd90 [ 85.142172][ T7023] ? __pfx_ext4_evict_inode+0x10/0x10 [ 85.147680][ T7023] evict+0x2e3/0x550 [ 85.151646][ T7023] ? __dquot_initialize+0x146/0x7c0 [ 85.156925][ T7023] iput+0x4ed/0x650 [ 85.160774][ T7023] ext4_process_orphan+0x1a9/0x1c0 [ 85.166047][ T7023] ext4_orphan_cleanup+0x6a8/0xa00 [ 85.171226][ T7023] ext4_fill_super+0x3483/0x3810 [ 85.176243][ T7023] ? snprintf+0x86/0xb0 [ 85.180461][ T7023] ? set_blocksize+0x1a8/0x310 [ 85.185285][ T7023] ? sb_set_blocksize+0xe3/0x100 [ 85.190398][ T7023] ? setup_bdev_super+0x30e/0x370 [ 85.195499][ T7023] ? __pfx_ext4_fill_super+0x10/0x10 [ 85.200821][ T7023] get_tree_bdev_flags+0x291/0x300 [ 85.206041][ T7023] ? __pfx_ext4_fill_super+0x10/0x10 [ 85.211380][ T7023] get_tree_bdev+0x1f/0x30 [ 85.216006][ T7023] ext4_get_tree+0x1c/0x30 [ 85.220501][ T7023] vfs_get_tree+0x57/0x1d0 [ 85.224960][ T7023] do_new_mount+0x24d/0x660 [ 85.229549][ T7023] path_mount+0x4a5/0xb70 [ 85.234111][ T7023] ? user_path_at+0x109/0x130 [ 85.238849][ T7023] __se_sys_mount+0x28c/0x2e0 [ 85.243741][ T7023] __x64_sys_mount+0x67/0x80 [ 85.248383][ T7023] x64_sys_call+0x2b51/0x3000 [ 85.253213][ T7023] do_syscall_64+0xd2/0x200 [ 85.257761][ T7023] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 85.264055][ T7023] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 85.269890][ T7023] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.275915][ T7023] RIP: 0033:0x7f55bd480e6a [ 85.280450][ T7023] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.300480][ T7023] RSP: 002b:00007f55bbedee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 85.309016][ T7023] RAX: ffffffffffffffda RBX: 00007f55bbedeef0 RCX: 00007f55bd480e6a [ 85.317645][ T7023] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f55bbedeeb0 [ 85.326024][ T7023] RBP: 0000200000000180 R08: 00007f55bbedeef0 R09: 0000000000800700 [ 85.334510][ T7023] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 85.342505][ T7023] R13: 00007f55bbedeeb0 R14: 000000000000046f R15: 000000000000002c [ 85.350874][ T7023] [ 85.353984][ T7023] ---[ end trace 0000000000000000 ]--- [ 85.362421][ T7023] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #18: comm syz.3.1460: iget: bad extra_isize 90 (inode size 256) [ 85.363001][ T5879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.387025][ T7023] EXT4-fs (loop3): Remounting filesystem read-only [ 85.394142][ T7023] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -30) [ 85.403328][ T7023] EXT4-fs (loop3): 1 orphan inode deleted [ 85.409890][ T7023] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.464408][ T7042] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1464'. [ 85.473884][ T7042] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1464'. [ 85.497448][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.510372][ T7042] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1464'. [ 85.605506][ T7058] netlink: 'syz.0.1471': attribute type 21 has an invalid length. [ 85.617268][ T7058] netlink: 'syz.0.1471': attribute type 1 has an invalid length. [ 85.625627][ T7058] netlink: 144 bytes leftover after parsing attributes in process `syz.0.1471'. [ 85.635454][ T7062] syzkaller1: entered promiscuous mode [ 85.641012][ T7062] syzkaller1: entered allmulticast mode [ 85.790015][ T7089] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1484'. [ 85.803173][ T7089] 0ªX¹¦À: renamed from caif0 [ 85.810495][ T7091] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1485'. [ 85.824899][ T7089] 0ªX¹¦À: entered allmulticast mode [ 85.831216][ T7089] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 85.936938][ T7106] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7106 comm=syz.0.1492 [ 86.036103][ T7126] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 86.104162][ T7153] loop1: detected capacity change from 0 to 128 [ 86.180938][ T7165] 9pnet_fd: Insufficient options for proto=fd [ 86.516321][ T7170] syz.1.1508: attempt to access beyond end of device [ 86.516321][ T7170] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 86.531092][ T7170] buffer_io_error: 18 callbacks suppressed [ 86.531109][ T7170] Buffer I/O error on dev loop1, logical block 128, lost async page write [ 86.557593][ T7170] syz.1.1508: attempt to access beyond end of device [ 86.557593][ T7170] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 86.573227][ T7170] Buffer I/O error on dev loop1, logical block 128, lost async page write [ 86.686759][ T7211] loop2: detected capacity change from 0 to 2048 [ 86.715666][ T7211] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.785359][ T4187] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.900071][ T7264] loop0: detected capacity change from 0 to 2048 [ 86.944678][ T7264] loop0: p1 < > p4 [ 86.951304][ T7264] loop0: p4 size 8388608 extends beyond EOD, truncated [ 86.988750][ T7273] SELinux: failed to load policy [ 87.117339][ T7318] sd 0:0:1:0: device reset [ 87.168570][ T7324] netlink: 'syz.1.1561': attribute type 4 has an invalid length. [ 87.208105][ T7324] .`: renamed from bond0 (while UP) [ 87.304085][ T7342] loop0: detected capacity change from 0 to 512 [ 87.434522][ T7371] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 87.441176][ T7371] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 87.449085][ T7371] vhci_hcd vhci_hcd.0: Device attached [ 87.487843][ T7371] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(5) [ 87.494726][ T7371] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 87.502487][ T7371] vhci_hcd vhci_hcd.0: Device attached [ 87.530975][ T7371] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(7) [ 87.537584][ T7371] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 87.545083][ T7371] vhci_hcd vhci_hcd.0: Device attached [ 87.578338][ T7371] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(9) [ 87.584992][ T7371] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 87.592756][ T7371] vhci_hcd vhci_hcd.0: Device attached [ 87.662115][ T7388] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(11) [ 87.669131][ T7388] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 87.676838][ T7388] vhci_hcd vhci_hcd.0: Device attached [ 87.678241][ T7371] vhci_hcd vhci_hcd.0: pdev(1) rhport(5) sockfd(14) [ 87.689325][ T7371] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 87.696965][ T36] vhci_hcd: vhci_device speed not set [ 87.702444][ T7371] vhci_hcd vhci_hcd.0: Device attached [ 87.771006][ T7389] vhci_hcd: connection closed [ 87.771372][ T3982] vhci_hcd: stop threads [ 87.780683][ T3982] vhci_hcd: release socket [ 87.785157][ T3982] vhci_hcd: disconnect device [ 87.794240][ T36] usb 3-1: new full-speed USB device number 2 using vhci_hcd [ 87.808459][ T7372] vhci_hcd: connection reset by peer [ 87.814633][ T3982] vhci_hcd: stop threads [ 87.818948][ T3982] vhci_hcd: release socket [ 87.823378][ T3982] vhci_hcd: disconnect device [ 87.828139][ T7380] vhci_hcd: connection closed [ 87.828339][ T7383] vhci_hcd: connection closed [ 87.833907][ T7374] vhci_hcd: connection closed [ 87.850220][ T3982] vhci_hcd: stop threads [ 87.859461][ T3982] vhci_hcd: release socket [ 87.863886][ T3982] vhci_hcd: disconnect device [ 87.875854][ T3982] vhci_hcd: stop threads [ 87.880265][ T3982] vhci_hcd: release socket [ 87.884889][ T3982] vhci_hcd: disconnect device [ 87.889921][ T7393] vhci_hcd: connection closed [ 87.889995][ T3982] vhci_hcd: stop threads [ 87.899027][ T3982] vhci_hcd: release socket [ 87.903562][ T3982] vhci_hcd: disconnect device [ 87.912488][ T3982] vhci_hcd: stop threads [ 87.916881][ T3982] vhci_hcd: release socket [ 87.921383][ T3982] vhci_hcd: disconnect device [ 87.984147][ T29] kauditd_printk_skb: 274 callbacks suppressed [ 87.984164][ T29] audit: type=1326 audit(1762899330.968:2019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7411 comm="syz.4.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda53c9f6c9 code=0x7ffc0000 [ 88.086679][ T29] audit: type=1326 audit(1762899330.998:2020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7411 comm="syz.4.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda53c9f6c9 code=0x7ffc0000 [ 88.112101][ T29] audit: type=1326 audit(1762899330.998:2021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7411 comm="syz.4.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda53c9f6c9 code=0x7ffc0000 [ 88.136201][ T29] audit: type=1326 audit(1762899330.998:2022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7411 comm="syz.4.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda53c9f6c9 code=0x7ffc0000 [ 88.160591][ T29] audit: type=1326 audit(1762899330.998:2023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7411 comm="syz.4.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda53c9f6c9 code=0x7ffc0000 [ 88.184401][ T29] audit: type=1326 audit(1762899330.998:2024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7411 comm="syz.4.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda53c9f6c9 code=0x7ffc0000 [ 88.208360][ T29] audit: type=1326 audit(1762899330.998:2025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7411 comm="syz.4.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda53c9f6c9 code=0x7ffc0000 [ 88.232361][ T29] audit: type=1326 audit(1762899330.998:2026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7411 comm="syz.4.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda53c9f6c9 code=0x7ffc0000 [ 88.257042][ T29] audit: type=1326 audit(1762899330.998:2027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7411 comm="syz.4.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda53c9f6c9 code=0x7ffc0000 [ 88.281077][ T29] audit: type=1326 audit(1762899331.008:2028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7411 comm="syz.4.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda53c9f6c9 code=0x7ffc0000 [ 88.312619][ T7433] loop4: detected capacity change from 0 to 128 [ 88.334416][ T7433] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 88.352127][ T7433] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 88.360193][ T7433] FAT-fs (loop4): Filesystem has been set read-only [ 88.370365][ T7433] syz.4.1590: attempt to access beyond end of device [ 88.370365][ T7433] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 88.438439][ T1036] hid_parser_main: 49 callbacks suppressed [ 88.438462][ T1036] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 88.452600][ T1036] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 88.722579][ T7514] __nla_validate_parse: 14 callbacks suppressed [ 88.722596][ T7514] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1610'. [ 88.792474][ T7527] $Hÿ: renamed from bond0 (while UP) [ 88.811500][ T7527] $Hÿ: entered promiscuous mode [ 88.817623][ T7527] bond_slave_0: entered promiscuous mode [ 88.823456][ T7527] bond_slave_1: entered promiscuous mode [ 88.906355][ T7535] netlink: 'syz.4.1619': attribute type 4 has an invalid length. [ 88.966994][ T7535] netlink: 'syz.4.1619': attribute type 4 has an invalid length. [ 89.194826][ T7584] loop2: detected capacity change from 0 to 128 [ 89.489547][ T7586] syz.2.1628: attempt to access beyond end of device [ 89.489547][ T7586] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 89.503128][ T7586] Buffer I/O error on dev loop2, logical block 128, lost async page write [ 89.512161][ T7584] syz.2.1628: attempt to access beyond end of device [ 89.512161][ T7584] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 89.525919][ T7584] Buffer I/O error on dev loop2, logical block 128, lost async page write [ 89.754592][ T7600] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 90.026887][ T7501] syz.1.1605 (7501) used greatest stack depth: 7048 bytes left [ 90.128615][ T7631] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1645'. [ 90.454703][ T7673] tipc: Started in network mode [ 90.459660][ T7673] tipc: Node identity ac14140f, cluster identity 4711 [ 90.470309][ T7673] tipc: New replicast peer: 255.255.255.83 [ 90.476811][ T7673] tipc: Enabled bearer , priority 10 [ 90.612730][ T7709] serio: Serial port ptm0 [ 90.835466][ T7734] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1678'. [ 90.845274][ T7734] IPVS: Error connecting to the multicast addr [ 90.961982][ T7755] loop3: detected capacity change from 0 to 512 [ 90.989622][ T7755] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.007115][ T7755] ext4 filesystem being mounted at /330/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.027650][ T7755] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #15: comm syz.3.1687: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled [ 91.044630][ T7755] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 91.054161][ T7755] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #15: comm syz.3.1687: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled [ 91.070996][ T7755] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 91.081177][ T7755] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1687: bg 0: block 18: invalid block bitmap [ 91.094503][ T7755] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1687: Failed to acquire dquot type 1 [ 91.120783][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.167946][ T7768] futex_wake_op: syz.3.1690 tries to shift op by 144; fix this program [ 91.484198][ T7788] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1698'. [ 91.594260][ T1036] tipc: Node number set to 2886997007 [ 91.651030][ T5879] block device autoloading is deprecated and will be removed. [ 91.739418][ T7821] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1713'. [ 91.822693][ T7833] loop3: detected capacity change from 0 to 512 [ 91.848293][ T7833] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.867417][ T7843] loop0: detected capacity change from 0 to 1024 [ 91.876965][ T7843] EXT4-fs (loop0): Can't support bigalloc feature without extents feature [ 91.876965][ T7843] [ 91.889179][ T7843] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities [ 91.894505][ T7847] loop2: detected capacity change from 0 to 512 [ 91.911493][ T7833] ext4 filesystem being mounted at /340/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.932301][ T7847] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 91.956901][ T7847] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 91.989268][ T7847] ext4 filesystem being mounted at /313/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 92.015825][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.045932][ T7847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 92.082262][ T7858] loop3: detected capacity change from 0 to 256 [ 92.145778][ T7867] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7867 comm=syz.4.1725 [ 92.220754][ T7873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 92.243403][ T7873] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 92.305893][ T7883] syz.3.1732: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 92.320863][ T7883] CPU: 0 UID: 0 PID: 7883 Comm: syz.3.1732 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 92.320904][ T7883] Tainted: [W]=WARN [ 92.320913][ T7883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 92.320950][ T7883] Call Trace: [ 92.320959][ T7883] [ 92.320970][ T7883] __dump_stack+0x1d/0x30 [ 92.320993][ T7883] dump_stack_lvl+0xe8/0x140 [ 92.321055][ T7883] dump_stack+0x15/0x1b [ 92.321098][ T7883] warn_alloc+0x12b/0x1a0 [ 92.321144][ T7883] __vmalloc_node_range_noprof+0x9d/0xed0 [ 92.321213][ T7883] ? probe_sched_wakeup+0x85/0xa0 [ 92.321280][ T7883] ? ttwu_do_activate+0x1d0/0x210 [ 92.321311][ T7883] ? __rcu_read_unlock+0x4f/0x70 [ 92.321347][ T7883] ? avc_has_perm_noaudit+0x1b1/0x200 [ 92.321376][ T7883] ? should_fail_ex+0x30/0x280 [ 92.321405][ T7883] ? xskq_create+0x36/0xe0 [ 92.321503][ T7883] vmalloc_user_noprof+0x7d/0xb0 [ 92.321563][ T7883] ? xskq_create+0x80/0xe0 [ 92.321586][ T7883] xskq_create+0x80/0xe0 [ 92.321610][ T7883] xsk_init_queue+0x95/0xf0 [ 92.321680][ T7883] xsk_setsockopt+0x3f5/0x640 [ 92.321769][ T7883] ? __pfx_xsk_setsockopt+0x10/0x10 [ 92.321865][ T7883] __sys_setsockopt+0x184/0x200 [ 92.321909][ T7883] __x64_sys_setsockopt+0x64/0x80 [ 92.321977][ T7883] x64_sys_call+0x20ec/0x3000 [ 92.322007][ T7883] do_syscall_64+0xd2/0x200 [ 92.322036][ T7883] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 92.322070][ T7883] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 92.322117][ T7883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.322214][ T7883] RIP: 0033:0x7f55bd47f6c9 [ 92.322236][ T7883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.322259][ T7883] RSP: 002b:00007f55bbedf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 92.322285][ T7883] RAX: ffffffffffffffda RBX: 00007f55bd6d5fa0 RCX: 00007f55bd47f6c9 [ 92.322303][ T7883] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 92.322318][ T7883] RBP: 00007f55bd501f91 R08: 0000000000000004 R09: 0000000000000000 [ 92.322335][ T7883] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 92.322414][ T7883] R13: 00007f55bd6d6038 R14: 00007f55bd6d5fa0 R15: 00007ffc7a16ca78 [ 92.322433][ T7883] [ 92.322453][ T7883] Mem-Info: [ 92.452487][ T7887] loop2: detected capacity change from 0 to 512 [ 92.455058][ T7883] active_anon:3706 inactive_anon:12430 isolated_anon:0 [ 92.455058][ T7883] active_file:10169 inactive_file:13017 isolated_file:0 [ 92.455058][ T7883] unevictable:0 dirty:314 writeback:0 [ 92.455058][ T7883] slab_reclaimable:3319 slab_unreclaimable:29246 [ 92.455058][ T7883] mapped:28953 shmem:12563 pagetables:1180 [ 92.455058][ T7883] sec_pagetables:0 bounce:0 [ 92.455058][ T7883] kernel_misc_reclaimable:0 [ 92.455058][ T7883] free:1838987 free_pcp:19038 free_cma:0 [ 92.463638][ T7887] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.1734: error while reading EA inode 32 err=-116 [ 92.465043][ T7883] Node 0 active_anon:14940kB inactive_anon:49720kB active_file:40676kB inactive_file:52068kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:115812kB dirty:1256kB writeback:0kB shmem:50252kB kernel_stack:4336kB pagetables:4720kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 92.471639][ T7887] EXT4-fs (loop2): Remounting filesystem read-only [ 92.477012][ T7883] Node 0 [ 92.483260][ T7887] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 92.487620][ T7883] DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 92.508023][ T7887] EXT4-fs (loop2): 1 orphan inode deleted [ 92.516602][ T7883] lowmem_reserve[]: [ 92.525627][ T7887] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 92.533511][ T7883] 0 2881 [ 92.542613][ T7887] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.550151][ T7883] 7859 7859 [ 92.550177][ T7883] Node 0 DMA32 free:2946624kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2950256kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:104kB free_cma:0kB [ 92.787755][ T7883] lowmem_reserve[]: 0 0 4978 4978 [ 92.794131][ T7883] Node 0 Normal free:4393964kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:14940kB inactive_anon:49720kB active_file:40676kB inactive_file:52068kB unevictable:0kB writepending:1256kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:72760kB local_pcp:6700kB free_cma:0kB [ 92.831112][ T7883] lowmem_reserve[]: 0 0 0 0 [ 92.836562][ T7883] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 92.852038][ T7883] Node 0 DMA32: 2*4kB (M) 1*8kB (M) 3*16kB (M) 2*32kB (M) 3*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2946624kB [ 92.870904][ T7883] Node 0 Normal: 231*4kB (UME) 12*8kB (UME) 15*16kB (UME) 156*32kB (UME) 142*64kB (UME) 78*128kB (M) 45*256kB (UME) 12*512kB (ME) 9*1024kB (UME) 16*2048kB (UM) 1052*4096kB (UM) = 4393964kB [ 92.892463][ T7883] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 92.894296][ T36] usb 3-1: enqueue for inactive port 0 [ 92.902423][ T7883] 35860 total pagecache pages [ 92.908984][ T36] usb 3-1: enqueue for inactive port 0 [ 92.913437][ T7883] 51 pages in swap cache [ 92.924469][ T7883] Free swap = 106720kB [ 92.928736][ T7883] Total swap = 124996kB [ 92.933709][ T7883] 2097051 pages RAM [ 92.937655][ T7883] 0 pages HighMem/MovableOnly [ 92.942925][ T7883] 81087 pages reserved [ 93.005008][ T36] vhci_hcd: vhci_device speed not set [ 93.054777][ T29] kauditd_printk_skb: 309 callbacks suppressed [ 93.054824][ T29] audit: type=1400 audit(1762899336.038:2336): avc: denied { read write } for pid=3313 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 93.088389][ T29] audit: type=1400 audit(1762899336.038:2337): avc: denied { open } for pid=3313 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 93.129410][ T29] audit: type=1400 audit(1762899336.038:2338): avc: denied { ioctl } for pid=5879 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=100 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 93.157919][ T29] audit: type=1400 audit(1762899336.038:2339): avc: denied { map_create } for pid=7904 comm="syz.0.1742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 93.179305][ T29] audit: type=1400 audit(1762899336.038:2340): avc: denied { bpf } for pid=7904 comm="syz.0.1742" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 93.199859][ T7916] loop3: detected capacity change from 0 to 1024 [ 93.201682][ T29] audit: type=1400 audit(1762899336.038:2341): avc: denied { map_read map_write } for pid=7904 comm="syz.0.1742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 93.212098][ T7916] EXT4-fs: Ignoring removed bh option [ 93.231156][ T29] audit: type=1400 audit(1762899336.038:2342): avc: denied { prog_load } for pid=7904 comm="syz.0.1742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 93.231192][ T29] audit: type=1400 audit(1762899336.038:2343): avc: denied { perfmon } for pid=7904 comm="syz.0.1742" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 93.284619][ T29] audit: type=1400 audit(1762899336.038:2344): avc: denied { prog_run } for pid=7904 comm="syz.0.1742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 93.293649][ T7916] EXT4-fs: inline encryption not supported [ 93.306405][ T29] audit: type=1400 audit(1762899336.098:2345): avc: denied { create } for pid=7904 comm="syz.0.1742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 93.348451][ T7916] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 93.378483][ T7916] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 93.391718][ T7916] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.1746: lblock 2 mapped to illegal pblock 2 (length 1) [ 93.407941][ T7916] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.1746: lblock 0 mapped to illegal pblock 48 (length 1) [ 93.436613][ T7916] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1746: Failed to acquire dquot type 0 [ 93.452868][ T7916] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 93.467970][ T7916] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.1746: mark_inode_dirty error [ 93.481466][ T7916] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 93.492987][ T7916] EXT4-fs (loop3): 1 orphan inode deleted [ 93.500045][ T7916] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.509202][ T7938] netlink: 'syz.4.1755': attribute type 10 has an invalid length. [ 93.514377][ T3964] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:37: lblock 1 mapped to illegal pblock 1 (length 1) [ 93.543431][ T3964] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:37: Failed to release dquot type 0 [ 93.600975][ T7916] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 93.639248][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.649734][ T3321] EXT4-fs error (device loop3): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 93.663398][ T3321] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 93.692789][ T3321] EXT4-fs error (device loop3): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error [ 93.726242][ T7955] netlink: 35 bytes leftover after parsing attributes in process `syz.4.1762'. [ 93.736252][ T7955] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1762'. [ 93.744929][ T7962] loop0: detected capacity change from 0 to 512 [ 93.755938][ T7958] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1760'. [ 93.789204][ T7962] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.804166][ T7962] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 93.824840][ T7973] loop4: detected capacity change from 0 to 4096 [ 93.832886][ T7973] EXT4-fs: Ignoring removed nomblk_io_submit option [ 93.854965][ T7973] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.891884][ T5879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.921400][ T7985] vhci_hcd: default hub control req: 800f v0000 i0000 l31125 [ 94.009011][ T7992] loop3: detected capacity change from 0 to 512 [ 94.068802][ T7997] netlink: 'syz.1.1773': attribute type 10 has an invalid length. [ 94.104206][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.113828][ T7992] FAT-fs (loop3): Filesystem has been set read-only [ 94.135850][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.145193][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.154931][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.224490][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.250056][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.303123][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.303518][ T8026] loop4: detected capacity change from 0 to 512 [ 94.312343][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.329318][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.339595][ T8026] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.364245][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.379925][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.389368][ T8026] ext4 filesystem being mounted at /351/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.389665][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.411823][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.422765][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.431642][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.440530][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.451575][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.461079][ T7992] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 548) [ 94.470798][ T7992] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 548) [ 94.514100][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.561204][ T8054] 9pnet_fd: Insufficient options for proto=fd [ 94.600352][ T8062] loop3: detected capacity change from 0 to 2048 [ 94.602373][ T8061] loop2: detected capacity change from 0 to 512 [ 94.614304][ T8061] journal_path: Non-blockdev passed as './bus' [ 94.621140][ T8061] EXT4-fs: error: could not find journal device path [ 94.634715][ T8062] loop3: p1 < > p4 [ 94.641135][ T8062] loop3: p4 size 8388608 extends beyond EOD, truncated [ 94.767070][ T8089] loop1: detected capacity change from 0 to 512 [ 94.796944][ T8089] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.826120][ T8089] ext4 filesystem being mounted at /385/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.901890][ T8105] loop2: detected capacity change from 0 to 512 [ 94.905503][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.938278][ T8111] netlink: 'syz.2.1812': attribute type 3 has an invalid length. [ 95.057986][ T8125] SELinux: failed to load policy [ 95.231607][ T8149] SELinux: policydb table sizes (0,0) do not match mine (8,7) [ 95.246827][ T8156] netlink: 'syz.3.1828': attribute type 4 has an invalid length. [ 95.255343][ T8149] SELinux: failed to load policy [ 95.255350][ T8156] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1828'. [ 95.304257][ T8156] .`: renamed from bond0 (while UP) [ 95.392258][ T8172] netlink: 'syz.2.1834': attribute type 10 has an invalid length. [ 95.409750][ T8176] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1839'. [ 95.419833][ T8176] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1839'. [ 95.424117][ T8180] loop1: detected capacity change from 0 to 128 [ 95.445036][ T8180] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 95.454320][ T8180] FAT-fs (loop1): Filesystem has been set read-only [ 95.489834][ T8180] syz.1.1840: attempt to access beyond end of device [ 95.489834][ T8180] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 95.504373][ T8180] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 95.513430][ T8180] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 95.531595][ T8180] syz.1.1840: attempt to access beyond end of device [ 95.531595][ T8180] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 95.557504][ T8180] syz.1.1840: attempt to access beyond end of device [ 95.557504][ T8180] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 95.573435][ T8180] syz.1.1840: attempt to access beyond end of device [ 95.573435][ T8180] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 95.590986][ T8180] syz.1.1840: attempt to access beyond end of device [ 95.590986][ T8180] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 95.606475][ T8180] syz.1.1840: attempt to access beyond end of device [ 95.606475][ T8180] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 95.620449][ T8180] syz.1.1840: attempt to access beyond end of device [ 95.620449][ T8180] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 95.646460][ T8180] syz.1.1840: attempt to access beyond end of device [ 95.646460][ T8180] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 95.664036][ T8180] syz.1.1840: attempt to access beyond end of device [ 95.664036][ T8180] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 95.704030][ T8180] syz.1.1840: attempt to access beyond end of device [ 95.704030][ T8180] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 95.809053][ T8206] netlink: 'syz.4.1849': attribute type 4 has an invalid length. [ 95.817750][ T8206] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1849'. [ 95.830302][ T8207] IPv6: NLM_F_CREATE should be specified when creating new route [ 95.879026][ T8206] .`: renamed from bond0 (while UP) [ 95.942503][ T8219] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8219 comm=syz.2.1852 [ 96.204934][ T8246] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8246 comm=syz.3.1867 [ 96.387885][ T8259] loop2: detected capacity change from 0 to 2048 [ 96.444405][ T8259] loop2: p1 < > p4 [ 96.449484][ T8259] loop2: p4 size 8388608 extends beyond EOD, truncated [ 96.484255][ T1036] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.514081][ T1036] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 96.537564][ T8290] loop2: detected capacity change from 0 to 512 [ 96.589401][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.598458][ T8290] FAT-fs (loop2): Filesystem has been set read-only [ 96.622529][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.643157][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.657454][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.670230][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.710676][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.723291][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.733420][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.750319][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.761236][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.770767][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.797264][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.809474][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.820155][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.830268][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.842910][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.855157][ T8290] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 548) [ 96.879142][ T8290] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548) [ 96.897150][ T8311] netlink: 'syz.3.1882': attribute type 10 has an invalid length. [ 96.940819][ T8321] loop4: detected capacity change from 0 to 2048 [ 96.985349][ T8321] loop4: p1 < > p4 [ 96.992607][ T8321] loop4: p4 size 8388608 extends beyond EOD, truncated [ 97.016550][ T8331] loop3: detected capacity change from 0 to 128 [ 97.208862][ T8331] ================================================================== [ 97.218034][ T8331] BUG: KCSAN: data-race in vfs_fsync_range / writeback_single_inode [ 97.228435][ T8331] [ 97.231091][ T8331] write to 0xffff88811a173a28 of 4 bytes by task 8341 on cpu 1: [ 97.240152][ T8331] writeback_single_inode+0x150/0x3f0 [ 97.246190][ T8331] sync_inode_metadata+0x5b/0x90 [ 97.251817][ T8331] __generic_file_fsync+0xf8/0x140 [ 97.258554][ T8331] fat_file_fsync+0x49/0x100 [ 97.264027][ T8331] vfs_fsync_range+0x10d/0x130 [ 97.269505][ T8331] generic_file_write_iter+0x1b8/0x2f0 [ 97.276508][ T8331] iter_file_splice_write+0x666/0xa60 [ 97.284044][ T8331] direct_splice_actor+0x156/0x2a0 [ 97.291200][ T8331] splice_direct_to_actor+0x312/0x680 [ 97.297492][ T8331] do_splice_direct+0xda/0x150 [ 97.303821][ T8331] do_sendfile+0x380/0x650 [ 97.309177][ T8331] __x64_sys_sendfile64+0x105/0x150 [ 97.316279][ T8331] x64_sys_call+0x2bb4/0x3000 [ 97.321793][ T8331] do_syscall_64+0xd2/0x200 [ 97.327040][ T8331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.333949][ T8331] [ 97.336339][ T8331] read to 0xffff88811a173a28 of 4 bytes by task 8331 on cpu 0: [ 97.345904][ T8331] vfs_fsync_range+0x9b/0x130 [ 97.351371][ T8331] generic_file_write_iter+0x1b8/0x2f0 [ 97.357390][ T8331] iter_file_splice_write+0x666/0xa60 [ 97.363953][ T8331] direct_splice_actor+0x156/0x2a0 [ 97.369896][ T8331] splice_direct_to_actor+0x312/0x680 [ 97.375763][ T8331] do_splice_direct+0xda/0x150 [ 97.380933][ T8331] do_sendfile+0x380/0x650 [ 97.386555][ T8331] __x64_sys_sendfile64+0x105/0x150 [ 97.392784][ T8331] x64_sys_call+0x2bb4/0x3000 [ 97.398283][ T8331] do_syscall_64+0xd2/0x200 [ 97.404239][ T8331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.410495][ T8331] [ 97.410775][ T8341] Buffer I/O error on dev loop3, logical block 128, lost async page write [ 97.412866][ T8331] value changed: 0x00000070 -> 0x00000042 [ 97.412882][ T8331] [ 97.412887][ T8331] Reported by Kernel Concurrency Sanitizer on: [ 97.412906][ T8331] CPU: 0 UID: 0 PID: 8331 Comm: syz.3.1888 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 97.450423][ T8331] Tainted: [W]=WARN [ 97.454509][ T8331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 97.466083][ T8331] ================================================================== [ 97.477311][ T8331] Buffer I/O error on dev loop3, logical block 128, lost async page write [ 98.500063][ T44] Bluetooth: hci0: Opcode 0x1003 failed: -110