last executing test programs: 2.249263902s ago: executing program 0 (id=1772): socket$packet(0x11, 0xa, 0x300) socket$packet(0x11, 0xa, 0x300) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x18) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) 1.705572815s ago: executing program 3 (id=1783): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000680)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x473, &(0x7f0000000bc0)="$eJzs281rHGUYAPBnJh9t7UdirR+tVaNFCIpJk1btwYuiIKIo6KEeY7ItodtGmii2FpuKeBKkoGfxKPoXeBNB1JPg1ZMnKRTtpa2nyMzOpJttNrFmk4nd3w82+74z7+48T+br3ffdDaBrDWV/kogdEfFbRAw0qksbDDWerl05N3n9yrnJJBYWXv8zydtdvXJusmxavm57URlOI9KPkmIjS82eOXtiol6vnS7qo3Mn3x6dPXP2iXdPThyvHa+dGj9y5PChsaefGn+yI3lmeV3d98HM/r0vvnnxlcmjF9/66Zss3h3F+uY8OmUoS/yvhVzrukc7vbGK7WwqJ70VBsIt6YmIbHf15ef/QPTEjZ03EC98WGlwwLrK7k1b2q+eXwBuY0lUHQFQjfJGn33+LR8b1PXYFC4/2/gAlOV9rXg01vRGWrTpa/l820lDEXF0/u8vskes0zgEAECzTyY/fzl7fv/61y9lfY+BxTVp3JM//57/3VXMoQxGxJ0RsTsi7oqIPRFxd0Te9t6IuG+N8dzc/0kvrfEtV5T1/54p5raW9v/K3l8M9hS1nXn+fcmx6XrtYPE/GY6+LVl9bIVtfPf8r5+2W9fc/8se2fbLvmARx6XelgG6qYm5ibxT2gGXL0Ts610u/2RxJiCJiL0Rse/W3npXWZh+7Kv97Rqtnv8KOjDPtPBllt58lv98tORfSprnJ6dvmp8c3Rr12sHR8qi42c+/fPxau+2vKf8OuFxrPDft/9Ymg0nzfO1sZ7f/H4//tD95I59n7i+WvTcxN3d6LKI/yS9nS5eP33htWS/bZ8f/8IHlz//dxWuy/O+PiOwgfiAiHoyIh4rYH46IRyLiwAo5/vjc6vlHWtH+vxAxtez1b/H4b9n/t17oOfHDt+22/+/2/+G8NFwsya9/q1gunOxy0RrgWv53AAAA8H+R5t+BT9KRxXKajow0vsO/J+5I6zOzc48fm3nn1FTju/KD0ZeWI10DxXhofbpeG0vmi3dsjI+OF2PF5XjpoWLc+LOebXl9ZHKmPlVx7tDttrc5/zN/9FQdHbDOti27dLx/wwMBKtA6j54urZ5/NVwM4Hbl99rQvVY5/9ONigPYeO7/0L2WO//Pt9TNBcDtyf0fupfzH7pU+n3VEQAVcv+HrrSW3/WvY2Hr5gijmsJm3Sl5IaIspJsiHoV1KlR9ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMfwIAAP//2wzmew==") bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) statfs(&(0x7f0000000840)='./file0/file0\x00', &(0x7f0000000880)=""/141) 1.703569316s ago: executing program 0 (id=1794): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x9}, 0x18) r1 = socket$inet_sctp(0x2, 0x5, 0x84) close(r1) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000280)=[@in={0x2, 0x4e24, @private=0xa010100}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) sendmsg$inet_sctp(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)="d8", 0x1}], 0x1, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r3}}], 0x20, 0x2400e044}, 0x0) 1.267118174s ago: executing program 3 (id=1787): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000004000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000024c0)=@newtaction={0x6c, 0x30, 0x48b, 0x0, 0x0, {}, [{0x58, 0x1, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x54, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x40000, 0x4, 0x0, 0xe}, @multicast2, @remote}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x8040) 1.13845657s ago: executing program 3 (id=1788): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) r1 = socket(0x2, 0x3, 0x6) bind$inet(r1, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000024c0)=ANY=[@ANYBLOB="940200001900010000000000fcdbdf2500000000000023000000000040000000fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000049e9835b00000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa000000000102"], 0x294}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f00000000c0)=0x6, 0x4) sendto$inet(r1, 0x0, 0x20, 0x48890, &(0x7f0000000100)={0x2, 0x4e24, @broadcast}, 0x10) 1.065031424s ago: executing program 3 (id=1791): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=0x0) iopl(0x3) timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r2) waitid(0x0, r2, 0x0, 0x8, 0x0) waitid(0x1, r2, 0x0, 0x4, 0x0) 1.012135616s ago: executing program 1 (id=1796): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f00000010c0)=""/57}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='block_bio_remap\x00', r1, 0x0, 0x5}, 0x18) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r2}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 992.673897ms ago: executing program 1 (id=1797): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) dup2(r0, r1) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000000c0)={0x0, 0x2, 0x4, "fa5346db"}, 0xc) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000140)={0x0, 0x2}, 0x8) 956.409918ms ago: executing program 1 (id=1801): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@noblock_validity}, {}, {@sysvgroups}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@resgid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) truncate(&(0x7f0000000900)='./file1\x00', 0x3000000) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0) mount(0x0, &(0x7f0000003c40)='./file0\x00', 0x0, 0x0, 0x0) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000006c80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x220, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x48042, 0x8c) fallocate(r1, 0x10, 0x6, 0x105ff) 833.143804ms ago: executing program 4 (id=1805): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) r1 = socket(0x2, 0x3, 0x6) bind$inet(r1, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000024c0)=ANY=[@ANYBLOB="940200001900010000000000fcdbdf2500000000000023000000000040000000fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000049e9835b00000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa000000000102"], 0x294}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f00000000c0)=0x6, 0x4) sendto$inet(r1, 0x0, 0x20, 0x48890, &(0x7f0000000100)={0x2, 0x4e24, @broadcast}, 0x10) 832.642854ms ago: executing program 0 (id=1806): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) r3 = dup2(r2, r2) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0xa, 0x1, 0x40000000, 0x10}) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0) 822.336664ms ago: executing program 2 (id=1807): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffffffffff7}, 0x18) r1 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x6, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0) mq_unlink(&(0x7f0000000000)='eth0\x00') close(r1) 790.618695ms ago: executing program 2 (id=1808): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a300000000014000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000) 781.408656ms ago: executing program 4 (id=1809): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc) r1 = socket$inet6(0xa, 0x3, 0x1) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@multicast1, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffc, 0x2000000000000000}, {}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x33}, 0xfffffffd, 0x33}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x2}, 0xfffffffc, 0x0, 0x0, 0xf9, 0x0, 0x0, 0xfffffffe}}, 0xe8) sendmmsg(r1, &(0x7f0000000480), 0x21, 0x0) 742.262517ms ago: executing program 4 (id=1810): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10) shmdt(0x0) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@multicast1, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3503, 0x3}}, 0xe8) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0) 695.126189ms ago: executing program 2 (id=1811): r0 = socket(0x2a, 0x2, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa, 0x2}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x800}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x84}]}}]}, 0x44}}, 0x24004000) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 685.22445ms ago: executing program 0 (id=1812): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) fchdir(r3) symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file2\x00') 678.50026ms ago: executing program 2 (id=1813): setsockopt$inet_sctp6_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xa) r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x1f9}, &(0x7f0000000000)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r0, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x12345}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0) preadv(r3, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/68, 0x44}], 0x1, 0x8000, 0x0) 654.790011ms ago: executing program 1 (id=1814): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x10007ffffffff}, 0x18) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002280)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) getsockopt$bt_hci(r1, 0x84, 0x80, &(0x7f0000000200)=""/4129, &(0x7f00000000c0)=0x1021) 648.846502ms ago: executing program 0 (id=1815): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x5}, 0x18) r1 = fsopen(&(0x7f0000000080)='mqueue\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000001d40)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xaei\xb6\xb7\xc1Y\xd5YG\xf9\xc2\xf1\xa4\xdb$\xf6]\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\x03\x00\x00\x00\x00\x00\x00\x00\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^W\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B\xc5\x05\x9d\xd6\x02|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3q\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^\x00\x00\x00\x00\x00\x00\x00\x00\x00\xef\xcd\xd3\t\x01A\xd5\x81\xc1;9\xeez\xba\x00\x00\x00\xdc\x94\xff)\xa4\xe6\xfb]\x90bG\x11\b\x98#\xaa99ez|\x8b5\x92\xa5\xba\x96\xb3\xb26I\xbb\xdeb\x95?\xc0\x81', &(0x7f0000000200)='sockfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000040)='\x00', &(0x7f00000001c0)='dE\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000280)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf10x0]}, &(0x7f0000000240)=0x8) sendmsg$inet_sctp(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)="d8", 0x1}], 0x1, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r3}}], 0x20, 0x2400e044}, 0x0) 534.399287ms ago: executing program 0 (id=1827): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000540), 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) sendfile(r1, r1, 0x0, 0xe3aa6ea) creat(&(0x7f00000003c0)='./file1\x00', 0x11) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r2, 0xffffffffffffffff, 0x100000000000000) 363.447644ms ago: executing program 4 (id=1818): mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x200000000000002f, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r3}, 0x10) r4 = dup(r2) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) 360.505854ms ago: executing program 2 (id=1819): r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0x1, 0x1000ffffffff}, 0x2000, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) bind$unix(r1, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r1, 0x0) connect$unix(r0, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) accept(r1, 0x0, 0x0) 134.428794ms ago: executing program 3 (id=1820): r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000440), 0x10) listen(r0, 0x5) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10) r2 = accept4$unix(r0, 0x0, 0x0, 0x0) sendto$packet(r1, &(0x7f0000000600)="5f0efc3e1792a50972d2eb21bdff9ca4ac804c2847689e7fd3f3fe7bf05ddc63ff512d4074687760a5fbd1fc97777a6e55123f04cc8437b15f4b2c6f5027dc", 0x3f, 0x0, 0x0, 0x0) recvmsg(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)=""/63, 0x3f}], 0x1}, 0x10012) 53.246527ms ago: executing program 1 (id=1831): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18) syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac9", 0x3}], 0x1}}], 0x1, 0x4000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xf, &(0x7f0000000200)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94) r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.idle_time\x00', 0x275a, 0x0) write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad44afac11d875397bdb22d0000b420a1a93c5240f45f819ef6167d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}}) 52.973148ms ago: executing program 2 (id=1821): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$igmp6(0xa, 0x3, 0x2) sendmsg$NFT_MSG_GETFLOWTABLE(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x14, 0x17, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x4000004}, 0x8000) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}}) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72) 43.378558ms ago: executing program 3 (id=1822): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18) bpf$PROG_LOAD(0x5, 0x0, 0x0) ftruncate(0xffffffffffffffff, 0x51a9497) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x9}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1") 0s ago: executing program 1 (id=1823): r0 = fsopen(&(0x7f0000000140)='sysfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x1) fchdir(r1) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r2 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50) getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8) getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8) kernel console output (not intermixed with test programs): _type=17 sclass=netlink_audit_socket pid=3937 comm=syz.2.162 [ 38.113918][ T3946] loop2: detected capacity change from 0 to 7 [ 38.120431][ T3005] loop2: [ 38.130862][ T29] audit: type=1400 audit(1763636063.311:284): avc: denied { create } for pid=3943 comm="syz.1.167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 38.154395][ T29] audit: type=1400 audit(1763636063.311:285): avc: denied { ioctl } for pid=3943 comm="syz.1.167" path="socket:[5775]" dev="sockfs" ino=5775 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 38.179173][ T3946] loop2: [ 38.193272][ T3005] loop2: [ 38.221467][ T3948] netlink: 4 bytes leftover after parsing attributes in process `syz.1.168'. [ 38.236550][ T3948] team0 (unregistering): Port device team_slave_0 removed [ 38.259631][ T3948] team0 (unregistering): Port device team_slave_1 removed [ 38.545463][ T3975] SELinux: Context /usr/sbin/cupsd is not valid (left unmapped). [ 38.644846][ T3983] netlink: 24 bytes leftover after parsing attributes in process `syz.1.191'. [ 38.868559][ T3993] netlink: 176 bytes leftover after parsing attributes in process `syz.1.185'. [ 39.129899][ T4017] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.144478][ T4013] netlink: 96 bytes leftover after parsing attributes in process `syz.2.195'. [ 39.179684][ T4026] netlink: 4 bytes leftover after parsing attributes in process `syz.4.201'. [ 39.196084][ T4017] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.207875][ T4026] netlink: 12 bytes leftover after parsing attributes in process `syz.4.201'. [ 39.248599][ T4017] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.272729][ T4030] netlink: 96 bytes leftover after parsing attributes in process `syz.2.203'. [ 39.290430][ T4033] netlink: 'syz.4.204': attribute type 4 has an invalid length. [ 39.309313][ T4017] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.340753][ T4033] netlink: 'syz.4.204': attribute type 4 has an invalid length. [ 39.380577][ T3875] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.419090][ T3875] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.442227][ T3875] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.451994][ T4037] Driver unsupported XDP return value 0 on prog (id 183) dev N/A, expect packet loss! [ 39.470489][ T3875] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.709834][ T4066] netem: change failed [ 39.771297][ T4075] loop2: detected capacity change from 0 to 512 [ 39.793289][ T4075] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #3: comm syz.2.224: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0) [ 39.818289][ T4075] EXT4-fs error (device loop2): ext4_quota_enable:7139: comm syz.2.224: Bad quota inode: 3, type: 0 [ 39.848200][ T4075] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 39.866269][ T4075] EXT4-fs (loop2): mount failed [ 40.038101][ T4099] loop4: detected capacity change from 0 to 1024 [ 40.095505][ T4104] sch_fq: defrate 4294967295 ignored. [ 40.113926][ T4099] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 40.124843][ T4099] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 40.167676][ T4099] JBD2: no valid journal superblock found [ 40.173564][ T4099] EXT4-fs (loop4): Could not load journal inode [ 40.240160][ T4113] loop1: detected capacity change from 0 to 4096 [ 40.309622][ T4113] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.326733][ T4113] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.432081][ T4133] loop0: detected capacity change from 0 to 128 [ 40.684501][ T4151] loop1: detected capacity change from 0 to 164 [ 40.703683][ T4151] bio_check_eod: 101 callbacks suppressed [ 40.703697][ T4151] syz.1.256: attempt to access beyond end of device [ 40.703697][ T4151] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 40.723782][ T4151] syz.1.256: attempt to access beyond end of device [ 40.723782][ T4151] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 40.973518][ T4173] netlink: 4 bytes leftover after parsing attributes in process `syz.1.267'. [ 40.982616][ T4173] netlink: 4 bytes leftover after parsing attributes in process `syz.1.267'. [ 41.044297][ T4180] tipc: Started in network mode [ 41.049208][ T4180] tipc: Node identity ac141413, cluster identity 4711 [ 41.062374][ T4180] tipc: New replicast peer: 10.1.1.2 [ 41.067731][ T4180] tipc: Enabled bearer , priority 10 [ 41.128398][ T4189] netlink: 360 bytes leftover after parsing attributes in process `syz.0.274'. [ 41.334827][ T4211] bridge: RTM_NEWNEIGH with invalid ether address [ 41.526939][ T4229] bond1: entered promiscuous mode [ 41.532102][ T4229] bond1: entered allmulticast mode [ 41.537696][ T4229] 8021q: adding VLAN 0 to HW filter on device bond1 [ 41.569100][ T4229] bond1 (unregistering): Released all slaves [ 41.636631][ T4238] Set syz1 is full, maxelem 6117 reached [ 41.694901][ T4248] loop1: detected capacity change from 0 to 1024 [ 41.702237][ T4248] EXT4-fs: Ignoring removed oldalloc option [ 41.708212][ T4248] EXT4-fs: Ignoring removed bh option [ 41.731795][ T4248] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.758362][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.984896][ T4282] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4282 comm=syz.2.310 [ 42.003831][ T4284] ip6tnl1: entered promiscuous mode [ 42.009105][ T4284] ip6tnl1: entered allmulticast mode [ 42.121053][ T4298] SELinux: failed to load policy [ 42.180594][ T3395] tipc: Node number set to 2886997011 [ 42.416788][ C0] hrtimer: interrupt took 29170 ns [ 42.541479][ T4341] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 42.641042][ T29] kauditd_printk_skb: 89 callbacks suppressed [ 42.641091][ T29] audit: type=1326 audit(1763636067.821:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 42.700625][ T29] audit: type=1326 audit(1763636067.851:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 42.724004][ T29] audit: type=1326 audit(1763636067.851:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 42.747379][ T29] audit: type=1326 audit(1763636067.851:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 42.770659][ T29] audit: type=1326 audit(1763636067.851:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 42.794176][ T29] audit: type=1326 audit(1763636067.851:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 42.817490][ T29] audit: type=1326 audit(1763636067.851:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 42.840891][ T29] audit: type=1326 audit(1763636067.851:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 42.864081][ T29] audit: type=1326 audit(1763636067.851:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 42.887299][ T29] audit: type=1326 audit(1763636067.851:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4349 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd0925c2005 code=0x7ffc0000 [ 43.396350][ T4372] netlink: 96 bytes leftover after parsing attributes in process `syz.2.350'. [ 43.488188][ T4376] tipc: Started in network mode [ 43.493154][ T4376] tipc: Node identity ac14140f, cluster identity 4711 [ 43.512589][ T4376] tipc: New replicast peer: 255.255.255.255 [ 43.518706][ T4376] tipc: Enabled bearer , priority 10 [ 43.589621][ T4380] capability: warning: `syz.2.354' uses deprecated v2 capabilities in a way that may be insecure [ 43.606854][ T4382] loop0: detected capacity change from 0 to 512 [ 43.622261][ T4382] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 43.664467][ T4382] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 43.684133][ T4382] EXT4-fs (loop0): failed to initialize system zone (-117) [ 43.691465][ T4382] EXT4-fs (loop0): mount failed [ 43.699475][ T4382] xt_TPROXY: Can be used only with -p tcp or -p udp [ 43.752642][ T4388] netlink: 28 bytes leftover after parsing attributes in process `syz.2.357'. [ 43.761583][ T4388] netlink: 32 bytes leftover after parsing attributes in process `syz.2.357'. [ 43.770458][ T4388] netlink: 28 bytes leftover after parsing attributes in process `syz.2.357'. [ 43.811026][ T4388] netlink: 32 bytes leftover after parsing attributes in process `syz.2.357'. [ 43.825357][ T4395] netlink: 8 bytes leftover after parsing attributes in process `syz.0.360'. [ 43.834260][ T4395] netlink: 32 bytes leftover after parsing attributes in process `syz.0.360'. [ 43.843153][ T4395] netlink: 8 bytes leftover after parsing attributes in process `syz.0.360'. [ 43.852123][ T4395] netlink: 2 bytes leftover after parsing attributes in process `syz.0.360'. [ 43.863544][ T4395] netlink: 32 bytes leftover after parsing attributes in process `syz.0.360'. [ 43.873144][ T4393] wg2: entered promiscuous mode [ 43.878017][ T4393] wg2: entered allmulticast mode [ 43.897644][ T4397] loop2: detected capacity change from 0 to 128 [ 43.938071][ T4397] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 43.957028][ T4397] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 43.978601][ T3892] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 44.180946][ T4417] capability: warning: `syz.0.371' uses 32-bit capabilities (legacy support in use) [ 44.203277][ T4419] xt_TPROXY: Can be used only with -p tcp or -p udp [ 44.327562][ T4426] loop4: detected capacity change from 0 to 128 [ 44.473919][ T4426] syz.4.374: attempt to access beyond end of device [ 44.473919][ T4426] loop4: rw=2049, sector=185, nr_sectors = 16 limit=128 [ 44.510853][ T4426] syz.4.374: attempt to access beyond end of device [ 44.510853][ T4426] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 44.524961][ T4426] syz.4.374: attempt to access beyond end of device [ 44.524961][ T4426] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 44.538583][ T4426] syz.4.374: attempt to access beyond end of device [ 44.538583][ T4426] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 44.552269][ T4426] syz.4.374: attempt to access beyond end of device [ 44.552269][ T4426] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128 [ 44.565871][ T4426] syz.4.374: attempt to access beyond end of device [ 44.565871][ T4426] loop4: rw=2049, sector=273, nr_sectors = 8 limit=128 [ 44.579607][ T4426] syz.4.374: attempt to access beyond end of device [ 44.579607][ T4426] loop4: rw=2049, sector=289, nr_sectors = 8 limit=128 [ 44.593270][ T4426] syz.4.374: attempt to access beyond end of device [ 44.593270][ T4426] loop4: rw=2049, sector=305, nr_sectors = 8 limit=128 [ 44.639272][ T4440] syzkaller0: entered allmulticast mode [ 44.645165][ T4440] syzkaller0: entered promiscuous mode [ 44.650736][ T3422] tipc: Node number set to 2886997007 [ 44.657493][ T4440] syzkaller0 (unregistering): left promiscuous mode [ 44.664190][ T4440] syzkaller0 (unregistering): left allmulticast mode [ 44.751870][ T4449] loop4: detected capacity change from 0 to 1024 [ 44.758752][ T4449] EXT4-fs: Ignoring removed bh option [ 44.768525][ T4449] EXT4-fs: inline encryption not supported [ 44.783723][ T4449] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 44.809466][ T4449] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 44.833576][ T4449] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.383: lblock 2 mapped to illegal pblock 2 (length 1) [ 44.884202][ T4449] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.383: lblock 0 mapped to illegal pblock 48 (length 1) [ 44.900841][ T4449] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.383: Failed to acquire dquot type 0 [ 44.920605][ T4449] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 44.920912][ T4462] kernel read not supported for file /!selinuxwk1m9ɞ*T#jYmVvm(p-QZ#{ (pid: 4462 comm: syz.1.388) [ 44.943055][ T4449] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.383: mark_inode_dirty error [ 44.959775][ T4449] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 44.983287][ T4449] EXT4-fs (loop4): 1 orphan inode deleted [ 44.994780][ T4449] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.015490][ T3840] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:12: lblock 1 mapped to illegal pblock 1 (length 1) [ 45.030909][ T4449] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.038645][ T4449] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.045763][ T4449] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.059398][ T3840] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:12: Failed to release dquot type 0 [ 45.090598][ T4449] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.383: lblock 0 mapped to illegal pblock 48 (length 1) [ 45.143242][ T4449] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 45.192754][ T3327] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.448314][ T4508] sd 0:0:1:0: device reset [ 45.576504][ T4519] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4519 comm=syz.2.411 [ 45.629199][ T4523] loop3: detected capacity change from 0 to 1024 [ 45.647607][ T4523] ext4: Unknown parameter 'uid<00000000000000000000' [ 45.988732][ T4553] loop2: detected capacity change from 0 to 1024 [ 46.013313][ T4553] EXT4-fs: Ignoring removed orlov option [ 46.041568][ T4553] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 46.072149][ T4553] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.106555][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.253871][ T4567] loop2: detected capacity change from 0 to 512 [ 46.281640][ T4570] netlink: 'syz.3.430': attribute type 4 has an invalid length. [ 46.291417][ T4567] ext4: Unknown parameter 'obj_role' [ 46.786821][ T4595] sd 0:0:1:0: device reset [ 46.814810][ T4605] loop3: detected capacity change from 0 to 512 [ 46.830315][ T4605] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 47.043183][ T4633] vlan2: entered allmulticast mode [ 47.147709][ T4644] loop3: detected capacity change from 0 to 512 [ 47.177856][ T4644] EXT4-fs: Ignoring removed i_version option [ 47.221713][ T4644] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.247226][ T4648] loop1: detected capacity change from 0 to 512 [ 47.270293][ T4648] EXT4-fs: Ignoring removed nomblk_io_submit option [ 47.278275][ T4648] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 47.291440][ T4648] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 47.321349][ T4648] EXT4-fs (loop1): 1 truncate cleaned up [ 47.334290][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.357333][ T4648] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.419804][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.625272][ T4695] loop1: detected capacity change from 0 to 1024 [ 47.692407][ T29] kauditd_printk_skb: 138 callbacks suppressed [ 47.692439][ T29] audit: type=1400 audit(1763636072.871:519): avc: denied { ioctl } for pid=4701 comm="gtp" path="socket:[8501]" dev="sockfs" ino=8501 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 47.722886][ T4695] ext4: Bad value for 'max_dir_size_kb' [ 47.810010][ T4706] bridge_slave_1: left allmulticast mode [ 47.815785][ T4706] bridge_slave_1: left promiscuous mode [ 47.821480][ T4706] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.841317][ T4706] bridge_slave_0: left allmulticast mode [ 47.846996][ T4706] bridge_slave_0: left promiscuous mode [ 47.852738][ T4706] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.867096][ T29] audit: type=1400 audit(1763636073.031:520): avc: denied { listen } for pid=4707 comm="syz.2.491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 47.886553][ T29] audit: type=1400 audit(1763636073.031:521): avc: denied { accept } for pid=4707 comm="syz.2.491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 47.944370][ T29] audit: type=1400 audit(1763636073.121:522): avc: denied { mount } for pid=4715 comm="syz.2.494" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 47.970224][ T29] audit: type=1326 audit(1763636073.151:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4715 comm="syz.2.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 47.995586][ T29] audit: type=1326 audit(1763636073.151:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4715 comm="syz.2.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 48.018920][ T29] audit: type=1326 audit(1763636073.151:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4715 comm="syz.2.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 48.042370][ T29] audit: type=1326 audit(1763636073.151:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4715 comm="syz.2.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 48.065603][ T29] audit: type=1326 audit(1763636073.151:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4715 comm="syz.2.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 48.088818][ T29] audit: type=1326 audit(1763636073.151:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4715 comm="syz.2.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 48.117587][ T4731] loop2: detected capacity change from 0 to 128 [ 48.124574][ T4731] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 48.137012][ T4731] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 49.261213][ T4836] __nla_validate_parse: 10 callbacks suppressed [ 49.261229][ T4836] netlink: 4 bytes leftover after parsing attributes in process `syz.0.541'. [ 49.470692][ T4852] syz.4.548 (4852) used greatest stack depth: 10512 bytes left [ 49.546000][ T4864] loop0: detected capacity change from 0 to 2048 [ 49.563550][ T4864] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0900-000000000000 r/w without journal. Quota mode: none. [ 49.587270][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0900-000000000000. [ 49.801020][ T3540] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 49.828949][ T4879] lo speed is unknown, defaulting to 1000 [ 49.835611][ T4879] lo speed is unknown, defaulting to 1000 [ 49.841612][ T4879] lo speed is unknown, defaulting to 1000 [ 49.867770][ T4879] infiniband sz1: set active [ 49.872526][ T4879] infiniband sz1: added lo [ 49.877041][ T3422] lo speed is unknown, defaulting to 1000 [ 49.887855][ T4879] RDS/IB: sz1: added [ 49.894195][ T4879] smc: adding ib device sz1 with port count 1 [ 49.900357][ T4879] smc: ib device sz1 port 1 has no pnetid [ 49.906484][ T3395] lo speed is unknown, defaulting to 1000 [ 49.912469][ T4879] lo speed is unknown, defaulting to 1000 [ 49.941642][ T4879] lo speed is unknown, defaulting to 1000 [ 49.957308][ T4882] syz_tun: entered allmulticast mode [ 49.963848][ T4881] syz_tun: left allmulticast mode [ 49.983736][ T4879] lo speed is unknown, defaulting to 1000 [ 50.025218][ T4879] lo speed is unknown, defaulting to 1000 [ 50.049846][ T4890] netlink: 4 bytes leftover after parsing attributes in process `syz.3.564'. [ 50.060396][ T4890] netlink: 4 bytes leftover after parsing attributes in process `syz.3.564'. [ 50.069694][ T4879] lo speed is unknown, defaulting to 1000 [ 50.147280][ T4898] kernel profiling enabled (shift: 17) [ 50.212871][ T4910] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4910 comm=syz.3.574 [ 50.225337][ T4910] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4910 comm=syz.3.574 [ 50.383205][ T4930] bridge: RTM_NEWNEIGH with invalid state 0x10 [ 50.498750][ T4946] support for cryptoloop has been removed. Use dm-crypt instead. [ 50.527495][ T4948] ------------[ cut here ]------------ [ 50.533101][ T4948] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0x4000000, 0x0] s64=[0x4000000, 0x0] u32=[0x4000000, 0x0] s32=[0x4000000, 0x0] var_off=(0x0, 0x0) [ 50.551466][ T4948] WARNING: CPU: 1 PID: 4948 at kernel/bpf/verifier.c:2721 reg_bounds_sanity_check+0x673/0x680 [ 50.562023][ T4948] Modules linked in: [ 50.566105][ T4948] CPU: 1 UID: 0 PID: 4948 Comm: syz.3.593 Not tainted syzkaller #0 PREEMPT(voluntary) [ 50.576012][ T4948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 50.586256][ T4948] RIP: 0010:reg_bounds_sanity_check+0x673/0x680 [ 50.592756][ T4948] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 12 f7 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 [ 50.612534][ T4948] RSP: 0018:ffffc900011f7408 EFLAGS: 00010282 [ 50.618682][ T4948] RAX: 7e236827f9a3fa00 RBX: ffff88811e178ae0 RCX: 0000000000080000 [ 50.626758][ T4948] RDX: ffffc90004510000 RSI: 00000000000053e8 RDI: 00000000000053e9 [ 50.634890][ T4948] RBP: 0000000000000000 R08: 0001c900011f7257 R09: 0000000000000000 [ 50.643065][ T4948] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88811e178aa0 [ 50.651161][ T4948] R13: ffff88810a820000 R14: ffff88810a820000 R15: ffff88811e178ad8 [ 50.659401][ T4948] FS: 00007f96c05b76c0(0000) GS:ffff8882aef11000(0000) knlGS:0000000000000000 [ 50.668565][ T4948] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.675646][ T4948] CR2: 0000000100000000 CR3: 000000011c81a000 CR4: 00000000003506f0 [ 50.683731][ T4948] Call Trace: [ 50.687081][ T4948] [ 50.690219][ T4948] reg_set_min_max+0x215/0x260 [ 50.695120][ T4948] check_cond_jmp_op+0x130d/0x19e0 [ 50.700460][ T4948] do_check+0x3363/0x8460 [ 50.705063][ T4948] do_check_common+0xc5e/0x12b0 [ 50.710005][ T4948] bpf_check+0xaaae/0xd9d0 [ 50.714540][ T4948] ? __alloc_frozen_pages_noprof+0x188/0x360 [ 50.720909][ T4948] ? alloc_pages_bulk_noprof+0x4a6/0x530 [ 50.727004][ T4948] ? __vmap_pages_range_noflush+0xbc4/0xcf0 [ 50.733046][ T4948] ? pcpu_block_update+0x310/0x3b0 [ 50.738254][ T4948] ? _find_next_zero_bit+0x64/0xa0 [ 50.743702][ T4948] ? pcpu_block_refresh_hint+0x157/0x170 [ 50.749431][ T4948] ? pcpu_block_update_hint_alloc+0x63d/0x660 [ 50.755620][ T4948] ? pcpu_block_update_hint_alloc+0x63d/0x660 [ 50.761900][ T4948] ? sysvec_apic_timer_interrupt+0x44/0x80 [ 50.767891][ T4948] ? css_rstat_updated+0xb7/0x240 [ 50.773207][ T4948] ? __rcu_read_unlock+0x4f/0x70 [ 50.778316][ T4948] ? pcpu_memcg_post_alloc_hook+0xf1/0x150 [ 50.784228][ T4948] ? bpf_prog_alloc+0x5b/0x150 [ 50.789113][ T4948] ? pcpu_alloc_noprof+0xd29/0x1250 [ 50.794569][ T4948] ? should_fail_ex+0x30/0x280 [ 50.799418][ T4948] ? should_failslab+0x8c/0xb0 [ 50.804255][ T4948] ? __kmalloc_noprof+0x2a2/0x570 [ 50.809438][ T4948] ? security_bpf_prog_load+0x60/0x140 [ 50.815227][ T4948] ? selinux_bpf_prog_load+0xad/0xd0 [ 50.820653][ T4948] ? security_bpf_prog_load+0x9e/0x140 [ 50.826226][ T4948] bpf_prog_load+0xf6e/0x1100 [ 50.831010][ T4948] ? security_bpf+0x2b/0x90 [ 50.835590][ T4948] __sys_bpf+0x469/0x7c0 [ 50.840082][ T4948] __x64_sys_bpf+0x41/0x50 [ 50.844926][ T4948] x64_sys_call+0x2aee/0x3000 [ 50.849699][ T4948] do_syscall_64+0xd2/0x200 [ 50.854311][ T4948] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 50.860108][ T4948] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 50.866285][ T4948] RIP: 0033:0x7f96c1b4f749 [ 50.870856][ T4948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 50.890566][ T4948] RSP: 002b:00007f96c05b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 50.899065][ T4948] RAX: ffffffffffffffda RBX: 00007f96c1da5fa0 RCX: 00007f96c1b4f749 [ 50.907188][ T4948] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005 [ 50.915240][ T4948] RBP: 00007f96c1bd3f91 R08: 0000000000000000 R09: 0000000000000000 [ 50.923301][ T4948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 50.931476][ T4948] R13: 00007f96c1da6038 R14: 00007f96c1da5fa0 R15: 00007ffe6f9a1958 [ 50.939499][ T4948] [ 50.942569][ T4948] ---[ end trace 0000000000000000 ]--- [ 51.078795][ T4948] syz.3.593 (4948) used greatest stack depth: 10264 bytes left [ 52.262156][ T5047] netlink: 96 bytes leftover after parsing attributes in process `syz.4.635'. [ 52.263470][ T5043] SELinux: failed to load policy [ 52.355181][ T5059] loop0: detected capacity change from 0 to 128 [ 52.365832][ T5059] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 52.401879][ T5066] loop9: detected capacity change from 0 to 7 [ 52.408202][ T5066] Buffer I/O error on dev loop9, logical block 0, async page read [ 52.416298][ T5066] Buffer I/O error on dev loop9, logical block 0, async page read [ 52.424164][ T5066] loop9: unable to read partition table [ 52.429957][ T5066] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 52.429957][ T5066] ) failed (rc=-5) [ 52.444155][ T3308] Buffer I/O error on dev loop9, logical block 0, async page read [ 52.452295][ T3308] Buffer I/O error on dev loop9, logical block 0, async page read [ 52.460674][ T3308] Buffer I/O error on dev loop9, logical block 0, async page read [ 52.466813][ T5071] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 52.468597][ T3308] Buffer I/O error on dev loop9, logical block 0, async page read [ 52.484320][ T3308] Buffer I/O error on dev loop9, logical block 0, async page read [ 52.676725][ T5102] netlink: 5 bytes leftover after parsing attributes in process `syz.2.658'. [ 52.685584][ T5102] netlink: 52 bytes leftover after parsing attributes in process `syz.2.658'. [ 52.694541][ T5102] netlink: 5 bytes leftover after parsing attributes in process `syz.2.658'. [ 52.732296][ T29] kauditd_printk_skb: 407 callbacks suppressed [ 52.732308][ T29] audit: type=1400 audit(1763636077.911:936): avc: denied { mount } for pid=5107 comm="syz.1.662" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 52.794957][ T29] audit: type=1326 audit(1763636077.971:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5114 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f5e84f749 code=0x7ffc0000 [ 52.797010][ T5113] dummy0: entered promiscuous mode [ 52.832633][ T5113] bond_slave_0: entered promiscuous mode [ 52.838432][ T5113] bond_slave_0: left promiscuous mode [ 52.850789][ T29] audit: type=1326 audit(1763636078.001:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5114 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4f5e84f749 code=0x7ffc0000 [ 52.868168][ T5120] loop1: detected capacity change from 0 to 1024 [ 52.874129][ T29] audit: type=1326 audit(1763636078.001:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5114 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f5e84f749 code=0x7ffc0000 [ 52.874161][ T29] audit: type=1326 audit(1763636078.001:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5114 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f4f5e84f749 code=0x7ffc0000 [ 52.882932][ T5120] Quota error (device loop1): do_check_range: Getting block 64 out of range 1-5 [ 52.903801][ T29] audit: type=1326 audit(1763636078.001:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5114 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f5e84f749 code=0x7ffc0000 [ 52.926897][ T5120] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 52.936038][ T29] audit: type=1326 audit(1763636078.001:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5114 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f4f5e84f749 code=0x7ffc0000 [ 52.959177][ T5120] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.669: Failed to acquire dquot type 0 [ 52.968552][ T29] audit: type=1326 audit(1763636078.001:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5114 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f5e84f749 code=0x7ffc0000 [ 53.028306][ T5120] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 53.044489][ T5113] dummy0: left promiscuous mode [ 53.045871][ T5120] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #13: comm syz.1.669: corrupted inode contents [ 53.066446][ T5120] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #13: comm syz.1.669: mark_inode_dirty error [ 53.098407][ T5120] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #13: comm syz.1.669: corrupted inode contents [ 53.111980][ T5120] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #13: comm syz.1.669: mark_inode_dirty error [ 53.123432][ T5120] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #13: comm syz.1.669: corrupted inode contents [ 53.141719][ T5120] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem [ 53.150425][ T5120] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #13: comm syz.1.669: corrupted inode contents [ 53.162385][ T5120] EXT4-fs error (device loop1): ext4_truncate:4637: inode #13: comm syz.1.669: mark_inode_dirty error [ 53.173909][ T5120] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem [ 53.183223][ T5120] EXT4-fs (loop1): 1 truncate cleaned up [ 53.189231][ T5120] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.219447][ T5133] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5133 comm=syz.2.674 [ 53.278612][ T5120] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 53.300925][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.375960][ T5156] netlink: 28 bytes leftover after parsing attributes in process `syz.1.685'. [ 53.498855][ T5178] loop4: detected capacity change from 0 to 512 [ 53.532245][ T5178] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.552897][ T5178] ext4 filesystem being mounted at /124/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 53.593569][ T3327] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.716071][ T5199] loop0: detected capacity change from 0 to 512 [ 53.725417][ T5199] EXT4-fs: dax option not supported [ 53.901230][ T5213] loop4: detected capacity change from 0 to 512 [ 53.913439][ T5213] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 53.934831][ T5213] EXT4-fs (loop4): 1 orphan inode deleted [ 53.940626][ T5213] EXT4-fs (loop4): 1 truncate cleaned up [ 53.951034][ T5213] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.974730][ T5213] EXT4-fs error (device loop4): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.4.709: path /129/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0 [ 53.997753][ T5213] EXT4-fs (loop4): Remounting filesystem read-only [ 54.014065][ T3327] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.036194][ T5221] netlink: 14 bytes leftover after parsing attributes in process `syz.2.715'. [ 54.051115][ T5221] hsr_slave_0: left promiscuous mode [ 54.063269][ T5221] hsr_slave_1: left promiscuous mode [ 54.257472][ T5236] loop0: detected capacity change from 0 to 2048 [ 54.294857][ T5236] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 54.335919][ T5248] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5248 comm=syz.4.724 [ 54.348418][ T5248] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5248 comm=syz.4.724 [ 54.410407][ T3317] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set [ 54.427667][ T3317] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 54.448171][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.654332][ T5286] loop4: detected capacity change from 0 to 512 [ 54.734709][ T5286] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 54.801322][ T5286] EXT4-fs (loop4): mount failed [ 54.811398][ T5304] raw_sendmsg: syz.3.748 forgot to set AF_INET. Fix it! [ 55.043287][ T5329] loop3: detected capacity change from 0 to 512 [ 55.080489][ T5329] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 55.102754][ T5329] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 55.122712][ T5329] ext4 filesystem being mounted at /146/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 55.158168][ T5334] netlink: 96 bytes leftover after parsing attributes in process `syz.1.772'. [ 55.245958][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 55.297472][ T5353] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.318515][ T5357] lo speed is unknown, defaulting to 1000 [ 55.406035][ T5353] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.478655][ T5353] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.516670][ T5380] netlink: 4 bytes leftover after parsing attributes in process `syz.3.780'. [ 55.536227][ T5380] netlink: 12 bytes leftover after parsing attributes in process `syz.3.780'. [ 55.545906][ T5384] netlink: 'syz.0.782': attribute type 4 has an invalid length. [ 55.607605][ T36] lo speed is unknown, defaulting to 1000 [ 55.613458][ T36] sz1: Port: 1 Link DOWN [ 55.622223][ T5384] netlink: 'syz.0.782': attribute type 4 has an invalid length. [ 55.627021][ T5353] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.664651][ T36] lo speed is unknown, defaulting to 1000 [ 55.670456][ T3422] lo speed is unknown, defaulting to 1000 [ 55.676229][ T3422] sz1: Port: 1 Link ACTIVE [ 55.703352][ T5400] netem: change failed [ 55.718816][ T3840] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.735787][ T3840] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.744196][ T3840] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.752537][ T3892] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.840124][ T5404] loop2: detected capacity change from 0 to 8192 [ 56.145579][ T5434] sch_fq: defrate 4294967295 ignored. [ 56.230592][ T5436] loop1: detected capacity change from 0 to 512 [ 56.253387][ T5436] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #3: comm syz.1.804: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0) [ 56.280141][ T5436] EXT4-fs error (device loop1): ext4_quota_enable:7139: comm syz.1.804: Bad quota inode: 3, type: 0 [ 56.292405][ T5436] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 56.308940][ T5436] EXT4-fs (loop1): mount failed [ 56.385636][ T5442] loop1: detected capacity change from 0 to 1024 [ 56.426270][ T5442] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 56.437211][ T5442] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 56.468639][ T5442] JBD2: no valid journal superblock found [ 56.474439][ T5442] EXT4-fs (loop1): Could not load journal inode [ 56.672219][ T5457] loop1: detected capacity change from 0 to 128 [ 56.723592][ T5463] loop3: detected capacity change from 0 to 128 [ 56.750838][ T5463] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 56.832102][ T5463] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 56.877499][ T5472] loop4: detected capacity change from 0 to 164 [ 56.889280][ T5472] bio_check_eod: 99 callbacks suppressed [ 56.889295][ T5472] syz.4.822: attempt to access beyond end of device [ 56.889295][ T5472] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 56.909851][ T3840] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 56.919768][ T5472] syz.4.822: attempt to access beyond end of device [ 56.919768][ T5472] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 56.977138][ T5475] loop3: detected capacity change from 0 to 2048 [ 56.997354][ T5475] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 57.063205][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.194081][ T5504] bridge: RTM_NEWNEIGH with invalid ether address [ 57.248613][ T5508] netlink: 360 bytes leftover after parsing attributes in process `syz.3.837'. [ 57.261237][ T5510] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.838'. [ 57.445581][ T5523] Set syz1 is full, maxelem 6117 reached [ 57.518875][ T5525] loop3: detected capacity change from 0 to 1024 [ 57.558462][ T5525] EXT4-fs: Ignoring removed oldalloc option [ 57.564527][ T5525] EXT4-fs: Ignoring removed bh option [ 57.582005][ T5525] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.589548][ T5537] ip6tnl1: entered promiscuous mode [ 57.599757][ T5537] ip6tnl1: entered allmulticast mode [ 57.621020][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.649466][ T5543] SELinux: failed to load policy [ 57.742444][ T5547] loop1: detected capacity change from 0 to 2048 [ 57.785204][ T5547] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 57.890475][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.940036][ T29] kauditd_printk_skb: 163 callbacks suppressed [ 57.940049][ T29] audit: type=1326 audit(1763636083.111:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5571 comm="syz.0.865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 57.986987][ T29] audit: type=1326 audit(1763636083.161:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5571 comm="syz.0.865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 58.077348][ T29] audit: type=1326 audit(1763636083.201:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5571 comm="syz.0.865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 58.100881][ T29] audit: type=1326 audit(1763636083.201:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5571 comm="syz.0.865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 58.124229][ T29] audit: type=1326 audit(1763636083.201:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5571 comm="syz.0.865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 58.147612][ T29] audit: type=1326 audit(1763636083.201:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5571 comm="syz.0.865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 58.170979][ T29] audit: type=1326 audit(1763636083.201:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5571 comm="syz.0.865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 58.194388][ T29] audit: type=1326 audit(1763636083.201:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5571 comm="syz.0.865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 58.217688][ T29] audit: type=1326 audit(1763636083.201:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5571 comm="syz.0.865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 58.240985][ T29] audit: type=1326 audit(1763636083.201:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5571 comm="syz.0.865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 58.265598][ T5581] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5581 comm=syz.1.870 [ 58.323347][ T5587] ip6tnl0: entered promiscuous mode [ 58.328596][ T5587] ip6tnl0: entered allmulticast mode [ 58.367820][ T5592] netlink: 96 bytes leftover after parsing attributes in process `syz.3.874'. [ 58.466422][ T5598] loop4: detected capacity change from 0 to 2048 [ 58.470232][ T5603] lo speed is unknown, defaulting to 1000 [ 58.493872][ T5598] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 58.532144][ T3327] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.555172][ T5609] loop1: detected capacity change from 0 to 1024 [ 58.591517][ T5609] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.872146][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.930188][ T5626] loop4: detected capacity change from 0 to 512 [ 58.939825][ T5626] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 58.954874][ T5626] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 58.963070][ T5626] EXT4-fs (loop4): failed to initialize system zone (-117) [ 58.970364][ T5626] EXT4-fs (loop4): mount failed [ 58.992726][ T5626] xt_TPROXY: Can be used only with -p tcp or -p udp [ 59.138001][ T5643] netlink: 8 bytes leftover after parsing attributes in process `syz.4.904'. [ 59.146865][ T5643] netlink: 12 bytes leftover after parsing attributes in process `syz.4.904'. [ 59.246317][ T5657] loop0: detected capacity change from 0 to 1024 [ 59.257902][ T5657] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.605311][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.690274][ T5683] loop4: detected capacity change from 0 to 128 [ 59.741882][ T5683] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 59.767333][ T5683] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 59.816800][ T5687] syzkaller0: entered allmulticast mode [ 59.833120][ T5687] syzkaller0: entered promiscuous mode [ 59.839901][ T3877] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 59.863223][ T5691] loop0: detected capacity change from 0 to 512 [ 59.874054][ T5687] syzkaller0 (unregistering): left promiscuous mode [ 59.875841][ T5693] kernel read not supported for file /!selinuxwk1m9ɞ*T#jYmVvm(p-QZ#{ (pid: 5693 comm: syz.4.913) [ 59.880724][ T5687] syzkaller0 (unregistering): left allmulticast mode [ 59.932025][ T5691] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.944749][ T5691] ext4 filesystem being mounted at /178/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 59.959836][ T5691] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #18: comm syz.0.914: corrupted inode contents [ 59.972690][ T5691] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #18: comm syz.0.914: mark_inode_dirty error [ 59.984247][ T5691] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #18: comm syz.0.914: corrupted inode contents [ 59.996164][ T5691] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2996: inode #18: comm syz.0.914: mark_inode_dirty error [ 60.008105][ T5691] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2999: inode #18: comm syz.0.914: mark inode dirty (error -117) [ 60.020852][ T5691] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117) [ 60.046729][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.094849][ T5701] loop4: detected capacity change from 0 to 2048 [ 60.111991][ T5704] sd 0:0:1:0: device reset [ 60.142705][ T5701] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 60.234853][ T5718] netlink: 96 bytes leftover after parsing attributes in process `syz.0.924'. [ 60.245769][ T3327] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set [ 60.262398][ T3327] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 60.298447][ T3327] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.484974][ T5741] Non-string source [ 60.554086][ T5747] loop2: detected capacity change from 0 to 512 [ 60.572034][ T5747] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 60.584800][ T5747] ext4 filesystem being mounted at /208/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 60.606105][ T5747] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #18: comm syz.2.937: corrupted inode contents [ 60.657214][ T5747] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #18: comm syz.2.937: mark_inode_dirty error [ 60.672833][ T5756] loop1: detected capacity change from 0 to 512 [ 60.680354][ T5756] ext4: Unknown parameter 'obj_role' [ 60.706824][ T5747] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #18: comm syz.2.937: corrupted inode contents [ 60.718818][ T5747] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2996: inode #18: comm syz.2.937: mark_inode_dirty error [ 60.742568][ T5747] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2999: inode #18: comm syz.2.937: mark inode dirty (error -117) [ 60.755418][ T5747] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117) [ 60.778176][ T5747] syz.2.937 (5747) used greatest stack depth: 10064 bytes left [ 60.787571][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.855386][ T5763] loop4: detected capacity change from 0 to 512 [ 60.871889][ T5763] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #3: comm syz.4.942: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0) [ 60.899346][ T5763] EXT4-fs error (device loop4): ext4_quota_enable:7139: comm syz.4.942: Bad quota inode: 3, type: 0 [ 60.911014][ T5763] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 60.925890][ T5763] EXT4-fs (loop4): mount failed [ 60.957888][ T5769] ip6tnl1: entered promiscuous mode [ 60.963182][ T5769] ip6tnl1: entered allmulticast mode [ 61.029125][ T5776] netlink: 12 bytes leftover after parsing attributes in process `syz.2.958'. [ 61.039379][ T5778] loop4: detected capacity change from 0 to 1024 [ 61.048360][ T5778] EXT4-fs: Ignoring removed orlov option [ 61.064488][ T5778] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 61.101415][ T5778] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 61.141711][ T3327] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.243029][ T5799] sd 0:0:1:0: device reset [ 61.264503][ T5805] loop2: detected capacity change from 0 to 128 [ 61.333066][ T5810] lo speed is unknown, defaulting to 1000 [ 61.338986][ T5812] Non-string source [ 61.382416][ T5815] syz.2.957: attempt to access beyond end of device [ 61.382416][ T5815] loop2: rw=1, sector=145, nr_sectors = 16 limit=128 [ 61.435526][ T5815] syz.2.957: attempt to access beyond end of device [ 61.435526][ T5815] loop2: rw=1, sector=169, nr_sectors = 8 limit=128 [ 61.461005][ T5815] syz.2.957: attempt to access beyond end of device [ 61.461005][ T5815] loop2: rw=1, sector=185, nr_sectors = 8 limit=128 [ 61.474238][ T5815] syz.2.957: attempt to access beyond end of device [ 61.474238][ T5815] loop2: rw=1, sector=201, nr_sectors = 8 limit=128 [ 61.487819][ T5815] syz.2.957: attempt to access beyond end of device [ 61.487819][ T5815] loop2: rw=1, sector=217, nr_sectors = 8 limit=128 [ 61.501230][ T5815] syz.2.957: attempt to access beyond end of device [ 61.501230][ T5815] loop2: rw=1, sector=233, nr_sectors = 8 limit=128 [ 61.514507][ T5815] syz.2.957: attempt to access beyond end of device [ 61.514507][ T5815] loop2: rw=1, sector=249, nr_sectors = 8 limit=128 [ 61.527782][ T5815] syz.2.957: attempt to access beyond end of device [ 61.527782][ T5815] loop2: rw=1, sector=265, nr_sectors = 8 limit=128 [ 61.625341][ T5823] vlan2: entered allmulticast mode [ 61.642454][ T5825] loop3: detected capacity change from 0 to 512 [ 61.674502][ T5825] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #3: comm syz.3.965: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0) [ 61.692955][ T5825] EXT4-fs error (device loop3): ext4_quota_enable:7139: comm syz.3.965: Bad quota inode: 3, type: 0 [ 61.733036][ T5829] loop2: detected capacity change from 0 to 1024 [ 61.740200][ T5829] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 61.751188][ T5829] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 61.754010][ T5825] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 61.775523][ T5825] EXT4-fs (loop3): mount failed [ 61.791058][ T5829] JBD2: no valid journal superblock found [ 61.796816][ T5829] EXT4-fs (loop2): Could not load journal inode [ 61.819753][ T5831] loop0: detected capacity change from 0 to 512 [ 61.826795][ T5831] EXT4-fs: Ignoring removed i_version option [ 61.839373][ T5831] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 61.867992][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.886367][ T5834] loop3: detected capacity change from 0 to 1024 [ 61.900881][ T5834] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 61.924924][ T5837] loop0: detected capacity change from 0 to 1024 [ 61.931804][ T5837] EXT4-fs: Ignoring removed mblk_io_submit option [ 61.944160][ T5837] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 61.973879][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.028205][ T5847] Non-string source [ 62.043374][ T5845] loop2: detected capacity change from 0 to 4096 [ 62.056254][ T5845] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.070026][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.121827][ T5852] netlink: 4 bytes leftover after parsing attributes in process `syz.2.977'. [ 62.136995][ T5852] netlink: 12 bytes leftover after parsing attributes in process `syz.2.977'. [ 62.294576][ T5867] loop4: detected capacity change from 0 to 128 [ 62.317042][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.472226][ T5878] netlink: 4 bytes leftover after parsing attributes in process `syz.3.984'. [ 62.541953][ T5881] Non-string source [ 62.546977][ T5884] netlink: 4 bytes leftover after parsing attributes in process `syz.0.989'. [ 62.548491][ T5883] loop4: detected capacity change from 0 to 512 [ 62.566798][ T5884] netlink: 12 bytes leftover after parsing attributes in process `syz.0.989'. [ 62.638855][ T5883] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.656001][ T5883] ext4 filesystem being mounted at /183/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 62.657884][ T5887] loop3: detected capacity change from 0 to 4096 [ 62.702223][ T5887] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.718539][ T5897] lo speed is unknown, defaulting to 1000 [ 62.719948][ T5883] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #18: comm syz.4.1000: corrupted inode contents [ 62.738692][ T5900] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1007'. [ 62.746668][ T5901] loop2: detected capacity change from 0 to 1024 [ 62.751058][ T5887] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.758746][ T5883] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #18: comm syz.4.1000: mark_inode_dirty error [ 62.771326][ T5900] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1007'. [ 62.783658][ T5901] EXT4-fs: Ignoring removed orlov option [ 62.795479][ T5901] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 62.805616][ T5883] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #18: comm syz.4.1000: corrupted inode contents [ 62.818178][ T5883] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2996: inode #18: comm syz.4.1000: mark_inode_dirty error [ 62.837990][ T5901] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.864584][ T5883] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2999: inode #18: comm syz.4.1000: mark inode dirty (error -117) [ 62.889737][ T5883] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117) [ 62.890869][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.926930][ T3327] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.961035][ T5912] loop4: detected capacity change from 0 to 1024 [ 62.983375][ T5912] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.010707][ T5910] loop1: detected capacity change from 0 to 2048 [ 63.068798][ T5910] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0900-000000000000 r/w without journal. Quota mode: none. [ 63.170866][ T29] kauditd_printk_skb: 41 callbacks suppressed [ 63.170880][ T29] audit: type=1326 audit(1763636088.331:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.2.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 63.200430][ T29] audit: type=1326 audit(1763636088.331:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.2.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 63.223935][ T29] audit: type=1326 audit(1763636088.341:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.2.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 63.247360][ T29] audit: type=1326 audit(1763636088.341:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.2.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 63.270752][ T29] audit: type=1326 audit(1763636088.341:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.2.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 63.294155][ T29] audit: type=1326 audit(1763636088.341:1162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.2.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 63.317548][ T29] audit: type=1326 audit(1763636088.341:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.2.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 63.341010][ T29] audit: type=1326 audit(1763636088.341:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.2.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 63.364450][ T29] audit: type=1326 audit(1763636088.341:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.2.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 63.387987][ T29] audit: type=1326 audit(1763636088.341:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.2.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 63.416951][ T5927] Set syz1 is full, maxelem 6117 reached [ 63.484125][ T5940] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1012'. [ 63.798070][ T5958] loop0: detected capacity change from 0 to 4096 [ 63.961548][ T5979] loop0: detected capacity change from 0 to 512 [ 64.000236][ T5979] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #3: comm syz.0.1041: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0) [ 64.018381][ T5979] EXT4-fs error (device loop0): ext4_quota_enable:7139: comm syz.0.1041: Bad quota inode: 3, type: 0 [ 64.030107][ T5979] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 64.045042][ T5979] EXT4-fs (loop0): mount failed [ 64.801543][ T5991] Set syz1 is full, maxelem 6117 reached [ 64.810793][ T5989] lo speed is unknown, defaulting to 1000 [ 64.951023][ T6010] loop4: detected capacity change from 0 to 4096 [ 65.303786][ T6034] loop0: detected capacity change from 0 to 1024 [ 65.682741][ T3317] EXT4-fs unmount: 7 callbacks suppressed [ 65.682758][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.934267][ T6051] loop0: detected capacity change from 0 to 4096 [ 65.980341][ T6051] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.995292][ T6051] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.169875][ T6073] bond1: entered promiscuous mode [ 66.175059][ T6073] bond1: entered allmulticast mode [ 66.180802][ T6073] 8021q: adding VLAN 0 to HW filter on device bond1 [ 66.191319][ T6073] bond1 (unregistering): Released all slaves [ 66.332333][ T6088] loop2: detected capacity change from 0 to 1024 [ 66.355016][ T6088] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.557808][ T6102] loop0: detected capacity change from 0 to 4096 [ 66.571493][ T6102] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.600065][ T6102] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.738344][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.960862][ T6127] loop4: detected capacity change from 0 to 1024 [ 66.969064][ T6127] ext4: Bad value for 'max_dir_size_kb' [ 67.003193][ T3892] Bluetooth: hci0: Frame reassembly failed (-84) [ 67.570895][ T6138] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.659860][ T6138] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.721417][ T6138] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.778130][ T6138] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.815764][ T87] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.826906][ T87] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.837709][ T87] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.848448][ T87] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.917761][ T6149] loop1: detected capacity change from 0 to 128 [ 68.083946][ T6159] __nla_validate_parse: 1 callbacks suppressed [ 68.083959][ T6159] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1101'. [ 68.345858][ T6172] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1120'. [ 68.354857][ T6172] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1120'. [ 68.363884][ T6172] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1120'. [ 68.372803][ T6172] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1120'. [ 68.382516][ T6172] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1120'. [ 69.080597][ T4798] Bluetooth: hci0: command 0x1003 tx timeout [ 69.081313][ T3540] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 69.308081][ T29] kauditd_printk_skb: 180 callbacks suppressed [ 69.308096][ T29] audit: type=1326 audit(1763636094.481:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c1b4f749 code=0x7ffc0000 [ 69.315431][ T6200] loop1: detected capacity change from 0 to 512 [ 69.344664][ T29] audit: type=1326 audit(1763636094.481:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f96c1b4f749 code=0x7ffc0000 [ 69.368243][ T29] audit: type=1326 audit(1763636094.521:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c1b4f749 code=0x7ffc0000 [ 69.399110][ T29] audit: type=1326 audit(1763636094.521:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c1b4f749 code=0x7ffc0000 [ 69.422662][ T29] audit: type=1326 audit(1763636094.521:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f96c1b4f749 code=0x7ffc0000 [ 69.446180][ T29] audit: type=1326 audit(1763636094.521:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c1b4f749 code=0x7ffc0000 [ 69.456418][ T6200] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 69.469685][ T29] audit: type=1326 audit(1763636094.521:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c1b4f749 code=0x7ffc0000 [ 69.469710][ T29] audit: type=1326 audit(1763636094.521:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f96c1b4f749 code=0x7ffc0000 [ 69.525631][ T29] audit: type=1326 audit(1763636094.521:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c1b4f749 code=0x7ffc0000 [ 69.540388][ T6200] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 69.549051][ T29] audit: type=1326 audit(1763636094.521:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c1b4f749 code=0x7ffc0000 [ 69.581195][ T6200] EXT4-fs (loop1): failed to initialize system zone (-117) [ 69.588433][ T6200] EXT4-fs (loop1): mount failed [ 69.622685][ T6207] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1124'. [ 69.631683][ T6207] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1124'. [ 69.640710][ T6207] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1124'. [ 69.649694][ T6207] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1124'. [ 69.675068][ T6209] loop4: detected capacity change from 0 to 1024 [ 69.686113][ T6200] xt_TPROXY: Can be used only with -p tcp or -p udp [ 69.691219][ T6209] EXT4-fs: Ignoring removed oldalloc option [ 69.698873][ T6209] EXT4-fs: Ignoring removed bh option [ 69.736777][ T6209] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.783126][ T3327] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.817220][ T6218] syzkaller0: entered allmulticast mode [ 69.823220][ T6218] syzkaller0: entered promiscuous mode [ 69.831517][ T6218] syzkaller0 (unregistering): left promiscuous mode [ 69.838153][ T6218] syzkaller0 (unregistering): left allmulticast mode [ 70.393295][ T6244] loop2: detected capacity change from 0 to 1024 [ 70.400282][ T6244] ext4: Unknown parameter 'uid<00000000000000000000' [ 70.637796][ T6258] loop3: detected capacity change from 0 to 512 [ 70.644503][ T6258] ext4: Unknown parameter 'obj_role' [ 70.662300][ T6260] syzkaller0: entered allmulticast mode [ 70.668228][ T6260] syzkaller0: entered promiscuous mode [ 70.702390][ T6260] syzkaller0 (unregistering): left promiscuous mode [ 70.709122][ T6260] syzkaller0 (unregistering): left allmulticast mode [ 70.746737][ T6266] loop4: detected capacity change from 0 to 512 [ 70.754053][ T6266] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 70.764475][ T6268] loop2: detected capacity change from 0 to 128 [ 70.867765][ T6268] bio_check_eod: 103 callbacks suppressed [ 70.867783][ T6268] syz.2.1149: attempt to access beyond end of device [ 70.867783][ T6268] loop2: rw=2049, sector=185, nr_sectors = 16 limit=128 [ 70.888064][ T6268] syz.2.1149: attempt to access beyond end of device [ 70.888064][ T6268] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 70.902004][ T6268] syz.2.1149: attempt to access beyond end of device [ 70.902004][ T6268] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 70.915606][ T6268] syz.2.1149: attempt to access beyond end of device [ 70.915606][ T6268] loop2: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 70.929578][ T6268] syz.2.1149: attempt to access beyond end of device [ 70.929578][ T6268] loop2: rw=2049, sector=257, nr_sectors = 8 limit=128 [ 70.943272][ T6268] syz.2.1149: attempt to access beyond end of device [ 70.943272][ T6268] loop2: rw=2049, sector=273, nr_sectors = 8 limit=128 [ 70.957256][ T6268] syz.2.1149: attempt to access beyond end of device [ 70.957256][ T6268] loop2: rw=2049, sector=289, nr_sectors = 8 limit=128 [ 70.972306][ T6268] syz.2.1149: attempt to access beyond end of device [ 70.972306][ T6268] loop2: rw=2049, sector=305, nr_sectors = 8 limit=128 [ 70.985889][ T6268] syz.2.1149: attempt to access beyond end of device [ 70.985889][ T6268] loop2: rw=2049, sector=321, nr_sectors = 8 limit=128 [ 70.999398][ T6268] syz.2.1149: attempt to access beyond end of device [ 70.999398][ T6268] loop2: rw=2049, sector=337, nr_sectors = 8 limit=128 [ 71.902206][ T6310] syzkaller0: entered allmulticast mode [ 71.916979][ T6310] syzkaller0: entered promiscuous mode [ 71.924434][ T6310] syzkaller0 (unregistering): left promiscuous mode [ 71.931203][ T6310] syzkaller0 (unregistering): left allmulticast mode [ 72.158524][ T6335] loop1: detected capacity change from 0 to 1024 [ 72.167664][ T6335] ext4: Unknown parameter 'uid<00000000000000000000' [ 72.232005][ T6341] loop0: detected capacity change from 0 to 512 [ 72.248420][ T6341] ext4: Unknown parameter 'obj_role' [ 72.969380][ T6380] loop4: detected capacity change from 0 to 1024 [ 72.993124][ T6380] ext4: Unknown parameter 'uid<00000000000000000000' [ 73.096809][ T6396] lo speed is unknown, defaulting to 1000 [ 73.291079][ T6415] loop4: detected capacity change from 0 to 2048 [ 73.313071][ T6415] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0900-000000000000 r/w without journal. Quota mode: none. [ 73.338712][ T3327] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0900-000000000000. [ 73.365858][ T6422] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6422 comm=syz.0.1206 [ 73.378383][ T6422] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6422 comm=syz.0.1206 [ 73.735767][ T6453] loop2: detected capacity change from 0 to 2048 [ 73.764637][ T6453] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0900-000000000000 r/w without journal. Quota mode: none. [ 73.782558][ T6461] __nla_validate_parse: 4 callbacks suppressed [ 73.782579][ T6461] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1221'. [ 73.797667][ T6461] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1221'. [ 73.806904][ T6461] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1221'. [ 73.854834][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0900-000000000000. [ 73.937344][ T6477] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1225'. [ 74.329297][ T6489] support for cryptoloop has been removed. Use dm-crypt instead. [ 74.355097][ T6493] rdma_rxe: rxe_newlink: failed to add lo [ 74.438906][ T29] kauditd_printk_skb: 169 callbacks suppressed [ 74.438922][ T29] audit: type=1326 audit(1763636099.611:1526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6496 comm="syz.4.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 74.469029][ T29] audit: type=1326 audit(1763636099.611:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6496 comm="syz.4.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 74.492556][ T29] audit: type=1326 audit(1763636099.611:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6496 comm="syz.4.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 74.515955][ T29] audit: type=1326 audit(1763636099.611:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6496 comm="syz.4.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 74.539492][ T29] audit: type=1326 audit(1763636099.611:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6496 comm="syz.4.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 74.563006][ T29] audit: type=1326 audit(1763636099.611:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6496 comm="syz.4.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 74.586468][ T29] audit: type=1326 audit(1763636099.611:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6496 comm="syz.4.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 74.609863][ T29] audit: type=1326 audit(1763636099.611:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6496 comm="syz.4.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 74.633317][ T29] audit: type=1326 audit(1763636099.611:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6496 comm="syz.4.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 74.656692][ T29] audit: type=1326 audit(1763636099.611:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6496 comm="syz.4.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 74.717714][ T6499] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6499 comm=syz.4.1239 [ 74.862387][ T6521] loop1: detected capacity change from 0 to 128 [ 74.876312][ T6521] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 74.956540][ T6538] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1256'. [ 74.968917][ T6538] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1256'. [ 75.102590][ T6560] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1266'. [ 75.174325][ T6568] loop0: detected capacity change from 0 to 512 [ 75.192704][ T6568] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 75.230262][ T6568] EXT4-fs (loop0): 1 orphan inode deleted [ 75.236111][ T6568] EXT4-fs (loop0): 1 truncate cleaned up [ 75.244097][ T6568] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.282133][ T6568] EXT4-fs error (device loop0): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.0.1268: path /260/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0 [ 75.294795][ T6575] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1271'. [ 75.322135][ T6568] EXT4-fs (loop0): Remounting filesystem read-only [ 75.338658][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.536042][ T6577] loop0: detected capacity change from 0 to 8192 [ 75.875232][ T6600] loop4: detected capacity change from 0 to 1024 [ 75.912669][ T6600] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.1281: Failed to acquire dquot type 0 [ 75.944435][ T6600] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 75.993260][ T6600] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #13: comm syz.4.1281: corrupted inode contents [ 76.005352][ T6600] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #13: comm syz.4.1281: mark_inode_dirty error [ 76.023220][ T6600] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #13: comm syz.4.1281: corrupted inode contents [ 76.064078][ T6600] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #13: comm syz.4.1281: mark_inode_dirty error [ 76.090387][ T6600] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #13: comm syz.4.1281: corrupted inode contents [ 76.114700][ T6600] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 76.129763][ T6600] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #13: comm syz.4.1281: corrupted inode contents [ 76.149825][ T6600] EXT4-fs error (device loop4): ext4_truncate:4637: inode #13: comm syz.4.1281: mark_inode_dirty error [ 76.178873][ T6600] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 76.189773][ T6600] EXT4-fs (loop4): 1 truncate cleaned up [ 76.200106][ T6600] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.261157][ T6600] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 76.282154][ T6613] loop0: detected capacity change from 0 to 1024 [ 76.293153][ T6613] EXT4-fs: Ignoring removed bh option [ 76.298866][ T6613] EXT4-fs: inline encryption not supported [ 76.305165][ T6613] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 76.329575][ T6613] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 76.341454][ T6615] netem: change failed [ 76.358179][ T3327] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.368481][ T6613] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 2: comm syz.0.1284: lblock 2 mapped to illegal pblock 2 (length 1) [ 76.404423][ T6613] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 48: comm syz.0.1284: lblock 0 mapped to illegal pblock 48 (length 1) [ 76.424246][ T6613] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1284: Failed to acquire dquot type 0 [ 76.436071][ T6613] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 76.446385][ T6613] EXT4-fs error (device loop0): ext4_evict_inode:254: inode #11: comm syz.0.1284: mark_inode_dirty error [ 76.460067][ T6613] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 76.470413][ T6613] EXT4-fs (loop0): 1 orphan inode deleted [ 76.477158][ T6613] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.489805][ T3860] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:32: lblock 1 mapped to illegal pblock 1 (length 1) [ 76.520404][ T3860] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:32: Failed to release dquot type 0 [ 76.543097][ T6613] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.550913][ T6613] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.557977][ T6613] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.570388][ T6613] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 48: comm syz.0.1284: lblock 0 mapped to illegal pblock 48 (length 1) [ 76.585646][ T6613] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 76.604885][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.693272][ T6624] loop0: detected capacity change from 0 to 512 [ 76.787797][ T6624] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 76.807718][ T6624] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 76.820693][ T6624] ext4 filesystem being mounted at /264/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 76.925540][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 77.167519][ T6653] loop1: detected capacity change from 0 to 1024 [ 77.174721][ T6653] EXT4-fs: inline encryption not supported [ 77.194338][ T6653] EXT4-fs: Ignoring removed bh option [ 77.245294][ T6653] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.306490][ T6653] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 77.334330][ T6653] EXT4-fs (loop1): Remounting filesystem read-only [ 77.354370][ T6664] syzkaller1: entered promiscuous mode [ 77.359918][ T6664] syzkaller1: entered allmulticast mode [ 77.414961][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.451907][ T6716] netlink: 'syz.3.1325': attribute type 12 has an invalid length. [ 78.587841][ T6729] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1330'. [ 78.621547][ T6729] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1330'. [ 78.715973][ T6735] netlink: 'syz.2.1333': attribute type 13 has an invalid length. [ 78.770299][ T6737] loop4: detected capacity change from 0 to 512 [ 78.813922][ T6737] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 78.815472][ T6735] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.829690][ T6735] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.872054][ T6737] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 78.899918][ T6737] ext4 filesystem being mounted at /245/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.912922][ T6735] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 78.922733][ T6735] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 78.961990][ T3878] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.970956][ T3878] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.004123][ T3878] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.032782][ T3878] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.067509][ T3327] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 79.387922][ T6767] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1345'. [ 79.406047][ T6767] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1345'. [ 79.406232][ T6766] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1354'. [ 79.472863][ T6772] lo speed is unknown, defaulting to 1000 [ 79.560151][ T6778] loop0: detected capacity change from 0 to 1024 [ 79.575537][ T6778] EXT4-fs: inline encryption not supported [ 79.582348][ T6778] EXT4-fs: Ignoring removed bh option [ 79.591933][ T6778] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.636242][ T6778] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 79.679747][ T6778] EXT4-fs (loop0): Remounting filesystem read-only [ 79.771537][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.774150][ T6784] netem: change failed [ 79.989520][ T29] kauditd_printk_skb: 280 callbacks suppressed [ 79.989533][ T29] audit: type=1400 audit(1763636105.151:1810): avc: denied { relabelto } for pid=6793 comm="syz.0.1355" name="NETLINK" dev="sockfs" ino=14990 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_netfilter_socket permissive=1 [ 80.073089][ T29] audit: type=1326 audit(1763636105.171:1811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6795 comm="syz.0.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 80.096754][ T29] audit: type=1326 audit(1763636105.171:1812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6795 comm="syz.0.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 80.120197][ T29] audit: type=1326 audit(1763636105.171:1813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6795 comm="syz.0.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 80.143585][ T29] audit: type=1326 audit(1763636105.171:1814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6795 comm="syz.0.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 80.167059][ T29] audit: type=1326 audit(1763636105.171:1815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6795 comm="syz.0.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 80.190462][ T29] audit: type=1326 audit(1763636105.171:1816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6795 comm="syz.0.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 80.213865][ T29] audit: type=1326 audit(1763636105.171:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6795 comm="syz.0.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 80.237317][ T29] audit: type=1326 audit(1763636105.171:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6795 comm="syz.0.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 80.260784][ T29] audit: type=1326 audit(1763636105.171:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6795 comm="syz.0.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 81.089287][ T6855] netem: change failed [ 81.217156][ T6857] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1381'. [ 81.382189][ T6870] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6870 comm=syz.0.1396 [ 81.903596][ T6880] loop2: detected capacity change from 0 to 512 [ 81.909286][ T6881] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1400'. [ 81.919281][ T6880] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 81.929646][ T6881] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1400'. [ 81.955438][ T6880] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 82.000584][ T6880] ext4 filesystem being mounted at /283/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.154587][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 82.164261][ T6901] netlink: 'syz.3.1392': attribute type 4 has an invalid length. [ 82.197211][ T6901] netlink: 'syz.3.1392': attribute type 4 has an invalid length. [ 82.305184][ T6916] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6916 comm=syz.2.1407 [ 82.337617][ T6919] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1408'. [ 82.359948][ T6919] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1408'. [ 82.453579][ T6930] loop1: detected capacity change from 0 to 512 [ 82.463541][ T6930] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 82.500280][ T6930] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 82.513644][ T6930] ext4 filesystem being mounted at /302/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.632004][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 82.738097][ T6942] syzkaller1: entered promiscuous mode [ 82.743675][ T6942] syzkaller1: entered allmulticast mode [ 82.951248][ T6950] loop3: detected capacity change from 0 to 1024 [ 82.962286][ T6950] ext4: Bad value for 'max_dir_size_kb' [ 82.974321][ T31] Bluetooth: hci0: Frame reassembly failed (-84) [ 85.000604][ T3540] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 85.532134][ T6961] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1427'. [ 85.541902][ T6961] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1427'. [ 85.558772][ T6962] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1424'. [ 85.593044][ T6962] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1424'. [ 85.613637][ T6968] lo speed is unknown, defaulting to 1000 [ 85.841432][ T6989] syz.3.1441 (6989) used greatest stack depth: 9984 bytes left [ 86.257399][ T7031] syz.1.1455 (7031) used greatest stack depth: 9920 bytes left [ 86.271359][ T7037] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.278599][ T7037] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.426371][ T7044] loop1: detected capacity change from 0 to 2048 [ 86.495094][ T7044] loop1: p1 p2 p3 [ 86.589260][ T4579] udevd[4579]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 86.590056][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 86.604775][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 86.730774][ T7053] pimreg: entered allmulticast mode [ 86.737560][ T7053] pimreg: left allmulticast mode [ 87.441477][ T7063] loop0: detected capacity change from 0 to 512 [ 87.455241][ T7067] loop2: detected capacity change from 0 to 7 [ 87.463822][ T7063] EXT4-fs warning (device loop0): ext4_xattr_inode_get:546: inode #11: comm syz.0.1478: ea_inode file size=0 entry size=6 [ 87.477774][ T7063] ------------[ cut here ]------------ [ 87.483316][ T7063] EA inode 11 i_nlink=2 [ 87.483546][ T7063] WARNING: CPU: 0 PID: 7063 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380 [ 87.497886][ T7063] Modules linked in: [ 87.501821][ T7063] CPU: 0 UID: 0 PID: 7063 Comm: syz.0.1478 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 87.510574][ T3005] loop2: [ 87.513162][ T7063] Tainted: [W]=WARN [ 87.519868][ T7063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 87.530084][ T7063] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380 [ 87.535340][ T7075] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1474'. [ 87.536772][ T7063] Code: 90 49 8d 7e 40 e8 06 f8 b8 ff 4d 8b 6e 40 4c 89 e7 e8 1a f3 b8 ff 41 8b 56 48 48 c7 c7 76 d5 55 86 4c 89 ee e8 f7 f3 67 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 78 f2 b5 03 0f 1f 84 00 00 00 00 00 [ 87.565421][ T7063] RSP: 0018:ffffc9000eb73778 EFLAGS: 00010246 [ 87.571573][ T7063] RAX: 190164f43e8c8d00 RBX: ffff888119c2d308 RCX: 0000000000080000 [ 87.579553][ T7063] RDX: ffffc90001e82000 RSI: 0000000000004f4c RDI: 0000000000004f4d [ 87.579973][ T7074] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1475'. [ 87.587565][ T7063] RBP: 0000000000000002 R08: 0001c9000eb735f7 R09: 0000000000000000 [ 87.596570][ T7074] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1475'. [ 87.604529][ T7063] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff888119c2d2b8 [ 87.604547][ T7063] R13: 000000000000000b R14: ffff888119c2d270 R15: 0000000000000001 [ 87.629512][ T7063] FS: 00007fd090ff76c0(0000) GS:ffff8882aee11000(0000) knlGS:0000000000000000 [ 87.638523][ T7063] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.645162][ T7063] CR2: 00007f4530195100 CR3: 0000000128b30000 CR4: 00000000003506f0 [ 87.653174][ T7063] Call Trace: [ 87.656457][ T7063] [ 87.659425][ T7063] ext4_xattr_inode_dec_ref_all+0x579/0x830 [ 87.663863][ T7077] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1476'. [ 87.665457][ T7063] ? errseq_check+0x2c/0x50 [ 87.678854][ T7063] ext4_xattr_delete_inode+0x6b7/0x790 [ 87.684519][ T7063] ? ext4_truncate+0x92e/0xae0 [ 87.689362][ T7063] ext4_evict_inode+0xa6a/0xd90 [ 87.694298][ T7063] ? __pfx_ext4_evict_inode+0x10/0x10 [ 87.699696][ T7063] evict+0x2e3/0x550 [ 87.703646][ T7063] ? __dquot_initialize+0x146/0x7c0 [ 87.708938][ T7063] iput+0x4ed/0x650 [ 87.712868][ T7063] ext4_process_orphan+0x1a9/0x1c0 [ 87.717996][ T7063] ext4_orphan_cleanup+0x6a8/0xa00 [ 87.723410][ T7063] ext4_fill_super+0x3483/0x3810 [ 87.728355][ T7063] ? snprintf+0x86/0xb0 [ 87.732595][ T7063] ? set_blocksize+0x1a8/0x310 [ 87.737366][ T7063] ? sb_set_blocksize+0xe3/0x100 [ 87.742369][ T7063] ? setup_bdev_super+0x30e/0x370 [ 87.747560][ T7063] ? __pfx_ext4_fill_super+0x10/0x10 [ 87.752875][ T7063] get_tree_bdev_flags+0x291/0x300 [ 87.758015][ T7063] ? __pfx_ext4_fill_super+0x10/0x10 [ 87.763357][ T7063] get_tree_bdev+0x1f/0x30 [ 87.767802][ T7063] ext4_get_tree+0x1c/0x30 [ 87.772269][ T7063] vfs_get_tree+0x57/0x1d0 [ 87.776716][ T7063] do_new_mount+0x24d/0x660 [ 87.781265][ T7063] path_mount+0x4a5/0xb70 [ 87.785605][ T7063] ? user_path_at+0x109/0x130 [ 87.790568][ T7063] __se_sys_mount+0x28c/0x2e0 [ 87.795257][ T7063] __x64_sys_mount+0x67/0x80 [ 87.799848][ T7063] x64_sys_call+0x2b51/0x3000 [ 87.803627][ T7084] loop1: detected capacity change from 0 to 256 [ 87.804709][ T7063] do_syscall_64+0xd2/0x200 [ 87.815389][ T7063] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 87.817682][ T7084] FAT-fs (loop1): Directory bread(block 64) failed [ 87.821522][ T7063] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 87.828146][ T7084] FAT-fs (loop1): Directory bread(block 65) failed [ 87.833769][ T7063] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.833794][ T7063] RIP: 0033:0x7fd092590eea [ 87.850638][ T7063] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.852373][ T7084] FAT-fs (loop1): Directory bread(block 66) failed [ 87.870271][ T7063] RSP: 002b:00007fd090ff6e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 87.870296][ T7063] RAX: ffffffffffffffda RBX: 00007fd090ff6ef0 RCX: 00007fd092590eea [ 87.889019][ T7084] FAT-fs (loop1): Directory bread(block 67) failed [ 87.893281][ T7063] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fd090ff6eb0 [ 87.893294][ T7063] RBP: 0000200000000180 R08: 00007fd090ff6ef0 R09: 0000000000800700 [ 87.893306][ T7063] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 87.893318][ T7063] R13: 00007fd090ff6eb0 R14: 0000000000000473 R15: 0000200000000680 [ 87.909894][ T7084] FAT-fs (loop1): Directory bread(block 68) failed [ 87.915788][ T7063] [ 87.915796][ T7063] ---[ end trace 0000000000000000 ]--- [ 87.925815][ T7063] EXT4-fs (loop0): 1 orphan inode deleted [ 87.933005][ T7067] loop2: [ 87.938686][ T7063] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.960587][ T3005] loop2: [ 87.968338][ T7084] FAT-fs (loop1): Directory bread(block 69) failed [ 87.976887][ T7084] FAT-fs (loop1): Directory bread(block 70) failed [ 87.995659][ T7084] FAT-fs (loop1): Directory bread(block 71) failed [ 88.012601][ T7084] FAT-fs (loop1): Directory bread(block 72) failed [ 88.019145][ T7084] FAT-fs (loop1): Directory bread(block 73) failed [ 88.114657][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.150298][ T29] kauditd_printk_skb: 532 callbacks suppressed [ 88.150312][ T29] audit: type=1326 audit(1763636626.321:2352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7099 comm="syz.0.1487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 88.184765][ T29] audit: type=1326 audit(1763636626.321:2353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7099 comm="syz.0.1487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 88.249629][ T29] audit: type=1326 audit(1763636626.361:2354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7099 comm="syz.0.1487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 88.273094][ T29] audit: type=1326 audit(1763636626.361:2355): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7099 comm="syz.0.1487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 88.296981][ T29] audit: type=1326 audit(1763636626.361:2356): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7099 comm="syz.0.1487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd09258f749 code=0x7ffc0000 [ 88.321289][ T29] audit: type=1400 audit(1763636626.421:2357): avc: denied { write } for pid=7098 comm="syz.4.1488" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 88.506355][ T3873] bio_check_eod: 97 callbacks suppressed [ 88.506369][ T3873] kworker/u8:45: attempt to access beyond end of device [ 88.506369][ T3873] loop1: rw=1, sector=1256, nr_sectors = 32 limit=256 [ 88.532349][ T3873] kworker/u8:45: attempt to access beyond end of device [ 88.532349][ T3873] loop1: rw=1, sector=1320, nr_sectors = 32 limit=256 [ 88.552904][ T3873] kworker/u8:45: attempt to access beyond end of device [ 88.552904][ T3873] loop1: rw=1, sector=1384, nr_sectors = 32 limit=256 [ 88.567239][ T3873] kworker/u8:45: attempt to access beyond end of device [ 88.567239][ T3873] loop1: rw=1, sector=1448, nr_sectors = 32 limit=256 [ 88.586861][ T7128] @: renamed from vlan0 (while UP) [ 88.598215][ T3873] kworker/u8:45: attempt to access beyond end of device [ 88.598215][ T3873] loop1: rw=1, sector=1512, nr_sectors = 32 limit=256 [ 88.612589][ T3873] kworker/u8:45: attempt to access beyond end of device [ 88.612589][ T3873] loop1: rw=1, sector=1576, nr_sectors = 32 limit=256 [ 88.626455][ T3873] kworker/u8:45: attempt to access beyond end of device [ 88.626455][ T3873] loop1: rw=1, sector=1640, nr_sectors = 32 limit=256 [ 88.641176][ T3873] kworker/u8:45: attempt to access beyond end of device [ 88.641176][ T3873] loop1: rw=1, sector=1704, nr_sectors = 32 limit=256 [ 88.655157][ T3873] kworker/u8:45: attempt to access beyond end of device [ 88.655157][ T3873] loop1: rw=1, sector=1800, nr_sectors = 32 limit=256 [ 88.675345][ T7132] loop3: detected capacity change from 0 to 1024 [ 88.675450][ T3873] kworker/u8:45: attempt to access beyond end of device [ 88.675450][ T3873] loop1: rw=1, sector=1864, nr_sectors = 32 limit=256 [ 88.697120][ T7132] EXT4-fs: Ignoring removed nomblk_io_submit option [ 88.743586][ T7138] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1503'. [ 88.753893][ T7132] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.791248][ T29] audit: type=1400 audit(1763636626.951:2358): avc: denied { map } for pid=7131 comm="syz.3.1502" path="/288/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 88.814313][ T29] audit: type=1400 audit(1763636626.951:2359): avc: denied { execute } for pid=7131 comm="syz.3.1502" path="/288/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 88.851310][ T7146] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1505'. [ 88.932685][ T29] audit: type=1326 audit(1763636627.111:2360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.2.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 88.956325][ T29] audit: type=1326 audit(1763636627.111:2361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.2.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 89.053934][ T7163] loop4: detected capacity change from 0 to 2048 [ 89.108898][ T7163] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.151930][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.161905][ T7175] loop2: detected capacity change from 0 to 512 [ 89.170735][ T7175] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 89.195839][ T7175] EXT4-fs (loop2): 1 truncate cleaned up [ 89.202566][ T7175] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.227143][ T7163] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 89.242726][ T7163] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 96 with max blocks 30 with error 28 [ 89.255293][ T7163] EXT4-fs (loop4): This should not happen!! Data will be lost [ 89.255293][ T7163] [ 89.265037][ T7163] EXT4-fs (loop4): Total free blocks count 0 [ 89.271130][ T7163] EXT4-fs (loop4): Free/Dirty block details [ 89.277028][ T7163] EXT4-fs (loop4): free_blocks=2415919504 [ 89.282768][ T7163] EXT4-fs (loop4): dirty_blocks=32 [ 89.287919][ T7163] EXT4-fs (loop4): Block reservation details [ 89.293909][ T7163] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 89.321389][ T3327] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.331603][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.544094][ T7210] loop2: detected capacity change from 0 to 1024 [ 89.591320][ T7210] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 89.623123][ T7210] ext4 filesystem being mounted at /315/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.637597][ T7210] EXT4-fs error (device loop2): ext4_free_blocks:6706: comm syz.2.1534: Freeing blocks not in datazone - block = 0, count = 16 [ 89.663461][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 89.803801][ T36] IPVS: starting estimator thread 0... [ 89.814830][ T7240] loop1: detected capacity change from 0 to 128 [ 89.839195][ T7240] FAT-fs (loop1): Directory bread(block 162) failed [ 89.856075][ T7240] FAT-fs (loop1): Directory bread(block 163) failed [ 89.871570][ T7240] FAT-fs (loop1): Directory bread(block 164) failed [ 89.886867][ T7240] FAT-fs (loop1): Directory bread(block 165) failed [ 89.893636][ T7238] IPVS: using max 3360 ests per chain, 168000 per kthread [ 89.937629][ T7240] FAT-fs (loop1): Directory bread(block 166) failed [ 89.976956][ T7240] FAT-fs (loop1): Directory bread(block 167) failed [ 90.016594][ T7240] FAT-fs (loop1): Directory bread(block 168) failed [ 90.055586][ T7240] FAT-fs (loop1): Directory bread(block 169) failed [ 90.092287][ T7240] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 90.144119][ T7240] FAT-fs (loop1): Directory bread(block 162) failed [ 90.150792][ T7240] FAT-fs (loop1): Directory bread(block 163) failed [ 90.515012][ T7285] loop5: detected capacity change from 0 to 7 [ 90.538328][ T7288] loop1: detected capacity change from 0 to 512 [ 90.544899][ T7285] Buffer I/O error on dev loop5, logical block 0, async page read [ 90.561224][ T7288] EXT4-fs: Ignoring removed nobh option [ 90.569091][ T7285] Buffer I/O error on dev loop5, logical block 0, async page read [ 90.577083][ T7285] loop5: unable to read partition table [ 90.582894][ T7285] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 90.582894][ T7285] ) failed (rc=-5) [ 90.597099][ T3301] Buffer I/O error on dev loop5, logical block 0, async page read [ 90.605121][ T3301] Buffer I/O error on dev loop5, logical block 0, async page read [ 90.613488][ T3301] Buffer I/O error on dev loop5, logical block 0, async page read [ 90.621888][ T3301] Buffer I/O error on dev loop5, logical block 0, async page read [ 90.630018][ T3301] Buffer I/O error on dev loop5, logical block 0, async page read [ 90.646252][ T7288] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.1567: corrupted in-inode xattr: e_value size too large [ 90.661079][ T7288] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1567: couldn't read orphan inode 15 (err -117) [ 90.691131][ T7288] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.724331][ T7296] __nla_validate_parse: 4 callbacks suppressed [ 90.724390][ T7296] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1570'. [ 90.758305][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.768795][ T7298] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1571'. [ 90.955260][ T7326] macsec0: entered promiscuous mode [ 90.982271][ T7331] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1586'. [ 90.991905][ T7331] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1586'. [ 91.058210][ T7339] loop3: detected capacity change from 0 to 512 [ 91.075813][ T7339] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 91.111235][ T7339] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 91.141843][ T7339] ext4 filesystem being mounted at /311/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.158930][ T7351] loop0: detected capacity change from 0 to 1024 [ 91.194747][ T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 91.197048][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 91.203354][ T36] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 91.265414][ T7359] sch_fq: defrate 4294967295 ignored. [ 91.323731][ T7356] fido_id[7356]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 91.401749][ T7375] vhci_hcd: default hub control req: 0314 v001b i0006 l0 [ 91.765426][ T7407] loop3: detected capacity change from 0 to 512 [ 91.797754][ T7409] Set syz1 is full, maxelem 6117 reached [ 91.807547][ T7407] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.844507][ T7407] ext4 filesystem being mounted at /319/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 91.908733][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.923122][ T7425] loop0: detected capacity change from 0 to 512 [ 91.930006][ T7425] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 91.947483][ T7425] EXT4-fs (loop0): 1 truncate cleaned up [ 91.953608][ T7425] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 91.979147][ T7425] EXT4-fs warning (device loop0): ext4_group_add:1736: No reserved GDT blocks, can't resize [ 92.002663][ T7432] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 92.051254][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.116777][ T7443] loop1: detected capacity change from 0 to 256 [ 92.151206][ T7443] FAT-fs (loop1): codepage cp866 not found [ 92.352838][ T7454] vhci_hcd: default hub control req: 0314 v001b i0006 l0 [ 92.384886][ T7458] pimreg: entered allmulticast mode [ 92.406509][ T7458] pimreg: left allmulticast mode [ 92.683971][ T7488] loop4: detected capacity change from 0 to 1024 [ 92.748695][ T3423] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 92.782489][ T3423] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 92.838952][ T7500] fido_id[7500]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 93.132162][ T7531] @: renamed from vlan0 (while UP) [ 93.230581][ T7549] veth1_to_bond: entered allmulticast mode [ 93.259022][ T29] kauditd_printk_skb: 201 callbacks suppressed [ 93.259035][ T29] audit: type=1326 audit(1763636631.431:2563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7555 comm="syz.4.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 93.283138][ T7549] veth1_to_bond: left allmulticast mode [ 93.349008][ T29] audit: type=1326 audit(1763636631.491:2564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7555 comm="syz.4.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 93.372482][ T29] audit: type=1326 audit(1763636631.491:2565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7555 comm="syz.4.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 93.395893][ T29] audit: type=1326 audit(1763636631.491:2566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7555 comm="syz.4.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 93.409094][ T7567] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1665'. [ 93.419472][ T29] audit: type=1326 audit(1763636631.491:2567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7555 comm="syz.4.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 93.451667][ T29] audit: type=1326 audit(1763636631.491:2568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7555 comm="syz.4.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 93.475283][ T29] audit: type=1326 audit(1763636631.491:2569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7555 comm="syz.4.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 93.498689][ T29] audit: type=1326 audit(1763636631.491:2570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7555 comm="syz.4.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 93.522185][ T29] audit: type=1326 audit(1763636631.501:2571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7555 comm="syz.4.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 93.545677][ T29] audit: type=1326 audit(1763636631.501:2572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7555 comm="syz.4.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f7b853ef749 code=0x7ffc0000 [ 93.618046][ T7569] vlan0: entered allmulticast mode [ 93.623561][ T7569] dummy0: entered allmulticast mode [ 94.023661][ T7633] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1679'. [ 94.110407][ T7633] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1679'. [ 94.165507][ T7656] loop4: detected capacity change from 0 to 512 [ 94.218511][ T7669] loop0: detected capacity change from 0 to 512 [ 94.235687][ T7669] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 94.248802][ T7656] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.286784][ T7669] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.333434][ T3327] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.356182][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.401066][ T7692] @: renamed from vlan0 (while UP) [ 94.630109][ T7729] futex_wake_op: syz.1.1698 tries to shift op by 144; fix this program [ 95.119482][ T7781] loop0: detected capacity change from 0 to 512 [ 95.152290][ T7781] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.191069][ T7781] ext4 filesystem being mounted at /351/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 95.228042][ T7785] netlink: 19 bytes leftover after parsing attributes in process `syz.1.1716'. [ 95.231009][ T7787] loop2: detected capacity change from 0 to 164 [ 95.247176][ T7787] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 95.269701][ T7787] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 95.289629][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.343226][ T7791] vlan2: entered allmulticast mode [ 95.352029][ T7791] dummy0: entered allmulticast mode [ 95.448631][ T7805] loop2: detected capacity change from 0 to 256 [ 95.486818][ T7809] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1727'. [ 95.490419][ T7805] FAT-fs (loop2): codepage cp866 not found [ 95.531208][ T7813] netlink: 'syz.0.1729': attribute type 29 has an invalid length. [ 95.565616][ T7809] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1727'. [ 95.591403][ T7813] netlink: 'syz.0.1729': attribute type 29 has an invalid length. [ 95.663459][ T7816] loop2: detected capacity change from 0 to 512 [ 95.705493][ T7816] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.721200][ T7816] ext4 filesystem being mounted at /367/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 95.788750][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.806999][ T7836] loop4: detected capacity change from 0 to 128 [ 95.827128][ T7836] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 95.841225][ T7838] loop5: detected capacity change from 0 to 7 [ 95.847817][ T7836] ext4 filesystem being mounted at /315/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 95.861369][ T3301] Buffer I/O error on dev loop5, logical block 0, async page read [ 95.869375][ T3301] Buffer I/O error on dev loop5, logical block 0, async page read [ 95.877273][ T3301] loop5: unable to read partition table [ 95.883298][ T7838] Buffer I/O error on dev loop5, logical block 0, async page read [ 95.895632][ T7838] Buffer I/O error on dev loop5, logical block 0, async page read [ 95.903620][ T7838] loop5: unable to read partition table [ 95.910213][ T7838] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 95.910213][ T7838] ) failed (rc=-5) [ 95.924032][ T3301] Buffer I/O error on dev loop5, logical block 0, async page read [ 95.932183][ T3301] Buffer I/O error on dev loop5, logical block 0, async page read [ 95.940115][ T3301] Buffer I/O error on dev loop5, logical block 0, async page read [ 95.948317][ T3301] Buffer I/O error on dev loop5, logical block 0, async page read [ 95.956255][ T3301] Buffer I/O error on dev loop5, logical block 0, async page read [ 96.270363][ T7871] unsupported nlmsg_type 40 [ 96.276664][ T7871] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 96.287309][ T7871] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 96.460447][ T7883] __nla_validate_parse: 1 callbacks suppressed [ 96.460458][ T7883] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1759'. [ 96.475629][ T7883] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1759'. [ 96.569070][ T7893] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.602550][ T7893] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.653751][ T7893] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.667701][ T3327] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 96.713201][ T7893] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.736100][ T7905] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1770'. [ 96.745527][ T7901] loop4: detected capacity change from 0 to 8192 [ 96.769052][ T7907] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1771'. [ 96.778051][ T7907] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1771'. [ 96.787419][ T3301] loop4: p1 p2 p3 p4 [ 96.798184][ T3301] loop4: p3 start 331777 is beyond EOD, truncated [ 96.804739][ T3301] loop4: p4 size 262238 extends beyond EOD, truncated [ 96.850774][ T3834] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.859482][ T7901] loop4: p1 p2 p3 p4 [ 96.864623][ T7901] loop4: p3 start 331777 is beyond EOD, truncated [ 96.871101][ T7901] loop4: p4 size 262238 extends beyond EOD, truncated [ 96.884931][ T3834] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.901118][ T3834] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.939745][ T3834] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.062700][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 97.079086][ T4579] udevd[4579]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 97.094106][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 97.129141][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 97.140976][ T4579] udevd[4579]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 97.152366][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 97.161767][ T7930] loop2: detected capacity change from 0 to 256 [ 97.424497][ T7942] loop3: detected capacity change from 0 to 512 [ 97.452515][ T7947] lo speed is unknown, defaulting to 1000 [ 97.513090][ T7942] EXT4-fs warning (device loop3): ext4_xattr_inode_get:546: inode #11: comm syz.3.1783: ea_inode file size=0 entry size=6 [ 97.527284][ T7942] EXT4-fs (loop3): 1 orphan inode deleted [ 97.534587][ T7942] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.559507][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.882408][ T7956] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1787'. [ 97.891499][ T7956] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1787'. [ 97.931701][ T7960] netlink: 408 bytes leftover after parsing attributes in process `syz.3.1788'. [ 97.965011][ T7962] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1789'. [ 98.003292][ T7964] loop2: detected capacity change from 0 to 7 [ 98.010277][ T3301] loop2: [ 98.014529][ T7964] loop2: [ 98.137939][ T7980] loop1: detected capacity change from 0 to 1024 [ 98.146040][ T7980] EXT4-fs: Ignoring removed nomblk_io_submit option [ 98.162071][ T7980] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.237886][ T7994] netlink: 408 bytes leftover after parsing attributes in process `syz.4.1805'. [ 98.336471][ T29] kauditd_printk_skb: 89 callbacks suppressed [ 98.336493][ T29] audit: type=1400 audit(1763636636.511:2662): avc: denied { create } for pid=8004 comm="syz.2.1811" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 98.423601][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.440181][ T8012] syzkaller1: entered promiscuous mode [ 98.445827][ T8012] syzkaller1: entered allmulticast mode [ 98.566044][ T8023] loop0: detected capacity change from 0 to 2048 [ 98.592400][ T8023] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.722400][ T29] audit: type=1326 audit(1763636636.891:2663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8028 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 98.745940][ T29] audit: type=1326 audit(1763636636.891:2664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8028 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 98.769443][ T29] audit: type=1326 audit(1763636636.891:2665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8028 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 98.777252][ T8023] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 98.792899][ T29] audit: type=1326 audit(1763636636.891:2666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8028 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 98.792920][ T29] audit: type=1326 audit(1763636636.891:2667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8028 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 98.854545][ T29] audit: type=1326 audit(1763636636.891:2668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8028 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 98.878123][ T29] audit: type=1326 audit(1763636636.891:2669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8028 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 98.901513][ T29] audit: type=1326 audit(1763636636.891:2670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8028 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 98.925012][ T29] audit: type=1326 audit(1763636636.891:2671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8028 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0aad6f749 code=0x7ffc0000 [ 98.949173][ T8023] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 26 with error 28 [ 98.961492][ T8023] EXT4-fs (loop0): This should not happen!! Data will be lost [ 98.961492][ T8023] [ 98.971141][ T8023] EXT4-fs (loop0): Total free blocks count 0 [ 98.977172][ T8023] EXT4-fs (loop0): Free/Dirty block details [ 98.983129][ T8023] EXT4-fs (loop0): free_blocks=2415919504 [ 98.988895][ T8023] EXT4-fs (loop0): dirty_blocks=32 [ 98.994053][ T8023] EXT4-fs (loop0): Block reservation details [ 99.000091][ T8023] EXT4-fs (loop0): i_reserved_data_blocks=2 [ 99.029510][ T8038] loop2: detected capacity change from 0 to 7 [ 99.036301][ T8040] loop3: detected capacity change from 0 to 512 [ 99.042746][ T8038] loop2: [ 99.078737][ T3005] ================================================================== [ 99.086848][ T3005] BUG: KCSAN: data-race in d_delete / step_into [ 99.093087][ T3005] [ 99.095392][ T3005] read-write to 0xffff8881007b09c0 of 4 bytes by task 3301 on cpu 0: [ 99.103454][ T3005] d_delete+0x15a/0x180 [ 99.107595][ T3005] d_delete_notify+0x32/0x100 [ 99.112258][ T3005] vfs_unlink+0x30b/0x420 [ 99.116574][ T3005] do_unlinkat+0x24e/0x480 [ 99.120976][ T3005] __x64_sys_unlink+0x2e/0x40 [ 99.125640][ T3005] x64_sys_call+0x2dcf/0x3000 [ 99.130303][ T3005] do_syscall_64+0xd2/0x200 [ 99.134791][ T3005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.140671][ T3005] [ 99.142976][ T3005] read to 0xffff8881007b09c0 of 4 bytes by task 3005 on cpu 1: [ 99.150502][ T3005] step_into+0x12f/0x7f0 [ 99.154736][ T3005] walk_component+0x162/0x220 [ 99.159404][ T3005] path_lookupat+0xfe/0x2a0 [ 99.163899][ T3005] filename_lookup+0x147/0x340 [ 99.168654][ T3005] do_readlinkat+0x7d/0x320 [ 99.173139][ T3005] __x64_sys_readlink+0x47/0x60 [ 99.177972][ T3005] x64_sys_call+0x28de/0x3000 [ 99.182635][ T3005] do_syscall_64+0xd2/0x200 [ 99.187126][ T3005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.193003][ T3005] [ 99.195305][ T3005] value changed: 0x00300180 -> 0x00004080 [ 99.200999][ T3005] [ 99.203304][ T3005] Reported by Kernel Concurrency Sanitizer on: [ 99.209438][ T3005] CPU: 1 UID: 0 PID: 3005 Comm: udevd Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 99.220276][ T3005] Tainted: [W]=WARN [ 99.224057][ T3005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 99.234095][ T3005] ================================================================== [ 99.253591][ T8040] EXT4-fs (loop3): too many log groups per flexible block group [ 99.261466][ T8040] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 99.268335][ T8040] EXT4-fs (loop3): mount failed [ 99.269037][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.