last executing test programs: 2m43.53710909s ago: executing program 4 (id=1327): setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)=0x201, 0x4) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mremap(&(0x7f000055d000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000899000/0x2000)=nil) mbind(&(0x7f00007ff000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x2) 2m43.40077419s ago: executing program 4 (id=1335): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24044000}, 0x0) r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000000)=0x7c, 0x4) sendmmsg$inet6(r0, &(0x7f0000004580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x002'], 0x28}}], 0x1, 0x0) 2m43.32988244s ago: executing program 4 (id=1337): r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0xa4, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x2}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0xff80, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}]}}]}, 0xa4}}, 0x0) 2m43.30814629s ago: executing program 4 (id=1339): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000380)={[{@nobh}, {@bsdgroups}, {@resuid}, {@grpquota}, {@minixdf}, {@nodiscard}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}]}, 0x1, 0x5ec, &(0x7f00000018c0)="$eJzs3c9vFFUcAPDvbH/QUqSFGBVjpIkxkCgtLWCI8QBXQxr8ES9erLQgUqChNVo0oSR4MTFejDHx5EH8L5TIlZOePHjxZEiIGo4mrpntTOmP2ZYu7Q4yn0+ydGbeDu87u/123rx9bzaAyhpM/6lF7ImI6SSiP5lfLOuMrHBw4Xl3//7kVPpIol5/488kkmxb/vwk+9mX7dwTET//lMTujtX1zsxdPjc+NTV5KVsfnj0/PTwzd/nA2fPjZybPTF4YfWn06JHDR46OHGzpuK4UbDtx7f0P+z8be/u7b/5JRr7/bSyJY/Fq9sSlx7FZBmOw8Zokq4v6jm52ZSXpyH5Plr7FSWeJAbEh+fvXFRFPRn90xL03rz8+fa3U4IAtVU8i6kBFJfIfKipvB+TX9iuvg2ultEqAdrhzfKEDYHX+dy70DUZPo29g+90klnbrJBHRWs/ccjsi4tbNsWunb45diy3qhwOKzV+NiKeK8j9p5P9A9MRAI/9ry/I/bReczH6m219vsf6VXcXyH9pnIf971sz/aJL/7yzJ/3dbrH/w3uJ7vcvyv7fVQwIAAAAAAIDKunE8Il4s+vy/tjj+JwrG//RFxLFNqH9wxfrqz/9rtzehGqDAneMRrxSO/63lo38HOrKlxxrjAbqS02enJg9GxM6I2B9d29L1kTXqOPD57q+blQ1m4//yR1r/rWwsYBbH7c5ty/eZGJ8df9DjBiLuXI14unD8b7J4/k8Kzv/p34Pp+6xj9/PXTzYrWz//ga1S/zZiX+H5/95dK5K1788x3GgPDOetgtWe/fiLH5rV32r+u8UEPLj0/L997fwfSJber2dm43UcmuusNytrtf3fnbzZuOVMd7bto/HZ2UsjEd3JiY5067LtoxuPGR5FeT7k+ZLm//7n1u7/K2r/90bE/Ir/O/lr+Zzi3BP/9v3eLB7tfyhPmv8TGzr/b3xh9PrAj83qv7/z/+HGuX5/tkX/Hyz4Kk/T7uXbC9Kxs6io3fECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKOgFhE7IqkNLS7XakNDEX0R8Xhsr01dnJl94fTFDy5MpGWN7/+v5d/027+wnuTf/z+wZH10xfqhiNgVEV929DbWh05dnJoo++ABAAAAAAAAAAAAAAAAAADgIdHXZP5/6o8dZUcHbLnOsgMASlOQ/7+UEQfQfs7/UF3yH6pL/kN1yX+oLvkP1SX/obrkP1SX/AcAAAAAgEfKrr03fk0iYv7l3sYj1Z2VdZUaGbDVamUHAJSmo+wAgNIY+gPV5RofSNYp72m603p7rmX61APsDAAAAAAAAAAAAACVs2+P+f9QVeb/Q3W1Nv+/d9PjANovn/+/t+Q4gPZzjQ/EOjP5C+f/r7sXAAAAAAAAAAAAALCZZuYunxufmpq8VOrCMzsXomlDXQMRUVz0VskvQgkL9Xr9Svq6Pyzx/M8X8qHwD0s8KxbyuX73t1dJf5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBV/gsAAP//oMAf0g==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000340)='./file0/../file0\x00', 0x0, 0x101091, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0) llistxattr(&(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x0) 2m43.20968348s ago: executing program 4 (id=1343): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000600)='kfree\x00', r0}, 0x10) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2800001, 0xc3072, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='ns\x00') 2m42.787073439s ago: executing program 4 (id=1369): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) 2m42.786990979s ago: executing program 32 (id=1369): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) 1m53.290577358s ago: executing program 5 (id=3698): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) truncate(&(0x7f0000000040)='./file0\x00', 0xff8c) 1m53.227292527s ago: executing program 5 (id=3704): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=@gettfilter={0x24, 0x2e, 0x1, 0x0, 0x1, {0x0, 0x0, 0x0, r1, {}, {}, {0x10, 0xd}}}, 0x24}}, 0x0) 1m53.211532847s ago: executing program 5 (id=3707): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000850000000800000095"], &(0x7f00000002c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000003c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x1a) 1m53.179879357s ago: executing program 5 (id=3710): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x1000410, &(0x7f0000000040)={[{@barrier_val={'barrier', 0x3d, 0x7}}, {@i_version}]}, 0x4, 0x504, &(0x7f0000019940)="$eJzs3c9vG1kdAPDvOHGTZt1NF/YACNiyLBRU6vzobrRaDnQvILRaCbFCQuLQDYk3imLXUZwsTcghPXJHohIn+BO4cUDqiQM3bnDjUg5IBSJQg8Rh0IyniZvEdWiTeGt/PtJ45r1x/H3PznvP8xznBTC0rkTETkRciIgPI2KyyE+KLW62t+x+j3a3F/Z2txeSSNMP/pHk57O86PiZzEvFY45HxPe/E/Hj5Gjc1ubWyny9Xlsr0lPrjdWp1ubW9eVSkTM7NzM3/faNt2ZPra6vNX7z8NvL7/3gd7/9woM/7nz9p1mxKj+7lJ/rrMdpale9HJWOvNGIeO8sgvXJaPH7w4sna22fiojX8/Y/GSP5qwkADLI0nYx0sjMNAAy67Pq/EkmpWswFVKJUqlbbc3ivxkSp3mytX5tsbtxejHwO63KUSx8t12vTxVzh5SgnWXomPz5Izx5K34iIVyLi52MX83R1oVlf7OcbHwAYYi8dGv//PdYe/wGAATfe7wIAAOfO+A8Aw8f4DwDD5/8Y/307EAAGhOt/ABg+xn8AGD49x/+751MOAOBcfO/997Mt3Sv+//Xix5sb36x8fH2x1lqpNjYWqgvNtdXqUrO5VK9VF9K01+PVm83VmTf3k63NrVuN5sbt9VvLjfml2q1a+YzrAwD09spr9/+cRMTOOxfzLTrWcjBWw2ArPZE6ZqEeYGCN9LsAQN/4Pg8MrxNc45sGgAHX68q/658I3bP4K7yorn7W/D8Mq1K/CwD0zbPN/3/r1MsBnD/z/zC80jSx5j8ADBlz/MCzfP7/wyg+/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAhVcm3pFTN1wLfyW5L1WrEpYi4HOXko+V6bToiXo6IP42Vx7L0TL8LDQA8p9LfkmL9r6uTb1QOn72Q/Gcs30fET375wS/uzK+vr81k+f/cz1+/V+TPXuhHBQCATjePZrXH6WLfcSH/aHd74fF2nkV8+G57cdEs7l6xtc+Mxmi+H49yREz8KynSbdn7lZFTiL9zNyI+c1D/Ox0RKvkcSHvl08Pxs9iXziD+wfOfRJqm6UH80hPxS3nZsn05fy4+fQplgWFz/912P5m1u4u721kTK9pfKa7k++Pb/3jeQz2/x/3f3pH+r7Tf/40ciZ/kbf7KfvrpJXn45u+/eyQznWyfuxvxudHj4if78ZMu/e8bJ6zjXz7/xde7nUt/FXE1jo/f1si72an1xupUa3Pr+nJjfqm2VLs9Ozs3Mzf99o23ZqfyOer27R+Oi/H3d6693C1+Vv+JLvHHe9T/Kyes/6//++GPvvSU+F/78vGv/6tPiZ+NiV89Yfz5iZvHLd+9H3+xS/17vf7XThj/wV+3Fk94VwDgHLQ2t1bm6/XaWo+D7L1mr/s4eDEPYifinIN+YzziE1F3B90O+t0zAWftoNH3uyQAAAAAAAAAAAAAAEA3rc2tlbE4268T9buOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADK7/BQAA//+TAtDE") r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) write$binfmt_register(r0, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x50, 0x46]}, 0x2b) 1m53.005603777s ago: executing program 5 (id=3719): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r1 = epoll_create(0x3) epoll_pwait2(r1, &(0x7f0000000080)=[{}], 0x1, &(0x7f0000000180)={0x0, 0x3938700}, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 1m52.754931476s ago: executing program 5 (id=3730): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'veth1_to_batadv\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1159b}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x3c}}, 0x0) 1m52.754471186s ago: executing program 33 (id=3730): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'veth1_to_batadv\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1159b}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x3c}}, 0x0) 1m38.385584175s ago: executing program 1 (id=4519): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10) sigaltstack(0x0, 0x0) 1m38.385345534s ago: executing program 1 (id=4520): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000500)={[{@data_err_abort}, {@noblock_validity}, {@dioread_lock}, {@init_itable}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@noload}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x1, 0x4bf, &(0x7f0000000740)="$eJzs3E1oHGUfAPD/TD763aR9+76v/dCuVjFYTZq0ag8eVBR6EQQ9VPAS01hq01aaCLYUG0XqUTx5VI+C4MmLJwUR9aR41bsIRXpp9SArszuT7Ca7280m29ju7we7+zzzsc/8Z54n88w8mQ2gZ5WytyRia0T8EhFD1Wz9AqXqx41rl6b+vHZpKoly+YU/kspy169dmioWLdbbkmdG0oj03ST2Nih39sLF05MzM9Pn8/zY3JnXx2YvXHzk1JnJk9Mnp89OHD165PD4449NPLomcWZxXd/z1rl9u4+99MFzU+V45fvPsu3dms+vjaNqeNVllqIU5dzi1MHK+wOr/vZ/l2016aR/HTeEFemLiOxwDVTa/1D0xeLBG4pn31nIfLNOGwh0TXZu2rFsal/+mS6cv4A7UaKNQ48qzvjZ9W/xupX9j/V29ansfboS/438VZ3TH2l2LTtcvWLva7L+/9osp7wkP5h/bo2I4/N/fZS9ouF9CACAtfVV1v95uFH/L63r22zPx1CGI+JgROyMiP9ExK6I+G/eD/p/RNy1wvJLS/LL+z8/beoosDZl/b8n8rGt+v5fmi+RLOS2VeIfSF49NTN9KN8nIzGwIcuPtyjj62d+fr/ZvFJN/y97ZeUXfcF8O37v31C/zonJuclVhFzn6tsRe/obxZ8sjARke2B3ROzp4PuzfXbqoU/3ZentW5bPv0n8rY/9GowzlT+JeLB6/OdjSfyFpFpSs/HJsY0xM31orKgVy/3w45Xna/MDNem6+De2F9PGToNtIDv+mxvW/zz+ohkU47WzKy/jyq/vNb2mWX78kzg+X7tEXv9rakJW/weTFyvp4jrqzcm5ufPjEYP5hLrpE4vrFvli+Sz+kQON2//OiL8/ztfbGxFZJb47Iu6JiP35tt8bEfdFxIEW8X/39P2vtd5Drdp/d2Xxn2h1/COGk9rx+g4Sfae//bJZ+e39/TtSSY3kU9r5+5cXXpyOmm5gp/sNAAAAbidpZQw6SUeLdM3NqV2xOZ05Nzt3sBRvnD1RHasejoG0uNM1VHM/dDy/N1zkJ5bkD0fEjsp/Gm2q5Eenzs1sW8/AgcqzOnXtP9J0dLQ677dm//QC3DlWNI5W+3Tg51+s/cYAt5TnNaF3af/Qu7R/6F3aP/SuRu3/csSNddgU4BZz/ofepf1D79L+oXdp/9CTlj8SX/zQQidP+i8mdh5b1epdT5SHuvLN8ytfq69LkUbtj3Y0TSStfhyhZSLS1ssMtlF6k8TLH1arYPcqQHrTZZ7sYul5Yn+e2BAR7a51ufO92kH9AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuP39EwAA///xS9f+") 1m38.298854504s ago: executing program 1 (id=4526): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000a40)='GPL\x00') pipe(&(0x7f0000000080)) 1m38.298686034s ago: executing program 1 (id=4527): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f00000000c0), 0x3, 0x5d8, &(0x7f0000000600)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000340)='./file0/../file0\x00', 0x0, 0x101091, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0) lchown(&(0x7f0000000340)='./file0\x00', 0x0, 0xee00) 1m38.257249844s ago: executing program 1 (id=4529): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f00000000c0), 0x10) sendmsg$can_bcm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)={0x5, 0x0, 0x0, {0x0, 0xea60}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "3fae8a9ad451a727"}}, 0x48}}, 0x0) sendmsg$can_bcm(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000600)=ANY=[@ANYBLOB="06"], 0x48}}, 0x0) 1m38.116112464s ago: executing program 1 (id=4537): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c00000036000900feffffff0000000001000000040000000c0001800600200005470000080002"], 0x2c}}, 0x0) 1m38.089613974s ago: executing program 34 (id=4537): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c00000036000900feffffff0000000001000000040000000c0001800600200005470000080002"], 0x2c}}, 0x0) 1.184538853s ago: executing program 3 (id=9208): syz_mount_image$tmpfs(0x0, &(0x7f00000040c0)='./file0\x00', 0x810000, 0x0, 0x6, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes=2']) chdir(&(0x7f0000001b80)='./file0\x00') open(&(0x7f0000000040)='.\x00', 0x418601, 0x8) 1.179120673s ago: executing program 3 (id=9211): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e300000000000000000000000140001006772653000000000000000000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014000100626f6e64300000000000000000000000140001006970766c616e31"], 0x4b0}}, 0x0) 1.100594192s ago: executing program 3 (id=9217): socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x48, &(0x7f0000000680)=ANY=[@ANYRES8=r0], 0x90) 1.064379233s ago: executing program 3 (id=9218): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r0, 0x0, 0x408cd, 0x0) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[], 0xfffffe3e) 831.308902ms ago: executing program 2 (id=9228): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x2}) ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x3) ioctl$BTRFS_IOC_RM_DEV(r0, 0x5000940b, 0x0) 718.741522ms ago: executing program 2 (id=9232): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file0\x00', 0x0, &(0x7f0000000ec0)={[{@nodioread_nolock}, {@usrjquota}, {@delalloc}, {@dioread_lock}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@mblk_io_submit}, {@minixdf}, {@barrier_val}, {@min_batch_time={'min_batch_time', 0x3d, 0x2}}, {}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) ioctl$FIBMAP(r0, 0x660c, 0x0) 376.660891ms ago: executing program 0 (id=9249): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='mm_page_alloc\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 335.011381ms ago: executing program 6 (id=9250): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000340)=[@in6={0xa, 0x4e22, 0x0, @private2}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x25, &(0x7f0000000280)={r1, @in={{0x2, 0x4e21, @empty}}, 0x0, 0x1, 0x0, 0x7, 0xad}, 0x9c) 310.606241ms ago: executing program 6 (id=9252): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) execve(0x0, 0x0, 0x0) 300.945921ms ago: executing program 2 (id=9262): unshare(0x20000400) iopl(0x3) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff) sendfile(r0, r0, 0x0, 0xfffe80) 253.068071ms ago: executing program 0 (id=9253): unshare(0x24060400) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) r1 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000300)=r0, 0x4) 249.283111ms ago: executing program 7 (id=9254): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}], {0x14}}, 0x68}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x64, 0x16, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x30, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'batadv_slave_1\x00'}, {0x14, 0x1, 'ip_vti0\x00'}]}]}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}]}], {0x14}}, 0x8c}}, 0x0) 249.021281ms ago: executing program 2 (id=9255): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) 248.954151ms ago: executing program 6 (id=9256): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f00000000c0)=0x1, 0x4) setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000000)='wg1\x00', 0x4) sendto$inet(r0, 0x0, 0x0, 0x400c8c6, &(0x7f0000000180)={0x2, 0x4e22, @private=0xa010101}, 0x10) 228.75949ms ago: executing program 6 (id=9257): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00') r1 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x120) sendfile(r1, r0, 0x0, 0x80000000) 194.619361ms ago: executing program 7 (id=9258): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000100)={0x1d, r1, 0x0, {0x0, 0x0, 0x4}, 0x1}, 0x18) bind$can_j1939(r0, &(0x7f0000000180)={0x1d, r1, 0x1, {0x0, 0x1, 0x4}, 0x1}, 0x18) 190.24583ms ago: executing program 3 (id=9259): sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[@ANYBLOB="540000000008010100000000000000000a000000050003002f0000000600024000000000240004800800024000000000080001"], 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0) 182.356771ms ago: executing program 2 (id=9260): r0 = socket$inet_smc(0x2b, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000001c0)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x20000040, 0x20000070, 0x200000a0], 0x0, 0x0, &(0x7f0000000040)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x11e, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108) 172.56946ms ago: executing program 0 (id=9261): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 152.60822ms ago: executing program 3 (id=9263): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file0\x00', 0x0, &(0x7f0000000ec0)={[{@nodioread_nolock}, {@usrjquota}, {@delalloc}, {@dioread_lock}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@mblk_io_submit}, {@minixdf}, {@barrier_val}, {@min_batch_time={'min_batch_time', 0x3d, 0x2}}, {}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) ioctl$FIBMAP(r0, 0x660c, 0x0) 152.064901ms ago: executing program 7 (id=9273): perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x26008, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x100000, 0x5, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={0x38, r0, 0x10ada85e65c25359, 0x0, 0x8000000, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x11}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5}]}]}]}, 0x38}}, 0x0) 98.857201ms ago: executing program 0 (id=9264): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000500)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0xe, [0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x402], [0x0, 0x8]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x24048080}, 0x10) 98.5174ms ago: executing program 6 (id=9265): r0 = timerfd_create(0x8, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000100000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) timerfd_settime(r0, 0x3, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0) 98.267871ms ago: executing program 7 (id=9266): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000180)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000000)=ANY=[@ANYBLOB='b *:'], 0xa) 98.01281ms ago: executing program 2 (id=9267): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r0, &(0x7f00000059c0)=[{{&(0x7f0000000080)={0xa, 0x0, 0xfffffffd, @rand_addr=' \x01\x00', 0x4000}, 0x1c, &(0x7f0000000440)=[{&(0x7f0000000100)='d', 0x1}], 0x1}}], 0x1, 0x4) shutdown(r0, 0x1) getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f0000001280)=""/4105, &(0x7f00000000c0)=0x1009) 77.37206ms ago: executing program 0 (id=9268): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000020000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000fbb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 64.44117ms ago: executing program 7 (id=9269): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x8080000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)) ioprio_set$pid(0x2, 0x0, 0x0) 50.91621ms ago: executing program 6 (id=9270): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f00000002c0)={[{@norecovery}, {@bh}, {@resuid}, {@auto_da_alloc}]}, 0xee, 0x498, &(0x7f0000001b40)="$eJzs3E1sFFUcAPD/bL/5kIr4AYJW8YOotLR8yMGLRhMPmpjoAeOplkKQQg2tiZBG0QMeDYl349HEu4knvRj1YEy86t2QENML6GnMzM4s23a3n0sX3N8v2e17M7N97z9vXuf1vd0NoGMNZU9JxLaI+CMidlSzCw8Yqv64OT838c/83EQSafrm30l+3I35uYny0PJ1W6uZNI3oy5J9Dcq98k7E+NTU5IUiPzJ77v2RmYuXDp45N3568vTk+bHjx48c3td7bOxovj9dZ3yV4mcW1409H03v3f3q21dfnzhx9d2fv8nqu63YXx/HuqRLazhUPbuLPZo9Pbmhwu4ov2ZP2+s2JN3NDx7ehAqxel0RkTVXT55LoisGavt2xCuftrFqwG2Wpmna6P4cdfftFPifSvRv6FDlvT77/7d8bM7I485w/cWIOFhk5ucmbtbi767NHfQs+v+2lYYi4sTlf7/MHtGKeQgAgBV8n41/nms0/qvEA3XH3VOsoQxGxL0RsTMi7ouIXRFxf0R+7IMR5x5aY/mLV0iWjn8q19YV2Cpl478XirWtmwvGf+XoLwa7itz2PP6e5NSZqclDxTk5ED19WX50mTJ+ePn3z8t0/6J99eO/7JGVX44Fi3pc6140QXdyfHY8T6Rp+vHGwo/rn0Ts6W4UfxLlMk4SEbsjYs86yzjzzNd7m+1bOf5lLLPOtFrpVxFPV9v/8sLx/62mSurXJwciorY+Ofr8sbGjI/0xNXlopLwqlvrltytvNCt/Q/G3QNb+Wxpe/7VV4MGkP2Lm4qWz+XrtzNrLuPLnZ3V9esHqchZ/5duINV//vclbebq32Pbh+OzshdGI3uS1pdvHbr22zJfHZ/Ef2N+4/++sq/HDEZFdxPsi4pFiETdru8ci4vGI2L9M/D+99MR7zfY1b/9ms/Ktdb04Ucu2f9S3/9oTXWd//K5Z+UPFGmQU56Fx+x/JUweKLbW/f8tYbQXXddIAAADgLlPJ3wOfVIZr6UpleLj6Hv5dsaUyNT0z++yp6Q/On6y+V34weirlTNeOuvnQ0WJuuMyPLcofLuaNv+gayPPDE9NTJ9sdPHS4rU36f+avrnbXDrjtWrCOBtyl9H/oXPo/dC79HzqX/g+dq1H/3+gHC4C7g/s/dK68/z91ud3VANrA/R86l/4PHanpZ+MrG/rIf9NE0upf2DBRfnfCZpS1cqL8LopNL31g3S/vX/nURaW9Z7VjEt1L2iK6W1pEX8NdbfyjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0EL/BQAA///5etKr") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000100)='./file0/../file0/../file0/../file0\x00', 0x0, 0x101091, 0x0) chroot(&(0x7f0000000300)='.\x00') pivot_root(&(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000140)='./file0/../file0/../file0/../file0\x00') 896.75µs ago: executing program 7 (id=9271): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r1, &(0x7f0000000100)=0x7, 0x12) 0s ago: executing program 0 (id=9282): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1018e58, &(0x7f0000000400)={[{@sysvgroups}, {@stripe}, {@auto_da_alloc}, {@quota}, {@nogrpid}, {@nodelalloc}, {}, {@bsdgroups}]}, 0x6, 0x640, &(0x7f0000000d80)="$eJzs3c9rXFsdAPDvvZPkJWl86RMRX1AMuHgP5KVJfVh1Y1sXdlGwYBciLhqapIZOf5CkYGvBBFwoKIi4LdKN/4B76d6dCOrOtVBFKha0dB73zp1mMplfaTIzSe7nA5M599wzOeebOyf33HvnzA2gtOazH2nE+xGvbyQRs03rZqK+cr4o9+Lfj29mjyRqte/+K4mkyGuUT4rnM8XCZET86XLEpyv76918+Oj2crVW95OIc1t37p/bfPjoo/U7y7dWb63eXTr/tY8vLH596eOlpoa+vTPF85Wr3/n8L3/6w6+u/bn6URIX4/r4j1eiJY6jMh/z8boIsTl/LCIuZIk2f5eT5hSEUGqV4v04HhGfjdmo5Et1s7H+i5E2DhioWiWi1l3SqwBwUuneUFaNcUDj2L6/4+DrAx6VDM/zS/UDoP3xjxWnHCbzY6PpF0nTkVH93MbZI6g/q+PV48knrx7PPYk95yFevtk6Y0dQTyfbOxHxuXbxJ3nbzuaRZvGne471k4hYjIiJon3fOkQbkqb0IM7DdHOQ+Ju3QxoRF4vnLP/yW9bfelpr2PEDUE7PLhU78u1saXf/l409GuOfaDP+mTn8JZncqPd/ncd/jf39ZD7uSVvGYdmY5Vr7XznemvH3n1/5daf66+O/uSeNR1Z/Yyw4DM93IuZa4v9ZFmwx/sniT9ps/6zIjYv91fHtv/zzSqd1o46/9jTig7bHP7uj0izV5frkubX16upi/WfbOv7wxx/8rlP97eN/ZwCRtpdt/+kO8Tdt/7T1ddnf5H77X7nTmvH7a0/vdKp/puf2T/8xkdSPNyeKnB/tbG1tLEVMJFeLIkX+8tbWxvnu8dbLvKzlz0v1+D/8Uvv+v+f93xLVVONfZh/uf+/2i07r3ub933Qx+XWtzzZ0ksW/0nv77+v/Wd6v+qzjv99/8IVO67rFP3WYwAAAAAAAAKCE0vwabJIuvEmn6cJCfb7sZ2I6rd7b3Pry2r0Hd1ciPsw/DzmeRprkHxmZrS8na+vV1aXi87CN5fMty1+JiPci4jeVqXx54ea96sqogwcAAAAAAAAAAAAAAAAAAIBj4kwx/79xn+r/VOrz/4GS6H2DuX33fwBOiUHeYBI43vL+320X/+7w2gIMl/0/lJf+D+Wl/0N56f9QXvo/lJf+D+Wl/0N56f8AAAAAcCq998Vnf0siYvsbU/kjM1GsM+kXTrfxA5WuDKwdwPDp0VBeby79G+xD6fQ1/v9f8eWAg28OMAJJu8x8cFDr3vmftX3lrp3Dtw0AAAAAAAAAAAAAqPvg/c7z/w82Nxg4aUz7g/I6xPx/Xx0AJ5yv/ofycowP9JjFH5OdVvSa/w8AAAAAAAAAAAAAHJmZ/JGkC8Vc4JlI04WFiE9FxNkYT9bWq6uLEfFuRPy1Mv5Otrw06kYDAAAAAAAAAAAAAAAAAADAKbP58NHt5Wp1daM58f99Oac70bgLau/CtT7KdE18Mw74qkiG/2eZioiRb5SBJcaacpKI7WzLH4uGbWzG8WhGnhjxPyYAAAAAAAAAAAAAAAAAACihprnH7c39dsgtAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDh273/f4/EynT9BX0V3psYdYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMn0SQAAAP//riA8Ng==") r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88) kernel console output (not intermixed with test programs): EXT4-fs: Mount option(s) incompatible with ext3 [ 175.259917][T19032] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 175.272019][T19030] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6922'. [ 175.319708][T19040] syz.0.6927[19040] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 175.319836][T19040] syz.0.6927[19040] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 175.332500][T19040] syz.0.6927[19040] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 175.468722][T19059] netlink: 24 bytes leftover after parsing attributes in process `syz.7.6936'. [ 175.521144][T19063] netlink: 156 bytes leftover after parsing attributes in process `syz.7.6939'. [ 175.652512][T19079] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6943'. [ 175.879031][T19107] virt_wifi0: tun_chr_ioctl cmd 2148553947 [ 175.889646][T19111] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 176.145069][T19142] loop2: detected capacity change from 0 to 2048 [ 176.169791][T19142] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 176.216521][T19152] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6980'. [ 176.310363][ T11] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 176.365228][ T11] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 176.378207][ T11] EXT4-fs (loop2): This should not happen!! Data will be lost [ 176.378207][ T11] [ 176.387951][ T11] EXT4-fs (loop2): Total free blocks count 0 [ 176.394659][ T11] EXT4-fs (loop2): Free/Dirty block details [ 176.400599][ T11] EXT4-fs (loop2): free_blocks=4096 [ 176.406632][ T11] EXT4-fs (loop2): dirty_blocks=512 [ 176.411869][ T11] EXT4-fs (loop2): Block reservation details [ 176.418591][ T11] EXT4-fs (loop2): i_reserved_data_blocks=32 [ 176.431308][ T11] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 480 with error 28 [ 176.563474][T19190] loop6: detected capacity change from 0 to 1024 [ 176.578100][T19190] EXT4-fs: Ignoring removed i_version option [ 176.602644][T19190] EXT4-fs: Ignoring removed nobh option [ 176.609304][T19190] EXT4-fs: Ignoring removed bh option [ 176.777381][T19221] usb usb4: usbfs: process 19221 (syz.6.7013) did not claim interface 0 before use [ 176.813044][T19229] loop7: detected capacity change from 0 to 2048 [ 176.813751][T19232] loop2: detected capacity change from 0 to 512 [ 176.839417][T19232] ext4 filesystem being mounted at /1454/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 176.868196][T19238] program syz.6.7019 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 176.878757][T19238] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 177.008256][T19252] loop2: detected capacity change from 0 to 512 [ 177.030906][T19252] EXT4-fs: Ignoring removed mblk_io_submit option [ 177.030981][ T47] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 177.117809][ T47] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 177.130531][ T47] EXT4-fs (loop7): This should not happen!! Data will be lost [ 177.130531][ T47] [ 177.140344][ T47] EXT4-fs (loop7): Total free blocks count 0 [ 177.147507][ T47] EXT4-fs (loop7): Free/Dirty block details [ 177.156678][ T47] EXT4-fs (loop7): free_blocks=4096 [ 177.163108][ T47] EXT4-fs (loop7): dirty_blocks=512 [ 177.169029][ T47] EXT4-fs (loop7): Block reservation details [ 177.175059][ T47] EXT4-fs (loop7): i_reserved_data_blocks=32 [ 177.202811][ T29] kauditd_printk_skb: 365 callbacks suppressed [ 177.202825][ T29] audit: type=1400 audit(2000000007.370:5558): avc: denied { create } for pid=19257 comm="syz.6.7027" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 177.230523][ T29] audit: type=1400 audit(2000000007.380:5559): avc: denied { bind } for pid=19257 comm="syz.6.7027" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 177.250934][ T29] audit: type=1400 audit(2000000007.380:5560): avc: denied { name_bind } for pid=19257 comm="syz.6.7027" src=128 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 177.273358][ T29] audit: type=1400 audit(2000000007.380:5561): avc: denied { node_bind } for pid=19257 comm="syz.6.7027" saddr=ff01::1 src=128 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1 [ 177.296683][ T29] audit: type=1400 audit(2000000007.380:5562): avc: denied { connect } for pid=19257 comm="syz.6.7027" laddr=ff01::1 lport=128 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 177.319436][ T29] audit: type=1400 audit(2000000007.380:5563): avc: denied { name_connect } for pid=19257 comm="syz.6.7027" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 177.362357][ T3309] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 480 with error 28 [ 177.376170][ T3309] EXT4-fs (loop7): This should not happen!! Data will be lost [ 177.376170][ T3309] [ 177.413136][ T29] audit: type=1326 audit(2000000007.590:5564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19265 comm="syz.2.7026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 177.458682][ T29] audit: type=1326 audit(2000000007.590:5565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19265 comm="syz.2.7026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 177.483497][ T29] audit: type=1326 audit(2000000007.590:5566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19265 comm="syz.2.7026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 177.506982][ T29] audit: type=1326 audit(2000000007.590:5567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19265 comm="syz.2.7026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 177.589023][T19276] loop7: detected capacity change from 0 to 512 [ 177.618190][T19276] ext4 filesystem being mounted at /352/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 177.872534][T19314] SELinux: failed to load policy [ 177.927087][T19318] loop0: detected capacity change from 0 to 256 [ 177.953786][T19318] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 177.989157][T19318] FAT-fs (loop0): Directory bread(block 64) failed [ 177.995867][T19318] FAT-fs (loop0): Directory bread(block 65) failed [ 178.002412][T19318] FAT-fs (loop0): Directory bread(block 66) failed [ 178.030730][T19318] FAT-fs (loop0): Directory bread(block 67) failed [ 178.038800][T19318] FAT-fs (loop0): Directory bread(block 68) failed [ 178.045504][T19318] FAT-fs (loop0): Directory bread(block 69) failed [ 178.061241][T19318] FAT-fs (loop0): Directory bread(block 70) failed [ 178.089743][T19318] FAT-fs (loop0): Directory bread(block 71) failed [ 178.113334][T19318] FAT-fs (loop0): Directory bread(block 72) failed [ 178.123350][T19318] FAT-fs (loop0): Directory bread(block 73) failed [ 178.271038][T19349] loop3: detected capacity change from 0 to 256 [ 178.289260][T19349] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 178.312363][T19351] loop2: detected capacity change from 0 to 128 [ 178.355279][T19349] FAT-fs (loop3): Directory bread(block 64) failed [ 178.370837][T19356] loop0: detected capacity change from 0 to 512 [ 178.378241][T19349] FAT-fs (loop3): Directory bread(block 65) failed [ 178.388267][T19349] FAT-fs (loop3): Directory bread(block 66) failed [ 178.398526][T19358] loop6: detected capacity change from 0 to 512 [ 178.406054][T19349] FAT-fs (loop3): Directory bread(block 67) failed [ 178.412698][T19349] FAT-fs (loop3): Directory bread(block 68) failed [ 178.420785][T19349] FAT-fs (loop3): Directory bread(block 69) failed [ 178.427701][T19349] FAT-fs (loop3): Directory bread(block 70) failed [ 178.428184][ T3309] kworker/u8:6: attempt to access beyond end of device [ 178.428184][ T3309] loop2: rw=1, sector=145, nr_sectors = 896 limit=128 [ 178.435077][T19349] FAT-fs (loop3): Directory bread(block 71) failed [ 178.458108][T19349] FAT-fs (loop3): Directory bread(block 72) failed [ 178.464646][T19349] FAT-fs (loop3): Directory bread(block 73) failed [ 178.527158][T19358] ext4 filesystem being mounted at /656/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 178.616912][T19356] ext4 filesystem being mounted at /321/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 178.690258][T19372] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7080'. [ 178.749407][T19372] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7080'. [ 178.763392][T19375] loop0: detected capacity change from 0 to 4096 [ 178.861544][T19385] loop0: detected capacity change from 0 to 128 [ 178.899084][T19385] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 178.916817][T19389] loop6: detected capacity change from 0 to 128 [ 178.930370][ T4007] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 179.020057][ T3410] kworker/u8:7: attempt to access beyond end of device [ 179.020057][ T3410] loop6: rw=1, sector=145, nr_sectors = 896 limit=128 [ 179.241924][T19423] loop0: detected capacity change from 0 to 512 [ 179.250068][T19422] loop6: detected capacity change from 0 to 256 [ 179.258456][T19422] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 179.292309][T19422] FAT-fs (loop6): Directory bread(block 64) failed [ 179.300650][T19423] ext4 filesystem being mounted at /330/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 179.318124][T19422] FAT-fs (loop6): Directory bread(block 65) failed [ 179.336003][T19423] EXT4-fs error (device loop0): ext4_get_first_dir_block:3539: inode #12: comm syz.0.7110: Attempting to read directory block (0) that is past i_size (3) [ 179.362744][T19422] FAT-fs (loop6): Directory bread(block 66) failed [ 179.378129][T19422] FAT-fs (loop6): Directory bread(block 67) failed [ 179.387911][T19431] loop3: detected capacity change from 0 to 764 [ 179.394600][T19423] EXT4-fs (loop0): Remounting filesystem read-only [ 179.402693][T19422] FAT-fs (loop6): Directory bread(block 68) failed [ 179.429685][T19431] Symlink component flag not implemented [ 179.442987][ T3410] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 179.453723][T19422] FAT-fs (loop6): Directory bread(block 69) failed [ 179.461786][T19431] Symlink component flag not implemented (101) [ 179.470872][T19422] FAT-fs (loop6): Directory bread(block 70) failed [ 179.487874][T19422] FAT-fs (loop6): Directory bread(block 71) failed [ 179.501859][T19422] FAT-fs (loop6): Directory bread(block 72) failed [ 179.516762][T19422] FAT-fs (loop6): Directory bread(block 73) failed [ 179.636116][T19446] loop0: detected capacity change from 0 to 2048 [ 179.645125][T19450] netlink: 3 bytes leftover after parsing attributes in process `syz.6.7113'. [ 179.657107][T19450] 0ªX¹¦À: renamed from caif0 [ 179.664732][T19450] 0ªX¹¦À: entered allmulticast mode [ 179.670036][T19450] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 179.776713][T19457] bridge_slave_0: left allmulticast mode [ 179.782543][T19457] bridge_slave_0: left promiscuous mode [ 179.787627][T19458] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 179.788977][T19457] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.804143][T19458] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1430 with error 28 [ 179.823904][T19458] EXT4-fs (loop0): This should not happen!! Data will be lost [ 179.823904][T19458] [ 179.833581][T19458] EXT4-fs (loop0): Total free blocks count 0 [ 179.840975][T19458] EXT4-fs (loop0): Free/Dirty block details [ 179.846918][T19458] EXT4-fs (loop0): free_blocks=2415919504 [ 179.852637][T19458] EXT4-fs (loop0): dirty_blocks=2752 [ 179.857997][T19458] EXT4-fs (loop0): Block reservation details [ 179.858919][T19463] loop2: detected capacity change from 0 to 128 [ 179.863964][T19458] EXT4-fs (loop0): i_reserved_data_blocks=182 [ 179.879804][T19457] bridge_slave_1: left allmulticast mode [ 179.885537][T19457] bridge_slave_1: left promiscuous mode [ 179.891989][T19457] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.897526][T19463] ext4 filesystem being mounted at /1473/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 179.911796][T19457] bond0: (slave bond_slave_0): Releasing backup interface [ 179.919892][T19457] bond_slave_0: left promiscuous mode [ 179.925424][T19457] bond_slave_0: left allmulticast mode [ 179.937439][T19457] bond0: (slave bond_slave_1): Releasing backup interface [ 179.947743][T19457] bond_slave_1: left promiscuous mode [ 179.953277][T19457] bond_slave_1: left allmulticast mode [ 179.981811][T19457] team0: Port device team_slave_0 removed [ 179.990024][T19457] team0: Port device team_slave_1 removed [ 179.996024][T19457] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 180.104530][T19477] loop7: detected capacity change from 0 to 2048 [ 180.120663][T19479] SELinux: failed to load policy [ 180.185327][ T3410] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 1430 with max blocks 2048 with error 28 [ 180.185389][ T3410] EXT4-fs (loop0): This should not happen!! Data will be lost [ 180.185389][ T3410] [ 180.327601][T19509] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7139'. [ 180.336807][T19509] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7139'. [ 180.365219][T19517] loop6: detected capacity change from 0 to 256 [ 180.411538][T19511] SELinux: failed to load policy [ 180.434696][T19526] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7147'. [ 180.490090][T19535] wireguard0: entered promiscuous mode [ 180.495609][T19535] wireguard0: entered allmulticast mode [ 180.593745][T19556] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7161'. [ 180.611498][T19523] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 180.612090][T19556] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7161'. [ 180.627654][T19523] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 180.639759][T19558] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=18 sclass=netlink_audit_socket pid=19558 comm=syz.3.7162 [ 180.653772][T19552] lo speed is unknown, defaulting to 1000 [ 180.712061][T19562] loop3: detected capacity change from 0 to 128 [ 180.757903][T19562] ext4 filesystem being mounted at /1122/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 180.872443][T19589] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=18 sclass=netlink_audit_socket pid=19589 comm=syz.0.7175 [ 180.922834][T19597] loop3: detected capacity change from 0 to 2048 [ 180.930169][T19599] validate_nla: 4 callbacks suppressed [ 180.930182][T19599] netlink: 'syz.0.7180': attribute type 1 has an invalid length. [ 180.943749][T19599] netlink: 220 bytes leftover after parsing attributes in process `syz.0.7180'. [ 181.172969][T19622] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=18 sclass=netlink_audit_socket pid=19622 comm=syz.6.7189 [ 181.203000][T19624] loop0: detected capacity change from 0 to 256 [ 181.243360][T19630] netlink: 'syz.6.7192': attribute type 1 has an invalid length. [ 181.251793][T19630] netlink: 220 bytes leftover after parsing attributes in process `syz.6.7192'. [ 181.347778][T19644] loop0: detected capacity change from 0 to 512 [ 181.354492][T19644] EXT4-fs: Ignoring removed i_version option [ 181.369674][T19644] ext4 filesystem being mounted at /360/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 181.384790][T19644] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 181.427982][T19654] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 181.434532][T19654] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 181.442061][T19654] vhci_hcd vhci_hcd.0: Device attached [ 181.448067][T19655] vhci_hcd: connection closed [ 181.448253][ T4007] vhci_hcd: stop threads [ 181.457318][ T4007] vhci_hcd: release socket [ 181.461823][ T4007] vhci_hcd: disconnect device [ 181.615480][T19662] syz.0.7216 uses obsolete (PF_INET,SOCK_PACKET) [ 181.667069][T19669] SET target dimension over the limit! [ 181.845628][ T1028] kernel write not supported for file /2345/loginuid (pid: 1028 comm: kworker/1:2) [ 181.901040][T19698] tap0: tun_chr_ioctl cmd 1074025694 [ 182.034749][T19724] TCP: TCP_TX_DELAY enabled [ 182.070233][T19731] syz.2.7240[19731] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 182.070342][T19731] syz.2.7240[19731] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 182.084953][T19731] syz.2.7240[19731] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 182.148714][T19738] loop2: detected capacity change from 0 to 1764 [ 182.217411][T19744] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7246'. [ 182.233729][ T29] kauditd_printk_skb: 154 callbacks suppressed [ 182.233741][ T29] audit: type=1326 audit(2000000012.410:5720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19651 comm="syz.6.7201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dc5e05d29 code=0x7fc00000 [ 182.303846][T19752] loop7: detected capacity change from 0 to 512 [ 182.311384][T19752] EXT4-fs: Ignoring removed i_version option [ 182.338211][T19752] ext4 filesystem being mounted at /385/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 182.352364][T19752] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 182.417337][T19768] tap0: tun_chr_ioctl cmd 1074025694 [ 182.611617][ T29] audit: type=1400 audit(2000000012.790:5721): avc: denied { write } for pid=19792 comm="syz.6.7267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 182.844203][ T29] audit: type=1400 audit(2000000013.020:5722): avc: denied { mount } for pid=19798 comm="syz.6.7270" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 182.870904][ T29] audit: type=1400 audit(2000000013.020:5723): avc: denied { read } for pid=19798 comm="syz.6.7270" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 182.896985][ T29] audit: type=1400 audit(2000000013.020:5724): avc: denied { open } for pid=19798 comm="syz.6.7270" path="/696/file0" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 182.922664][ T29] audit: type=1400 audit(2000000013.050:5725): avc: denied { unmount } for pid=11847 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 182.961638][T19806] SET target dimension over the limit! [ 182.974557][ T29] audit: type=1326 audit(2000000013.150:5726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19807 comm="syz.0.7274" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7f8f13a2cce7 code=0x0 [ 183.006521][T19812] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 183.023566][ T29] audit: type=1326 audit(2000000013.200:5727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19813 comm="syz.6.7277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0dc5dfcce7 code=0x7ffc0000 [ 183.048365][ T29] audit: type=1326 audit(2000000013.200:5728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19813 comm="syz.6.7277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0dc5da1f29 code=0x7ffc0000 [ 183.072502][ T29] audit: type=1326 audit(2000000013.200:5729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19813 comm="syz.6.7277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0dc5dfcce7 code=0x7ffc0000 [ 183.176225][T19821] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7280'. [ 183.309241][T19835] SET target dimension over the limit! [ 183.446066][T19851] program syz.2.7295 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 183.447005][T19852] netlink: 56 bytes leftover after parsing attributes in process `syz.7.7294'. [ 183.604669][T19863] dvmrp0: entered allmulticast mode [ 183.845937][T19886] loop3: detected capacity change from 0 to 1764 [ 183.913138][T19895] netlink: 16 bytes leftover after parsing attributes in process `syz.7.7316'. [ 184.150646][T19920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 184.161268][T19920] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 184.180634][T19922] netlink: 8280 bytes leftover after parsing attributes in process `syz.7.7329'. [ 184.191549][T19922] netlink: 8280 bytes leftover after parsing attributes in process `syz.7.7329'. [ 184.517407][T19945] loop2: detected capacity change from 0 to 512 [ 184.525277][T19945] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.7336: casefold flag without casefold feature [ 184.540376][T19945] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.7336: couldn't read orphan inode 15 (err -117) [ 184.758833][T19984] batadv1: entered promiscuous mode [ 184.765491][T19984] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 184.810950][T19998] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 184.820848][T19998] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 185.018171][T20022] loop3: detected capacity change from 0 to 512 [ 185.036886][T20022] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.7375: casefold flag without casefold feature [ 185.050940][T20022] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.7375: couldn't read orphan inode 15 (err -117) [ 185.144064][T20040] 9pnet_fd: p9_fd_create_tcp (20040): problem connecting socket to 127.0.0.1 [ 185.248188][T20055] loop3: detected capacity change from 0 to 512 [ 185.265857][T20055] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 185.287373][T20055] EXT4-fs (loop3): orphan cleanup on readonly fs [ 185.296833][T20055] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.7389: bg 0: block 248: padding at end of block bitmap is not set [ 185.312224][T20055] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.7389: Failed to acquire dquot type 1 [ 185.336229][T20055] EXT4-fs (loop3): 1 truncate cleaned up [ 185.349829][T20055] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 185.383578][T20055] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 185.406413][T20055] EXT4-fs error (device loop3): __ext4_remount:6749: comm syz.3.7389: Abort forced by user [ 185.423203][T20055] EXT4-fs (loop3): Remounting filesystem read-only [ 185.427022][T20078] netlink: 'syz.0.7399': attribute type 3 has an invalid length. [ 185.429885][T20055] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 185.449884][T20055] ext4 filesystem being remounted at /1160/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 185.501812][T20091] loop2: detected capacity change from 0 to 128 [ 185.554086][T20101] batadv1: entered promiscuous mode [ 185.562842][T20101] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 185.593776][T20109] syz.6.7413[20109] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 185.690681][T20130] __nla_validate_parse: 4 callbacks suppressed [ 185.690696][T20130] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7422'. [ 185.719996][T20130] netlink: 56 bytes leftover after parsing attributes in process `syz.3.7422'. [ 185.763264][T20136] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7427'. [ 185.821014][T20140] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7429'. [ 186.116965][T20171] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7444'. [ 186.117313][T20173] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7446'. [ 186.161460][T20177] netlink: 52 bytes leftover after parsing attributes in process `syz.2.7447'. [ 186.212822][T20184] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7451'. [ 186.255380][T20185] loop0: detected capacity change from 0 to 2048 [ 186.302485][T20185] EXT4-fs error (device loop0): ext4_find_extent:938: inode #2: comm syz.0.7450: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 186.334460][T20199] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=20199 comm=syz.7.7456 [ 186.351745][T20198] loop3: detected capacity change from 0 to 1024 [ 186.366648][T20198] EXT4-fs: Ignoring removed nobh option [ 186.372246][T20198] EXT4-fs: Ignoring removed bh option [ 186.568709][T20125] syz.6.7423 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 186.579862][T20125] CPU: 1 UID: 0 PID: 20125 Comm: syz.6.7423 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 186.590724][T20125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 186.600856][T20125] Call Trace: [ 186.604178][T20125] [ 186.607126][T20125] dump_stack_lvl+0xf2/0x150 [ 186.611803][T20125] dump_stack+0x15/0x1a [ 186.615965][T20125] dump_header+0x83/0x2d0 [ 186.620341][T20125] oom_kill_process+0x341/0x4c0 [ 186.625281][T20125] out_of_memory+0x9af/0xbe0 [ 186.629887][T20125] ? css_next_descendant_pre+0x11c/0x140 [ 186.635616][T20125] mem_cgroup_out_of_memory+0x13e/0x190 [ 186.641179][T20125] try_charge_memcg+0x508/0x7f0 [ 186.646038][T20125] charge_memcg+0x50/0xc0 [ 186.650373][T20125] mem_cgroup_swapin_charge_folio+0xd0/0x150 [ 186.656624][T20125] __read_swap_cache_async+0x236/0x480 [ 186.662249][T20125] swap_cluster_readahead+0x279/0x3f0 [ 186.667635][T20125] swapin_readahead+0xe4/0x6f0 [ 186.672570][T20125] ? __lruvec_stat_mod_folio+0xdb/0x120 [ 186.678203][T20125] ? swap_cache_get_folio+0x77/0x210 [ 186.683577][T20125] do_swap_page+0x31b/0x2550 [ 186.688173][T20125] ? __rcu_read_lock+0x36/0x50 [ 186.692988][T20125] ? __pfx_default_wake_function+0x10/0x10 [ 186.698817][T20125] handle_mm_fault+0x8e4/0x2ac0 [ 186.703934][T20125] exc_page_fault+0x3b9/0x650 [ 186.709098][T20125] asm_exc_page_fault+0x26/0x30 [ 186.713967][T20125] RIP: 0033:0x7f0dc5ce5f90 [ 186.718415][T20125] Code: ce ff ff ff 3f 48 3b 34 c1 0f 84 3b 01 00 00 48 83 c0 01 48 83 f8 04 75 ec 31 f6 80 7c 24 1e 00 0f 85 8e 01 00 00 41 83 c7 01 <45> 3b 78 04 0f 82 6c ff ff ff 80 7b 4e 00 0f 84 17 03 00 00 48 83 [ 186.738124][T20125] RSP: 002b:00007ffc2de51fc0 EFLAGS: 00010202 [ 186.744206][T20125] RAX: 0000000000000001 RBX: 00007f0dc6b25720 RCX: ffffffff85307853 [ 186.752213][T20125] RDX: 0000000000001853 RSI: ffffffff85307853 RDI: 0000000000000003 [ 186.760193][T20125] RBP: ffffffff85307853 R08: 00007f0dc5ff6038 R09: 00007f0dc5fe2000 [ 186.768176][T20125] R10: 00007f0dc547f008 R11: 0000000000000003 R12: 0000000000000003 [ 186.776231][T20125] R13: 0000000000000000 R14: ffffffff853078bb R15: 0000000000015ad5 [ 186.784215][T20125] ? xas_load+0x1db/0x3d0 [ 186.788564][T20125] ? xas_load+0x173/0x3d0 [ 186.792980][T20125] ? xas_load+0x173/0x3d0 [ 186.797389][T20125] ? xas_load+0x173/0x3d0 [ 186.801742][T20125] [ 186.806255][T20125] memory: usage 307200kB, limit 307200kB, failcnt 204 [ 186.813089][T20125] memory+swap: usage 307832kB, limit 9007199254740988kB, failcnt 0 [ 186.821051][T20125] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0 [ 186.829101][T20125] Memory cgroup stats for /syz6: [ 186.829435][T20125] cache 0 [ 186.837978][T20125] rss 8192 [ 186.841039][T20125] shmem 0 [ 186.843969][T20125] mapped_file 0 [ 186.847446][T20125] dirty 0 [ 186.850376][T20125] writeback 0 [ 186.853665][T20125] workingset_refault_anon 56 [ 186.854355][T20243] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 186.858262][T20125] workingset_refault_file 0 [ 186.858272][T20125] swap 647168 [ 186.858278][T20125] swapcached 16384 [ 186.858284][T20125] pgpgin 143509 [ 186.858292][T20125] pgpgout 143505 [ 186.858356][T20125] pgfault 99120 [ 186.858362][T20125] pgmajfault 20 [ 186.858369][T20125] inactive_anon 0 [ 186.858376][T20125] active_anon 16384 [ 186.858383][T20125] inactive_file 0 [ 186.858389][T20125] active_file 0 [ 186.858395][T20125] unevictable 0 [ 186.858402][T20125] hierarchical_memory_limit 314572800 [ 186.858410][T20125] hierarchical_memsw_limit 9223372036854771712 [ 186.858482][T20125] total_cache 0 [ 186.858489][T20125] total_rss 8192 [ 186.858496][T20125] total_shmem 0 [ 186.858502][T20125] total_mapped_file 0 [ 186.858510][T20125] total_dirty 0 [ 186.858517][T20125] total_writeback 0 [ 186.858524][T20125] total_workingset_refault_anon 56 [ 186.858532][T20125] total_workingset_refault_file 0 [ 186.858594][T20125] total_swap 647168 [ 186.858601][T20125] total_swapcached 16384 [ 186.858608][T20125] total_pgpgin 143509 [ 186.858614][T20125] total_pgpgout 143505 [ 186.858680][T20125] total_pgfault 99120 [ 186.858687][T20125] total_pgmajfault 20 [ 186.858693][T20125] total_inactive_anon 0 [ 186.858750][T20125] total_active_anon 16384 [ 186.858757][T20125] total_inactive_file 0 [ 186.858765][T20125] total_active_file 0 [ 186.858771][T20125] total_unevictable 0 [ 186.858778][T20125] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.7423,pid=20125,uid=0 [ 186.858888][T20125] Memory cgroup out of memory: Killed process 20125 (syz.6.7423) total-vm:93384kB, anon-rss:792kB, file-rss:22212kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 187.113080][T20249] loop2: detected capacity change from 0 to 512 [ 187.121732][T20249] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 187.132344][T20249] EXT4-fs (loop2): orphan cleanup on readonly fs [ 187.139282][T20249] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.7472: bg 0: block 248: padding at end of block bitmap is not set [ 187.160610][T20249] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.7472: Failed to acquire dquot type 1 [ 187.172706][T20249] EXT4-fs (loop2): 1 truncate cleaned up [ 187.187351][T20249] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 187.202343][T20249] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 187.239922][T20249] EXT4-fs error (device loop2): __ext4_remount:6749: comm syz.2.7472: Abort forced by user [ 187.260395][T20249] EXT4-fs (loop2): Remounting filesystem read-only [ 187.268388][T20249] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 187.278774][T20249] ext4 filesystem being remounted at /1549/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 187.283366][T20266] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7475'. [ 187.298845][T20266] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7475'. [ 187.321962][ T29] kauditd_printk_skb: 203 callbacks suppressed [ 187.321977][ T29] audit: type=1326 audit(2000000273.492:5929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20267 comm="syz.0.7479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f13a35d29 code=0x7ffc0000 [ 187.353099][ T29] audit: type=1326 audit(2000000273.492:5930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20267 comm="syz.0.7479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f13a35d29 code=0x7ffc0000 [ 187.377534][ T29] audit: type=1326 audit(2000000273.492:5931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20267 comm="syz.0.7479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f8f13a35d29 code=0x7ffc0000 [ 187.401049][ T29] audit: type=1326 audit(2000000273.492:5932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20267 comm="syz.0.7479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f13a35d29 code=0x7ffc0000 [ 187.425784][ T29] audit: type=1326 audit(2000000273.492:5933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20267 comm="syz.0.7479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f13a35d29 code=0x7ffc0000 [ 187.450095][ T29] audit: type=1326 audit(2000000273.552:5934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20275 comm="syz.2.7482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 187.474383][ T29] audit: type=1326 audit(2000000273.552:5935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20275 comm="syz.2.7482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 187.518018][ T29] audit: type=1326 audit(2000000273.702:5936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20275 comm="syz.2.7482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 187.591724][ T29] audit: type=1326 audit(2000000273.702:5937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20275 comm="syz.2.7482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 187.616627][ T29] audit: type=1326 audit(2000000273.702:5938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20275 comm="syz.2.7482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 187.664716][T20290] tun0: tun_chr_ioctl cmd 1074025678 [ 187.671426][T20290] tun0: group set to 0 [ 187.724857][T20300] loop7: detected capacity change from 0 to 512 [ 187.732148][T20300] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 187.758066][T20300] EXT4-fs (loop7): orphan cleanup on readonly fs [ 187.788384][T20300] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.7494: bg 0: block 248: padding at end of block bitmap is not set [ 187.825895][T20300] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.7494: Failed to acquire dquot type 1 [ 187.869897][T20300] EXT4-fs (loop7): 1 truncate cleaned up [ 187.876197][T20300] EXT4-fs mount: 44 callbacks suppressed [ 187.876274][T20300] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 187.903517][T20300] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 187.916720][T20300] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended [ 187.962064][T20300] EXT4-fs error (device loop7): __ext4_remount:6749: comm syz.7.7494: Abort forced by user [ 187.973700][T20300] EXT4-fs (loop7): Remounting filesystem read-only [ 187.976889][T20338] loop3: detected capacity change from 0 to 764 [ 187.980322][T20300] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 188.000677][T20336] loop6: detected capacity change from 0 to 128 [ 188.032070][T20300] ext4 filesystem being remounted at /438/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 188.050592][T20344] loop3: detected capacity change from 0 to 256 [ 188.061884][T20344] FAT-fs (loop3): unable to read block(21474836480) for building NFS inode [ 188.100706][T15232] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.112066][ T3410] kworker/u8:7: attempt to access beyond end of device [ 188.112066][ T3410] loop6: rw=1, sector=145, nr_sectors = 896 limit=128 [ 188.234759][T20374] loop7: detected capacity change from 0 to 256 [ 188.244100][T20376] loop0: detected capacity change from 0 to 128 [ 188.260370][T20380] loop9: detected capacity change from 0 to 7 [ 188.261250][T20374] FAT-fs (loop7): unable to read block(21474836480) for building NFS inode [ 188.358582][ T3309] kworker/u8:6: attempt to access beyond end of device [ 188.358582][ T3309] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 188.661303][T20456] loop6: detected capacity change from 0 to 256 [ 188.685150][T20456] FAT-fs (loop6): unable to read block(21474836480) for building NFS inode [ 188.720953][T20467] netlink: 'syz.7.7576': attribute type 1 has an invalid length. [ 188.728772][T20467] netlink: 'syz.7.7576': attribute type 2 has an invalid length. [ 188.752062][T20471] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 188.802032][T20478] loop9: detected capacity change from 0 to 7 [ 189.083651][T20532] netlink: 'syz.7.7607': attribute type 1 has an invalid length. [ 189.436239][T20598] loop6: detected capacity change from 0 to 512 [ 189.450827][T20598] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 189.461542][T20598] EXT4-fs (loop6): orphan cleanup on readonly fs [ 189.469347][T20598] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.7642: bg 0: block 248: padding at end of block bitmap is not set [ 189.484063][T20598] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.7642: Failed to acquire dquot type 1 [ 189.498418][T20598] EXT4-fs (loop6): 1 truncate cleaned up [ 189.504765][T20598] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 189.540355][T20598] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 189.551230][T20598] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended [ 189.586864][T20598] EXT4-fs error (device loop6): __ext4_remount:6749: comm syz.6.7642: Abort forced by user [ 189.600495][T20598] EXT4-fs (loop6): Remounting filesystem read-only [ 189.607264][T20598] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 189.618863][T20598] ext4 filesystem being remounted at /752/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 189.624165][T20618] pimreg: tun_chr_ioctl cmd 1074812117 [ 189.647395][T11847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.681508][T20620] loop6: detected capacity change from 0 to 512 [ 189.736384][T20631] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 189.747733][T20620] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 189.768828][T20620] ext4 filesystem being mounted at /753/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 189.859452][T11847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 189.938594][T20666] loop3: detected capacity change from 0 to 256 [ 190.181835][T20719] loop0: detected capacity change from 0 to 164 [ 190.192612][T20720] loop3: detected capacity change from 0 to 1024 [ 190.201160][T20720] EXT4-fs: Ignoring removed nobh option [ 190.206833][T20720] EXT4-fs: Ignoring removed bh option [ 190.239808][T20720] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.341146][T20750] loop2: detected capacity change from 0 to 512 [ 190.360078][T20752] loop7: detected capacity change from 0 to 1024 [ 190.368055][T20752] EXT4-fs: Ignoring removed nobh option [ 190.373669][T20752] EXT4-fs: Ignoring removed bh option [ 190.399230][ T7172] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.411047][T20750] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 190.423725][T20750] ext4 filesystem being mounted at /1578/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 190.441783][T20752] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.489558][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 190.500617][T20752] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4115: comm syz.7.7712: Allocating blocks 497-513 which overlap fs metadata [ 190.536438][T20752] EXT4-fs (loop7): pa ffff888106502540: logic 256, phys. 385, len 8 [ 190.544486][T20752] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 1 [ 190.652349][T15232] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.750944][T20806] macsec2: entered promiscuous mode [ 190.756866][T20806] macvlan1: entered promiscuous mode [ 190.771730][T20806] macvlan1: left promiscuous mode [ 190.783690][T20812] loop6: detected capacity change from 0 to 256 [ 190.851203][T20818] loop0: detected capacity change from 0 to 512 [ 190.861550][T20822] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 190.875589][T20818] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 190.875764][T20822] syzkaller0: linktype set to 780 [ 190.904413][T20818] EXT4-fs (loop0): orphan cleanup on readonly fs [ 190.939284][T20818] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.7741: bg 0: block 248: padding at end of block bitmap is not set [ 190.963538][T20818] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.7741: Failed to acquire dquot type 1 [ 190.983360][T20834] __nla_validate_parse: 14 callbacks suppressed [ 190.983386][T20834] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7748'. [ 190.999347][T20834] netlink: 172 bytes leftover after parsing attributes in process `syz.2.7748'. [ 191.009581][T20834] netlink: 132 bytes leftover after parsing attributes in process `syz.2.7748'. [ 191.015858][T20818] EXT4-fs (loop0): 1 truncate cleaned up [ 191.042737][T20818] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 191.059989][T20839] loop2: detected capacity change from 0 to 128 [ 191.068187][T20818] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 191.079483][T20818] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 191.097781][T20818] EXT4-fs error (device loop0): __ext4_remount:6749: comm syz.0.7741: Abort forced by user [ 191.110427][T20818] EXT4-fs (loop0): Remounting filesystem read-only [ 191.117070][T20818] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 191.128916][T20818] ext4 filesystem being remounted at /492/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 191.152371][T15335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.189166][T20852] loop7: detected capacity change from 0 to 164 [ 191.483087][T20883] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7769'. [ 191.498602][T20883] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7769'. [ 191.531873][T20888] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7771'. [ 191.540930][T20888] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7771'. [ 191.551140][T20888] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7771'. [ 191.586614][T20888] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7771'. [ 191.596372][T20888] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7771'. [ 191.663101][T20903] macsec2: entered promiscuous mode [ 191.669695][T20903] macvlan1: entered promiscuous mode [ 191.679315][T20903] macvlan1: left promiscuous mode [ 191.761930][T20908] loop0: detected capacity change from 0 to 1024 [ 191.774779][T20908] EXT4-fs: Ignoring removed nobh option [ 191.780755][T20908] EXT4-fs: Ignoring removed bh option [ 191.828396][T20908] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 191.938395][T15335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.968662][T20928] loop6: detected capacity change from 0 to 512 [ 191.999708][T20928] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 192.012724][T20928] ext4 filesystem being mounted at /785/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 192.049742][T20936] loop2: detected capacity change from 0 to 512 [ 192.052073][T11847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 192.072281][T20936] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm GPL: casefold flag without casefold feature [ 192.087110][T20936] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm GPL: couldn't read orphan inode 15 (err -117) [ 192.110710][T20936] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 192.151113][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.169118][ T1028] hid-generic 0000:0003:0000.0008: unknown main item tag 0x0 [ 192.176619][ T1028] hid-generic 0000:0003:0000.0008: unknown main item tag 0x0 [ 192.190491][ T1028] hid-generic 0000:0003:0000.0008: hidraw0: HID v0.00 Device [syz0] on syz1 [ 192.268265][T20959] loop2: detected capacity change from 0 to 2048 [ 192.323813][T20959] loop2: p3 < > p4 < > [ 192.329507][T20959] loop2: partition table partially beyond EOD, truncated [ 192.338271][T20959] loop2: p3 start 4284289 is beyond EOD, truncated [ 192.392632][T20975] loop0: detected capacity change from 0 to 128 [ 192.460651][T20987] loop7: detected capacity change from 0 to 128 [ 192.473240][T20987] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 192.496171][ T29] kauditd_printk_skb: 171 callbacks suppressed [ 192.496183][ T29] audit: type=1326 audit(2000000278.682:6104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20990 comm="syz.2.7814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 192.528695][T20987] ext4 filesystem being mounted at /516/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 192.537428][ T29] audit: type=1326 audit(2000000278.682:6105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20990 comm="syz.2.7814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 192.587251][ T29] audit: type=1326 audit(2000000278.682:6106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20990 comm="syz.2.7814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 192.610883][ T29] audit: type=1326 audit(2000000278.682:6107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20990 comm="syz.2.7814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 192.662884][T15232] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 192.673920][ T29] audit: type=1326 audit(2000000278.862:6108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21000 comm="syz.2.7819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 192.703457][ T29] audit: type=1326 audit(2000000278.862:6109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21000 comm="syz.2.7819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 192.728334][ T29] audit: type=1326 audit(2000000278.862:6110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21000 comm="syz.2.7819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 192.751933][ T29] audit: type=1326 audit(2000000278.862:6111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21000 comm="syz.2.7819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 192.776864][ T29] audit: type=1326 audit(2000000278.862:6112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21000 comm="syz.2.7819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 192.800392][ T29] audit: type=1326 audit(2000000278.862:6113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21000 comm="syz.2.7819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 192.978980][T21032] macsec2: entered promiscuous mode [ 192.984217][T21032] macvlan1: entered promiscuous mode [ 192.991788][T21032] macvlan1: left promiscuous mode [ 193.021737][T21035] netlink: 'syz.0.7843': attribute type 1 has an invalid length. [ 193.029651][T21035] netlink: 'syz.0.7843': attribute type 2 has an invalid length. [ 193.097549][T21045] loop3: detected capacity change from 0 to 512 [ 193.107720][T21045] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm GPL: casefold flag without casefold feature [ 193.125243][T21045] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm GPL: couldn't read orphan inode 15 (err -117) [ 193.148830][T21045] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 193.193224][T21059] loop0: detected capacity change from 0 to 512 [ 193.201277][ T7172] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.211511][T21059] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 193.234097][T21065] loop3: detected capacity change from 0 to 1024 [ 193.242566][T21059] EXT4-fs (loop0): orphan cleanup on readonly fs [ 193.242718][T21065] EXT4-fs: Ignoring removed nobh option [ 193.255300][T21065] EXT4-fs: Ignoring removed bh option [ 193.263010][T21059] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.7844: bg 0: block 248: padding at end of block bitmap is not set [ 193.279428][T21059] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.7844: Failed to acquire dquot type 1 [ 193.292075][T21059] EXT4-fs (loop0): 1 truncate cleaned up [ 193.300612][T21065] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 193.319084][T21059] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 193.363047][T21059] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 193.370827][T21078] macsec1: entered promiscuous mode [ 193.376995][T21078] macvlan1: entered promiscuous mode [ 193.384147][T21059] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 193.398363][T21065] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4115: comm syz.3.7845: Allocating blocks 497-513 which overlap fs metadata [ 193.412729][T21078] macvlan1: left promiscuous mode [ 193.420440][T21065] EXT4-fs (loop3): pa ffff88810651da10: logic 256, phys. 385, len 8 [ 193.429792][T21065] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 1 [ 193.446627][T21059] EXT4-fs error (device loop0): __ext4_remount:6749: comm syz.0.7844: Abort forced by user [ 193.469027][T21059] EXT4-fs (loop0): Remounting filesystem read-only [ 193.475579][T21059] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 193.533432][T21059] ext4 filesystem being remounted at /516/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 193.554168][ T7172] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.623016][T15335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.761001][T21112] vlan2: entered promiscuous mode [ 193.766125][T21112] vlan2: entered allmulticast mode [ 193.793862][T21112] macvtap0: entered allmulticast mode [ 193.800707][T21112] veth0_macvtap: entered allmulticast mode [ 193.806539][T21112] macvtap0: entered promiscuous mode [ 193.824769][T21112] team0: Port device vlan2 added [ 193.884094][T21117] macsec2: entered promiscuous mode [ 193.889521][T21117] macvlan1: entered promiscuous mode [ 193.914222][T21117] macvlan1: left promiscuous mode [ 194.013691][T21128] loop0: detected capacity change from 0 to 512 [ 194.020938][T21128] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 194.049570][T21128] EXT4-fs (loop0): orphan cleanup on readonly fs [ 194.059437][T21128] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.7871: bg 0: block 248: padding at end of block bitmap is not set [ 194.077115][T21128] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.7871: Failed to acquire dquot type 1 [ 194.095617][T21128] EXT4-fs (loop0): 1 truncate cleaned up [ 194.110782][T21128] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 194.165622][T21128] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 194.192405][T21128] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 194.207544][T21137] loop3: detected capacity change from 0 to 128 [ 194.227986][T21128] EXT4-fs error (device loop0): __ext4_remount:6749: comm syz.0.7871: Abort forced by user [ 194.240708][T21128] EXT4-fs (loop0): Remounting filesystem read-only [ 194.247344][T21128] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 194.258104][T21137] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 194.258434][T21137] ext4 filesystem being mounted at /1248/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 194.271229][T21128] ext4 filesystem being remounted at /522/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 194.354829][T15335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.408826][ T7172] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 194.553007][T21153] loop0: detected capacity change from 0 to 128 [ 194.554718][T21154] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 194.575162][T21154] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 195.449126][T21205] loop2: detected capacity change from 0 to 512 [ 195.460242][T21206] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 195.465910][T21205] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 195.482528][T21206] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 195.490024][T21205] EXT4-fs (loop2): orphan cleanup on readonly fs [ 195.498244][T21205] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.7907: bg 0: block 248: padding at end of block bitmap is not set [ 195.513798][T21205] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.7907: Failed to acquire dquot type 1 [ 195.527066][T21213] netlink: 'syz.3.7911': attribute type 15 has an invalid length. [ 195.535490][T21205] EXT4-fs (loop2): 1 truncate cleaned up [ 195.545124][T21205] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 195.590929][T21205] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 195.609055][T21205] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 195.659240][T21205] EXT4-fs error (device loop2): __ext4_remount:6749: comm syz.2.7907: Abort forced by user [ 195.670608][T21205] EXT4-fs (loop2): Remounting filesystem read-only [ 195.678269][T21205] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 195.684540][T21230] loop3: detected capacity change from 0 to 128 [ 195.690258][T21205] ext4 filesystem being remounted at /1618/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 195.729059][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.787662][T21244] vlan0: entered promiscuous mode [ 195.792778][T21244] vlan0: entered allmulticast mode [ 195.820488][T21244] macvtap0: entered allmulticast mode [ 195.827155][T21244] veth0_macvtap: entered allmulticast mode [ 195.832998][T21244] macvtap0: entered promiscuous mode [ 195.844996][T21244] team0: Port device vlan0 added [ 195.851864][T21246] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 195.864679][T21246] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 195.970109][T21257] loop7: detected capacity change from 0 to 512 [ 195.977568][T21259] netlink: 'syz.6.7932': attribute type 1 has an invalid length. [ 195.985457][T21259] netlink: 'syz.6.7932': attribute type 3 has an invalid length. [ 195.993800][T21259] __nla_validate_parse: 21 callbacks suppressed [ 195.993855][T21259] netlink: 216 bytes leftover after parsing attributes in process `syz.6.7932'. [ 196.010515][T21259] NCSI netlink: No device for ifindex 2147549204 [ 196.018078][T21257] EXT4-fs: Ignoring removed nobh option [ 196.049272][T21257] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 196.063793][T21257] ext4 filesystem being mounted at /537/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 196.079649][T21257] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.7931: bg 0: block 224: padding at end of block bitmap is not set [ 196.096580][T21270] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7936'. [ 196.097225][T21257] EXT4-fs (loop7): Remounting filesystem read-only [ 196.105945][T21270] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7936'. [ 196.164180][T15232] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 196.312212][T21293] loop6: detected capacity change from 0 to 512 [ 196.372110][T21293] EXT4-fs (loop6): 1 truncate cleaned up [ 196.379735][T21293] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 196.414309][T21293] EXT4-fs error (device loop6): ext4_add_entry:2444: inode #2: comm syz.6.7948: Directory hole found for htree leaf block 0 [ 196.452844][T11847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 196.501941][T21311] SELinux: security_context_str_to_sid (u) failed with errno=-22 [ 196.673949][T21317] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=21184 sclass=netlink_route_socket pid=21317 comm=syz.6.7960 [ 196.904874][T21364] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7982'. [ 196.993286][T21378] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=2560 sclass=netlink_xfrm_socket pid=21378 comm=syz.2.7988 [ 197.022763][T21382] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7990'. [ 197.122541][T21403] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8000'. [ 197.217178][T21418] syz.6.8007: attempt to access beyond end of device [ 197.217178][T21418] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 197.327535][T21440] loop0: detected capacity change from 0 to 512 [ 197.334787][T21440] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 197.349173][T21440] EXT4-fs (loop0): orphan cleanup on readonly fs [ 197.380801][T21440] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8018: bg 0: block 248: padding at end of block bitmap is not set [ 197.418097][T21440] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.8018: Failed to acquire dquot type 1 [ 197.437410][T21440] EXT4-fs (loop0): 1 truncate cleaned up [ 197.443700][T21440] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 197.478252][T21440] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 197.490838][T21440] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 197.512063][T21440] EXT4-fs error (device loop0): __ext4_remount:6749: comm syz.0.8018: Abort forced by user [ 197.518673][T21454] netlink: 'syz.6.8024': attribute type 6 has an invalid length. [ 197.530450][T21440] EXT4-fs (loop0): Remounting filesystem read-only [ 197.538537][T21440] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 197.549474][T21440] ext4 filesystem being remounted at /550/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 197.591933][T15335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.610156][T21465] netlink: 20 bytes leftover after parsing attributes in process `syz.7.8038'. [ 197.664184][ T29] kauditd_printk_skb: 128 callbacks suppressed [ 197.664274][ T29] audit: type=1326 audit(2000000283.842:6232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21472 comm="syz.7.8033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe84495d29 code=0x7ffc0000 [ 197.695511][ T29] audit: type=1326 audit(2000000283.842:6233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21472 comm="syz.7.8033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe84495d29 code=0x7ffc0000 [ 197.731822][ T29] audit: type=1326 audit(2000000283.902:6234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21472 comm="syz.7.8033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7efe84495d29 code=0x7ffc0000 [ 197.757076][ T29] audit: type=1326 audit(2000000283.902:6235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21472 comm="syz.7.8033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe84495d29 code=0x7ffc0000 [ 197.780865][ T29] audit: type=1326 audit(2000000283.902:6236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21472 comm="syz.7.8033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe84495d29 code=0x7ffc0000 [ 197.854921][ T29] audit: type=1400 audit(2000000284.032:6237): avc: denied { sys_module } for pid=21480 comm="syz.6.8034" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 197.863254][T21481] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8034'. [ 197.890514][T21484] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8035'. [ 197.994036][T21501] netlink: 20 bytes leftover after parsing attributes in process `syz.6.8042'. [ 198.028455][T21509] loop7: detected capacity change from 0 to 128 [ 198.065154][ T29] audit: type=1326 audit(2000000284.242:6238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21516 comm="syz.3.8052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3337f5d29 code=0x7ffc0000 [ 198.075897][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 198.105763][ T29] audit: type=1326 audit(2000000284.272:6239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21516 comm="syz.3.8052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3337f5d29 code=0x7ffc0000 [ 198.130713][ T29] audit: type=1326 audit(2000000284.272:6240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21516 comm="syz.3.8052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3337f5d29 code=0x7ffc0000 [ 198.154818][ T29] audit: type=1326 audit(2000000284.272:6241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21516 comm="syz.3.8052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3337f5d29 code=0x7ffc0000 [ 198.207082][T21521] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=21184 sclass=netlink_route_socket pid=21521 comm=syz.3.8053 [ 198.368682][T21545] loop3: detected capacity change from 0 to 512 [ 198.404380][T21545] EXT4-fs (loop3): 1 truncate cleaned up [ 198.410444][T21545] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 198.427457][T21545] EXT4-fs error (device loop3): ext4_add_entry:2444: inode #2: comm syz.3.8064: Directory hole found for htree leaf block 0 [ 198.457290][ T7172] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.689794][T21581] SELinux: security_context_str_to_sid (u) failed with errno=-22 [ 198.918646][T21596] loop3: detected capacity change from 0 to 512 [ 198.925209][T21596] EXT4-fs: Ignoring removed nobh option [ 198.938536][T21600] geneve2: entered promiscuous mode [ 198.943759][T21600] geneve2: entered allmulticast mode [ 198.952828][T21596] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 198.968268][T21596] ext4 filesystem being mounted at /1289/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 198.982932][T21596] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.8088: bg 0: block 224: padding at end of block bitmap is not set [ 199.000831][T21596] EXT4-fs (loop3): Remounting filesystem read-only [ 199.040114][ T7172] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.089310][T21612] netlink: 'syz.0.8094': attribute type 21 has an invalid length. [ 199.100233][T21612] netlink: 'syz.0.8094': attribute type 4 has an invalid length. [ 199.109538][T21612] netlink: 'syz.0.8094': attribute type 5 has an invalid length. [ 199.289184][T21639] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=21639 comm=syz.0.8106 [ 199.580214][T12995] IPVS: starting estimator thread 0... [ 199.685760][T21665] IPVS: using max 2736 ests per chain, 136800 per kthread [ 199.882626][T21704] loop3: detected capacity change from 0 to 256 [ 199.897737][T21704] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 199.982814][T21720] netlink: 'syz.2.8148': attribute type 10 has an invalid length. [ 199.999836][T21720] geneve1: entered promiscuous mode [ 200.005165][T21720] geneve1: entered allmulticast mode [ 200.014378][T21720] team0: Port device geneve1 added [ 200.021067][T21723] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=21723 comm=syz.6.8149 [ 200.068769][T21727] geneve2: entered promiscuous mode [ 200.074015][T21727] geneve2: entered allmulticast mode [ 200.115586][ T1028] IPVS: starting estimator thread 0... [ 200.209553][T21736] IPVS: using max 3072 ests per chain, 153600 per kthread [ 200.307838][T21767] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.318220][T21767] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.327106][T21767] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.337226][T21767] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.346094][T21767] geneve2: entered promiscuous mode [ 200.350858][T21769] loop0: detected capacity change from 0 to 2048 [ 200.351284][T21767] geneve2: entered allmulticast mode [ 200.363202][T21767] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.372349][T21767] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.382382][T21767] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.391333][T21767] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.417604][T21769] loop0: p3 < > p4 < > [ 200.421778][T21769] loop0: partition table partially beyond EOD, truncated [ 200.428869][T21769] loop0: p3 start 4284289 is beyond EOD, truncated [ 200.711784][T21783] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 200.722324][T21783] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 200.885910][T21834] netlink: 'syz.2.8202': attribute type 4 has an invalid length. [ 200.965275][T21839] lo speed is unknown, defaulting to 1000 [ 200.987243][T21844] tipc: Started in network mode [ 200.992190][T21844] tipc: Node identity 7f000001, cluster identity 4711 [ 201.005544][T21844] tipc: Enabled bearer , priority 10 [ 201.099536][T21857] netlink: 'syz.3.8212': attribute type 10 has an invalid length. [ 201.107573][T21857] __nla_validate_parse: 7 callbacks suppressed [ 201.107652][T21857] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8212'. [ 201.130219][T21857] team0: Port device geneve1 added [ 201.196177][T21868] loop7: detected capacity change from 0 to 128 [ 201.205070][T21868] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 201.219634][T21868] ext4 filesystem being mounted at /563/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 201.285999][T21868] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 201.345988][T21888] syz.0.8226[21888] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 201.346104][T21888] syz.0.8226[21888] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 201.360944][T21888] syz.0.8226[21888] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 201.398856][T21898] netlink: 132 bytes leftover after parsing attributes in process `syz.3.8239'. [ 201.423186][T21903] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=21903 comm=syz.2.8231 [ 201.497354][T21916] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 201.503979][T21916] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 201.511811][T21916] vhci_hcd vhci_hcd.0: Device attached [ 201.529474][T21917] vhci_hcd: connection closed [ 201.529592][ T3309] vhci_hcd: stop threads [ 201.539256][ T3309] vhci_hcd: release socket [ 201.543679][ T3309] vhci_hcd: disconnect device [ 201.682580][T21933] netlink: 'syz.0.8246': attribute type 21 has an invalid length. [ 201.691919][T21933] netlink: 156 bytes leftover after parsing attributes in process `syz.0.8246'. [ 201.743232][T21939] netlink: 132 bytes leftover after parsing attributes in process `syz.7.8248'. [ 201.768043][T21942] netlink: 'syz.0.8250': attribute type 10 has an invalid length. [ 201.776510][T21942] netlink: 40 bytes leftover after parsing attributes in process `syz.0.8250'. [ 201.798471][T21942] team0: Port device geneve1 added [ 201.890453][T21957] tipc: Started in network mode [ 201.890666][T21952] loop6: detected capacity change from 0 to 2048 [ 201.895360][T21957] tipc: Node identity 7f000001, cluster identity 4711 [ 201.912003][T21957] tipc: Enabled bearer , priority 10 [ 201.934684][T21950] lo speed is unknown, defaulting to 1000 [ 201.941987][T21952] loop6: p3 < > p4 < > [ 201.946255][T21952] loop6: partition table partially beyond EOD, truncated [ 201.953448][T21960] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8256'. [ 201.960254][T21952] loop6: p3 start 4284289 is beyond EOD, truncated [ 202.108462][T21980] netlink: 'syz.6.8265': attribute type 21 has an invalid length. [ 202.120961][T21980] netlink: 156 bytes leftover after parsing attributes in process `syz.6.8265'. [ 202.137056][T12999] tipc: Node number set to 2130706433 [ 202.277540][T22003] lo speed is unknown, defaulting to 1000 [ 202.312095][T22006] tipc: Enabling of bearer rejected, already enabled [ 202.348496][T22014] loop0: detected capacity change from 0 to 1024 [ 202.358480][T22014] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 202.385799][T22014] ext4 filesystem being mounted at /620/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 202.469787][T15335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.749671][T22046] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 202.758548][T22046] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 203.026982][T12999] tipc: Node number set to 2130706433 [ 203.422969][T22065] xt_hashlimit: max too large, truncated to 1048576 [ 203.442956][T22069] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8306'. [ 203.451984][T22069] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8306'. [ 203.461379][T22069] netlink: 2 bytes leftover after parsing attributes in process `syz.7.8306'. [ 203.504875][ T29] kauditd_printk_skb: 147 callbacks suppressed [ 203.504889][ T29] audit: type=1326 audit(2000000289.682:6387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22076 comm="syz.0.8312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f13a35d29 code=0x7ffc0000 [ 203.536655][ T29] audit: type=1326 audit(2000000289.722:6388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22076 comm="syz.0.8312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f8f13a35d29 code=0x7ffc0000 [ 203.589806][T22087] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(6) [ 203.596416][T22087] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 203.604690][T22087] vhci_hcd vhci_hcd.0: Device attached [ 203.612820][T22088] vhci_hcd: connection closed [ 203.613078][ T47] vhci_hcd: stop threads [ 203.623311][ T47] vhci_hcd: release socket [ 203.627851][ T47] vhci_hcd: disconnect device [ 203.859315][T22123] loop2: detected capacity change from 0 to 2048 [ 203.867293][T22123] EXT4-fs: Ignoring removed mblk_io_submit option [ 203.877465][T22123] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 203.904753][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.976709][ T29] audit: type=1400 audit(2000000290.162:6389): avc: denied { append } for pid=22133 comm="syz.7.8336" name="file0" dev="tmpfs" ino=3094 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 204.033942][T22140] loop2: detected capacity change from 0 to 2048 [ 204.057107][T22140] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.072617][ T29] audit: type=1400 audit(2000000290.252:6390): avc: denied { unlink } for pid=22139 comm="syz.2.8339" name="file1" dev="loop2" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 204.106408][ T29] audit: type=1400 audit(2000000290.282:6391): avc: denied { rename } for pid=22139 comm="syz.2.8339" name="file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 204.131324][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.144843][T22150] netlink: 'syz.6.8344': attribute type 3 has an invalid length. [ 204.155006][ T29] audit: type=1400 audit(2000000290.332:6392): avc: denied { ioctl } for pid=22151 comm="syz.2.8342" path="/dev/usbmon7" dev="devtmpfs" ino=163 ioctlcmd=0x9206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 204.188544][ T29] audit: type=1400 audit(2000000290.372:6393): avc: denied { ioctl } for pid=22155 comm="syz.6.8346" path="socket:[66094]" dev="sockfs" ino=66094 ioctlcmd=0x48d4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 204.216921][T22157] vhci_hcd: invalid port number 51 [ 204.222113][T22157] vhci_hcd: default hub control req: 80fc v0800 i0033 l219 [ 204.237337][T22159] loop3: detected capacity change from 0 to 128 [ 204.255094][T22163] IPv6: NLM_F_CREATE should be specified when creating new route [ 204.283261][ T29] audit: type=1326 audit(2000000290.462:6394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22164 comm="syz.2.8351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 204.308472][ T29] audit: type=1326 audit(2000000290.462:6395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22164 comm="syz.2.8351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 204.333995][ T29] audit: type=1326 audit(2000000290.462:6396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22164 comm="syz.2.8351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a8a3b5d29 code=0x7ffc0000 [ 204.507955][T22208] loop2: detected capacity change from 0 to 256 [ 204.612403][T22231] syz.0.8381[22231] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 204.612508][T22231] syz.0.8381[22231] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 204.625442][T22231] syz.0.8381[22231] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 204.643811][T22233] loop7: detected capacity change from 0 to 512 [ 204.648722][T22231] netlink: 'syz.0.8381': attribute type 4 has an invalid length. [ 204.667309][T22233] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 204.684597][T22233] ext4 filesystem being mounted at /614/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 204.713373][T15232] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.730592][T22242] netlink: 'syz.2.8386': attribute type 1 has an invalid length. [ 204.791938][T22252] loop0: detected capacity change from 0 to 1024 [ 204.800482][T22252] EXT4-fs: Ignoring removed nobh option [ 204.806143][T22252] EXT4-fs: Ignoring removed nomblk_io_submit option [ 204.813287][T22252] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 204.823767][T22252] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 204.824280][T22256] loop2: detected capacity change from 0 to 1024 [ 204.858016][T15335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.874439][T22259] xt_hashlimit: max too large, truncated to 1048576 [ 204.880787][T22261] loop0: detected capacity change from 0 to 512 [ 204.883303][T22259] Cannot find set identified by id 0 to match [ 204.889962][T22256] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.918769][T22261] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 204.934066][T22261] ext4 filesystem being mounted at /640/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 204.945265][T22256] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 204.961648][T15335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.974048][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.262358][T22316] loop2: detected capacity change from 0 to 1024 [ 205.270538][T22316] EXT4-fs: Ignoring removed nobh option [ 205.276252][T22316] EXT4-fs: Ignoring removed nomblk_io_submit option [ 205.284218][T22316] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 205.302316][T22316] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 205.315613][T22314] ref_ctr_offset mismatch. inode: 0xd13 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82 [ 205.364088][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.430621][T22333] SELinux: security_context_str_to_sid () failed with errno=-22 [ 205.479327][T22342] netlink: 'syz.3.8431': attribute type 1 has an invalid length. [ 205.515500][T22347] loop6: detected capacity change from 0 to 1024 [ 205.524886][T22349] syz.7.8435[22349] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 205.524992][T22349] syz.7.8435[22349] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 205.528878][T22347] EXT4-fs: Ignoring removed nobh option [ 205.537972][T22349] syz.7.8435[22349] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 205.549084][T22347] EXT4-fs: Ignoring removed nomblk_io_submit option [ 205.557719][T22350] loop3: detected capacity change from 0 to 256 [ 205.580352][T22347] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 205.591413][T22349] netlink: 'syz.7.8435': attribute type 4 has an invalid length. [ 205.632585][T22359] loop0: detected capacity change from 0 to 512 [ 205.638322][T22347] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 205.639153][T22359] EXT4-fs: Ignoring removed i_version option [ 205.664726][T22359] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 205.682954][T22359] EXT4-fs (loop0): 1 truncate cleaned up [ 205.689394][T22359] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 205.790988][T22376] loop0: detected capacity change from 0 to 512 [ 205.826686][T22376] ext4 filesystem being mounted at /654/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 205.883197][T22392] loop7: detected capacity change from 0 to 256 [ 206.104248][T22436] loop3: detected capacity change from 0 to 512 [ 206.140318][T22436] ext4 filesystem being mounted at /1340/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 206.204343][T22453] __nla_validate_parse: 16 callbacks suppressed [ 206.204361][T22453] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8483'. [ 206.204377][T22453] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8483'. [ 206.322363][T22472] ref_ctr_offset mismatch. inode: 0x1b1a offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82 [ 206.339408][T22476] loop6: detected capacity change from 0 to 512 [ 206.348678][T22476] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 206.418937][T22489] loop2: detected capacity change from 0 to 512 [ 206.426739][T22489] EXT4-fs: Ignoring removed i_version option [ 206.440735][T22489] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 206.455238][T22489] EXT4-fs (loop2): 1 truncate cleaned up [ 206.482562][T22496] netlink: 'syz.6.8502': attribute type 1 has an invalid length. [ 206.606909][T22507] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8507'. [ 206.636768][T22511] loop7: detected capacity change from 0 to 512 [ 206.658759][T22511] ext4 filesystem being mounted at /649/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 206.705392][T22516] loop7: detected capacity change from 0 to 512 [ 206.720536][T22516] loop7: detected capacity change from 0 to 1024 [ 206.773600][T22524] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8514'. [ 206.810021][T22528] loop3: detected capacity change from 0 to 512 [ 206.818002][T22528] EXT4-fs: Ignoring removed i_version option [ 206.822114][T22530] netlink: 'syz.7.8517': attribute type 1 has an invalid length. [ 206.824583][T22528] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 206.855298][T22528] EXT4-fs (loop3): 1 truncate cleaned up [ 206.900898][T22535] netlink: 132 bytes leftover after parsing attributes in process `syz.0.8519'. [ 206.948082][T22543] netlink: 'syz.0.8522': attribute type 2 has an invalid length. [ 206.978114][T22547] ref_ctr_offset mismatch. inode: 0xd31 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82 [ 207.100856][T22563] netlink: 132 bytes leftover after parsing attributes in process `syz.2.8533'. [ 207.183142][T22578] loop3: detected capacity change from 0 to 1024 [ 207.237350][T22588] ref_ctr_offset mismatch. inode: 0x2322 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82 [ 207.267543][T22593] netlink: 132 bytes leftover after parsing attributes in process `syz.3.8546'. [ 207.424803][T22609] vlan2: entered promiscuous mode [ 207.431856][T22609] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 207.452381][T22609] team0: Device vlan2 is up. Set it down before adding it as a team port [ 207.463013][T22609] netdevsim netdevsim3 netdevsim0: left promiscuous mode [ 207.509438][T22616] loop2: detected capacity change from 0 to 512 [ 207.536799][T22618] loop7: detected capacity change from 0 to 512 [ 207.540254][T22616] loop2: detected capacity change from 0 to 1024 [ 207.547816][T22620] netlink: 132 bytes leftover after parsing attributes in process `syz.6.8558'. [ 207.552484][T22618] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2240: inode #15: comm syz.7.8557: corrupted in-inode xattr: invalid ea_ino [ 207.574233][T22618] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.8557: couldn't read orphan inode 15 (err -117) [ 207.583627][T22625] tmpfs: Invalid gid '0x00000000ffffffff' [ 207.597786][T22627] ref_ctr_offset mismatch. inode: 0x12f3 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82 [ 207.649649][T22633] loop2: detected capacity change from 0 to 512 [ 207.657671][T22633] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 207.666568][T22633] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.8562: invalid indirect mapped block 8 (level 2) [ 207.682764][T22633] EXT4-fs (loop2): Remounting filesystem read-only [ 207.689871][T22633] EXT4-fs (loop2): 1 truncate cleaned up [ 207.696063][T22633] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 207.781941][T22654] loop6: detected capacity change from 0 to 512 [ 207.797441][T22654] loop6: detected capacity change from 0 to 1024 [ 207.837524][T22662] tmpfs: Invalid gid '0x00000000ffffffff' [ 207.876773][T22666] ref_ctr_offset mismatch. inode: 0xd6d offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82 [ 208.277567][T22691] loop0: detected capacity change from 0 to 512 [ 208.285100][T22691] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 208.297048][T22691] EXT4-fs (loop0): 1 truncate cleaned up [ 208.374288][T22700] loop0: detected capacity change from 0 to 1024 [ 208.599866][ T29] kauditd_printk_skb: 135 callbacks suppressed [ 208.599884][ T29] audit: type=1400 audit(2000000294.782:6532): avc: denied { read write } for pid=3296 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 208.632220][ T29] audit: type=1400 audit(2000000294.782:6533): avc: denied { open } for pid=3296 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 208.657539][ T29] audit: type=1400 audit(2000000294.782:6534): avc: denied { ioctl } for pid=3296 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 208.688264][T22714] loop2: detected capacity change from 0 to 512 [ 208.719584][T22714] ext4 filesystem being mounted at /1760/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 208.731786][ T29] audit: type=1326 audit(2000000294.922:6535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22718 comm="syz.3.8601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3337f5d29 code=0x7ffc0000 [ 208.766300][ T29] audit: type=1326 audit(2000000294.922:6536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22718 comm="syz.3.8601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fd3337f5d29 code=0x7ffc0000 [ 208.791238][ T29] audit: type=1326 audit(2000000294.922:6537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22718 comm="syz.3.8601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3337f5d29 code=0x7ffc0000 [ 208.815363][ T29] audit: type=1326 audit(2000000294.942:6538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22718 comm="syz.3.8601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3337f5d29 code=0x7ffc0000 [ 208.840402][ T29] audit: type=1400 audit(2000000294.942:6539): avc: denied { add_name } for pid=22712 comm="syz.2.8599" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 208.861828][ T29] audit: type=1400 audit(2000000294.942:6540): avc: denied { create } for pid=22712 comm="syz.2.8599" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 208.883459][ T29] audit: type=1400 audit(2000000294.942:6541): avc: denied { read write open } for pid=22712 comm="syz.2.8599" path="/1760/file0/bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 208.919587][T22724] ref_ctr_offset mismatch. inode: 0x1318 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82 [ 208.933807][T22727] loop7: detected capacity change from 0 to 1024 [ 208.955384][T22726] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 209.022201][T22743] loop0: detected capacity change from 0 to 256 [ 209.034570][T22747] loop6: detected capacity change from 0 to 512 [ 209.042367][T22747] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 209.055413][T22747] EXT4-fs (loop6): 1 truncate cleaned up [ 209.150676][T22764] loop3: detected capacity change from 0 to 512 [ 209.163011][T22764] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.8621: invalid indirect mapped block 256 (level 2) [ 209.174324][T22767] loop6: detected capacity change from 0 to 1024 [ 209.187017][T22764] EXT4-fs (loop3): 2 truncates cleaned up [ 209.207913][T22771] ref_ctr_offset mismatch. inode: 0x236d offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82 [ 209.249480][T22775] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 209.257053][T22775] vhci_hcd: invalid port number 23 [ 209.291450][T22788] loop6: detected capacity change from 0 to 256 [ 209.300245][T22790] loop7: detected capacity change from 0 to 512 [ 209.312413][T22790] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 209.326874][T22790] EXT4-fs (loop7): 1 truncate cleaned up [ 209.347270][T22796] loop3: detected capacity change from 0 to 512 [ 209.380933][T22796] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.8631: corrupted in-inode xattr: invalid ea_ino [ 209.409989][T22805] loop6: detected capacity change from 0 to 512 [ 209.418543][T22796] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.8631: couldn't read orphan inode 15 (err -117) [ 209.432199][T22805] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2 [ 209.461931][T22805] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.8637: invalid indirect mapped block 8 (level 2) [ 209.490928][T22805] EXT4-fs (loop6): Remounting filesystem read-only [ 209.497918][T22805] EXT4-fs (loop6): 1 truncate cleaned up [ 209.504063][T22805] SELinux: (dev loop6, type ext4) getxattr errno 5 [ 209.530532][T22820] vlan3: entered promiscuous mode [ 209.622708][T22839] loop0: detected capacity change from 0 to 512 [ 209.649826][T22839] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.8654: corrupted in-inode xattr: invalid ea_ino [ 209.664947][T22839] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.8654: couldn't read orphan inode 15 (err -117) [ 209.786997][T22851] loop0: detected capacity change from 0 to 512 [ 209.819545][T22851] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 209.828570][T22851] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.8659: invalid indirect mapped block 8 (level 2) [ 209.850552][T22851] EXT4-fs (loop0): Remounting filesystem read-only [ 209.862598][T22851] EXT4-fs (loop0): 1 truncate cleaned up [ 209.867338][T22865] vlan3: entered promiscuous mode [ 209.870070][T22851] SELinux: (dev loop0, type ext4) getxattr errno 5 [ 209.873350][T22865] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 209.889556][T22865] team0: Device vlan3 is up. Set it down before adding it as a team port [ 209.898354][T22865] netdevsim netdevsim2 netdevsim0: left promiscuous mode [ 209.963654][T22872] loop6: detected capacity change from 0 to 1024 [ 210.070016][T22890] netlink: 256 bytes leftover after parsing attributes in process `syz.6.8676'. [ 210.214070][T22901] vlan0: entered promiscuous mode [ 210.442509][T22925] loop3: detected capacity change from 0 to 1024 [ 210.469780][T22925] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 210.582172][T22946] syz.7.8701[22946] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 210.582351][T22946] syz.7.8701[22946] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 210.595010][T22946] syz.7.8701[22946] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 210.867736][T22960] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 210.889965][T22960] vhci_hcd: invalid port number 23 [ 210.972747][T22985] vlan0: entered promiscuous mode [ 210.978565][T22985] netdevsim netdevsim7 netdevsim0: entered promiscuous mode [ 210.987728][T22985] team0: Device vlan0 is up. Set it down before adding it as a team port [ 210.996866][T22985] netdevsim netdevsim7 netdevsim0: left promiscuous mode [ 211.134802][T23010] netlink: 256 bytes leftover after parsing attributes in process `syz.0.8741'. [ 211.322486][T23030] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 211.408219][T23040] netlink: 3 bytes leftover after parsing attributes in process `syz.2.8754'. [ 211.435516][T23040] 1ªX¹¦À: renamed from 60ªX¹¦À [ 211.449140][T23046] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=23046 comm=syz.6.8746 [ 211.468406][T23040] A link change request failed with some changes committed already. Interface 61ªX¹¦À may have been left with an inconsistent configuration, please check. [ 211.523815][T23057] netlink: 11562 bytes leftover after parsing attributes in process `syz.6.8752'. [ 211.567948][T23062] netlink: 256 bytes leftover after parsing attributes in process `syz.7.8749'. [ 211.622646][T23068] syz.6.8759[23068] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 211.622706][T23068] syz.6.8759[23068] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 211.658908][T23068] syz.6.8759[23068] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 211.810436][T23093] netlink: 'syz.2.8769': attribute type 2 has an invalid length. [ 211.870523][T23101] loop3: detected capacity change from 0 to 512 [ 211.913790][T23101] ext4 filesystem being mounted at /1384/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 212.041933][T23139] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8789'. [ 212.050944][T23139] netlink: 'syz.3.8789': attribute type 21 has an invalid length. [ 212.171130][T23155] loop6: detected capacity change from 0 to 1024 [ 212.206732][T23153] loop3: detected capacity change from 0 to 2048 [ 212.213667][T23153] EXT4-fs: Ignoring removed mblk_io_submit option [ 212.231986][T23162] netlink: 3 bytes leftover after parsing attributes in process `syz.7.8797'. [ 212.241789][T23162] 0ªX¹¦À: renamed from caif0 [ 212.248669][T23162] 0ªX¹¦À: entered allmulticast mode [ 212.253933][T23162] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 212.294425][T23155] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 212.334325][T23173] netlink: 'syz.2.8812': attribute type 3 has an invalid length. [ 212.343585][T23173] netlink: 114680 bytes leftover after parsing attributes in process `syz.2.8812'. [ 212.371135][T23175] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=23175 comm=syz.3.8803 [ 212.395092][T23178] netlink: 11562 bytes leftover after parsing attributes in process `syz.2.8804'. [ 212.541815][T23200] netlink: 3 bytes leftover after parsing attributes in process `syz.3.8811'. [ 212.554539][T23200] 0ªX¹¦À: renamed from caif0 [ 212.568647][T23200] 0ªX¹¦À: entered allmulticast mode [ 212.574032][T23200] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 212.577028][T23202] loop7: detected capacity change from 0 to 2048 [ 212.600189][T23202] EXT4-fs: Ignoring removed mblk_io_submit option [ 212.850451][T23236] loop0: detected capacity change from 0 to 2048 [ 212.858772][T23236] EXT4-fs: Ignoring removed mblk_io_submit option [ 213.127214][T23257] netlink: 11562 bytes leftover after parsing attributes in process `syz.0.8840'. [ 213.156308][T23263] loop3: detected capacity change from 0 to 164 [ 213.163565][T23263] Unable to read rock-ridge attributes [ 213.171990][T23263] Unable to read rock-ridge attributes [ 213.317930][T23275] SELinux: Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped). [ 213.538311][T23282] tmpfs: Bad value for 'mpol' [ 213.549598][T23284] bridge: RTM_NEWNEIGH with unconfigured vlan 2 on bridge_slave_0 [ 213.666922][T23307] loop0: detected capacity change from 0 to 512 [ 213.674524][ T29] kauditd_printk_skb: 257 callbacks suppressed [ 213.674538][ T29] audit: type=1400 audit(2000000299.852:6799): avc: denied { setopt } for pid=23304 comm="syz.3.8862" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 213.711570][ T29] audit: type=1400 audit(2000000299.892:6800): avc: denied { create } for pid=23312 comm="syz.2.8866" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 213.743103][ T29] audit: type=1400 audit(2000000299.912:6801): avc: denied { recv } for pid=23306 comm="syz.0.8863" saddr=10.128.0.163 src=30030 daddr=10.128.1.34 dest=51878 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 213.769872][ T29] audit: type=1400 audit(2000000299.922:6802): avc: denied { read write } for pid=7172 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 213.794150][ T29] audit: type=1400 audit(2000000299.922:6803): avc: denied { open } for pid=7172 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 213.819605][ T29] audit: type=1400 audit(2000000299.922:6804): avc: denied { ioctl } for pid=7172 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 213.848046][ T29] audit: type=1400 audit(2000000299.932:6805): avc: denied { map } for pid=23312 comm="syz.2.8866" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=70013 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 213.873737][ T29] audit: type=1400 audit(2000000299.932:6806): avc: denied { read write } for pid=23312 comm="syz.2.8866" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=70013 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 213.899945][ T29] audit: type=1400 audit(2000000299.942:6807): avc: denied { map_create } for pid=23314 comm="syz.3.8867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 213.919224][ T29] audit: type=1400 audit(2000000299.942:6808): avc: denied { bpf } for pid=23314 comm="syz.3.8867" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 213.943516][T23324] netlink: 'syz.2.8870': attribute type 21 has an invalid length. [ 213.958110][T23307] ext4 filesystem being mounted at /738/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 214.005347][T23331] loop3: detected capacity change from 0 to 1024 [ 214.013254][T23331] EXT4-fs: Ignoring removed i_version option [ 214.019495][T23331] EXT4-fs: Ignoring removed bh option [ 214.067609][T23343] loop2: detected capacity change from 0 to 2048 [ 214.076054][T23331] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 214.291375][T23377] loop0: detected capacity change from 0 to 2048 [ 214.324899][T23377] EXT4-fs: Ignoring removed mblk_io_submit option [ 214.336011][T23391] loop2: detected capacity change from 0 to 256 [ 214.427329][T23406] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8907'. [ 214.540310][T23417] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 214.552366][T23417] syzkaller0: linktype set to 6 [ 214.568889][T23411] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8890: bg 0: block 234: padding at end of block bitmap is not set [ 214.590071][T23411] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 117 [ 214.603940][T23411] EXT4-fs (loop0): This should not happen!! Data will be lost [ 214.603940][T23411] [ 214.661695][ T47] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28 [ 214.675855][ T47] EXT4-fs (loop0): This should not happen!! Data will be lost [ 214.675855][ T47] [ 214.685537][ T47] EXT4-fs (loop0): Total free blocks count 0 [ 214.691605][ T47] EXT4-fs (loop0): Free/Dirty block details [ 214.698231][ T47] EXT4-fs (loop0): free_blocks=0 [ 214.703174][ T47] EXT4-fs (loop0): dirty_blocks=4896 [ 214.709127][ T47] EXT4-fs (loop0): Block reservation details [ 214.715107][ T47] EXT4-fs (loop0): i_reserved_data_blocks=306 [ 214.809178][T23436] loop7: detected capacity change from 0 to 164 [ 214.827755][T23436] Unable to read rock-ridge attributes [ 214.838637][T23442] loop3: detected capacity change from 0 to 512 [ 214.858010][T23436] Unable to read rock-ridge attributes [ 214.868325][T23442] ext4 filesystem being mounted at /1426/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 214.931367][T23453] loop7: detected capacity change from 0 to 2048 [ 214.938964][T23457] loop6: detected capacity change from 0 to 512 [ 214.948173][T23457] EXT4-fs error (device loop6): ext4_orphan_get:1389: inode #15: comm syz.6.8930: casefold flag without casefold feature [ 214.961230][T23457] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.8930: couldn't read orphan inode 15 (err -117) [ 215.083745][T23477] loop6: detected capacity change from 0 to 512 [ 215.135801][T23477] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.8939: Failed to acquire dquot type 1 [ 215.144130][T23491] loop0: detected capacity change from 0 to 2048 [ 215.149334][T23477] EXT4-fs (loop6): 1 truncate cleaned up [ 215.161868][T23477] ext4 filesystem being mounted at /1015/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 215.585293][T23554] loop6: detected capacity change from 0 to 512 [ 215.608636][T23554] ext4 filesystem being mounted at /1031/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 215.671472][T23571] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 215.702419][T23574] loop3: detected capacity change from 0 to 512 [ 215.716921][T23574] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.8983: casefold flag without casefold feature [ 215.732364][T23574] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.8983: couldn't read orphan inode 15 (err -117) [ 215.787228][T23588] bond0: option mode: unable to set because the bond device has slaves [ 215.897008][T23601] program syz.2.8994 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 215.983910][T23614] loop3: detected capacity change from 0 to 512 [ 215.998975][T23614] ext4 filesystem being mounted at /1446/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 216.061147][T23627] loop3: detected capacity change from 0 to 512 [ 216.079747][T23627] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.9005: Failed to acquire dquot type 1 [ 216.093722][T23627] EXT4-fs (loop3): 1 truncate cleaned up [ 216.100021][T23627] ext4 filesystem being mounted at /1447/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 216.262818][T23649] IPv6: sit1: Disabled Multicast RS [ 216.269641][T23649] sit1: entered allmulticast mode [ 216.327294][T23652] bond2: entered promiscuous mode [ 216.332502][T23652] bond2: entered allmulticast mode [ 216.338286][T23652] 8021q: adding VLAN 0 to HW filter on device bond2 [ 216.348983][T23652] bond2 (unregistering): Released all slaves [ 216.445303][T23664] __nla_validate_parse: 8 callbacks suppressed [ 216.445317][T23664] netlink: 296 bytes leftover after parsing attributes in process `syz.2.9020'. [ 216.546444][T23678] loop2: detected capacity change from 0 to 512 [ 216.578125][T23678] EXT4-fs (loop2): too many log groups per flexible block group [ 216.587079][T23678] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 216.593907][T23678] EXT4-fs (loop2): mount failed [ 216.619599][T23685] netlink: 'syz.2.9038': attribute type 4 has an invalid length. [ 216.627943][T23685] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.9038'. [ 216.729029][T23705] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9037'. [ 216.739541][T23705] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9037'. [ 216.865395][T23730] bond0: option mode: unable to set because the bond device has slaves [ 216.870288][T23727] loop6: detected capacity change from 0 to 2048 [ 216.884481][T23727] EXT4-fs: Ignoring removed mblk_io_submit option [ 216.939682][T23739] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 216.987969][T23742] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.9045: bg 0: block 234: padding at end of block bitmap is not set [ 217.017236][T23742] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 117 [ 217.030469][T23742] EXT4-fs (loop6): This should not happen!! Data will be lost [ 217.030469][T23742] [ 217.056678][T23749] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9055'. [ 217.061456][ T3309] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 968 with error 28 [ 217.065842][T23749] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9055'. [ 217.089348][ T3309] EXT4-fs (loop6): This should not happen!! Data will be lost [ 217.089348][ T3309] [ 217.099033][ T3309] EXT4-fs (loop6): Total free blocks count 0 [ 217.105018][ T3309] EXT4-fs (loop6): Free/Dirty block details [ 217.112237][ T3309] EXT4-fs (loop6): free_blocks=0 [ 217.117243][ T3309] EXT4-fs (loop6): dirty_blocks=976 [ 217.122625][ T3309] EXT4-fs (loop6): Block reservation details [ 217.128680][ T3309] EXT4-fs (loop6): i_reserved_data_blocks=61 [ 217.149052][T23760] loop2: detected capacity change from 0 to 1024 [ 217.151883][T23755] loop0: detected capacity change from 0 to 2048 [ 217.165114][T23755] EXT4-fs: Ignoring removed mblk_io_submit option [ 217.172901][T23755] EXT4-fs: Ignoring removed i_version option [ 217.176729][T23760] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 217.191101][T23760] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 217.209559][T23760] JBD2: no valid journal superblock found [ 217.215323][T23760] EXT4-fs (loop2): Could not load journal inode [ 217.374884][T23784] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 217.472340][T23803] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9088'. [ 217.482436][T23803] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9088'. [ 217.528309][T23807] netlink: 16 bytes leftover after parsing attributes in process `syz.6.9081'. [ 217.544594][T23809] loop7: detected capacity change from 0 to 2048 [ 217.571294][T23809] EXT4-fs: Ignoring removed mblk_io_submit option [ 217.678743][T23825] bond1: entered promiscuous mode [ 217.683948][T23825] bond1: entered allmulticast mode [ 217.693100][T23825] 8021q: adding VLAN 0 to HW filter on device bond1 [ 217.703973][T23829] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.9079: bg 0: block 234: padding at end of block bitmap is not set [ 217.719854][T23829] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 117 [ 217.732511][T23829] EXT4-fs (loop7): This should not happen!! Data will be lost [ 217.732511][T23829] [ 217.744403][T23825] bond1 (unregistering): Released all slaves [ 217.752117][ T4007] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 610 with error 28 [ 217.765329][ T4007] EXT4-fs (loop7): This should not happen!! Data will be lost [ 217.765329][ T4007] [ 217.774991][ T4007] EXT4-fs (loop7): Total free blocks count 0 [ 217.781895][ T4007] EXT4-fs (loop7): Free/Dirty block details [ 217.787850][ T4007] EXT4-fs (loop7): free_blocks=0 [ 217.792881][ T4007] EXT4-fs (loop7): dirty_blocks=624 [ 217.798472][ T4007] EXT4-fs (loop7): Block reservation details [ 217.804538][ T4007] EXT4-fs (loop7): i_reserved_data_blocks=39 [ 218.458613][T23834] loop0: detected capacity change from 0 to 164 [ 218.520642][T23847] IPv6: sit1: Disabled Multicast RS [ 218.526905][T23847] sit1: entered allmulticast mode [ 218.581851][T23851] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=23851 comm=syz.2.9099 [ 218.674413][T23867] loop6: detected capacity change from 0 to 1024 [ 218.717246][T23867] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 218.746106][T23867] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.9110: Invalid block bitmap block 0 in block_group 0 [ 218.754639][T23882] xt_hashlimit: max too large, truncated to 1048576 [ 218.775600][T23889] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 218.785118][ T29] kauditd_printk_skb: 196 callbacks suppressed [ 218.785131][ T29] audit: type=1400 audit(2000000002.880:7001): avc: denied { sqpoll } for pid=23888 comm="syz.0.9117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 218.808942][T23889] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 218.817673][T23867] Quota error (device loop6): write_blk: dquota write failed [ 218.826285][T23867] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 218.837599][T23867] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.9110: Failed to acquire dquot type 0 [ 218.849022][ T29] audit: type=1326 audit(2000000002.950:7002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23894 comm="syz.0.9120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f13a35d29 code=0x7ffc0000 [ 218.872532][ T29] audit: type=1326 audit(2000000002.950:7003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23894 comm="syz.0.9120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f13a35d29 code=0x7ffc0000 [ 218.897544][ T29] audit: type=1326 audit(2000000002.950:7004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23894 comm="syz.0.9120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f13a35d29 code=0x7ffc0000 [ 218.898806][T23867] EXT4-fs error (device loop6): ext4_free_blocks:6589: comm syz.6.9110: Freeing blocks not in datazone - block = 0, count = 4096 [ 218.921081][ T29] audit: type=1326 audit(2000000002.950:7005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23894 comm="syz.0.9120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f13a35d29 code=0x7ffc0000 [ 218.921146][ T29] audit: type=1326 audit(2000000002.950:7006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23894 comm="syz.0.9120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f13a35d29 code=0x7ffc0000 [ 218.959265][ T29] audit: type=1326 audit(2000000003.070:7007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23894 comm="syz.0.9120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f13a35d29 code=0x7ffc0000 [ 218.967724][ T29] audit: type=1326 audit(2000000003.070:7008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23894 comm="syz.0.9120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f13a35d29 code=0x7ffc0000 [ 218.985040][T23889] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(7) [ 218.985063][T23889] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 218.985152][T23889] vhci_hcd vhci_hcd.0: Device attached [ 219.054849][T23867] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.9110: Invalid inode bitmap blk 0 in block_group 0 [ 219.069724][T23867] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem [ 219.071717][ T4007] EXT4-fs error (device loop6): ext4_release_dquot:6961: comm kworker/u8:9: Failed to release dquot type 0 [ 219.079313][T23867] EXT4-fs (loop6): 1 orphan inode deleted [ 219.079689][T23867] EXT4-fs mount: 90 callbacks suppressed [ 219.079702][T23867] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.116974][T23899] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(10) [ 219.123637][T23899] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 219.131944][T23899] vhci_hcd vhci_hcd.0: Device attached [ 219.151085][T23900] vhci_hcd: connection closed [ 219.151174][T23898] vhci_hcd: connection closed [ 219.156416][ T40] vhci_hcd: stop threads [ 219.165382][ T40] vhci_hcd: release socket [ 219.169924][ T40] vhci_hcd: disconnect device [ 219.177646][ T40] vhci_hcd: stop threads [ 219.182009][ T40] vhci_hcd: release socket [ 219.186477][ T40] vhci_hcd: disconnect device [ 219.203396][T23907] syz.3.9123[23907] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 219.203449][T23907] syz.3.9123[23907] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 219.217019][T23907] syz.3.9123[23907] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 219.232325][T11847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.255325][ T40] EXT4-fs error (device loop6): ext4_release_dquot:6961: comm kworker/u8:2: Failed to release dquot type 0 [ 219.312027][T23912] loop6: detected capacity change from 0 to 8192 [ 219.357603][T23912] loop6: p1 p2 p3 p4 [ 219.358743][T23918] loop3: detected capacity change from 0 to 2048 [ 219.361762][T23912] loop6: p1 start 51379968 is beyond EOD, truncated [ 219.370106][T23918] EXT4-fs: Ignoring removed mblk_io_submit option [ 219.375544][T23912] loop6: p3 size 100663552 extends beyond EOD, truncated [ 219.381580][T23918] EXT4-fs: Ignoring removed i_version option [ 219.390220][T23912] loop6: p4 size 81920 extends beyond EOD, truncated [ 219.408056][T23918] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 219.461769][ T7172] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.502779][T23929] loop6: detected capacity change from 0 to 1024 [ 219.509944][T23929] EXT4-fs: Ignoring removed orlov option [ 219.516997][T23929] EXT4-fs: Ignoring removed orlov option [ 219.527036][T23929] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 219.547861][T23937] loop3: detected capacity change from 0 to 1024 [ 219.554802][T11847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.554846][T23937] EXT4-fs: Ignoring removed nobh option [ 219.570230][T23937] EXT4-fs: Ignoring removed oldalloc option [ 219.603860][T23937] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.657004][T23937] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4115: comm syz.3.9136: Allocating blocks 497-513 which overlap fs metadata [ 219.681632][T23951] loop6: detected capacity change from 0 to 2048 [ 219.688755][T23951] EXT4-fs: Ignoring removed mblk_io_submit option [ 219.695229][T23951] EXT4-fs: Ignoring removed i_version option [ 219.702164][T23937] EXT4-fs (loop3): pa ffff8881065025b0: logic 256, phys. 369, len 9 [ 219.710926][T23937] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 1 [ 219.741161][T23961] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 219.781736][T23951] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 219.812793][ T7172] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.834198][T11847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.854034][T23975] loop2: detected capacity change from 0 to 2048 [ 219.862271][T23975] EXT4-fs: Ignoring removed mblk_io_submit option [ 219.866716][T23977] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 219.904928][T23987] netlink: 165 bytes leftover after parsing attributes in process `syz.6.9158'. [ 219.913595][T23975] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.963718][T23994] tap0: tun_chr_ioctl cmd 1342215179 [ 219.974602][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.999448][T24000] loop2: detected capacity change from 0 to 1024 [ 220.006236][T24000] EXT4-fs: Ignoring removed nobh option [ 220.011976][T24000] EXT4-fs: Ignoring removed oldalloc option [ 220.023932][T24002] loop6: detected capacity change from 0 to 764 [ 220.032452][T24002] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 220.042965][T24000] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 220.069856][T24000] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4115: comm syz.2.9163: Allocating blocks 497-513 which overlap fs metadata [ 220.107497][T24000] EXT4-fs (loop2): pa ffff8881065025b0: logic 256, phys. 369, len 9 [ 220.115600][T24000] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 1 [ 220.164647][T24022] tmpfs: Unknown parameter 'mp' [ 220.201352][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.343970][T24057] loop6: detected capacity change from 0 to 1024 [ 220.354252][T24057] EXT4-fs: Ignoring removed nobh option [ 220.361124][T24057] EXT4-fs: Ignoring removed oldalloc option [ 220.361188][T24061] netlink: 'syz.3.9190': attribute type 14 has an invalid length. [ 220.415101][T24057] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 220.460867][T24057] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4115: comm syz.6.9189: Allocating blocks 497-513 which overlap fs metadata [ 220.494707][T24076] loop0: detected capacity change from 0 to 8192 [ 220.496437][T24057] EXT4-fs (loop6): pa ffff88810651dc40: logic 256, phys. 369, len 9 [ 220.509183][T24057] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 1 [ 220.531199][T24085] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 220.557368][T24076] loop0: p1 p2 p3 p4 [ 220.561405][T24076] loop0: p1 start 51379968 is beyond EOD, truncated [ 220.568850][T24076] loop0: p3 size 100663552 extends beyond EOD, truncated [ 220.577575][T24076] loop0: p4 size 81920 extends beyond EOD, truncated [ 220.638679][T11847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.772689][T24111] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 220.861965][T24115] loop7: detected capacity change from 0 to 8192 [ 220.916216][T24115] loop7: p1 p2 p3 p4 [ 220.920345][T24115] loop7: p1 start 51379968 is beyond EOD, truncated [ 220.938767][T24115] loop7: p3 size 100663552 extends beyond EOD, truncated [ 220.948339][T24115] loop7: p4 size 81920 extends beyond EOD, truncated [ 221.032645][T24138] loop6: detected capacity change from 0 to 512 [ 221.054740][T24141] tap0: tun_chr_ioctl cmd 1342215179 [ 221.072518][T24138] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 221.086547][T24138] ext4 filesystem being mounted at /1080/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 221.100350][T24138] EXT4-fs error (device loop6): ext4_get_first_dir_block:3539: inode #12: comm syz.6.9227: Attempting to read directory block (0) that is past i_size (3) [ 221.128066][T11847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.166622][T24149] loop2: detected capacity change from 0 to 2048 [ 221.170804][T24151] loop0: detected capacity change from 0 to 2048 [ 221.178553][T24149] EXT4-fs: Ignoring removed mblk_io_submit option [ 221.194892][T24157] netlink: 'syz.6.9235': attribute type 3 has an invalid length. [ 221.202725][T24157] netlink: 'syz.6.9235': attribute type 3 has an invalid length. [ 221.213479][T24151] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 221.228937][T24149] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 221.290905][T15335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.318790][T24170] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.9232: bg 0: block 234: padding at end of block bitmap is not set [ 221.337442][T24170] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 117 [ 221.350057][T24170] EXT4-fs (loop2): This should not happen!! Data will be lost [ 221.350057][T24170] [ 221.389515][T24181] loop6: detected capacity change from 0 to 128 [ 221.400768][ T47] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 564 with error 28 [ 221.413511][ T47] EXT4-fs (loop2): This should not happen!! Data will be lost [ 221.413511][ T47] [ 221.424371][ T47] EXT4-fs (loop2): Total free blocks count 0 [ 221.430555][ T47] EXT4-fs (loop2): Free/Dirty block details [ 221.437161][ T47] EXT4-fs (loop2): free_blocks=0 [ 221.442105][ T47] EXT4-fs (loop2): dirty_blocks=576 [ 221.448351][ T47] EXT4-fs (loop2): Block reservation details [ 221.460154][T24181] __nla_validate_parse: 4 callbacks suppressed [ 221.460169][T24181] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9245'. [ 221.641124][T24209] loop6: detected capacity change from 0 to 512 [ 221.650338][T24209] EXT4-fs error (device loop6): ext4_orphan_get:1389: inode #15: comm syz.6.9257: casefold flag without casefold feature [ 221.667437][T24209] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.9257: couldn't read orphan inode 15 (err -117) [ 221.696627][T24209] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 221.747388][T11847] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.748056][T24222] loop3: detected capacity change from 0 to 2048 [ 221.764487][T24222] EXT4-fs: Ignoring removed mblk_io_submit option [ 221.799036][T24222] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 221.817933][T24238] loop6: detected capacity change from 0 to 512 [ 221.824550][T24238] EXT4-fs: Ignoring removed bh option [ 221.832905][T24238] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 221.854751][T24238] EXT4-fs (loop6): invalid journal inode [ 221.870569][T24238] EXT4-fs (loop6): can't get journal size [ 221.880882][T24245] ================================================================== [ 221.888986][T24245] BUG: KCSAN: data-race in __xa_set_mark / xas_find_marked [ 221.896196][T24245] [ 221.898512][T24245] read-write to 0xffff8881065e6fd8 of 8 bytes by task 24222 on cpu 0: [ 221.906661][T24245] __xa_set_mark+0xdb/0x1b0 [ 221.911159][T24245] __folio_mark_dirty+0x3b5/0x4e0 [ 221.916189][T24245] mark_buffer_dirty+0x134/0x230 [ 221.921125][T24245] block_write_end+0x123/0x210 [ 221.925889][T24245] ext4_da_write_end+0x20a/0x810 [ 221.930822][T24245] generic_perform_write+0x33c/0x4a0 [ 221.936113][T24245] ext4_buffered_write_iter+0x1ea/0x370 [ 221.941667][T24245] ext4_file_write_iter+0x383/0xf20 [ 221.946862][T24245] vfs_write+0x77f/0x920 [ 221.951102][T24245] ksys_write+0xe8/0x1b0 [ 221.955336][T24245] __x64_sys_write+0x42/0x50 [ 221.959923][T24245] x64_sys_call+0x287e/0x2dc0 [ 221.964592][T24245] do_syscall_64+0xc9/0x1c0 [ 221.969086][T24245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.974974][T24245] [ 221.977284][T24245] read to 0xffff8881065e6fd8 of 8 bytes by task 24245 on cpu 1: [ 221.984901][T24245] xas_find_marked+0x216/0x660 [ 221.989668][T24245] find_get_entry+0x54/0x390 [ 221.994257][T24245] filemap_get_folios_tag+0x136/0x210 [ 221.999630][T24245] mpage_prepare_extent_to_map+0x329/0xb80 [ 222.005442][T24245] ext4_do_writepages+0xa20/0x2130 [ 222.010564][T24245] ext4_writepages+0x159/0x2e0 [ 222.015325][T24245] do_writepages+0x1d8/0x480 [ 222.019915][T24245] filemap_flush+0xe7/0x120 [ 222.024501][T24245] ext4_alloc_da_blocks+0x50/0x130 [ 222.029613][T24245] ext4_ioctl+0x1014/0x2dd0 [ 222.034108][T24245] __se_sys_ioctl+0xc9/0x140 [ 222.038693][T24245] __x64_sys_ioctl+0x43/0x50 [ 222.043277][T24245] x64_sys_call+0x1690/0x2dc0 [ 222.047952][T24245] do_syscall_64+0xc9/0x1c0 [ 222.052474][T24245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.058372][T24245] [ 222.060688][T24245] value changed: 0x0000000000000fff -> 0x0000000000003fff [ 222.067783][T24245] [ 222.070094][T24245] Reported by Kernel Concurrency Sanitizer on: [ 222.076233][T24245] CPU: 1 UID: 0 PID: 24245 Comm: syz.3.9263 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 222.086995][T24245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 222.097046][T24245] ================================================================== [ 222.111021][T24245] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.9263: bg 0: block 234: padding at end of block bitmap is not set [ 222.123827][T24244] loop0: detected capacity change from 0 to 1024 [ 222.128871][T24248] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9272'. [ 222.133312][T24244] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 222.152692][T24238] EXT4-fs (loop6): 1 truncate cleaned up [ 222.157643][T24245] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1626 with error 117 [ 222.159211][T24238] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 222.172227][T24245] EXT4-fs (loop3): This should not happen!! Data will be lost [ 222.172227][T24245] [ 222.186506][ T3309] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 1626 with max blocks 2 with error 28 [ 222.208562][ T3309] EXT4-fs (loop3): This should not happen!! Data will be lost [ 222.208562][ T3309] [ 222.218320][ T3309] EXT4-fs (loop3): Total free blocks count 0 [ 222.224309][ T3309] EXT4-fs (loop3): Free/Dirty block details [ 222.230836][ T3309] EXT4-fs (loop3): free_blocks=0 [ 222.234490][T11847] EXT4-fs error (device loop6): __ext4_iget:4984: inode #11: block 1828716567: comm syz-executor: invalid block [ 222.236512][ T3309] EXT4-fs (loop3): dirty_blocks=16 [ 222.236525][ T3309] EXT4-fs (loop3): Block reservation details [ 222.246847][T24244] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.9282: Invalid block bitmap block 0 in block_group 0 [ 222.266763][T11847] EXT4-fs error (device loop6): __ext4_iget:4984: inode #11: block 1828716567: comm syz-executor: invalid block [ 222.275132][T24244] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.9282: Failed to acquire dquot type 0 [ 222.299578][T24244] EXT4-fs error (device loop0): ext4_free_blocks:6589: comm syz.0.9282: Freeing blocks not in datazone - block = 0, count = 4096 [ 222.314207][T24244] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.9282: Invalid inode bitmap blk 0 in block_group 0 [ 222.328160][ T47] EXT4-fs error (device loop0): ext4_release_dquot:6961: comm kworker/u8:3: Failed to release dquot type 0 [ 222.346280][T24244] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem [ 222.354899][T24244] EXT4-fs (loop0): 1 orphan inode deleted [ 222.362972][T24244] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 222.378756][T21797] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.408586][T15335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.419720][ T47] EXT4-fs error (device loop0): ext4_release_dquot:6961: comm kworker/u8:3: Failed to release dquot type 0