last executing test programs: 1m47.289048311s ago: executing program 2 (id=2448): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000000a499d0000000000000000020000010900010073797a310000000008000240000000030400060014000000110001"], 0x54}}, 0x0) sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000200)={0x0, 0x2b, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000010a0101000000000000080002"], 0x14}, 0x1, 0x0, 0x0, 0x400c895}, 0x24000800) recvmsg(r0, &(0x7f0000000600)={0x0, 0x8, 0x0}, 0x0) 1m47.239537572s ago: executing program 2 (id=2451): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000010000104fcfffffffbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="431f07000b02000008000a00", @ANYRES32=r1, @ANYBLOB="08000500", @ANYRES32=r1, @ANYBLOB="1c0012800b0001006970766c616e"], 0x4c}, 0x1, 0x0, 0x0, 0x2004d808}, 0x40050) syz_emit_ethernet(0x2c, &(0x7f0000000040)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x15}, @void, {@arp={0x806, @generic={0x312, 0xa00, 0x6, 0x0, 0xa, @broadcast, "", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}, "f6d06c0bb908788ce9ca"}}}}, 0x0) 1m47.040996897s ago: executing program 2 (id=2462): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'hsr0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000080)={r1, 0x3, 0x6, @random="7c6a97bead69"}, 0x10) close(0x3) 1m47.027546808s ago: executing program 2 (id=2465): perf_event_open(&(0x7f0000000800)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6, 0x0, 0x0, 0x1800}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xf8ffffff}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1m46.924694181s ago: executing program 2 (id=2469): symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000240)='./file0\x00') chmod(&(0x7f0000000180)='./file0\x00', 0x257) lchown(&(0x7f00000001c0)='./file0\x00', 0xee00, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x60a40, 0x8) 1m46.845438653s ago: executing program 2 (id=2474): ptrace(0x10, 0x1) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0) sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0) 1m31.82323709s ago: executing program 32 (id=2474): ptrace(0x10, 0x1) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0) sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0) 1m25.510472946s ago: executing program 5 (id=2934): r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth1_to_bond\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x3, 0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newtfilter={0x90, 0x2c, 0xd27, 0x30bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {}, {0x2, 0xfff1}}, [@filter_kind_options=@f_fw={{0x7}, {0x5c, 0x2, [@TCA_FW_ACT={0x58, 0x4, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0xfffffc00, 0x8, 0x7, 0x200000b, 0xff}, @broadcast, @local, 0xff, 0x1}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x3, 0x1}}]}, 0x90}, 0x1, 0x0, 0x0, 0x4}, 0x4000800) 1m25.487571656s ago: executing program 5 (id=2935): r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = dup3(r0, r1, 0x0) ioctl$MON_IOCG_STATS(r2, 0xc0109207, &(0x7f0000000180)) 1m25.430190288s ago: executing program 5 (id=2938): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x61, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 1m25.402052418s ago: executing program 5 (id=2939): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x140) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) chroot(&(0x7f0000001140)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000100)='./file0/../file0\x00') 1m25.370847319s ago: executing program 5 (id=2941): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x1001, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0, 0x9}, 0x102270, 0xfffd, 0x0, 0x1, 0x2, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000820000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) symlinkat(&(0x7f00000000c0)='./file1\x00', r1, &(0x7f0000000200)='./file0\x00') 1m24.299435609s ago: executing program 5 (id=2962): renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newsa={0x138, 0x10, 0x1, 0xbffffffe, 0x100, {{@in=@empty, @in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x1, 0x394, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@remote, {0x0, 0x9, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0x6, 0x0, 0x1f, 0x1ff}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0xa, 0x1, 0xfd, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in=@rand_addr=0x64010101, 0x4d4, 0x6c}, @in=@remote, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0xa, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) 1m24.26684933s ago: executing program 33 (id=2962): renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newsa={0x138, 0x10, 0x1, 0xbffffffe, 0x100, {{@in=@empty, @in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x1, 0x394, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@remote, {0x0, 0x9, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0x6, 0x0, 0x1f, 0x1ff}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0xa, 0x1, 0xfd, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in=@rand_addr=0x64010101, 0x4d4, 0x6c}, @in=@remote, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0xa, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) 1m7.021574439s ago: executing program 6 (id=3361): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x400, &(0x7f0000000180), 0x2, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61) r1 = open(&(0x7f0000000200)='./file1\x00', 0x4a07e, 0xdc) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r1, 0x6628) 1m6.837255444s ago: executing program 6 (id=3367): bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48) 1m5.599287359s ago: executing program 6 (id=3395): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000c80)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36513001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e455fe2bb24ef66970746c7f1f2a5c4c3", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000780)=""/274, 0x112}], 0x1}, 0x10182) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000740)=ANY=[@ANYBLOB="380100001a00016000feffffff00010000ac1e0101000000000000000000000000fc010000000000000000000000000001000107174e2300050a0000203a0000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c000000fc02000000000000000000000000000007000000000000009201000000000010a39b000000000000ffff0000000000001c250800000000000500000000000000fcffffffffffffff0400000000000000ffffffffffffffff00000000000000001f000000000000000500000000000000fefffffffc030000000000007e0000000535000002"], 0x138}}, 0x844) 1m5.451800152s ago: executing program 6 (id=3400): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f00000002c0)=@file={0x1, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 1m5.381679354s ago: executing program 6 (id=3403): r0 = socket$l2tp(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB='h\x00'], 0x68}}, 0x0) connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0) 1m5.137479531s ago: executing program 6 (id=3412): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$int_in(r0, 0x5452, &(0x7f0000000340)=0xc) listen(r1, 0xfffffffc) 1m5.110872552s ago: executing program 34 (id=3412): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$int_in(r0, 0x5452, &(0x7f0000000340)=0xc) listen(r1, 0xfffffffc) 3.284872039s ago: executing program 4 (id=5021): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000042c0)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a90000000060a030400000000000000000a0000050900010073797a3100000000500004804c0001800b00010074617267657400003c000280240003007339f2f304fdd672bad09dfb040000000001000001f9580dabf95ddc91967c2008000240000000000c00010052415445455354000900020073797a32"], 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x20008040) 3.230652041s ago: executing program 4 (id=5022): sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, 0x0, 0x4000050) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24004045) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0xa}, 0x4, 0x3, 0x3, 0x0, 0x2, 0x7ffffffd, 0x6, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xc00, 0x0, &(0x7f00000002c0), 0x0, 0x2000, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 3.102625304s ago: executing program 4 (id=5025): r0 = epoll_create1(0x80000) syz_clone3(&(0x7f0000000540)={0x901400, &(0x7f0000000040)=0xffffffffffffffff, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x200f}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x25f1a000) pselect6(0x40, &(0x7f00000000c0)={0x6, 0x0, 0x5, 0xfffffffffffffffe, 0x800, 0x400000000, 0x8000000100000, 0x10000000000}, 0x0, &(0x7f0000000000)={0x1f, 0x1, 0x9, 0x1, 0xf, 0x0, 0x6a9, 0x20c3}, 0x0, 0x0) 2.18533083s ago: executing program 4 (id=5041): perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x84, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f0, 0x0, @perf_config_ext={0x20000000}, 0x2980, 0x2, 0x0, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_create_resource$binfmt(&(0x7f0000000000)='./file0\x00') prctl$PR_MCE_KILL(0x4e, 0x1, 0x1000000) r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x41, 0x1ff) fcntl$setlease(r1, 0x400, 0x1) 916.481185ms ago: executing program 4 (id=5060): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x483, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0x8}, 0x10, 0x6bf1, 0x1000, 0x2, 0x2, 0x80000011, 0x1, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xdf7fffffffffffff, 0xffffffffffffffff, 0x9) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'dummy0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x403, 0x4, 0x0, {0x0, 0x0, 0x0, 0x0, 0x311}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x3c}, 0x1, 0xba01}, 0x8810) 916.169665ms ago: executing program 1 (id=5061): setresgid(0xee00, 0xee01, 0x0) setregid(0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, r1, 0x0) 849.069257ms ago: executing program 1 (id=5063): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x108) close(r0) socket$inet_mptcp(0x2, 0x1, 0x106) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000800000000008"], 0x48) mount$9p_fd(0x0, &(0x7f00000006c0)='./bus\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000700)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 845.218927ms ago: executing program 4 (id=5064): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) close(0x3) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) setsockopt(r0, 0x84, 0x80, &(0x7f0000000000)="1400000009000000", 0x8) 785.910349ms ago: executing program 1 (id=5066): perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x9}, 0x106200, 0x1000, 0x20da, 0x0, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) linkat(r0, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r0, &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1000) 761.110009ms ago: executing program 0 (id=5067): setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) add_key(0x0, &(0x7f0000000180), 0x0, 0x0, 0xfffffffffffffffe) r0 = socket(0xa, 0x80805, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000180)={0x0, @in={{0x2, 0x4e23, @loopback}}, 0xc, 0x2a}, 0x90) 738.04154ms ago: executing program 1 (id=5068): r0 = socket(0xa, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0xffffffffffffffff, r1) setgroups(0x1, &(0x7f00000002c0)=[r1]) socket$inet6_icmp(0xa, 0x2, 0x3a) 703.687081ms ago: executing program 0 (id=5069): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="d80000001c0081044e81f782db44b904021d08020e0000008100e0a1180002000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) syz_clone(0x20102400, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="d80000001c0081054e81f782db44b904021d08040e000000100d10a118000c000600142603600e1208000f0000810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee0800080e408e8d8ef52a98516277ce06ebace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad8099639cace81ed0bffec193e2a9ecbee5de6ccd4d6e4ed6f3d93452a92954b43370e970189", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) 699.418651ms ago: executing program 1 (id=5070): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0xcf, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x2}, 0x1004, 0x0, 0x10000, 0x3, 0x2, 0x80004001, 0x0, 0x0, 0x0, 0x0, 0xbf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000180)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f00000002c0)=0x0) timer_settime(r0, 0x1, &(0x7f0000000140)={{0x77359400}, {0x0, 0x3938700}}, 0x0) 580.103824ms ago: executing program 1 (id=5071): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f000012d000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f00005a4000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f000012d000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x9315, 0x1f480, 0x0, 0x39d}) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) 557.458945ms ago: executing program 0 (id=5072): socket$nl_generic(0x11, 0x3, 0x10) socket(0x200000000000011, 0x2, 0xd) socket$packet(0x11, 0x2, 0x300) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00') preadv(r0, &(0x7f0000000040)=[{&(0x7f0000000240)=""/49, 0x31}], 0x1, 0x3a, 0x5) 527.385166ms ago: executing program 0 (id=5073): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x0, 0xb801b, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_config_ext={0x1, 0xf60e}, 0xb093, 0x800000, 0x43a1bd76, 0x2, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8) socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000340)=ANY=[], 0x8) setsockopt$inet6_buf(r0, 0x29, 0x39, 0x0, 0x0) 469.316537ms ago: executing program 0 (id=5074): setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x1}, 0x10) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x17, @tick=0x1}) 465.712328ms ago: executing program 7 (id=5076): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth1_to_hsr\x00', 0x0}) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xfffbffff, {0x0, 0x0, 0x0, r1, {0x0, 0xffe0}, {0xffff, 0xffff}, {0xe, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x14, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0xfffffe00}]}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40001}, 0x10) 414.975809ms ago: executing program 3 (id=5078): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]}) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) r0 = gettid() process_vm_writev(r0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) 395.64047ms ago: executing program 0 (id=5079): r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x0) ftruncate(r0, 0x8800000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r2, &(0x7f0000002500)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x1000}, {&(0x7f0000000040)=""/114, 0x72}], 0x2}}, {{0x0, 0x0, 0x0}, 0x6}], 0x2, 0x700, 0x0) sendfile(r1, r0, 0x0, 0x578410eb) 384.73661ms ago: executing program 7 (id=5080): r0 = perf_event_open(&(0x7f00000014c0)={0x5, 0x80, 0x0, 0xfe, 0xff, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x1590, 0x0, 0x8, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x3) syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00') ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x8000000000000000) syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00') 382.04871ms ago: executing program 3 (id=5081): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="120000000b0000000400000002"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000340), &(0x7f0000000140)=r0}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000040)=0x2, &(0x7f00000005c0)=r0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r1, &(0x7f0000000040)}, 0x20) 354.329491ms ago: executing program 7 (id=5082): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) recvfrom$inet6(r0, 0x0, 0x0, 0x1000, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b4560a117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) 348.699581ms ago: executing program 3 (id=5083): syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f00000000c0)='./file2\x00', 0x14a1c, &(0x7f0000003240)=ANY=[], 0x9, 0x37a, &(0x7f0000000a00)="$eJzs3c9rK1UUwPGTNE2TltdkpShIL76Nboa2uhaDvAdCwNI2YisI03aiIWNSZkI1IjZduRX3rgQXpeDCgouC9h/oxp1uROiuG8GFXagj8yuZJpOkpmkj7fcDj9zcc8/Mncx9cCbvTebinS8+rJZtraw3JJlRkhARuRTJS1JCieA16bXTEtWSl+f++PmFtY1Sxu9QTwvrrywrpeYXfvjo02ww7GRGzvLvXfy+fH72zNlzF/+sf1CxVcVWtXpD6Wqr/mtD3zINtVOxq5pSK6ah24aq1GzD8uPfBdsx67u7TaXXdh7N7lqGbSu91lRVo6kaddWwmkp/X6/UlKZp6tGsDDI9MPpQlA5XV/XCiMnbY54MbollOfqUiGR7IqW5mYnMCAAATFJ3/Z90S/pR6v9NmS8Wn6wqd3Cn/j968bQx9/bxfFD/n6Tj6v9Xf/G3daX+dy8nOvV/3b8+KA+v/7+Sa9X/vt6K6GEZuf7P38JkMJqFdE9X4so7yyros8HfX8/Bu0eLXqN0eBcTBAAAAAAAAAAAAAAAAAAAAAAAN3PpODnHcXLha/incwtB8B73UqbP+Z9xY+7Zdzj/99naxqZkvBv33HNsfr5X2iv5r8GAUxExxfjb6eaujfDOI+XKy4/mfpC/v1ea8iKFslTcfFmSnOS99RTJd5ynbxafLClfkN++Ten820i+pPzOdv733hs3f/lqfrD/tLz0OJKvSU5+2pa6mLLjZXb2/9mSUm+8VezKz3rjROS3uz0jAAAAAACMn6baYq/fNa1f3P+VkULZ+5rIkEXJyV/x1/eLsdfnqdzzqUkfPQAAAAAAD4Pd/KSqS9KwvIZpxjWy0jdktzIxoWyfwV2N8Bkc0ZDbFzs43dUzPWjLU5EjHDqNoJEW/wkm1xo8oPF1+Kn+l6zwP1K4E2+HMjGfT6eRkMFbDo/fH5wa9XBMM9ESbwG0oqHkkL17jVT35BfcDhU7+HHf7RwEB9LuCb82Svf5nGWldzvJASthuqfHSYy2AJ798ps/b7p+Oo3XjoMV8PHwwQem4ezLdU5KV8PdRW+Ix+MAAAAA91Cn6A97Xo+Gow8SiT4sh3+5BwAAAAAAAAAAAAAAAAAAAAAAAAAAAABgjMbyQ2VDGpM+RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/4t8AAAD//35E7j8=") write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000140)=ANY=[@ANYBLOB='b *'], 0xa) syz_mount_image$msdos(&(0x7f0000000480), &(0x7f0000000280)='./file1\x00', 0x200400, &(0x7f0000000580)=ANY=[@ANYRES64=0x0], 0x1, 0x24a, &(0x7f0000001fc0)="$eJzs3TFrE2EYB/DHNm1DFzuLw4GLU1An1yAVxIAQuUEnD6pLK8J1OZ3uY/gZ/Eh+jE7dTuzFpq3RpU3f693vB+Ee+BN4XgJ5Mzzvmw8PPx8efDn+1Pz8HuNxFqOIumki9mIjNqN1b/HcOKu346I6AIC7Zj4vpql7YL3KclpsRcTOX0n+I0lDAAAAAAAAAAAAXNuq+f84Nf8PAH1m/r//ynJa7C5+v11m/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABI57Rp7jf/eaXuDwC4efZ/ABge+z8ADI/9HwCG5+2796+ns9n+PMvGESd1lVd5+2zzl69m+0+yM3vLd51UVb55nj9t8+xyvhW7i/zZynw7Hj9q89/ZizezK/lOHKx/+QAAAAAAAAAAAAAAAAAAANAJk+zcyvP9k8m/8ra6cD/AlfP7o3gwurVlAAAAAAAAAAAAAAAAAAAAwJ12/PXbYXF09LEcbvHnXoOu9HPtIp53oo3bLnr0CXahSPzFBAAAAAAAAAAAAAAAAAAAA7Q89Ju6EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/n//+srIqJuWqmXCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTYrwAAAP//gGWXaQ==") mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) renameat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0) 317.687772ms ago: executing program 3 (id=5084): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) mount$tmpfs(0x0, &(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240), 0x0, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) umount2(&(0x7f0000000380)='./file0/file0\x00', 0x0) 299.625272ms ago: executing program 3 (id=5085): r0 = syz_open_procfs(0x0, 0x0) pread64(r0, 0x0, 0x0, 0x1000000300) perf_event_open(&(0x7f00000005c0)={0x2, 0x80, 0xf9, 0x1, 0x0, 0x0, 0x0, 0x800000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_bp={0x0}, 0x800, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x585d}, [@IFLA_IFNAME={0x14, 0x3, 'ipvlan1\x00'}, @IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}]}, 0x48}, 0x1, 0x0, 0x0, 0xc0850}, 0x0) 266.465363ms ago: executing program 7 (id=5086): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2, &(0x7f0000000780)={[{@jqfmt_vfsold}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@nodiscard}, {@noload}, {@delalloc}, {@mblk_io_submit}, {@commit}, {@noblock_validity}, {@lazytime}, {@init_itable_val={'init_itable', 0x3d, 0xfff}}]}, 0xfa, 0x481, &(0x7f0000003380)="$eJzs3MtvFdUfAPDv3D54/9of4gMEqaKR+GhpecjCjUYTFpqY6ALjqraFVAo1tCZCiFYXuDQk7o3/hXGlG6NuNHGre0NCDDEBdTNm7szApdwpt/S2F3o/n2Tac2ZO7znfOXNuz8xpbwBdayj7kkRsjYjfImIgz95aYCj/dv3qhYm/r16YSCJN3/wzqZe7dvXCRFm0/LkteSZNi/yGJvVefCdifGZm6myRH5k//f7I3Lnzz0+fHj85dXLqzNjRo4cO7uk/Mna4LXFmcV3b9dHs7p3H3r70+sTxS+/+mNQijzsWxdEuQ/nZbeqpdlfWYdsa0klv45G9P99MN7sS6KSeiMi6q68+/geiJzbdODYQr37a0cYBqypN03SJd+WFFFjHkuh0C4DOKH/RZ/e/5bZGU497wpWX8hugLO7rxZYf6Y1antjbt+j+dmsb6x+KiOML/3yZbbFKzyEAABp9m81/nms2/6vFQ3miP/vyv2INZTAi/h8R2yPigYjYEREPRtTLPhwRjyyz/sUrJLfPf2qX7zq4FmTzvxeLta1b53+1sshgT5HbVo+/LzkxPTN1oDgn+6Nvw4npZGp0iTq+e+XXz6uONc7/si2rv5wLFu243LvoAd3k+Pz4SmJudOWTiF29zeJPolzGSSJiZ0Tsuss6pp/prTx25/iXUP2yLUu/ing67/+FWBR/Kalcnxx94cjY4ZGNMTN1YKS8Km730y8X36iqf0Xxt0HW/5ubXv834h9MNkbMnTt/qr5eO7esl8+GTlz8/bPKe5oi/mx4tXL9H9tWXP/9yVv1Hf3FgQ/H5+fPjkb0J6/dvn/s5quV+bJ8Fv/+fc3H//a4eSYejYjdEbEnIh7LbgqLtj8eEU9ExL4lTsIPLz/53h3ib9L/a7NWmsU/Wd3/f6VZ/0dj/y8/0XPq+2/uHP/GiKjq/0P11P5iTyvvf602cKXnDwAAAO4H+d/AJ7XhG+labXg4/xv+HbG5NjM7N//sidkPzkzm696D0Vcrn3QNNDwPHS2eDZf5sUX5g8Vz4y96NtXzwxOzM5OdDh663JaK8Z/5o6fTrQNWXRvW0YD7lPEP3cv4h+6UGP/Q1Yx/6F7Nxv/HlaWHv17VxgBryu9/6F4tjP+F/Fv1rAC4PzUb/wMdaAew9sz/oStV/m98bUX/8r/miX+LzzO8V9qz/hNRuyeasf4TvS1/mMUyEmkxv8/2bGhaptPvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO3xXwAAAP//2Y/lXQ==") perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x9, 0x80552, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4, @perf_bp={0x0, 0xa}, 0x102260, 0x10000, 0x0, 0x1, 0x5, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x2000000020000005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) chdir(&(0x7f0000000040)='./file0\x00') socket$kcm(0x29, 0x2, 0x0) mknod$loop(&(0x7f00000009c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1) 175.525015ms ago: executing program 3 (id=5087): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18) connect$can_j1939(r0, &(0x7f0000000100)={0x1d, r1, 0x0, {0x0, 0xff, 0xa8fe8ad4eea2351f}, 0x2}, 0x5a) sendmmsg(r0, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5) 112.540607ms ago: executing program 7 (id=5088): perf_event_open(&(0x7f00000005c0)={0x2, 0x55, 0xf9, 0x1, 0x0, 0x0, 0x0, 0x800000000, 0x4000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10003, 0x0, @perf_bp={0x0}, 0x800, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) renameat2(r1, &(0x7f0000000040)='./bus\x00', r1, &(0x7f00000001c0)='./file0\x00', 0x5) 0s ago: executing program 7 (id=5089): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x2, 0x4}, 0x102260, 0x10000, 0x4, 0x1, 0x8, 0x20005, 0x7, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_clone3(&(0x7f0000000480)={0x20000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000003bc0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000440)=[0x1], 0x0, 0x0, 0x1, 0x1, r0}}, 0x40) kernel console output (not intermixed with test programs): [ T88] veth1_macvtap: left promiscuous mode [ 129.228475][ T88] veth0_macvtap: left promiscuous mode [ 129.247233][ T88] veth1_vlan: left promiscuous mode [ 129.257226][ T88] veth0_vlan: left promiscuous mode [ 129.264909][ T3292] EXT4-fs warning (device loop3): ext4_evict_inode:195: inode #18: comm syz-executor: data will be lost [ 129.495948][ T3286] udevd[3286]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 129.497362][ T3284] udevd[3284]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 129.520853][ T3281] udevd[3281]: inotify_add_watch(7, /dev/loop4p12, 10) failed: No such file or directory [ 129.535215][ T8735] udevd[8735]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory [ 129.539293][ T8745] udevd[8745]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory [ 129.557394][ T8744] udevd[8744]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 129.567660][ T8739] udevd[8739]: inotify_add_watch(7, /dev/loop4p10, 10) failed: No such file or directory [ 129.572051][ T3732] udevd[3732]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory [ 129.588139][ T3286] udevd[3286]: inotify_add_watch(7, /dev/loop4p14, 10) failed: No such file or directory [ 129.590502][ T8736] udevd[8736]: inotify_add_watch(7, /dev/loop4p8, 10) failed: No such file or directory [ 130.157073][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 130.192122][ T88] team0 (unregistering): Port device team_slave_1 removed [ 130.234759][ T88] team0 (unregistering): Port device team_slave_0 removed [ 130.279772][ T9994] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 130.297730][ T9994] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 130.350421][ T9994] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 130.373195][ T3020] 8021q: adding VLAN 0 to HW filter on device eth2 [ 130.394332][T10116] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2883'. [ 130.462470][ T9994] hsr_slave_0: entered promiscuous mode [ 130.474094][ T9994] hsr_slave_1: entered promiscuous mode [ 130.487764][ T9994] debugfs: 'hsr0' already exists in 'hsr' [ 130.495128][ T9994] Cannot create hsr debugfs directory [ 130.733358][ T9994] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 130.759565][ T9994] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 130.775607][ T9994] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 130.794099][ T9994] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 130.808880][ T3020] 8021q: adding VLAN 0 to HW filter on device eth3 [ 130.831848][ T9994] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 130.853561][ T9994] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 130.871747][ T9994] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 130.905264][ T9994] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 131.001975][ T9994] 8021q: adding VLAN 0 to HW filter on device bond0 [ 131.036670][ T9994] 8021q: adding VLAN 0 to HW filter on device team0 [ 131.068939][ T269] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.076201][ T269] bridge0: port 1(bridge_slave_0) entered forwarding state [ 131.110576][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.117903][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 131.387430][T10219] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2911'. [ 131.409400][ T3020] 8021q: adding VLAN 0 to HW filter on device eth4 [ 131.452022][ T9994] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 131.658695][T10245] netlink: 'syz.1.2916': attribute type 3 has an invalid length. [ 131.686004][T10245] netlink: 13435 bytes leftover after parsing attributes in process `syz.1.2916'. [ 131.876004][ T9994] veth0_vlan: entered promiscuous mode [ 131.893145][ T9994] veth1_vlan: entered promiscuous mode [ 131.933781][ T9994] veth0_macvtap: entered promiscuous mode [ 131.954469][ T9994] veth1_macvtap: entered promiscuous mode [ 131.993410][ T9994] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 132.027911][ T9994] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 132.048976][ T269] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.059676][ T269] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.073004][ T269] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.169712][ T269] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.209960][T10280] loop4: detected capacity change from 0 to 512 [ 132.219687][T10280] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 132.233632][T10274] syzkaller1: entered promiscuous mode [ 132.244948][T10280] EXT4-fs error (device loop4): ext4_orphan_get:1423: comm syz.4.2928: bad orphan inode 15 [ 132.246411][T10274] syzkaller1: entered allmulticast mode [ 132.262220][T10280] loop4: lost filesystem error report for type 5 error -117 [ 132.263109][T10280] ext4_test_bit(bit=14, block=5) = 0 [ 132.270584][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 132.270636][ C0] EXT4-fs (loop4): initial error at time 2000000030: ext4_orphan_get:1423 [ 132.270661][ C0] EXT4-fs (loop4): last error at time 2000000030: ext4_orphan_get:1423 [ 132.300301][T10280] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 132.335753][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.345061][ T28] kauditd_printk_skb: 42 callbacks suppressed [ 132.345076][ T28] audit: type=1400 audit(2000000030.820:1145): avc: denied { mounton } for pid=9994 comm="syz-executor" path="/root/syzkaller.x0D04l/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=26140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 132.389544][ T28] audit: type=1400 audit(2000000030.860:1146): avc: denied { mount } for pid=9994 comm="syz-executor" name="/" dev="gadgetfs" ino=4744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 132.462072][ T28] audit: type=1400 audit(2000000030.940:1147): avc: denied { name_bind } for pid=10288 comm="syz.5.2851" src=28196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 132.660328][ T28] audit: type=1400 audit(2000000031.140:1148): avc: denied { bind } for pid=10312 comm="syz.3.2942" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 132.691683][ T28] audit: type=1400 audit(2000000031.140:1149): avc: denied { connect } for pid=10312 comm="syz.3.2942" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 133.354643][T10331] netlink: 'syz.0.2948': attribute type 1 has an invalid length. [ 133.410609][T10335] netlink: 236 bytes leftover after parsing attributes in process `syz.0.2950'. [ 133.420122][T10337] loop4: detected capacity change from 0 to 128 [ 133.428101][T10335] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2950'. [ 133.684369][ T3446] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.154093][T10405] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2976'. [ 134.281766][T10370] bridge0: port 1(bridge_slave_0) entered blocking state [ 134.289215][T10370] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.296474][T10370] bridge_slave_0: entered allmulticast mode [ 134.319589][T10370] bridge_slave_0: entered promiscuous mode [ 134.337338][T10370] bridge0: port 2(bridge_slave_1) entered blocking state [ 134.345271][T10370] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.353772][T10370] bridge_slave_1: entered allmulticast mode [ 134.368994][T10370] bridge_slave_1: entered promiscuous mode [ 134.391229][T10370] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 134.405149][T10370] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 134.426521][T10370] team0: Port device team_slave_0 added [ 134.433646][T10370] team0: Port device team_slave_1 added [ 134.451405][T10370] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 134.458652][T10370] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 134.486619][T10370] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 134.503774][ T3446] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.527871][T10370] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 134.553068][T10370] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 134.602209][T10370] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 134.648336][ T3446] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.696211][T10370] hsr_slave_0: entered promiscuous mode [ 134.713330][T10370] hsr_slave_1: entered promiscuous mode [ 134.726646][T10370] debugfs: 'hsr0' already exists in 'hsr' [ 134.738505][T10370] Cannot create hsr debugfs directory [ 134.748753][ T3446] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.925346][ T3446] bridge_slave_1: left allmulticast mode [ 134.935708][ T3446] bridge_slave_1: left promiscuous mode [ 134.947182][ T3446] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.958727][ T3446] bridge_slave_0: left allmulticast mode [ 134.985011][ T3446] bridge_slave_0: left promiscuous mode [ 134.997159][ T3446] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.151070][ T3446] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 135.169009][ T3446] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 135.198407][ T3446] bond0 (unregistering): Released all slaves [ 135.391840][ T3446] hsr_slave_0: left promiscuous mode [ 135.402405][ T3446] hsr_slave_1: left promiscuous mode [ 135.415015][ T3446] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 135.425614][ T3446] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 135.438806][ T3446] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 135.452551][ T3446] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 135.494324][ T3446] veth1_macvtap: left promiscuous mode [ 135.507022][ T3446] veth0_macvtap: left promiscuous mode [ 135.512823][ T3446] veth1_vlan: left promiscuous mode [ 135.520806][ T3446] veth0_vlan: left promiscuous mode [ 135.581055][T10485] loop4: detected capacity change from 0 to 1024 [ 135.628972][T10485] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 135.662541][T10485] EXT4-fs (loop4): shut down requested (2) [ 135.705316][ T3446] team0 (unregistering): Port device team_slave_1 removed [ 135.717431][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.728707][ T3446] team0 (unregistering): Port device team_slave_0 removed [ 135.822911][ T3020] 8021q: adding VLAN 0 to HW filter on device eth5 [ 135.887396][T10370] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 135.907328][T10370] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 135.926325][T10370] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 135.951283][T10370] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 135.979008][T10370] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 136.012753][T10370] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 136.034330][T10370] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 136.064378][T10370] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 136.087232][ T269] Bluetooth: hci0: Frame reassembly failed (-84) [ 136.148546][T10370] 8021q: adding VLAN 0 to HW filter on device bond0 [ 136.174975][T10370] 8021q: adding VLAN 0 to HW filter on device team0 [ 136.194946][ T269] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.202169][ T269] bridge0: port 1(bridge_slave_0) entered forwarding state [ 136.233221][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.240379][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 136.345589][ T3020] 8021q: adding VLAN 0 to HW filter on device eth6 [ 136.506659][ T3079] IPVS: starting estimator thread 0... [ 136.554251][T10571] sctp: [Deprecated]: syz.1.3019 (pid 10571) Use of int in maxseg socket option. [ 136.554251][T10571] Use struct sctp_assoc_value instead [ 136.556094][ T28] audit: type=1400 audit(2000000035.030:1150): avc: denied { setopt } for pid=10569 comm="syz.1.3019" lport=59924 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 136.607472][T10565] IPVS: using max 2304 ests per chain, 115200 per kthread [ 136.608803][T10370] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 136.734036][ T3020] 8021q: adding VLAN 0 to HW filter on device eth7 [ 136.751214][ T28] audit: type=1400 audit(2000000035.220:1151): avc: denied { create } for pid=10585 comm="syz.4.3022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 136.814810][ T28] audit: type=1400 audit(2000000035.230:1152): avc: denied { sys_admin } for pid=10585 comm="syz.4.3022" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 136.856259][ T28] audit: type=1400 audit(2000000035.250:1153): avc: denied { sys_module } for pid=10370 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 136.999890][T10370] veth0_vlan: entered promiscuous mode [ 137.025693][T10370] veth1_vlan: entered promiscuous mode [ 137.071499][T10370] veth0_macvtap: entered promiscuous mode [ 137.095115][T10370] veth1_macvtap: entered promiscuous mode [ 137.119925][T10370] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 137.141722][T10370] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 137.159539][ T3020] 8021q: adding VLAN 0 to HW filter on device eth8 [ 137.171152][ T3446] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.196815][ T3446] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.214408][ T3446] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.235313][ T3446] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.410519][T10628] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.417916][T10628] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.475262][T10628] bridge_slave_0: left allmulticast mode [ 137.484383][T10628] bridge_slave_0: left promiscuous mode [ 137.497062][T10628] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.622092][T10628] bridge_slave_1: left allmulticast mode [ 137.634988][T10628] bridge_slave_1: left promiscuous mode [ 137.647203][T10628] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.675995][T10628] bond0: (slave bond_slave_0): Releasing backup interface [ 137.698773][T10628] bond0: (slave bond_slave_1): Releasing backup interface [ 137.721405][T10628] team0: Port device team_slave_0 removed [ 137.739863][T10628] team0: Port device team_slave_1 removed [ 137.758816][T10628] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 137.778571][T10628] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 137.797749][T10628] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 137.809281][T10628] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 137.833389][T10628] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 138.075056][T10646] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.128697][T10646] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 138.139912][T10646] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 138.159787][ T3528] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 138.206140][ T28] audit: type=1400 audit(2000000036.680:1154): avc: denied { create } for pid=10658 comm="syz.3.3033" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 138.240906][T10662] loop6: detected capacity change from 0 to 128 [ 138.248964][ T28] audit: type=1400 audit(2000000036.710:1155): avc: denied { write } for pid=10658 comm="syz.3.3033" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 138.320618][ T49] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.344727][ T49] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.371437][ T49] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.408824][ T49] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.457564][T10677] loop4: detected capacity change from 0 to 512 [ 138.466153][T10677] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 138.493760][T10677] EXT4-fs (loop4): 1 truncate cleaned up [ 138.502872][T10677] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 138.526568][T10677] EXT4-fs error (device loop4): ext4_generic_delete_entry:2673: inode #2: block 13: comm syz.4.3037: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 138.547381][ T28] audit: type=1400 audit(2000000037.000:1156): avc: denied { rename } for pid=10674 comm="syz.4.3037" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 138.558168][T10677] EXT4-fs (loop4): Remounting filesystem read-only [ 138.577796][T10677] EXT4-fs warning (device loop4): ext4_rename_delete:3739: inode #2: comm syz.4.3037: Deleting old file: nlink 4, error=-117 [ 138.592596][T10685] netlink: 'syz.1.3038': attribute type 29 has an invalid length. [ 138.603141][T10685] netlink: 'syz.1.3038': attribute type 29 has an invalid length. [ 138.612242][T10685] netlink: 500 bytes leftover after parsing attributes in process `syz.1.3038'. [ 138.621660][T10685] unsupported nla_type 58 [ 138.655821][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.702059][T10693] netlink: 64859 bytes leftover after parsing attributes in process `syz.3.3043'. [ 138.784853][ T28] audit: type=1326 audit(2000000037.260:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10701 comm="syz.3.3046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 138.816401][ T28] audit: type=1326 audit(2000000037.260:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10701 comm="syz.3.3046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 138.845251][ T28] audit: type=1326 audit(2000000037.260:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10701 comm="syz.3.3046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 138.872017][ T28] audit: type=1326 audit(2000000037.260:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10701 comm="syz.3.3046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 138.921719][ T28] audit: type=1326 audit(2000000037.260:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10701 comm="syz.3.3046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 138.990126][ T28] audit: type=1326 audit(2000000037.350:1162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10701 comm="syz.3.3046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 139.014898][ T28] audit: type=1326 audit(2000000037.350:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10701 comm="syz.3.3046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb391c3cb42 code=0x7ffc0000 [ 139.048755][T10709] loop3: detected capacity change from 0 to 8192 [ 139.766435][T10731] loop0: detected capacity change from 0 to 512 [ 139.789680][T10731] EXT4-fs: test_dummy_encryption option not supported [ 139.874223][T10735] loop4: detected capacity change from 0 to 256 [ 139.930954][T10737] loop0: detected capacity change from 0 to 1024 [ 139.957021][T10737] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002] [ 139.975382][T10737] System zones: 0-1, 3-36 [ 139.991146][T10737] EXT4-fs error (device loop0): ext4_orphan_get:1423: comm syz.0.3060: bad orphan inode 134217728 [ 140.022214][T10743] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3062'. [ 140.060079][T10737] loop0: lost filesystem error report for type 5 error -117 [ 140.062043][T10737] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.093478][T10743] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3062'. [ 140.183754][T10746] IPVS: dh: FWM 3 0x00000003 - no destination available [ 140.254264][T10748] loop4: detected capacity change from 0 to 2048 [ 140.281815][T10748] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 140.312846][T10739] loop3: detected capacity change from 0 to 512 [ 140.365043][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.389243][ T5213] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.420393][T10739] EXT4-fs warning (device loop3): ext4_xattr_inode_get:560: inode #11: comm syz.3.3061: EA inode hash validation failed [ 140.450840][T10739] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.3061: corrupted inode contents [ 140.519381][T10739] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 140.526982][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 140.542679][ C0] EXT4-fs (loop3): initial error at time 2000000039: ext4_do_update_inode:5690: inode 15 [ 140.550780][T10761] loop4: detected capacity change from 0 to 512 [ 140.552763][ C0] EXT4-fs (loop3): last error at time 2000000039: ext4_do_update_inode:5690: inode 15 [ 140.561030][T10761] EXT4-fs: dax option not supported [ 140.578085][T10739] EXT4-fs (loop3): Remounting filesystem read-only [ 140.587983][T10739] EXT4-fs warning (device loop3): ext4_evict_inode:287: xattr delete (err -30) [ 140.606293][T10739] EXT4-fs (loop3): 1 orphan inode deleted [ 140.617063][T10759] IPVS: persistence engine module ip_vs_pe_€ not found [ 140.632488][T10761] netlink: 128 bytes leftover after parsing attributes in process `syz.4.3066'. [ 140.635978][T10739] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 140.665555][T10764] openvswitch: netlink: Missing key (keys=40, expected=100) [ 140.860788][T10772] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3075'. [ 140.889440][ T3292] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.140637][ T269] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.157608][ T269] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.198916][ T269] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.225180][ T269] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.281571][T10805] veth1_to_bond: entered allmulticast mode [ 141.288239][T10805] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3085'. [ 141.298106][T10805] veth1_to_bond (unregistering): left allmulticast mode [ 141.624790][T10819] IPVS: set_ctl: invalid protocol: 0 10.1.1.1:20002 [ 141.777303][T10828] loop0: detected capacity change from 0 to 512 [ 141.784092][T10828] EXT4-fs: Ignoring removed mblk_io_submit option [ 141.792190][T10828] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 141.809117][T10828] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.822151][T10828] ext4 filesystem being mounted at /438/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 141.845870][T10828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.870670][T10833] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 141.871867][T10835] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 141.895057][T10835] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 141.898967][T10833] EXT4-fs (loop0): 1 truncate cleaned up [ 141.937563][T10833] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.951004][T10464] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 141.961393][T10833] EXT4-fs error (device loop0): ext4_generic_delete_entry:2673: inode #2: block 13: comm syz.0.3095: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 141.986796][T10833] EXT4-fs (loop0): Remounting filesystem read-only [ 142.006999][T10833] EXT4-fs warning (device loop0): ext4_rename_delete:3739: inode #2: comm syz.0.3095: Deleting old file: nlink 4, error=-117 [ 142.042534][ T5213] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.156099][T10856] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 142.177365][T10856] ext4 filesystem being mounted at /441/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.220457][T10856] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3102: bg 0: block 112: padding at end of block bitmap is not set [ 142.255434][ T5213] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 142.806875][T10920] sctp: [Deprecated]: syz.0.3118 (pid 10920) Use of int in max_burst socket option deprecated. [ 142.806875][T10920] Use struct sctp_assoc_value instead [ 142.953429][T10930] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3123'. [ 143.157208][T10935] netlink: 'syz.3.3125': attribute type 29 has an invalid length. [ 143.174077][T10935] netlink: 'syz.3.3125': attribute type 29 has an invalid length. [ 143.185874][T10935] netlink: 264 bytes leftover after parsing attributes in process `syz.3.3125'. [ 143.255758][T10940] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3127'. [ 143.764359][ T28] kauditd_printk_skb: 44 callbacks suppressed [ 143.764376][ T28] audit: type=1400 audit(2000000042.240:1208): avc: denied { getopt } for pid=10989 comm="syz.3.3136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 144.181317][T11022] netlink: 'syz.4.3150': attribute type 4 has an invalid length. [ 144.204892][T11022] netlink: 116 bytes leftover after parsing attributes in process `syz.4.3150'. [ 144.256558][T11028] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3151'. [ 144.620462][T11046] af_packet: tpacket_rcv: packet too big, clamped from 29 to 4294967272. macoff=96 [ 144.851693][ T28] audit: type=1400 audit(2000000043.330:1209): avc: denied { bind } for pid=11057 comm="syz.3.3164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 145.061437][T11080] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3174'. [ 145.278655][T11099] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3182'. [ 145.652764][T11111] set_capacity_and_notify: 3 callbacks suppressed [ 145.652805][T11111] loop6: detected capacity change from 0 to 512 [ 145.789799][T11111] EXT4-fs warning (device loop6): ext4_xattr_inode_get:560: inode #11: comm syz.6.3186: EA inode hash validation failed [ 145.809111][T11111] EXT4-fs error (device loop6): ext4_do_update_inode:5690: inode #15: comm syz.6.3186: corrupted inode contents [ 145.822839][T11111] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 145.824653][T11111] EXT4-fs (loop6): Remounting filesystem read-only [ 145.834243][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 145.834322][ C1] EXT4-fs (loop6): initial error at time 2000000044: ext4_do_update_inode:5690: inode 15 [ 145.834843][ C1] EXT4-fs (loop6): last error at time 2000000044: ext4_do_update_inode:5690: inode 15 [ 145.873127][T11111] EXT4-fs warning (device loop6): ext4_evict_inode:287: xattr delete (err -30) [ 145.884574][T11111] EXT4-fs (loop6): 1 orphan inode deleted [ 145.900049][T11111] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.921362][T11133] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3197'. [ 145.939147][T11133] gtp0: entered promiscuous mode [ 145.944320][T11133] gtp0: entered allmulticast mode [ 145.971405][ T28] audit: type=1326 audit(2000000044.450:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11134 comm="syz.3.3198" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x0 [ 146.017136][T10370] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.911234][ T28] audit: type=1400 audit(2000000045.390:1211): avc: denied { bind } for pid=11203 comm="syz.1.3231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 147.802216][T11263] loop4: detected capacity change from 0 to 512 [ 147.819365][T11263] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 147.842730][T11263] ext4 filesystem being mounted at /664/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 147.903862][T11271] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3254'. [ 147.916629][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.983394][T11283] loop4: detected capacity change from 0 to 1024 [ 148.000336][T11283] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 148.030715][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.162393][T11306] loop4: detected capacity change from 0 to 512 [ 148.177367][T11306] EXT4-fs: Ignoring removed oldalloc option [ 148.207213][T11306] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 148.230270][T11306] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz.4.3265: iget: bad i_size value: 38620345925642 [ 148.243689][T11306] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 148.244022][T11306] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.3265: couldn't read orphan inode 15 (err -117) [ 148.247056][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 148.254977][T11306] loop4: lost filesystem error report for type 5 error -117 [ 148.265069][ C0] EXT4-fs (loop4): initial error at time 2000000046: ext4_orphan_get:1397: inode 15 [ 148.273995][T11306] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 148.278870][ C0] EXT4-fs (loop4): last error at time 2000000046: ext4_orphan_get:1402 [ 148.538265][T11327] SELinux: security_context_str_to_sid (ÿû`Û'àˆsÃÉuàA^:=®‚) failed with errno=-22 [ 148.617363][T11341] sch_tbf: burst 1 is lower than device bridge_slave_0 mtu (1514) ! [ 148.668951][T11347] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3274'. [ 148.816110][T10464] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm kworker/u8:8: bg 0: block 5: invalid block bitmap [ 148.843594][T10464] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 148.872625][T10464] EXT4-fs (loop4): This should not happen!! Data will be lost [ 148.872625][T10464] [ 148.889309][T10464] EXT4-fs (loop4): Total free blocks count 0 [ 148.895700][T10464] EXT4-fs (loop4): Free/Dirty block details [ 148.902013][T10464] EXT4-fs (loop4): free_blocks=0 [ 148.907464][T10464] EXT4-fs (loop4): dirty_blocks=16000 [ 148.913065][T10464] EXT4-fs (loop4): Block reservation details [ 148.919497][T10464] EXT4-fs (loop4): i_reserved_data_blocks=16000 [ 149.016728][T10464] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28 [ 149.048815][ T3299] EXT4-fs warning (device loop4): ext4_evict_inode:195: inode #18: comm syz-executor: data will be lost [ 149.146067][T11374] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11374 comm=syz.6.3287 [ 149.238568][T11382] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3285'. [ 149.400787][T11411] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3298'. [ 149.640065][T11441] loop6: detected capacity change from 0 to 128 [ 149.650634][T11441] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 149.663460][T11441] ext4 filesystem being mounted at /47/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 149.677707][T11441] EXT4-fs warning (device loop6): ext4_group_extend:1885: will only finish group (8193 blocks, 8129 new) [ 149.689496][T11441] EXT4-fs warning (device loop6): ext4_group_extend:1890: can't read last block, resize aborted [ 149.713651][T10370] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 149.725957][T11444] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3310'. [ 149.786288][T11450] netlink: 'syz.0.3313': attribute type 2 has an invalid length. [ 149.841096][T11454] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 149.876671][T11454] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 149.963906][T11469] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3322'. [ 149.973718][T11469] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3322'. [ 150.117278][T11483] sch_tbf: burst 1 is lower than device bridge_slave_0 mtu (1514) ! [ 150.332397][T11502] pim6reg: entered allmulticast mode [ 150.342031][T11504] loop6: detected capacity change from 0 to 128 [ 150.407802][T11510] sch_tbf: burst 1 is lower than device bridge_slave_0 mtu (1514) ! [ 150.587321][ T55] bio_check_eod: 45 callbacks suppressed [ 150.587338][ T55] kworker/u8:4: attempt to access beyond end of device [ 150.587338][ T55] loop6: rw=1, sector=145, nr_sectors = 16 limit=128 [ 150.637130][ T55] kworker/u8:4: attempt to access beyond end of device [ 150.637130][ T55] loop6: rw=1, sector=169, nr_sectors = 8 limit=128 [ 150.660728][ T55] kworker/u8:4: attempt to access beyond end of device [ 150.660728][ T55] loop6: rw=1, sector=185, nr_sectors = 8 limit=128 [ 150.694632][ T55] kworker/u8:4: attempt to access beyond end of device [ 150.694632][ T55] loop6: rw=1, sector=201, nr_sectors = 8 limit=128 [ 150.710194][T11536] netlink: 63503 bytes leftover after parsing attributes in process `syz.4.3351'. [ 150.724137][ T55] kworker/u8:4: attempt to access beyond end of device [ 150.724137][ T55] loop6: rw=1, sector=217, nr_sectors = 8 limit=128 [ 150.754895][ T55] kworker/u8:4: attempt to access beyond end of device [ 150.754895][ T55] loop6: rw=1, sector=233, nr_sectors = 8 limit=128 [ 150.786328][ T55] kworker/u8:4: attempt to access beyond end of device [ 150.786328][ T55] loop6: rw=1, sector=249, nr_sectors = 8 limit=128 [ 150.803567][T11506] ip6gretap0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 150.811839][ T55] kworker/u8:4: attempt to access beyond end of device [ 150.811839][ T55] loop6: rw=1, sector=265, nr_sectors = 8 limit=128 [ 150.848680][ T55] kworker/u8:4: attempt to access beyond end of device [ 150.848680][ T55] loop6: rw=1, sector=281, nr_sectors = 8 limit=128 [ 150.874160][ T55] kworker/u8:4: attempt to access beyond end of device [ 150.874160][ T55] loop6: rw=1, sector=297, nr_sectors = 8 limit=128 [ 151.031025][T11558] loop6: detected capacity change from 0 to 2048 [ 151.041633][T11560] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3362'. [ 151.072823][T11558] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.073803][T11560] netlink: 'syz.3.3362': attribute type 30 has an invalid length. [ 151.109770][ T36] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 151.130100][ T36] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 151.152851][ T49] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 151.172120][ T49] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 151.176715][T10464] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 151.246468][T10464] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 151.271998][T10464] EXT4-fs (loop6): This should not happen!! Data will be lost [ 151.271998][T10464] [ 151.290339][T10464] EXT4-fs (loop6): Total free blocks count 0 [ 151.311075][T10464] EXT4-fs (loop6): Free/Dirty block details [ 151.321610][T10464] EXT4-fs (loop6): free_blocks=4096 [ 151.327996][T10464] EXT4-fs (loop6): dirty_blocks=32 [ 151.333501][T10464] EXT4-fs (loop6): Block reservation details [ 151.340097][T10464] EXT4-fs (loop6): i_reserved_data_blocks=2 [ 151.346374][T10464] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28 [ 151.359961][T10370] EXT4-fs warning (device loop6): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 151.374646][T11583] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3373'. [ 151.563080][ T28] audit: type=1400 audit(2000000050.040:1212): avc: denied { read } for pid=11592 comm="syz.0.3377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 151.925837][T11606] ------------[ cut here ]------------ [ 151.931478][T11606] WARNING: kernel/signal.c:2174 at do_notify_parent+0x5c3/0x600, CPU#0: syz.3.3381/11606 [ 151.941531][T11606] Modules linked in: [ 151.945464][T11606] CPU: 0 UID: 0 PID: 11606 Comm: syz.3.3381 Not tainted syzkaller #0 PREEMPT(full) [ 151.954960][T11606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 151.965137][T11606] RIP: 0010:do_notify_parent+0x5c3/0x600 [ 151.970948][T11606] Code: 8b 05 c1 49 f6 07 48 3b 44 24 48 75 41 44 89 f0 48 83 c4 50 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 1e 12 1e 00 90 <0f> 0b 90 45 31 f6 eb cc e8 10 12 1e 00 90 0f 0b 90 e9 af fa ff ff [ 151.991098][T11606] RSP: 0018:ffffc9000294fdd8 EFLAGS: 00010093 [ 151.997209][T11606] RAX: ffffffff813b1682 RBX: ffff888104ec4400 RCX: ffff888104ec4400 [ 152.005519][T11606] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000000000040 [ 152.013577][T11606] RBP: 0000000000000080 R08: ffff888104ec4ef8 R09: 0000000000000000 [ 152.021576][T11606] R10: ffffc9000294fdf0 R11: 0001c9000294fdf0 R12: ffff888104ec4400 [ 152.029663][T11606] R13: ffff888104ec4c28 R14: ffff88810521c490 R15: 0000000000000080 [ 152.037669][T11606] FS: 0000000000000000(0000) GS:ffff8882ae8fe000(0000) knlGS:0000000000000000 [ 152.046634][T11606] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.053257][T11606] CR2: 00007fb506cf56b8 CR3: 0000000110cd2000 CR4: 00000000003506f0 [ 152.061256][T11606] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 152.069292][T11606] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 152.077733][T11606] Call Trace: [ 152.081055][T11606] [ 152.084068][T11606] do_exit+0xc13/0x1530 [ 152.088278][T11606] ? switch_fpu_return+0xe7/0x1b0 [ 152.093370][T11606] __x64_sys_exit+0x1f/0x20 [ 152.097909][T11606] x64_sys_call+0x301d/0x3020 [ 152.102680][T11606] do_syscall_64+0x12c/0x3b0 [ 152.107373][T11606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.113705][T11606] RIP: 0033:0x7fb391c3cdd9 [ 152.118480][T11606] Code: Unable to access opcode bytes at 0x7fb391c3cdaf. [ 152.125516][T11606] RSP: 002b:00007fb39066cfd8 EFLAGS: 00000246 ORIG_RAX: 000000000000003c [ 152.134487][T11606] RAX: ffffffffffffffda RBX: 00007fb391eb6090 RCX: 00007fb391c3cdd9 [ 152.142703][T11606] RDX: 00007fb39066d9c8 RSI: 0000000000000000 RDI: 0000000000000000 [ 152.151012][T11606] RBP: 00007fb391cd2d69 R08: 0000000000000000 R09: 0000000000000000 [ 152.159023][T11606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 152.167150][T11606] R13: 00007fb391eb6128 R14: 00007fb391eb6090 R15: 00007ffcb0b896f8 [ 152.175168][T11606] [ 152.178292][T11606] ---[ end trace 0000000000000000 ]--- [ 152.218138][ T28] audit: type=1326 audit(2000000050.700:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 152.245981][ T28] audit: type=1326 audit(2000000050.720:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 152.270237][ T28] audit: type=1326 audit(2000000050.720:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 152.301858][ T28] audit: type=1326 audit(2000000050.720:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 152.335084][ T28] audit: type=1326 audit(2000000050.720:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 152.363151][T11629] 9pnet: p9_errstr2errno: server reported unknown error 0x000 [ 152.370996][ T28] audit: type=1326 audit(2000000050.720:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 152.399065][ T28] audit: type=1326 audit(2000000050.720:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 152.432474][ T28] audit: type=1326 audit(2000000050.720:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 152.462656][ T28] audit: type=1326 audit(2000000050.720:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 152.492595][T11637] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3395'. [ 152.508924][T11637] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3395'. [ 152.693933][T11654] loop4: detected capacity change from 0 to 128 [ 152.784776][T11660] netlink: 'syz.1.3407': attribute type 11 has an invalid length. [ 153.268378][T11673] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.275677][T11673] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.289626][T11673] bridge_slave_0: entered allmulticast mode [ 153.296309][T11673] bridge_slave_0: entered promiscuous mode [ 153.303485][T11673] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.310930][T11673] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.318619][T11673] bridge_slave_1: entered allmulticast mode [ 153.325693][T11673] bridge_slave_1: entered promiscuous mode [ 153.345301][T11673] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 153.375133][T11673] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 153.417801][T11673] team0: Port device team_slave_0 added [ 153.426202][T11673] team0: Port device team_slave_1 added [ 153.464408][T11673] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 153.478528][T11673] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 153.507121][T11673] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 153.518730][T11673] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 153.525764][T11673] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 153.551996][T11673] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 153.623052][T11673] hsr_slave_0: entered promiscuous mode [ 153.631238][T11673] hsr_slave_1: entered promiscuous mode [ 153.640089][T11673] debugfs: 'hsr0' already exists in 'hsr' [ 153.645993][T11673] Cannot create hsr debugfs directory [ 153.776802][T11673] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 153.786119][T11673] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 153.796263][T11673] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 153.810600][T11673] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 153.830816][T11673] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 153.842946][T11673] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 153.852955][T11673] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 153.882823][T11673] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 153.971688][T11673] 8021q: adding VLAN 0 to HW filter on device bond0 [ 153.996109][T11673] 8021q: adding VLAN 0 to HW filter on device team0 [ 154.007215][T10464] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.014461][T10464] bridge0: port 1(bridge_slave_0) entered forwarding state [ 154.035723][T11673] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 154.046567][T11673] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 154.059573][T10464] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.066705][T10464] bridge0: port 2(bridge_slave_1) entered forwarding state [ 154.247988][T11759] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 154.331244][T11673] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 154.385457][T11778] __nla_validate_parse: 2 callbacks suppressed [ 154.385477][T11778] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3445'. [ 154.448438][T11783] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3447'. [ 154.477085][T11783] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3447'. [ 154.697739][T11673] veth0_vlan: entered promiscuous mode [ 154.722772][T11673] veth1_vlan: entered promiscuous mode [ 154.773547][T11673] veth0_macvtap: entered promiscuous mode [ 154.793964][T11673] veth1_macvtap: entered promiscuous mode [ 154.822408][T11673] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 154.846634][T11673] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 154.868051][ T49] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.889833][ T49] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.909420][ T49] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.928350][ T49] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.223815][T11821] netlink: 7 bytes leftover after parsing attributes in process `syz.0.3460'. [ 155.242359][T11821] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3460'. [ 155.254491][T11821] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3460'. [ 155.334479][T11829] loop7: detected capacity change from 0 to 512 [ 155.345633][T11829] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended [ 155.368857][T11829] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 48 vs 41 free clusters [ 155.383593][T11829] EXT4-fs error (device loop7): ext4_acquire_dquot:7034: comm syz.7.3463: Failed to acquire dquot type 1 [ 155.394941][ C0] EXT4-fs (loop7): error count since last fsck: 1 [ 155.394965][ C0] EXT4-fs (loop7): initial error at time 2000000053: ext4_mb_generate_buddy:1317 [ 155.395004][ C0] EXT4-fs (loop7): last error at time 2000000053: ext4_mb_generate_buddy:1317 [ 155.420316][T11829] loop7: lost filesystem error report for type 5 error -28 [ 155.420570][T11829] EXT4-fs (loop7): 1 truncate cleaned up [ 155.449408][T11829] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 155.493276][T11829] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 155.549637][T11673] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.859119][T11862] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3474'. [ 155.937788][T11866] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3476'. [ 155.947287][T11866] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3476'. [ 156.083351][T11879] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3482'. [ 156.747345][T11945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 156.761378][ T28] kauditd_printk_skb: 105 callbacks suppressed [ 156.761395][ T28] audit: type=1326 audit(2000000055.240:1323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11946 comm="syz.3.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 156.793306][T11945] team0: Port device bond0 added [ 156.800137][T11948] bridge0: port 3(team0) entered blocking state [ 156.801558][ T28] audit: type=1326 audit(2000000055.240:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11946 comm="syz.3.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 156.830347][T11948] bridge0: port 3(team0) entered disabled state [ 156.831180][ T28] audit: type=1326 audit(2000000055.240:1325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11946 comm="syz.3.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 156.863161][ T28] audit: type=1326 audit(2000000055.240:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11946 comm="syz.3.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 156.887706][ T28] audit: type=1326 audit(2000000055.270:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11946 comm="syz.3.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 156.887785][T11948] team0: entered allmulticast mode [ 156.887807][T11948] team_slave_0: entered allmulticast mode [ 156.887887][T11948] team_slave_1: entered allmulticast mode [ 156.922537][ T28] audit: type=1326 audit(2000000055.270:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11946 comm="syz.3.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 156.925746][T11948] bond0: entered allmulticast mode [ 156.959340][ T28] audit: type=1326 audit(2000000055.270:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11946 comm="syz.3.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 157.002694][ T28] audit: type=1326 audit(2000000055.270:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11946 comm="syz.3.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 157.026561][T11948] bond_slave_0: entered allmulticast mode [ 157.032587][T11948] bond_slave_1: entered allmulticast mode [ 157.050503][T11948] team0: entered promiscuous mode [ 157.051218][ T28] audit: type=1326 audit(2000000055.400:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11949 comm="syz.1.3512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5d3d7cdd9 code=0x7ffc0000 [ 157.080286][ T28] audit: type=1326 audit(2000000055.400:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11949 comm="syz.1.3512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5d3d7cdd9 code=0x7ffc0000 [ 157.098013][T11948] team_slave_0: entered promiscuous mode [ 157.109767][T11948] team_slave_1: entered promiscuous mode [ 157.115747][T11948] bond0: entered promiscuous mode [ 157.121561][T11948] bond_slave_0: entered promiscuous mode [ 157.127524][T11948] bond_slave_1: entered promiscuous mode [ 157.133705][T11948] bridge0: port 3(team0) entered blocking state [ 157.140269][T11948] bridge0: port 3(team0) entered forwarding state [ 158.519908][T12048] loop7: detected capacity change from 0 to 4096 [ 158.609116][T12048] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 158.647262][T12048] EXT4-fs (loop7): shut down requested (1) [ 158.706593][T11673] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.036285][T12082] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 159.332648][T12113] sctp: [Deprecated]: syz.1.3583 (pid 12113) Use of int in max_burst socket option deprecated. [ 159.332648][T12113] Use struct sctp_assoc_value instead [ 159.361655][T12117] netlink: 'syz.4.3584': attribute type 4 has an invalid length. [ 160.671364][T12263] __nla_validate_parse: 8 callbacks suppressed [ 160.671385][T12263] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3624'. [ 161.210882][T12352] loop4: detected capacity change from 0 to 128 [ 161.237635][T12352] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 161.266795][T12352] ext4 filesystem being mounted at /736/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 161.356145][ T3299] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 161.729126][T12400] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3655'. [ 161.738787][T12400] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3655'. [ 161.748201][T12400] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3655'. [ 161.758340][T12400] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3655'. [ 161.809296][T12408] netlink: 88 bytes leftover after parsing attributes in process `syz.4.3659'. [ 162.351022][T12452] loop7: detected capacity change from 0 to 256 [ 162.358403][T12452] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 162.371852][T12452] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 162.788898][ T28] kauditd_printk_skb: 79 callbacks suppressed [ 162.788916][ T28] audit: type=1326 audit(2000000061.270:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12480 comm="syz.3.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 162.822303][ T28] audit: type=1326 audit(2000000061.300:1412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12480 comm="syz.3.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 162.846077][ T28] audit: type=1326 audit(2000000061.300:1413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12480 comm="syz.3.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 162.869885][ T28] audit: type=1326 audit(2000000061.300:1414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12480 comm="syz.3.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 162.894990][ T28] audit: type=1326 audit(2000000061.300:1415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12480 comm="syz.3.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 162.918910][ T28] audit: type=1326 audit(2000000061.300:1416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12480 comm="syz.3.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 162.954231][ T28] audit: type=1326 audit(2000000061.300:1417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12480 comm="syz.3.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 162.978387][ T28] audit: type=1326 audit(2000000061.300:1418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12480 comm="syz.3.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 163.003341][ T28] audit: type=1326 audit(2000000061.300:1419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12480 comm="syz.3.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 163.045486][ T28] audit: type=1326 audit(2000000061.370:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12480 comm="syz.3.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 163.194026][T12493] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3696'. [ 163.584531][T12529] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3713'. [ 163.712410][T12538] loop7: detected capacity change from 0 to 128 [ 163.723648][T12538] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 163.743756][T12538] ext4 filesystem being mounted at /56/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 163.767425][T11673] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 163.935284][T12556] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3725'. [ 163.945343][T12556] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3725'. [ 164.728464][T12600] loop4: detected capacity change from 0 to 256 [ 164.763312][T12600] FAT-fs (loop4): Directory bread(block 64) failed [ 164.784894][T12600] FAT-fs (loop4): Directory bread(block 65) failed [ 164.801013][T12600] FAT-fs (loop4): Directory bread(block 66) failed [ 164.814227][T12600] FAT-fs (loop4): Directory bread(block 67) failed [ 164.829114][T12600] FAT-fs (loop4): Directory bread(block 68) failed [ 164.842981][T12600] FAT-fs (loop4): Directory bread(block 69) failed [ 164.857032][T12600] FAT-fs (loop4): Directory bread(block 70) failed [ 164.871046][T12600] FAT-fs (loop4): Directory bread(block 71) failed [ 164.885201][T12600] FAT-fs (loop4): Directory bread(block 72) failed [ 164.904923][T12600] FAT-fs (loop4): Directory bread(block 73) failed [ 164.944072][T12600] bio_check_eod: 214 callbacks suppressed [ 164.944170][T12600] syz.4.3744: attempt to access beyond end of device [ 164.944170][T12600] loop4: rw=0, sector=1768, nr_sectors = 4 limit=256 [ 164.983591][T12600] syz.4.3744: attempt to access beyond end of device [ 164.983591][T12600] loop4: rw=0, sector=1768, nr_sectors = 4 limit=256 [ 165.049922][T12603] xt_hashlimit: size too large, truncated to 1048576 [ 166.547795][T12661] loop4: detected capacity change from 0 to 256 [ 167.725169][T12705] __nla_validate_parse: 1 callbacks suppressed [ 167.725190][T12705] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3790'. [ 167.769794][T12705] bond0: ARP target 8.4.0.0 is already present [ 167.790581][T12705] bond0: option arp_ip_target: invalid value (1032) [ 168.771459][T12781] netlink: 'syz.1.3822': attribute type 3 has an invalid length. [ 168.807344][T12781] netlink: 'syz.1.3822': attribute type 1 has an invalid length. [ 168.837155][T12781] netlink: 60387 bytes leftover after parsing attributes in process `syz.1.3822'. [ 169.943967][T12823] loop4: detected capacity change from 0 to 1024 [ 169.991767][T12823] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 170.093481][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.308235][T12844] loop4: detected capacity change from 0 to 1024 [ 170.330056][T12844] EXT4-fs: Ignoring removed i_version option [ 170.357777][T12844] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.475010][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.719227][T12861] loop4: detected capacity change from 0 to 512 [ 170.750128][T12864] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3859'. [ 170.775038][T12861] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.809465][T12861] ext4 filesystem being mounted at /780/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 170.846419][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 170.846463][ T28] audit: type=1400 audit(2000000069.320:1423): avc: denied { create } for pid=12860 comm="syz.4.3857" name=E91F7189591E9233614B scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1 [ 170.926403][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.997031][T12875] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3861'. [ 171.115074][ T28] audit: type=1400 audit(2000000069.590:1424): avc: denied { setopt } for pid=12877 comm="syz.4.3863" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 171.522650][ T28] audit: type=1400 audit(2000000070.000:1425): avc: denied { mount } for pid=12899 comm="syz.7.3873" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 171.645279][T12908] loop7: detected capacity change from 0 to 128 [ 171.677327][T12908] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1) [ 171.708611][ T28] audit: type=1400 audit(2000000070.190:1426): avc: denied { mounton } for pid=12907 comm="syz.7.3876" path="/79/bus/bus" dev="loop7" ino=47 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1 [ 171.762606][ T28] audit: type=1400 audit(2000000070.230:1427): avc: denied { unmount } for pid=11673 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 171.793316][T11673] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100) [ 171.801962][T11673] FAT-fs (loop7): Filesystem has been set read-only [ 171.928423][ T28] audit: type=1400 audit(2000000070.410:1428): avc: denied { name_bind } for pid=12920 comm="syz.4.3882" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 171.985997][T12925] netlink: 'syz.4.3884': attribute type 3 has an invalid length. [ 172.118392][T12931] loop4: detected capacity change from 0 to 4096 [ 172.150697][T12931] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.190199][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.464037][T12969] loop7: detected capacity change from 0 to 512 [ 172.489379][T12969] EXT4-fs warning (device loop7): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 172.502559][T12969] EXT4-fs warning (device loop7): dx_probe:849: Enable large directory feature to access it [ 172.512926][T12969] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.3905: Corrupt directory, running e2fsck is recommended [ 172.529202][T12969] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -117 [ 172.545496][T12969] EXT4-fs error (device loop7): ext4_iget_extra_inode:5128: inode #15: comm syz.7.3905: corrupted in-inode xattr: e_name out of bounds [ 172.559694][T12969] loop7: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 172.561118][T12969] EXT4-fs error (device loop7): ext4_orphan_get:1402: comm syz.7.3905: couldn't read orphan inode 15 (err -117) [ 172.570601][ C0] EXT4-fs (loop7): error count since last fsck: 1 [ 172.570626][ C0] EXT4-fs (loop7): initial error at time 2000000071: ext4_iget_extra_inode:5128: inode 15 [ 172.570659][ C0] EXT4-fs (loop7): last error at time 2000000071: ext4_iget_extra_inode:5128: inode 15 [ 172.609091][T12969] loop7: lost filesystem error report for type 5 error -117 [ 172.613123][T12969] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.639563][T12969] EXT4-fs warning (device loop7): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 172.659815][T12969] EXT4-fs warning (device loop7): dx_probe:849: Enable large directory feature to access it [ 172.670307][T12969] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.3905: Corrupt directory, running e2fsck is recommended [ 172.696373][T12969] EXT4-fs warning (device loop7): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 172.710152][T12969] EXT4-fs warning (device loop7): dx_probe:849: Enable large directory feature to access it [ 172.722948][T12978] loop4: detected capacity change from 0 to 128 [ 172.739725][T12969] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.3905: Corrupt directory, running e2fsck is recommended [ 172.754109][T12978] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 172.767277][T12978] ext4 filesystem being mounted at /796/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 172.777986][T12969] EXT4-fs warning (device loop7): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 172.789674][T12969] EXT4-fs warning (device loop7): dx_probe:849: Enable large directory feature to access it [ 172.799908][T12969] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.3905: Corrupt directory, running e2fsck is recommended [ 172.812467][T12980] batman_adv: batadv0: Adding interface: macsec3 [ 172.822734][T12969] EXT4-fs warning (device loop7): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 172.828063][T12980] batman_adv: batadv0: The MTU of interface macsec3 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.859872][T12980] batman_adv: batadv0: Interface activated: macsec3 [ 172.863544][ T28] audit: type=1400 audit(2000000071.310:1429): avc: denied { lock } for pid=12977 comm="syz.4.3908" path="/796/file1/file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 173.003711][T11673] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.016888][ T3299] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 173.499464][T13043] 9p: Unknown access argument 18446744073709551615: -34 [ 173.533300][T13044] loop4: detected capacity change from 0 to 512 [ 173.550404][T13044] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 173.590135][T13044] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 173.634427][T13044] ext4 filesystem being mounted at /803/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 173.918372][ T28] audit: type=1400 audit(2000000072.400:1430): avc: denied { mounton } for pid=13055 comm="syz.3.3943" path="/" dev="ramfs" ino=33438 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1 [ 173.996420][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.204834][T13011] syz.0.3924 (13011) used greatest stack depth: 8192 bytes left [ 174.744040][T13108] loop4: detected capacity change from 0 to 256 [ 174.981756][T13122] macsec0: entered promiscuous mode [ 174.998702][T13122] batadv_slave_1: entered promiscuous mode [ 175.014347][T13122] macsec0: entered allmulticast mode [ 175.028250][T13122] batadv_slave_1: entered allmulticast mode [ 175.042932][T13122] batadv_slave_1: left allmulticast mode [ 175.054356][T13122] batadv_slave_1: left promiscuous mode [ 175.997295][T13177] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3996'. [ 176.056399][T13181] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3998'. [ 176.068193][T13179] pim6reg1: entered promiscuous mode [ 176.073724][T13179] pim6reg1: entered allmulticast mode [ 176.559654][T13199] batadv_slave_0: entered promiscuous mode [ 176.585194][T13196] batadv_slave_0: left promiscuous mode [ 176.614436][T13202] batadv_slave_1: entered promiscuous mode [ 176.632769][T13202] macsec1: entered promiscuous mode [ 176.647090][T13202] macsec1: entered allmulticast mode [ 176.656407][T13202] batadv_slave_1: entered allmulticast mode [ 176.665106][T13202] batadv_slave_1: left allmulticast mode [ 176.671231][T13202] batadv_slave_1: left promiscuous mode [ 176.698181][T13209] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4010'. [ 176.949946][ T28] audit: type=1400 audit(2000000075.430:1431): avc: denied { add_name } for pid=13232 comm="syz.3.4022" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 176.993989][ T28] audit: type=1400 audit(2000000075.430:1432): avc: denied { create } for pid=13232 comm="syz.3.4022" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:configfs_t tclass=file permissive=1 [ 177.362094][T13255] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4033'. [ 178.097975][T13282] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4044'. [ 178.309884][ T28] audit: type=1400 audit(2000000076.790:1433): avc: denied { write } for pid=13302 comm="syz.0.4054" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1 [ 178.437959][T13319] netlink: 'syz.0.4059': attribute type 83 has an invalid length. [ 178.524060][T13329] netlink: 'syz.7.4065': attribute type 29 has an invalid length. [ 178.534431][T13329] netlink: 'syz.7.4065': attribute type 29 has an invalid length. [ 178.927690][T13369] netlink: 'syz.7.4081': attribute type 6 has an invalid length. [ 178.984623][T13376] netlink: 'syz.7.4085': attribute type 2 has an invalid length. [ 179.419490][T13419] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4103'. [ 180.072980][T13446] loop7: detected capacity change from 0 to 128 [ 180.726595][T13467] loop7: detected capacity change from 0 to 8192 [ 180.863923][T13481] loop7: detected capacity change from 0 to 1024 [ 180.881548][T13481] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 180.890751][T13481] EXT4-fs (loop7): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 180.903079][T13481] EXT4-fs error (device loop7): ext4_map_blocks:791: inode #3: block 2: comm syz.7.4130: lblock 2 mapped to illegal pblock 2 (length 1) [ 180.917336][T13481] loop7: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 180.917455][T13481] Quota error (device loop7): qtree_write_dquot: dquota write failed [ 180.934805][ C1] EXT4-fs (loop7): error count since last fsck: 1 [ 180.934835][ C1] EXT4-fs (loop7): initial error at time 2000000079: ext4_map_blocks:791: inode 3: block 2 [ 180.934879][ C1] EXT4-fs (loop7): last error at time 2000000079: ext4_map_blocks:791: inode 3: block 2 [ 180.962650][T13481] EXT4-fs error (device loop7): ext4_map_blocks:791: inode #3: block 48: comm syz.7.4130: lblock 0 mapped to illegal pblock 48 (length 1) [ 180.976845][T13481] loop7: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 180.977205][T13481] Quota error (device loop7): v2_write_file_info: Can't write info structure [ 180.995882][T13481] EXT4-fs error (device loop7): ext4_acquire_dquot:7034: comm syz.7.4130: Failed to acquire dquot type 0 [ 181.007718][T13481] loop7: lost filesystem error report for type 5 error -117 [ 181.007882][T13481] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 181.033569][T13481] loop7: lost filesystem error report for type 5 error -117 [ 181.033882][T13481] EXT4-fs error (device loop7): ext4_evict_inode:267: inode #11: comm syz.7.4130: mark_inode_dirty error [ 181.052949][T13481] loop7: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 181.053764][T13481] EXT4-fs warning (device loop7): ext4_evict_inode:270: couldn't mark inode dirty (err -117) [ 181.075311][T13481] EXT4-fs (loop7): 1 orphan inode deleted [ 181.081811][T13481] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 181.094094][ T12] EXT4-fs error (device loop7): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 181.101507][T13481] EXT4-fs error (device loop7): ext4_map_blocks:791: inode #2: block 16: comm syz.7.4130: lblock 262144 mapped to illegal pblock 16 (length 8) [ 181.125496][ T12] Quota error (device loop7): remove_tree: Can't read quota data block 1 [ 181.147103][ T12] EXT4-fs error (device loop7): ext4_release_dquot:7070: comm kworker/u8:0: Failed to release dquot type 0 [ 181.159870][T11673] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.169443][T11673] EXT4-fs error (device loop7): __ext4_get_inode_loc:4885: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 181.182414][T11673] loop7: lost filesystem error report for type 5 error -117 [ 181.182589][T11673] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 181.199961][T11673] loop7: lost filesystem error report for type 5 error -117 [ 181.200064][T11673] EXT4-fs error (device loop7): ext4_quota_off:7318: inode #3: comm syz-executor: mark_inode_dirty error [ 181.219383][T11673] loop7: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 181.249613][T13498] loop7: detected capacity change from 0 to 512 [ 181.299426][T13498] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 181.317161][T13498] ext4 filesystem being mounted at /134/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 181.363318][T11673] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.469774][T13507] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4139'. [ 181.549339][T13519] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4145'. [ 181.851760][T13547] bond1: entered promiscuous mode [ 181.857843][T13547] bond1: entered allmulticast mode [ 181.865223][T13547] 8021q: adding VLAN 0 to HW filter on device bond1 [ 181.996373][T13562] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 182.008035][T13562] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 182.071011][T13562] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 182.081868][T13562] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 182.131733][T13562] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 182.143223][T13562] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 182.210670][T13562] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 182.221445][T13562] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 182.275369][T12295] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 182.284075][T12295] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.297187][T12295] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 182.305827][T12295] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.319036][T12295] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 182.328290][T12295] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.341678][T12295] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 182.350698][T12295] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.504691][T13575] netlink: 'syz.1.4167': attribute type 10 has an invalid length. [ 182.514282][T13575] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 182.560582][ T28] audit: type=1400 audit(2000000081.040:1434): avc: denied { getopt } for pid=13576 comm="syz.3.4168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 183.824696][T13643] 9pnet: p9_errstr2errno: server reported unknown error  [ 184.094029][T13656] bond1: entered promiscuous mode [ 184.107714][T13656] bond1: entered allmulticast mode [ 184.113585][T13656] 8021q: adding VLAN 0 to HW filter on device bond1 [ 184.279954][T13685] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4216'. [ 184.297091][T13685] netlink: 'syz.0.4216': attribute type 1 has an invalid length. [ 184.311815][T13685] netlink: 'syz.0.4216': attribute type 2 has an invalid length. [ 184.387359][T13695] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4219'. [ 184.536821][T13704] bond2: entered promiscuous mode [ 184.555606][T13704] bond2: entered allmulticast mode [ 184.572289][T13704] 8021q: adding VLAN 0 to HW filter on device bond2 [ 184.600811][T13717] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.628534][T13722] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4230'. [ 184.652480][T13722] netlink: 'syz.1.4230': attribute type 5 has an invalid length. [ 184.662877][T13722] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4230'. [ 184.679646][T13722] geneve2: entered promiscuous mode [ 184.688279][T13722] geneve2: entered allmulticast mode [ 184.694621][T12297] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 256 - 0 [ 184.726644][T13717] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.737315][T13727] sctp: [Deprecated]: syz.0.4231 (pid 13727) Use of struct sctp_assoc_value in delayed_ack socket option. [ 184.737315][T13727] Use struct sctp_sack_info instead [ 184.765091][T12297] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 256 - 0 [ 184.784173][T12297] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 256 - 0 [ 184.803399][T12297] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 256 - 0 [ 184.820853][T13717] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.840764][T13733] netlink: 'syz.3.4236': attribute type 3 has an invalid length. [ 184.849143][T13733] netlink: 'syz.3.4236': attribute type 4 has an invalid length. [ 184.857402][T13733] netlink: 9067 bytes leftover after parsing attributes in process `syz.3.4236'. [ 184.922672][T13741] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4238'. [ 184.933885][T13717] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.950116][T13741] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4238'. [ 185.008060][T12295] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.037189][T12295] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.064526][T12295] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.090068][T12295] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.580441][T13785] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 185.659661][T13785] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 185.728340][T13785] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 185.814688][T13785] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 185.904290][T12295] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 256 - 0 [ 185.959812][T12295] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 256 - 0 [ 185.980129][T12295] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 256 - 0 [ 186.006903][T13790] netlink: 2164 bytes leftover after parsing attributes in process `syz.3.4260'. [ 186.021133][ T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 256 - 0 [ 186.085888][T13793] bond1: entered promiscuous mode [ 186.092519][T13793] bond1: entered allmulticast mode [ 186.098607][T13793] 8021q: adding VLAN 0 to HW filter on device bond1 [ 186.129049][T10641] kernel write not supported for file bpf-prog (pid: 10641 comm: kworker/1:13) [ 186.150527][T13806] netlink: 'syz.1.4265': attribute type 30 has an invalid length. [ 186.152663][ T12] tipc: Subscription rejected, illegal request [ 186.158700][T13806] netlink: 'syz.1.4265': attribute type 29 has an invalid length. [ 186.471955][T13840] bond3: entered promiscuous mode [ 186.478082][T13840] bond3: entered allmulticast mode [ 186.483894][T13840] 8021q: adding VLAN 0 to HW filter on device bond3 [ 186.547354][T13860] __nla_validate_parse: 2 callbacks suppressed [ 186.547373][T13860] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4288'. [ 186.895323][T13890] bond3: entered promiscuous mode [ 186.900968][T13890] bond3: entered allmulticast mode [ 186.906724][T13890] 8021q: adding VLAN 0 to HW filter on device bond3 [ 189.130352][ T28] audit: type=1400 audit(2000000087.610:1435): avc: denied { unmount } for pid=11673 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 189.241861][T14033] netlink: 'syz.3.4367': attribute type 2 has an invalid length. [ 189.258244][T14033] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4367'. [ 189.397773][T14031] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 189.419493][T14031] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 189.619771][T14045] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4374'. [ 189.647046][T14045] netlink: 'syz.3.4374': attribute type 7 has an invalid length. [ 189.667147][T14045] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4374'. [ 189.698999][T14045] gretap0: entered promiscuous mode [ 189.717604][T14045] gretap0: left promiscuous mode [ 189.866568][T14053] netlink: 128124 bytes leftover after parsing attributes in process `syz.1.4379'. [ 189.886044][T14055] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4380'. [ 190.069642][T14070] syzkaller1: entered promiscuous mode [ 190.082134][T14070] syzkaller1: entered allmulticast mode [ 190.260940][ T28] audit: type=1400 audit(2000000088.740:1436): avc: denied { connect } for pid=14064 comm="syz.1.4384" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 190.389926][T14086] loop4: detected capacity change from 0 to 1024 [ 190.413045][T14086] EXT4-fs: Ignoring removed bh option [ 190.430982][T14086] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 190.487351][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.566529][T14110] netlink: 'syz.4.4401': attribute type 8 has an invalid length. [ 190.592238][T14110] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4401'. [ 190.751173][T14129] netlink: 'syz.4.4409': attribute type 21 has an invalid length. [ 190.777903][T14131] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14131 comm=syz.3.4410 [ 191.198212][T14170] netlink: 15999 bytes leftover after parsing attributes in process `syz.1.4428'. [ 191.373348][T14182] bond4: entered promiscuous mode [ 191.379033][T14182] bond4: entered allmulticast mode [ 191.385031][T14182] 8021q: adding VLAN 0 to HW filter on device bond4 [ 191.492588][T14190] netlink: 'syz.1.4436': attribute type 4 has an invalid length. [ 191.656298][ T28] audit: type=1400 audit(2000000090.130:1437): avc: denied { mount } for pid=14201 comm="syz.3.4442" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 191.783870][ T28] audit: type=1326 audit(2000000090.260:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14205 comm="syz.4.4444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f941e5ccdd9 code=0x7ffc0000 [ 191.827034][ T28] audit: type=1326 audit(2000000090.260:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14205 comm="syz.4.4444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f941e5ccdd9 code=0x7ffc0000 [ 191.866976][ T28] audit: type=1326 audit(2000000090.260:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14205 comm="syz.4.4444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f941e5ccdd9 code=0x7ffc0000 [ 191.906970][ T28] audit: type=1326 audit(2000000090.260:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14205 comm="syz.4.4444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7f941e5ccdd9 code=0x7ffc0000 [ 191.947086][ T28] audit: type=1326 audit(2000000090.260:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14205 comm="syz.4.4444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f941e5ccdd9 code=0x7ffc0000 [ 191.980152][ T28] audit: type=1326 audit(2000000090.260:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14205 comm="syz.4.4444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f941e5ccdd9 code=0x7ffc0000 [ 192.004273][ T28] audit: type=1326 audit(2000000090.260:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14205 comm="syz.4.4444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f941e5ccdd9 code=0x7ffc0000 [ 192.038783][T14208] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4445'. [ 192.119583][T14218] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4450'. [ 192.128842][T14218] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4450'. [ 192.169598][T14220] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4451'. [ 192.235977][T14228] loop7: detected capacity change from 0 to 512 [ 192.307293][T14228] EXT4-fs (loop7): failed to open journal device unknown-block(0,0) -6 [ 192.345182][T14242] loop4: detected capacity change from 0 to 512 [ 192.361159][T14245] sctp: [Deprecated]: syz.3.4456 (pid 14245) Use of struct sctp_assoc_value in delayed_ack socket option. [ 192.361159][T14245] Use struct sctp_sack_info instead [ 192.926699][T14280] GUP no longer grows the stack in syz.4.4470 (14280): 200000004000-20000000a000 (200000002000) [ 192.945607][T14280] CPU: 1 UID: 0 PID: 14280 Comm: syz.4.4470 Tainted: G W syzkaller #0 PREEMPT(full) [ 192.945646][T14280] Tainted: [W]=WARN [ 192.945653][T14280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 192.945746][T14280] Call Trace: [ 192.945754][T14280] [ 192.945764][T14280] __dump_stack+0x1d/0x30 [ 192.945791][T14280] dump_stack_lvl+0x95/0xd0 [ 192.945819][T14280] dump_stack+0x15/0x1b [ 192.945875][T14280] __get_user_pages+0x1b26/0x1f10 [ 192.945912][T14280] ? __rcu_read_unlock+0x4e/0x70 [ 192.945936][T14280] get_user_pages_remote+0x1d5/0x6b0 [ 192.945995][T14280] __access_remote_vm+0x154/0x4c0 [ 192.946028][T14280] access_remote_vm+0x32/0x40 [ 192.946065][T14280] proc_pid_cmdline_read+0x32b/0x6b0 [ 192.946160][T14280] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 192.946189][T14280] vfs_readv+0x432/0x6e0 [ 192.946297][T14280] __x64_sys_preadv+0xfd/0x1c0 [ 192.946332][T14280] x64_sys_call+0x2915/0x3020 [ 192.946359][T14280] do_syscall_64+0x12c/0x3b0 [ 192.946413][T14280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.946437][T14280] RIP: 0033:0x7f941e5ccdd9 [ 192.946454][T14280] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 192.946476][T14280] RSP: 002b:00007f941d027028 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 192.946499][T14280] RAX: ffffffffffffffda RBX: 00007f941e845fa0 RCX: 00007f941e5ccdd9 [ 192.946540][T14280] RDX: 0000000000000001 RSI: 0000200000000680 RDI: 0000000000000003 [ 192.946554][T14280] RBP: 00007f941e662d69 R08: 00000000fffffff9 R09: 0000000000000000 [ 192.946640][T14280] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000000 [ 192.946655][T14280] R13: 00007f941e846038 R14: 00007f941e845fa0 R15: 00007fff052fdbf8 [ 192.946677][T14280] [ 194.137557][ T28] kauditd_printk_skb: 249 callbacks suppressed [ 194.137573][ T28] audit: type=1326 audit(2000000092.620:1694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14347 comm="syz.0.4493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb505f0d60e code=0x7ffc0000 [ 194.205041][ T28] audit: type=1326 audit(2000000092.650:1695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14347 comm="syz.0.4493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb505f0d60e code=0x7ffc0000 [ 194.257758][ T28] audit: type=1326 audit(2000000092.650:1696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14347 comm="syz.0.4493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb505f0d60e code=0x7ffc0000 [ 194.327022][ T28] audit: type=1326 audit(2000000092.650:1697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14347 comm="syz.0.4493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb505f0d60e code=0x7ffc0000 [ 194.381286][T14362] loop7: detected capacity change from 0 to 512 [ 194.385075][ T28] audit: type=1326 audit(2000000092.650:1698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14347 comm="syz.0.4493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb505f0d60e code=0x7ffc0000 [ 194.427345][ T28] audit: type=1326 audit(2000000092.650:1699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14347 comm="syz.0.4493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb505f0d60e code=0x7ffc0000 [ 194.451502][ T28] audit: type=1326 audit(2000000092.660:1700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14347 comm="syz.0.4493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb505f0d60e code=0x7ffc0000 [ 194.458481][T14362] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 194.476565][ T28] audit: type=1326 audit(2000000092.660:1701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14347 comm="syz.0.4493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb505f0d60e code=0x7ffc0000 [ 194.511708][ T28] audit: type=1326 audit(2000000092.660:1702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14347 comm="syz.0.4493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb505f0d60e code=0x7ffc0000 [ 194.537169][ T28] audit: type=1326 audit(2000000092.660:1703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14347 comm="syz.0.4493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb505f0d60e code=0x7ffc0000 [ 194.561556][T14362] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 194.599635][T14362] EXT4-fs (loop7): shut down requested (1) [ 194.672441][T11673] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.154670][T14403] netlink: 165 bytes leftover after parsing attributes in process `syz.1.4512'. [ 195.621037][T14447] syzkaller1: entered promiscuous mode [ 195.634128][T14447] syzkaller1: entered allmulticast mode [ 195.944008][T14468] sctp: [Deprecated]: syz.4.4541 (pid 14468) Use of int in maxseg socket option. [ 195.944008][T14468] Use struct sctp_assoc_value instead [ 196.029543][T14476] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4546'. [ 196.055529][T14478] geneve2: entered promiscuous mode [ 196.062588][T14478] geneve2: entered allmulticast mode [ 196.255323][T14509] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4561'. [ 196.849480][T14547] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 197.003246][T14564] netlink: 168 bytes leftover after parsing attributes in process `syz.7.4587'. [ 198.021142][T14628] loop7: detected capacity change from 0 to 1024 [ 198.047584][T14628] EXT4-fs: Ignoring removed bh option [ 198.069284][T14628] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 198.163187][T11673] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.349540][T14678] loop7: detected capacity change from 0 to 128 [ 198.380545][T14678] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 198.403698][T14678] FAT-fs (loop7): Filesystem has been set read-only [ 198.416705][T14678] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 198.427088][T14678] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 198.440870][T14678] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 198.460048][T14678] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 198.472397][T14678] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 198.483086][T14678] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 198.494910][T14678] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 198.505469][T14678] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 198.522526][T14676] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 198.985494][T14710] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4644'. [ 199.030199][T14710] bond4: Invalid ad_actor_system MAC address. [ 199.067091][T14710] bond4: option ad_actor_system: invalid value (4294967295) [ 199.087169][T14710] bond4 (unregistering): Released all slaves [ 199.254171][ T28] kauditd_printk_skb: 281 callbacks suppressed [ 199.254236][ T28] audit: type=1326 audit(2000000097.730:1985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14724 comm="syz.3.4649" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb391c3cdd9 code=0x0 [ 200.121181][ T28] audit: type=1400 audit(2000000098.600:1986): avc: denied { setopt } for pid=14739 comm="syz.4.4657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 200.302999][ T28] audit: type=1326 audit(2000000099.779:1987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14761 comm="syz.7.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54b04cdd9 code=0x7ffc0000 [ 200.352511][ T28] audit: type=1326 audit(2000000099.779:1988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14761 comm="syz.7.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54b04cdd9 code=0x7ffc0000 [ 200.405865][ T28] audit: type=1326 audit(2000000099.779:1989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14761 comm="syz.7.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54b04cdd9 code=0x7ffc0000 [ 200.482802][ T28] audit: type=1326 audit(2000000099.779:1990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14761 comm="syz.7.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54b04cdd9 code=0x7ffc0000 [ 200.557487][ T28] audit: type=1326 audit(2000000099.799:1991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14761 comm="syz.7.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fb54b04cdd9 code=0x7ffc0000 [ 200.624089][ T28] audit: type=1326 audit(2000000099.809:1992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14761 comm="syz.7.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54b04cdd9 code=0x7ffc0000 [ 200.680624][ T28] audit: type=1326 audit(2000000099.809:1993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14761 comm="syz.7.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54b04cdd9 code=0x7ffc0000 [ 200.765174][ T28] audit: type=1326 audit(2000000099.809:1994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14761 comm="syz.7.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fb54b04cdd9 code=0x7ffc0000 [ 200.914480][T14808] loop7: detected capacity change from 0 to 512 [ 200.939577][T14808] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended [ 200.975984][T14808] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem [ 200.994697][T14808] EXT4-fs (loop7): warning: mounting unchecked fs, running e2fsck is recommended [ 201.007650][T14808] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e02c, mo2=0006] [ 201.020749][T14808] System zones: 0-2, 18-18, 34-35 [ 201.036312][T14808] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 201.087675][T14808] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.4685: bg 0: block 353: padding at end of block bitmap is not set [ 201.139909][T14808] EXT4-fs (loop7): Remounting filesystem read-only [ 201.160218][T11673] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.205330][T14839] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 201.222665][T14839] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 201.232591][T14839] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4696'. [ 201.821724][T14877] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4707'. [ 201.834366][T14877] team0: Port device team_slave_0 removed [ 201.899449][T12295] Bluetooth: hci0: Frame reassembly failed (-84) [ 202.478614][T14917] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4726'. [ 202.577171][T14929] loop4: detected capacity change from 0 to 128 [ 202.592723][T14929] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 202.610701][T14929] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 202.693501][T14941] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4738'. [ 203.065641][T14992] sock: sock_set_timeout: `syz.1.4760' (pid 14992) tries to set negative timeout [ 203.148470][T15000] bridge0: port 3(vlan1) entered blocking state [ 203.160642][T15000] bridge0: port 3(vlan1) entered disabled state [ 203.170674][T15000] vlan1: entered allmulticast mode [ 203.179607][T15000] dummy0: entered allmulticast mode [ 203.191809][T15000] vlan1: entered promiscuous mode [ 203.916991][ T3528] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 203.923227][T10028] Bluetooth: hci0: command 0x1003 tx timeout [ 203.945731][T15053] netlink: 'syz.4.4786': attribute type 64 has an invalid length. [ 203.954104][T15053] netlink: 'syz.4.4786': attribute type 64 has an invalid length. [ 204.091973][T15074] loop4: detected capacity change from 0 to 128 [ 204.116735][T15074] FAT-fs (loop4): error, invalid access to FAT (entry 0x0fff0000) [ 204.126720][T15074] FAT-fs (loop4): Filesystem has been set read-only [ 204.179168][T15081] loop7: detected capacity change from 0 to 1024 [ 204.198156][T15081] EXT4-fs: Ignoring removed bh option [ 204.229701][T15081] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.273602][ T28] kauditd_printk_skb: 43 callbacks suppressed [ 204.273621][ T28] audit: type=1400 audit(2000000103.749:2038): avc: denied { watch watch_reads } for pid=15080 comm="syz.7.4794" path="/237/file1" dev="loop7" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 204.306561][T15081] EXT4-fs error (device loop7): ext4_read_inline_dir:1494: inode #12: block 7: comm syz.7.4794: path /237/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 204.367729][T15081] EXT4-fs (loop7): Remounting filesystem read-only [ 204.431757][T11673] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.531495][T15104] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4800'. [ 204.977854][T15137] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4814'. [ 204.987680][T15137] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4814'. [ 205.061304][T15141] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4816'. [ 205.084587][T15143] netlink: 276 bytes leftover after parsing attributes in process `syz.3.4817'. [ 205.094361][T15143] netlink: 276 bytes leftover after parsing attributes in process `syz.3.4817'. [ 205.331929][T15161] veth0_to_hsr: Caught tx_queue_len zero misconfig [ 205.340289][T15161] netlink: 212916 bytes leftover after parsing attributes in process `syz.7.4823'. [ 205.467378][T15163] loop7: detected capacity change from 0 to 4096 [ 205.481714][T15163] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 205.558683][T11673] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.654449][T10804] Process accounting resumed [ 206.163995][T15201] erspan0: left promiscuous mode [ 206.261999][T15186] loop4: detected capacity change from 0 to 256 [ 206.291974][T15201] 8021q: adding VLAN 0 to HW filter on device bond0 [ 206.312362][T15201] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.351370][T15201] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.430587][ T28] audit: type=1400 audit(2000000105.909:2039): avc: denied { setopt } for pid=15230 comm="syz.4.4839" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 206.498123][T15235] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4840'. [ 206.523597][T15201] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 206.545331][T15201] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 206.575902][T15201] veth1_vlan: left promiscuous mode [ 206.598828][T15201] veth0_vlan: left promiscuous mode [ 206.615191][T15201] veth0_vlan: entered promiscuous mode [ 206.642229][T15201] veth1_vlan: entered promiscuous mode [ 206.734721][T15201] erspan0: entered promiscuous mode [ 206.747447][T15201] 8021q: adding VLAN 0 to HW filter on device bond1 [ 206.767059][T10802] ip6_tunnel: ip6erspan0 xmit: Local address not yet configured! [ 206.782110][T15201] 8021q: adding VLAN 0 to HW filter on device eth0 [ 206.793831][T15201] 8021q: adding VLAN 0 to HW filter on device eth1 [ 206.812697][T15201] 8021q: adding VLAN 0 to HW filter on device eth2 [ 206.824442][T15201] 8021q: adding VLAN 0 to HW filter on device eth3 [ 206.925923][T15201] bond2: left promiscuous mode [ 207.009193][T15201] bond3: left promiscuous mode [ 207.033488][T15201] 8021q: adding VLAN 0 to HW filter on device macvlan4 [ 207.065280][T15201] 8021q: adding VLAN 0 to HW filter on device macvlan5 [ 207.184908][ T28] audit: type=1400 audit(2000000106.659:2040): avc: denied { remount } for pid=15322 comm="syz.3.4854" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 207.231949][T12295] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.247952][T12295] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.256639][T12295] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.267628][T12295] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.276075][ T12] ip6_tunnel: ip6erspan0 xmit: Local address not yet configured! [ 207.284343][ T12] ip6_tunnel: ip6erspan0 xmit: Local address not yet configured! [ 207.517084][T10804] ip6_tunnel: ip6erspan0 xmit: Local address not yet configured! [ 207.583456][T15338] tmpfs: Bad value for 'mpol' [ 207.626478][T15342] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4862'. [ 207.877147][T15366] xt_hashlimit: size too large, truncated to 1048576 [ 207.884303][T15355] loop7: detected capacity change from 0 to 256 [ 208.077434][T10640] ip6_tunnel: ip6erspan0 xmit: Local address not yet configured! [ 208.091638][T15375] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4877'. [ 208.429725][ T28] audit: type=1400 audit(2000000107.909:2041): avc: denied { setattr } for pid=15393 comm="syz.1.4886" name="/" dev="configfs" ino=2016 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 208.509268][T12295] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.608766][T12295] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.673218][T15401] loop4: detected capacity change from 0 to 1024 [ 208.692948][T15401] EXT4-fs: Ignoring removed orlov option [ 208.702633][T12295] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.727352][T15401] EXT4-fs (loop4): stripe (7) is not aligned with cluster size (4096), stripe is disabled [ 208.738932][ T28] audit: type=1326 audit(2000000108.209:2042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15408 comm="syz.1.4892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5d3d7cdd9 code=0x7ffc0000 [ 208.780579][T15401] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 208.804038][T12295] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.812130][T15401] EXT4-fs (loop4): orphan cleanup on readonly fs [ 208.838944][ T28] audit: type=1326 audit(2000000108.209:2043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15408 comm="syz.1.4892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5d3d7cdd9 code=0x7ffc0000 [ 208.875983][T15401] EXT4-fs error (device loop4): __ext4_get_inode_loc:4885: comm syz.4.4889: Invalid inode table block 0 in block_group 0 [ 208.912704][ T28] audit: type=1326 audit(2000000108.219:2044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15408 comm="syz.1.4892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7ff5d3d7cdd9 code=0x7ffc0000 [ 208.924405][T15401] loop4: lost filesystem error report for type 5 error -117 [ 208.936632][ T28] audit: type=1326 audit(2000000108.219:2045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15408 comm="syz.1.4892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5d3d7cdd9 code=0x7ffc0000 [ 208.968461][ T28] audit: type=1326 audit(2000000108.219:2046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15408 comm="syz.1.4892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff5d3d7cdd9 code=0x7ffc0000 [ 208.979637][T15401] EXT4-fs (loop4): Remounting filesystem read-only [ 208.992209][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 208.992243][ C1] EXT4-fs (loop4): initial error at time 2000000108: __ext4_get_inode_loc:4885 [ 208.992308][ C1] EXT4-fs (loop4): last error at time 2000000108: __ext4_get_inode_loc:4885 [ 209.007467][ T28] audit: type=1326 audit(2000000108.219:2047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15408 comm="syz.1.4892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5d3d7cdd9 code=0x7ffc0000 [ 209.077394][T15401] EXT4-fs (loop4): 1 truncate cleaned up [ 209.139585][T15401] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 209.162908][T12295] bridge_slave_1: left allmulticast mode [ 209.172177][T12295] bridge_slave_1: left promiscuous mode [ 209.203498][T12295] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.248764][T12295] bridge_slave_0: left allmulticast mode [ 209.277214][T12295] bridge_slave_0: left promiscuous mode [ 209.303752][T12295] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.322248][T15401] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.844011][T12295] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 209.864945][T12295] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 209.890374][T12295] bond0 (unregistering): Released all slaves [ 209.906642][T15443] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 209.916514][ T3020] 8021q: adding VLAN 0 to HW filter on device eth9 [ 209.937433][T15443] infiniband syz!: RDMA CMA: cma_listen_on_dev, error -98 [ 209.974675][T12295] hsr_slave_0: left promiscuous mode [ 210.002601][T12295] hsr_slave_1: left promiscuous mode [ 210.018318][T12295] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 210.046109][T12295] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 210.141898][T15478] __nla_validate_parse: 1 callbacks suppressed [ 210.141932][T15478] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4912'. [ 210.932256][T12295] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 210.947981][T12295] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 210.965224][T12295] veth1_macvtap: left promiscuous mode [ 210.972833][T12295] veth0_macvtap: left promiscuous mode [ 210.983955][T12295] veth1_vlan: left promiscuous mode [ 210.997240][T12295] veth0_vlan: left promiscuous mode [ 211.012673][ T28] kauditd_printk_skb: 7 callbacks suppressed [ 211.012690][ T28] audit: type=1400 audit(2000000110.489:2053): avc: denied { accept } for pid=15485 comm="syz.7.4913" path="socket:[40878]" dev="sockfs" ino=40878 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 211.158552][T12295] team0 (unregistering): Port device team_slave_1 removed [ 211.173867][T12295] team0 (unregistering): Port device team_slave_0 removed [ 211.255447][T15463] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR [ 211.257423][ T3020] 8021q: adding VLAN 0 to HW filter on device eth11 [ 211.422518][T15510] netlink: 'syz.1.4922': attribute type 39 has an invalid length. [ 211.456514][T15514] vcan0: tx drop: invalid da for name 0xffffffffffffffff [ 211.511093][T15521] netlink: 'syz.0.4925': attribute type 5 has an invalid length. [ 211.597263][ C1] ip6_tunnel: ip6erspan0 xmit: Local address not yet configured! [ 211.652318][ T3020] 8021q: adding VLAN 0 to HW filter on device eth10 [ 211.987625][ T28] audit: type=1326 audit(2000000111.469:2054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15562 comm="syz.0.4936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 212.037090][ T3020] 8021q: adding VLAN 0 to HW filter on device eth12 [ 212.044377][ T28] audit: type=1326 audit(2000000111.469:2055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15562 comm="syz.0.4936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 212.069870][ T28] audit: type=1326 audit(2000000111.469:2056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15562 comm="syz.0.4936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 212.094543][ T28] audit: type=1326 audit(2000000111.469:2057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15562 comm="syz.0.4936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 212.144040][ T28] audit: type=1326 audit(2000000111.469:2058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15562 comm="syz.0.4936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 212.208514][ T28] audit: type=1326 audit(2000000111.469:2059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15562 comm="syz.0.4936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 212.244559][ T28] audit: type=1326 audit(2000000111.469:2060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15562 comm="syz.0.4936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 212.268686][ T28] audit: type=1326 audit(2000000111.469:2061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15562 comm="syz.0.4936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 212.293926][ T28] audit: type=1326 audit(2000000111.469:2062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15562 comm="syz.0.4936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fb505f4cdd9 code=0x7ffc0000 [ 212.543864][T15592] loop7: detected capacity change from 0 to 128 [ 212.650027][T15604] loop7: detected capacity change from 0 to 128 [ 212.663687][T15608] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4954'. [ 212.700753][T15604] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 212.759860][T15604] ext4 filesystem being mounted at /266/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 212.832353][T11673] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 212.932114][T15635] netlink: 168 bytes leftover after parsing attributes in process `syz.1.4965'. [ 213.066383][T15651] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4972'. [ 213.196312][T15666] loop7: detected capacity change from 0 to 256 [ 213.214583][T15668] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 213.228255][T15668] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.289123][T15668] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 213.299819][T15668] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.359200][T15668] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 213.372076][T15668] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.409197][T15668] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 213.428472][T15668] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.442108][T15684] loop7: detected capacity change from 0 to 2048 [ 213.469005][T15684] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 213.580040][ T12] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 213.599678][ T12] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 213.642164][ T12] EXT4-fs (loop7): This should not happen!! Data will be lost [ 213.642164][ T12] [ 213.652067][ T12] EXT4-fs (loop7): Total free blocks count 0 [ 213.665581][ T12] EXT4-fs (loop7): Free/Dirty block details [ 213.678196][T12291] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 213.686730][ T12] EXT4-fs (loop7): free_blocks=4096 [ 213.691687][T12291] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.695434][ T12] EXT4-fs (loop7): dirty_blocks=512 [ 213.706105][ T12] EXT4-fs (loop7): Block reservation details [ 213.711634][T12291] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 213.720542][ T12] EXT4-fs (loop7): i_reserved_data_blocks=32 [ 213.727785][ T12] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 480 with error 28 [ 213.730827][T12291] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.746344][T11673] EXT4-fs warning (device loop7): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 213.778394][T12299] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 213.797610][T12299] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.822830][T12299] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 213.847098][T12299] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.262620][T15746] netlink: 'syz.4.5013': attribute type 4 has an invalid length. [ 214.284898][T15746] netlink: 'syz.4.5013': attribute type 17 has an invalid length. [ 214.300530][T15748] loop7: detected capacity change from 0 to 256 [ 214.496394][T15758] netlink: 83992 bytes leftover after parsing attributes in process `syz.4.5019'. [ 214.548904][T15758] netlink: zone id is out of range [ 214.557299][T15758] netlink: zone id is out of range [ 214.566715][T15758] netlink: zone id is out of range [ 214.576854][T15758] netlink: zone id is out of range [ 214.605222][T15758] netlink: set zone limit has 8 unknown bytes [ 214.625577][T15760] loop7: detected capacity change from 0 to 512 [ 214.657185][T15760] EXT4-fs (loop7): 1 truncate cleaned up [ 214.677684][T15760] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 214.704219][T15764] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5021'. [ 214.792497][T11673] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.309751][T15804] loop7: detected capacity change from 0 to 256 [ 215.409595][T15804] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 216.430234][ T28] kauditd_printk_skb: 20 callbacks suppressed [ 216.430251][ T28] audit: type=1326 audit(2000000115.909:2083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15920 comm="syz.3.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 216.522341][ T28] audit: type=1326 audit(2000000115.909:2084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15920 comm="syz.3.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 216.606159][ T28] audit: type=1326 audit(2000000115.909:2085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15920 comm="syz.3.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 216.644129][T15939] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5050'. [ 216.674969][ T28] audit: type=1326 audit(2000000115.909:2086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15920 comm="syz.3.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 216.697208][T15942] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5050'. [ 216.702465][T15939] netlink: 'syz.1.5050': attribute type 30 has an invalid length. [ 216.744249][T15942] netlink: 'syz.1.5050': attribute type 30 has an invalid length. [ 216.746521][ T28] audit: type=1326 audit(2000000115.909:2087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15920 comm="syz.3.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 216.781269][ T28] audit: type=1326 audit(2000000115.909:2088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15920 comm="syz.3.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 216.805510][ T28] audit: type=1326 audit(2000000115.909:2089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15920 comm="syz.3.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 216.830387][T12295] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 216.844103][ T28] audit: type=1326 audit(2000000115.909:2090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15920 comm="syz.3.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 216.846698][ T55] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 216.907047][ T28] audit: type=1326 audit(2000000115.909:2091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15920 comm="syz.3.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 216.928310][ T55] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 216.966135][ T28] audit: type=1326 audit(2000000115.909:2092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15920 comm="syz.3.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb391c3cdd9 code=0x7ffc0000 [ 216.972119][ T55] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 217.319231][T15980] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5069'. [ 217.363561][T15980] netlink: 'syz.0.5069': attribute type 12 has an invalid length. [ 217.378497][T15980] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5069'. [ 217.568301][T15997] veth1_to_hsr: Caught tx_queue_len zero misconfig [ 217.749759][T16019] loop7: detected capacity change from 0 to 512 [ 217.759453][T16019] EXT4-fs: Ignoring removed mblk_io_submit option [ 217.769363][T16019] EXT4-fs error (device loop7): ext4_iget_extra_inode:5128: inode #15: comm syz.7.5086: corrupted in-inode xattr: e_value size too large [ 217.783940][T16019] loop7: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 217.784783][T16019] EXT4-fs error (device loop7): ext4_orphan_get:1402: comm syz.7.5086: couldn't read orphan inode 15 (err -117) [ 217.794057][ C0] EXT4-fs (loop7): error count since last fsck: 1 [ 217.794083][ C0] EXT4-fs (loop7): initial error at time 2000000117: ext4_iget_extra_inode:5128: inode 15 [ 217.794112][ C0] EXT4-fs (loop7): last error at time 2000000117: ext4_iget_extra_inode:5128: inode 15 [ 217.833032][T16019] loop7: lost filesystem error report for type 5 error -117 [ 217.833709][T16019] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 217.887206][T11673] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.187417][ C1] ================================================================== [ 218.195602][ C1] BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv [ 218.202858][ C1] [ 218.205215][ C1] read-write to 0xffff888100173800 of 4 bytes by interrupt on cpu 0: [ 218.213314][ C1] can_can_gw_rcv+0x863/0x870 [ 218.218038][ C1] can_rcv_filter+0xc3/0x480 [ 218.222672][ C1] can_receive+0x13e/0x190 [ 218.227111][ C1] can_rcv+0x17d/0x1f0 [ 218.231209][ C1] process_backlog+0x363/0x670 [ 218.236012][ C1] __napi_poll+0x61/0x300 [ 218.240378][ C1] net_rx_action+0x452/0x930 [ 218.245016][ C1] handle_softirqs+0xb9/0x280 [ 218.249728][ C1] run_ksoftirqd+0x1c/0x30 [ 218.254181][ C1] smpboot_thread_fn+0x32a/0x510 [ 218.259161][ C1] kthread+0x22a/0x280 [ 218.263265][ C1] ret_from_fork+0x146/0x330 [ 218.267906][ C1] ret_from_fork_asm+0x1a/0x30 [ 218.272807][ C1] [ 218.275150][ C1] read-write to 0xffff888100173800 of 4 bytes by interrupt on cpu 1: [ 218.283329][ C1] can_can_gw_rcv+0x863/0x870 [ 218.288065][ C1] can_rcv_filter+0xc3/0x480 [ 218.292691][ C1] can_receive+0x13e/0x190 [ 218.297139][ C1] can_rcv+0x17d/0x1f0 [ 218.301240][ C1] process_backlog+0x363/0x670 [ 218.306307][ C1] __napi_poll+0x61/0x300 [ 218.310930][ C1] net_rx_action+0x452/0x930 [ 218.315997][ C1] handle_softirqs+0xb9/0x280 [ 218.320806][ C1] do_softirq+0x45/0x60 [ 218.325093][ C1] __local_bh_enable_ip+0x70/0x80 [ 218.330280][ C1] __alloc_skb+0x658/0x690 [ 218.335438][ C1] nsim_dev_trap_report_work+0x18a/0x630 [ 218.341118][ C1] process_scheduled_works+0x4f0/0x9c0 [ 218.346620][ C1] worker_thread+0x58a/0x780 [ 218.351442][ C1] kthread+0x22a/0x280 [ 218.355572][ C1] ret_from_fork+0x146/0x330 [ 218.360227][ C1] ret_from_fork_asm+0x1a/0x30 [ 218.365029][ C1] [ 218.367381][ C1] value changed: 0x000062a3 -> 0x000062a4 [ 218.373142][ C1] [ 218.375620][ C1] Reported by Kernel Concurrency Sanitizer on: [ 218.381807][ C1] CPU: 1 UID: 0 PID: 12303 Comm: kworker/u8:20 Tainted: G W syzkaller #0 PREEMPT(full) [ 218.393171][ C1] Tainted: [W]=WARN [ 218.397304][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 218.407491][ C1] Workqueue: events_unbound nsim_dev_trap_report_work [ 218.414317][ C1] ================================================================== [ 220.637332][ C1] ip6_tunnel: ip6erspan0 xmit: Local address not yet configured! [ 221.224029][ C0] ================================================================== [ 221.232189][ C0] BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv [ 221.239452][ C0] [ 221.241798][ C0] read-write to 0xffff888100173800 of 4 bytes by interrupt on cpu 1: [ 221.249906][ C0] can_can_gw_rcv+0x863/0x870 [ 221.254633][ C0] can_rcv_filter+0xc3/0x480 [ 221.259254][ C0] can_receive+0x13e/0x190 [ 221.263704][ C0] can_rcv+0x17d/0x1f0 [ 221.267801][ C0] process_backlog+0x363/0x670 [ 221.272629][ C0] __napi_poll+0x61/0x300 [ 221.277183][ C0] net_rx_action+0x452/0x930 [ 221.281842][ C0] handle_softirqs+0xb9/0x280 [ 221.286640][ C0] do_softirq+0x45/0x60 [ 221.290826][ C0] __local_bh_enable_ip+0x70/0x80 [ 221.295882][ C0] _raw_spin_unlock_bh+0x18/0x20 [ 221.300869][ C0] nsim_dev_trap_report_work+0x52b/0x630 [ 221.306590][ C0] process_scheduled_works+0x4f0/0x9c0 [ 221.312105][ C0] worker_thread+0x58a/0x780 [ 221.316780][ C0] kthread+0x22a/0x280 [ 221.320893][ C0] ret_from_fork+0x146/0x330 [ 221.325533][ C0] ret_from_fork_asm+0x1a/0x30 [ 221.330376][ C0] [ 221.332746][ C0] read-write to 0xffff888100173800 of 4 bytes by interrupt on cpu 0: [ 221.340849][ C0] can_can_gw_rcv+0x863/0x870 [ 221.345596][ C0] can_rcv_filter+0xc3/0x480 [ 221.350234][ C0] can_receive+0x13e/0x190 [ 221.354791][ C0] can_rcv+0x17d/0x1f0 [ 221.358995][ C0] process_backlog+0x363/0x670 [ 221.363813][ C0] __napi_poll+0x61/0x300 [ 221.368200][ C0] net_rx_action+0x452/0x930 [ 221.372839][ C0] handle_softirqs+0xb9/0x280 [ 221.377568][ C0] do_softirq+0x45/0x60 [ 221.381842][ C0] __local_bh_enable_ip+0x70/0x80 [ 221.386907][ C0] _raw_spin_unlock_bh+0x18/0x20 [ 221.391984][ C0] j1939_sk_sendmsg+0x420/0xc00 [ 221.396913][ C0] ____sys_sendmsg+0x563/0x5b0 [ 221.401725][ C0] ___sys_sendmsg+0x195/0x1e0 [ 221.406484][ C0] __sys_sendmmsg+0x185/0x320 [ 221.411210][ C0] __x64_sys_sendmmsg+0x57/0x70 [ 221.416144][ C0] x64_sys_call+0x27aa/0x3020 [ 221.420864][ C0] do_syscall_64+0x12c/0x3b0 [ 221.425492][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.432119][ C0] [ 221.434474][ C0] value changed: 0x0004a052 -> 0x0004a053 [ 221.440264][ C0] [ 221.442620][ C0] Reported by Kernel Concurrency Sanitizer on: [ 221.448823][ C0] CPU: 0 UID: 0 PID: 16023 Comm: syz.3.5087 Tainted: G W syzkaller #0 PREEMPT(full) [ 221.459799][ C0] Tainted: [W]=WARN [ 221.463804][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 221.473922][ C0] ================================================================== [ 224.258562][ C1] ================================================================== [ 224.266736][ C1] BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv [ 224.274099][ C1] [ 224.276453][ C1] read-write to 0xffff888100173800 of 4 bytes by interrupt on cpu 0: [ 224.284552][ C1] can_can_gw_rcv+0x863/0x870 [ 224.289416][ C1] can_rcv_filter+0xc3/0x480 [ 224.294071][ C1] can_receive+0x13e/0x190 [ 224.298529][ C1] can_rcv+0x17d/0x1f0 [ 224.302637][ C1] process_backlog+0x363/0x670 [ 224.307454][ C1] __napi_poll+0x61/0x300 [ 224.311823][ C1] net_rx_action+0x452/0x930 [ 224.316462][ C1] handle_softirqs+0xb9/0x280 [ 224.321181][ C1] do_softirq+0x45/0x60 [ 224.325368][ C1] __local_bh_enable_ip+0x70/0x80 [ 224.330440][ C1] __alloc_skb+0x658/0x690 [ 224.334913][ C1] nsim_dev_trap_report_work+0x18a/0x630 [ 224.340611][ C1] process_scheduled_works+0x4f0/0x9c0 [ 224.346142][ C1] worker_thread+0x58a/0x780 [ 224.350854][ C1] kthread+0x22a/0x280 [ 224.354954][ C1] ret_from_fork+0x146/0x330 [ 224.359968][ C1] ret_from_fork_asm+0x1a/0x30 [ 224.364779][ C1] [ 224.367151][ C1] read-write to 0xffff888100173800 of 4 bytes by interrupt on cpu 1: [ 224.375328][ C1] can_can_gw_rcv+0x863/0x870 [ 224.380142][ C1] can_rcv_filter+0xc3/0x480 [ 224.384767][ C1] can_receive+0x13e/0x190 [ 224.389318][ C1] can_rcv+0x17d/0x1f0 [ 224.393451][ C1] process_backlog+0x363/0x670 [ 224.398354][ C1] __napi_poll+0x61/0x300 [ 224.402753][ C1] net_rx_action+0x452/0x930 [ 224.407409][ C1] handle_softirqs+0xb9/0x280 [ 224.412219][ C1] do_softirq+0x45/0x60 [ 224.416636][ C1] __local_bh_enable_ip+0x70/0x80 [ 224.421700][ C1] _raw_spin_unlock_bh+0x18/0x20 [ 224.427592][ C1] nsim_dev_trap_report_work+0x52b/0x630 [ 224.433382][ C1] process_scheduled_works+0x4f0/0x9c0 [ 224.438928][ C1] worker_thread+0x58a/0x780 [ 224.443573][ C1] kthread+0x22a/0x280 [ 224.447680][ C1] ret_from_fork+0x146/0x330 [ 224.452346][ C1] ret_from_fork_asm+0x1a/0x30 [ 224.457171][ C1] [ 224.459522][ C1] value changed: 0x0008dc8c -> 0x0008dc8d [ 224.465270][ C1] [ 224.467630][ C1] Reported by Kernel Concurrency Sanitizer on: [ 224.473907][ C1] CPU: 1 UID: 0 PID: 12291 Comm: kworker/u8:14 Tainted: G W syzkaller #0 PREEMPT(full) [ 224.485627][ C1] Tainted: [W]=WARN [ 224.489550][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 224.499644][ C1] Workqueue: events_unbound nsim_dev_trap_report_work [ 224.507078][ C1] ================================================================== [ 227.320844][ C0] ================================================================== [ 227.329278][ C0] BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv [ 227.336621][ C0] [ 227.338979][ C0] read-write to 0xffff888100173800 of 4 bytes by interrupt on cpu 1: [ 227.347166][ C0] can_can_gw_rcv+0x863/0x870 [ 227.351898][ C0] can_rcv_filter+0xc3/0x480 [ 227.356525][ C0] can_receive+0x13e/0x190 [ 227.360975][ C0] can_rcv+0x17d/0x1f0 [ 227.365077][ C0] process_backlog+0x363/0x670 [ 227.369892][ C0] __napi_poll+0x61/0x300 [ 227.374268][ C0] net_rx_action+0x452/0x930 [ 227.378898][ C0] handle_softirqs+0xb9/0x280 [ 227.383610][ C0] do_softirq+0x45/0x60 [ 227.387804][ C0] __local_bh_enable_ip+0x70/0x80 [ 227.392857][ C0] kernel_fpu_end+0x6c/0x80 [ 227.397663][ C0] blake2s_compress+0x67/0x1740 [ 227.402572][ C0] blake2s_update+0xa3/0x160 [ 227.407218][ C0] hmac+0x20c/0x400 [ 227.411064][ C0] kdf+0x118/0x1e0 [ 227.414818][ C0] wg_noise_handshake_create_initiation+0x1b0/0x610 [ 227.421518][ C0] wg_packet_handshake_send_worker+0xb2/0x160 [ 227.427642][ C0] process_scheduled_works+0x4f0/0x9c0 [ 227.433150][ C0] worker_thread+0x58a/0x780 [ 227.437791][ C0] kthread+0x22a/0x280 [ 227.441902][ C0] ret_from_fork+0x146/0x330 [ 227.446635][ C0] ret_from_fork_asm+0x1a/0x30 [ 227.451456][ C0] [ 227.453812][ C0] read-write to 0xffff888100173800 of 4 bytes by interrupt on cpu 0: [ 227.462183][ C0] can_can_gw_rcv+0x863/0x870 [ 227.466956][ C0] can_rcv_filter+0xc3/0x480 [ 227.472201][ C0] can_receive+0x13e/0x190 [ 227.476933][ C0] can_rcv+0x17d/0x1f0 [ 227.481062][ C0] process_backlog+0x363/0x670 [ 227.485967][ C0] __napi_poll+0x61/0x300 [ 227.490336][ C0] net_rx_action+0x452/0x930 [ 227.494969][ C0] handle_softirqs+0xb9/0x280 [ 227.499685][ C0] do_softirq+0x45/0x60 [ 227.503887][ C0] __local_bh_enable_ip+0x70/0x80 [ 227.509037][ C0] kernel_fpu_end+0x6c/0x80 [ 227.513584][ C0] blake2s_compress+0x67/0x1740 [ 227.518492][ C0] blake2s_final+0x6a/0xa0 [ 227.522967][ C0] hmac+0x219/0x400 [ 227.526826][ C0] kdf+0x7d/0x1e0 [ 227.530501][ C0] wg_noise_handshake_create_initiation+0x372/0x610 [ 227.537182][ C0] wg_packet_handshake_send_worker+0xb2/0x160 [ 227.543303][ C0] process_scheduled_works+0x4f0/0x9c0 [ 227.548829][ C0] worker_thread+0x58a/0x780 [ 227.553477][ C0] kthread+0x22a/0x280 [ 227.557577][ C0] ret_from_fork+0x146/0x330 [ 227.562250][ C0] ret_from_fork_asm+0x1a/0x30 [ 227.567064][ C0] [ 227.569456][ C0] value changed: 0x000d2a28 -> 0x000d2a29 [ 227.575229][ C0] [ 227.577587][ C0] Reported by Kernel Concurrency Sanitizer on: [ 227.583776][ C0] CPU: 0 UID: 0 PID: 12282 Comm: kworker/u8:10 Tainted: G W syzkaller #0 PREEMPT(full) [ 227.595201][ C0] Tainted: [W]=WARN [ 227.599064][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 227.609168][ C0] Workqueue: wg-kex-wg0 wg_packet_handshake_send_worker [ 227.616162][ C0] ==================================================================