last executing test programs: 1.904256857s ago: executing program 1 (id=4327): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000080)={@in6={{0xa, 0x4e20, 0x4006, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x5}}, 0x0, 0x0, 0x16, 0x0, "024c08f6beaae211e04128017b8f9720fc434ce01e58499892b786263c721a4dd042fac0c78d10b9206d1cf9577ea4d8b709afd0a6d76f775344852e83a4fab66ac4883fbf7d17e0d8245a4aa8714ae3"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0x20, &(0x7f0000000180)={@in6={{0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x1}}, 0x0, 0x0, 0x0, 0x0, "effe7cad2de6bf631c12a221bdf61457764ad8a9a8107f46685c05636259b0cf52c12bc6803211423850d156923ea61746f1f02bad0561ba8fed2cd972974564dd4cbd4094f0432aed65c6b592b0c62c"}, 0xd8) 1.893147308s ago: executing program 2 (id=4328): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]}) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=") lsetxattr$trusted_overlay_nlink(&(0x7f0000000100)='./file0/file1\x00', &(0x7f0000000140), 0x0, 0x0, 0x1) 1.792143196s ago: executing program 2 (id=4329): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='fdinfo/3\x00') read$eventfd(r0, &(0x7f0000000080), 0x8) 1.791755506s ago: executing program 2 (id=4330): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='timer_start\x00', r0}, 0x18) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940)) 1.790042096s ago: executing program 1 (id=4340): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0) openat(r0, &(0x7f00000000c0)='./file0\x00', 0x6a1c2, 0x50) faccessat(r0, &(0x7f0000000000)='./file0\x00', 0x5) 1.733023651s ago: executing program 1 (id=4332): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x30, 0x10, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, 0x40810, 0x3}, [@IFLA_GROUP={0x8}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x30}, 0x1, 0x0, 0x0, 0x24040051}, 0x4000000) 1.732692021s ago: executing program 2 (id=4334): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000640)=ANY=[@ANYBLOB="54020000170001"], 0x254}}, 0x0) 1.688890155s ago: executing program 2 (id=4346): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) statx(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x2000, 0xffff4a9c0080ffff, &(0x7f0000000240)) 1.674446366s ago: executing program 4 (id=4336): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0x13, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000867700000000000000000000180100002025702500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000004000000850000000600000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007b00000095"], 0x0, 0x5, 0x0, 0x0, 0x41000, 0xc}, 0x94) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, &(0x7f00000001c0)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0xfffffffffffffd5f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1.660855137s ago: executing program 2 (id=4338): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x110) r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) sendfile(r1, r0, 0x0, 0x3a) 1.530012787s ago: executing program 4 (id=4342): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0xa00, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a300000000014000780050015000000000008001240000000000d000300686173683a6e657400000000050005000a000000050004"], 0x5c}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0) 1.457418123s ago: executing program 4 (id=4343): syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410884, &(0x7f00000001c0)={[{@nouid32}, {@acl}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r0, &(0x7f0000000e80)=[{0x0}, {&(0x7f0000000f80)="03a58f3030", 0x5}, {&(0x7f0000001000)="68e3d0fc470a7ebf", 0x8}], 0x3, 0x33000, 0x0, 0x3) 1.384089159s ago: executing program 1 (id=4347): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) 1.282594177s ago: executing program 4 (id=4349): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fedbdf252c000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x20048881}, 0x2000c800) 1.201448083s ago: executing program 4 (id=4350): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) statx(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x2000, 0xffff4a9c0080ffff, &(0x7f0000000240)) 1.201140334s ago: executing program 4 (id=4351): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) pause() 822.836324ms ago: executing program 3 (id=4353): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000040000000000000000000000850000004100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000180000850000008200000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xd50, 0x0, &(0x7f0000000480)="92931f6e32e1ffa94914674af600", 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x4}, 0x50) 649.027188ms ago: executing program 3 (id=4354): capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40}) r0 = syz_open_dev$loop(&(0x7f0000000400), 0x10001, 0x2) ioctl$IOC_PR_CLEAR(r0, 0x401070cd, 0x0) 588.131703ms ago: executing program 3 (id=4355): r0 = socket(0x10, 0x3, 0x0) connect$netlink(r0, &(0x7f0000000280)=@proc={0x10, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000001500)=@newtaction={0x18, 0x31, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4010}, 0x8084) 532.661868ms ago: executing program 3 (id=4356): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]}) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=") lsetxattr$trusted_overlay_nlink(&(0x7f0000000100)='./file0/file1\x00', &(0x7f0000000140), 0x0, 0x0, 0x1) 522.379518ms ago: executing program 0 (id=4357): capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xfffffffd}) r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$VT_RELDISP(r0, 0x5605) 464.768773ms ago: executing program 0 (id=4358): perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x99, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2aa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3ff, 0x0, @perf_config_ext={0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r0 = add_key$fscrypt_v1(&(0x7f0000000580), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f00000002c0)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143", 0xfffffffe}, 0x48, 0xffffffffffffffff) keyctl$chown(0x4, r0, 0xee01, 0xee00) 451.487334ms ago: executing program 1 (id=4359): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) shmdt(0x0) 241.985551ms ago: executing program 3 (id=4360): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000e00)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x200}]}) 215.704043ms ago: executing program 0 (id=4361): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000007040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0b04000000000000000002000000400004803c0001800b00010065787468647200002c000280080003400000000005000200890000000800014000e90009080006400000000208000440000000170900010073797a30000000000900020073797a32"], 0x94}}, 0x0) 144.967059ms ago: executing program 0 (id=4362): unshare(0x2a060400) r0 = socket$inet(0x2, 0x4000000000000001, 0x6) getsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, 0x0, &(0x7f0000000080)=0xffffff1d) 129.74781ms ago: executing program 0 (id=4363): r0 = getpgrp(0x0) r1 = syz_pidfd_open(r0, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0xff06, 0x0) 112.414412ms ago: executing program 0 (id=4364): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000040000000000000000000000850000004100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000180000850000008200000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xd50, 0x0, &(0x7f0000000480)="92931f6e32e1ffa94914674af600", 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x4}, 0x50) 47.463637ms ago: executing program 1 (id=4365): syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x4400, &(0x7f0000000100)=ANY=[], 0xf4, 0xa2c, &(0x7f0000001f80)="$eJzs3c9vlPedB/D3M9hgnIglCZtlEQkDEYmTeI1tNiCUwwbsMTjrHyvbSEG7qxAFWCGszSrZSknUA5Gqnho1qqpKbS9Vjj1FSg/NpeLWHnvqoVKb/6CKeik9VK7mmbEZ2zNj7Bib0tdr9PD8+nx/zfPM82XGM883/C1bWloqpy2uX/7pTlaWh8+F8S8//ezj+vTR7ezNnrxS/DzpS1JNev5Sniu9Y+Nzs9MbZHQruZrkTlIk2ZfGvIP9q9aupvhuHr+3fifFj3O4TbK+TTaODS3xd223zz8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgojY0PD48UmZqcufxGtbNyCPAu+5ez+6Ic9bv4ok1JH7WuFElRn9LXtzzU9+FD93Y/Xf/nRI421o42Rv7uy4ePPX3w1ad6Ksvpu1RoR7z3wYe33lpcvP7uvU29bQN7mu2qL+/bserdv71bS3axNjM5Pzs5ff5irTo5P1s9d+bM8KlLE/PVicnU5q/ML9Smq2NztfMLs3PVgbEXqyPnzp2u1oauzF6euTg+NFVb3nj2X0aHh89UXx/6j9r5ufnZmVOvD82PXZqcmpqcuVjG1HfXY87WT8R/n1yoLtTOT1erN24uXj+9USXrQSNt9xSrg0Y3yml0eHR0ZGR0dOTMK+deOTs83LNuw/AaWRex+yctu+dnqy+JfdtzDYctqjT7/0xlMjO5nDdSbfsYy3jmMpvpDvublvv/k6dqXctt7f+Xe/nD93YfSdn/P9tYe7ZT/9+hLhs/lpYaOW81/fLjvXyQD3Mrb2Uxi7med792jusef96mfKpfv7XrHxdTy0wmM5/ZTGY658st1eaWas7lTM5kOG/mUiYyn2omMpmp1DKfK5nPQmrlGTWWudRyPguZzVyqGchYXkw1IzmXczmdamoZypXM5nJmcjHjOV/mciM3y+f9dJc6rgSN3E/QaJegbe7/lx7G/wnyoG37NRy2aqnZ/+/tGLC0vDQwtmO1AgAAALbTP/8qBw49+cvfJb15pvxcfmJyqja829UCAAAAtlH5db2j9VlvfemZFN7/AwAAwKOmKH9jVyTpz7HGUuOXUHviQwAAAAB4RJR//3+2PuuvLx1LsXInlKu7XTcAAABge2x8j/0TOVrpGlEMLt/+t3qtMb/WjGje57d/YnKqNjQ2O/XqSJ4v7zJQ/tJgXW57kqK3/PnBSzneiDre35j3r86xrx41MvTqSF7KiWZDBp6rz54baBM52oh8oRH5wtrI8ub8jcjT9UgAeNSd6NIfr/T/jYiO/f9LGWxEDB7p2Zuk50ibPnhYzwoAD4uNx9jZMKL413vv/3ub2a7q/5/MjT81vlIwlLfzThZzLYPlrw3KbxysyvW/Pml+ZrDyNYThDG7wacBy7K/PVjK4wecB/S0DvQx2/ESgNTb/nZx+8AcCAHbQiQ798Gb6/8GW9/9Z//5/ZWih635SCAAPhZUR7B/gwm63EQBYTS8NAAAAAAAAAAAAAAAAAAAAAAAAAAAA229b7/bft8Xkv2+O6/dghyFYt7C/+RxsPZ/vJdm5OhfbXFZlG/JZSrJTx2vnFnIw2fKz2vY03ptk99u14UJP8yVx663F3boiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsJOKZE+77ZVkX5LhJKd2vlYPzu3drsDO+7fWleJu7ub9HNi96gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJqa9/+vpDF/rLEpPZXkZJKrSf5zt+u4ne7udgW2yf4tpmu5/3/9mGepSE/jsKfoHRufm52uH/5y7IfKl59+9nF9akm+737LKQMrawaXaJawNvYnjy8vPVGm6h+//t6t/3/n/6rjF1LJ3lxYmJgan74499q9JE8XnyfVNKZly/X95slffNKm5Z/XW9re2nInyidnfH25/9Qudfdyu7m5eH20XtJC7Y2Fb/zvzfdbdj2Z48lzA8nA6pL+pz51KOl4eruVVnxVfLs4kB/kann8689GsVTUD9E/lO3ff+Pm4vWht99ZvNahTgdzLMm1pK97nT5q2X2svJ60VZ51ld56qcNlUP2fQxu0sauWHEc6tOGJ8pTpb7Zhb8c2tKp2bkOp5XmvtNvfqNHpDjV6Ks+3OdJL+5LONXq++5Fur/iq+G1xKb/Jt1rG/6jUj//JdH51rs6ijGw5UzpGVhqRZctHW3e8uTbyDz+8r9q3HaaGzfrOqhdvpeX63zxW5Rn89a9HS0XX61FLiZt7Xawpcc1Z0eV1UfZIh9akaF59OqVp1vNQI6pDPf8xLyc9R7pdFdf11i9vcEVZSf9a+91bff3/qBjIH3Pb+D8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDDr0j2tNteSU4mObi8Xk2WNpHtvk47Kv3FZqu4rW6v/PNIqGw2QXE3d/N+DjyY6gAAAAAAAACw0y6Mf/npZx/Xp2J/c1Pz7/vVpCfJweL7+zM+Nzu9QUa9ydUkd+rLfW32d/lzfz1dHr+3fqe+dnizLQEA7tdfAwAA//84JmE2") perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xb}, 0x100b28, 0x6, 0xb, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000500)=""/171) 0s ago: executing program 3 (id=4366): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x28, r1, 0x1, 0x4, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000010}, 0x0) kernel console output (not intermixed with test programs): ] loop0: p2 size 65536 extends beyond EOD, truncated [ 45.815381][ T5665] unsupported nlmsg_type 40 [ 45.849397][ T3640] udevd[3640]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 45.867560][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.879499][ T3502] udevd[3502]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 46.009360][ T5692] loop0: detected capacity change from 0 to 512 [ 46.028698][ T5692] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 46.053256][ T5692] EXT4-fs (loop0): invalid journal inode [ 46.073432][ T5692] EXT4-fs (loop0): can't get journal size [ 46.101700][ T5692] EXT4-fs (loop0): 1 truncate cleaned up [ 46.124254][ T5692] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.220410][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.243217][ T5733] netlink: 'syz.2.1089': attribute type 39 has an invalid length. [ 46.477370][ T5778] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 46.503200][ T5778] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 46.801320][ T5823] netlink: 'syz.0.1131': attribute type 31 has an invalid length. [ 46.900243][ T5832] loop0: detected capacity change from 0 to 164 [ 46.912461][ T5832] Unsupported NM flag settings (8) [ 46.962756][ T29] kauditd_printk_skb: 46 callbacks suppressed [ 46.962852][ T29] audit: type=1400 audit(1754770139.777:282): avc: denied { wake_alarm } for pid=5835 comm="syz.0.1137" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 47.096611][ T29] audit: type=1326 audit(1754770139.907:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5839 comm="syz.0.1139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ffc0000 [ 47.157800][ T29] audit: type=1326 audit(1754770139.907:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5839 comm="syz.0.1139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ffc0000 [ 47.181167][ T29] audit: type=1326 audit(1754770139.917:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5839 comm="syz.0.1139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f5d8c59ebe9 code=0x7ffc0000 [ 47.204506][ T29] audit: type=1326 audit(1754770139.917:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5839 comm="syz.0.1139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ffc0000 [ 47.228159][ T29] audit: type=1326 audit(1754770139.917:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5839 comm="syz.0.1139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ffc0000 [ 47.251512][ T29] audit: type=1400 audit(1754770139.967:288): avc: denied { write } for pid=5847 comm="syz.4.1143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 47.277177][ T5851] netlink: 'syz.4.1145': attribute type 21 has an invalid length. [ 47.327502][ T5851] __nla_validate_parse: 22 callbacks suppressed [ 47.327517][ T5851] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1145'. [ 47.517648][ T29] audit: type=1400 audit(1754770140.317:289): avc: denied { ioctl } for pid=5876 comm="syz.2.1159" path="socket:[12592]" dev="sockfs" ino=12592 ioctlcmd=0x8955 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 47.543312][ T5885] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1160'. [ 47.579279][ T5786] syz.3.1113 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 47.593449][ T5786] CPU: 0 UID: 0 PID: 5786 Comm: syz.3.1113 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) [ 47.593488][ T5786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 47.593501][ T5786] Call Trace: [ 47.593507][ T5786] [ 47.593515][ T5786] __dump_stack+0x1d/0x30 [ 47.593538][ T5786] dump_stack_lvl+0xe8/0x140 [ 47.593616][ T5786] dump_stack+0x15/0x1b [ 47.593636][ T5786] dump_header+0x81/0x220 [ 47.593684][ T5786] oom_kill_process+0x342/0x400 [ 47.593741][ T5786] out_of_memory+0x979/0xb80 [ 47.593777][ T5786] try_charge_memcg+0x5e6/0x9e0 [ 47.593857][ T5786] obj_cgroup_charge_pages+0xa6/0x150 [ 47.593900][ T5786] __memcg_kmem_charge_page+0x9f/0x170 [ 47.593943][ T5786] __alloc_frozen_pages_noprof+0x188/0x360 [ 47.594040][ T5786] alloc_pages_mpol+0xb3/0x250 [ 47.594129][ T5786] alloc_pages_noprof+0x90/0x130 [ 47.594199][ T5786] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 47.594251][ T5786] __kvmalloc_node_noprof+0x30f/0x4e0 [ 47.594348][ T5786] ? ip_set_alloc+0x1f/0x30 [ 47.594388][ T5786] ? ip_set_alloc+0x1f/0x30 [ 47.594424][ T5786] ? __kmalloc_cache_noprof+0x189/0x320 [ 47.594520][ T5786] ip_set_alloc+0x1f/0x30 [ 47.594597][ T5786] hash_netiface_create+0x282/0x740 [ 47.594640][ T5786] ? __pfx_hash_netiface_create+0x10/0x10 [ 47.594689][ T5786] ip_set_create+0x3c9/0x960 [ 47.594772][ T5786] ? __nla_parse+0x40/0x60 [ 47.594803][ T5786] nfnetlink_rcv_msg+0x4c6/0x590 [ 47.594856][ T5786] netlink_rcv_skb+0x120/0x220 [ 47.594880][ T5786] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 47.595081][ T5786] nfnetlink_rcv+0x16b/0x1690 [ 47.595118][ T5786] ? nlmon_xmit+0x4f/0x60 [ 47.595161][ T5786] ? consume_skb+0x49/0x150 [ 47.595201][ T5786] ? nlmon_xmit+0x4f/0x60 [ 47.595228][ T5786] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 47.595251][ T5786] ? __dev_queue_xmit+0x1200/0x2000 [ 47.595335][ T5786] ? __dev_queue_xmit+0x182/0x2000 [ 47.595397][ T5786] ? ref_tracker_free+0x37d/0x3e0 [ 47.595423][ T5786] ? __netlink_deliver_tap+0x4dc/0x500 [ 47.595449][ T5786] netlink_unicast+0x5c0/0x690 [ 47.595697][ T5786] netlink_sendmsg+0x58b/0x6b0 [ 47.595725][ T5786] ? __pfx_netlink_sendmsg+0x10/0x10 [ 47.595751][ T5786] __sock_sendmsg+0x142/0x180 [ 47.595780][ T5786] ____sys_sendmsg+0x31e/0x4e0 [ 47.595804][ T5786] ___sys_sendmsg+0x17b/0x1d0 [ 47.595913][ T5786] __x64_sys_sendmsg+0xd4/0x160 [ 47.595937][ T5786] x64_sys_call+0x191e/0x2ff0 [ 47.595965][ T5786] do_syscall_64+0xd2/0x200 [ 47.595998][ T5786] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 47.596039][ T5786] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 47.596066][ T5786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 47.596112][ T5786] RIP: 0033:0x7f5810bbebe9 [ 47.596138][ T5786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 47.596160][ T5786] RSP: 002b:00007f580f61f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 47.596180][ T5786] RAX: ffffffffffffffda RBX: 00007f5810de5fa0 RCX: 00007f5810bbebe9 [ 47.596195][ T5786] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003 [ 47.596211][ T5786] RBP: 00007f5810c41e19 R08: 0000000000000000 R09: 0000000000000000 [ 47.596246][ T5786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 47.596260][ T5786] R13: 00007f5810de6038 R14: 00007f5810de5fa0 R15: 00007ffd83264cd8 [ 47.596282][ T5786] [ 47.596290][ T5786] memory: usage 307200kB, limit 307200kB, failcnt 343 [ 47.937202][ T5786] memory+swap: usage 307380kB, limit 9007199254740988kB, failcnt 0 [ 47.945130][ T5786] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0 [ 47.952537][ T5786] Memory cgroup stats for /syz3: [ 47.953121][ T5786] cache 0 [ 47.961071][ T5786] rss 0 [ 47.963823][ T5786] shmem 0 [ 47.966751][ T5786] mapped_file 0 [ 47.970258][ T5786] dirty 0 [ 47.973265][ T5786] writeback 0 [ 47.976540][ T5786] workingset_refault_anon 39 [ 47.981336][ T5786] workingset_refault_file 448 [ 47.986095][ T5786] swap 184320 [ 47.989490][ T5786] swapcached 12288 [ 47.993200][ T5786] pgpgin 13292 [ 47.996565][ T5786] pgpgout 13289 [ 48.000052][ T5786] pgfault 23455 [ 48.003496][ T5786] pgmajfault 22 [ 48.006975][ T5786] inactive_anon 12288 [ 48.011047][ T5786] active_anon 0 [ 48.014496][ T5786] inactive_file 0 [ 48.018116][ T5786] active_file 0 [ 48.021605][ T5786] unevictable 0 [ 48.025148][ T5786] hierarchical_memory_limit 314572800 [ 48.030601][ T5786] hierarchical_memsw_limit 9223372036854771712 [ 48.036784][ T5786] total_cache 0 [ 48.040344][ T5786] total_rss 0 [ 48.043692][ T5786] total_shmem 0 [ 48.047321][ T5786] total_mapped_file 0 [ 48.051354][ T5786] total_dirty 0 [ 48.054824][ T5786] total_writeback 0 [ 48.058754][ T5786] total_workingset_refault_anon 39 [ 48.064068][ T5786] total_workingset_refault_file 448 [ 48.069321][ T5786] total_swap 184320 [ 48.073118][ T5786] total_swapcached 12288 [ 48.077349][ T5786] total_pgpgin 13292 [ 48.081337][ T5786] total_pgpgout 13289 [ 48.085335][ T5786] total_pgfault 23455 [ 48.089338][ T5786] total_pgmajfault 22 [ 48.093306][ T5786] total_inactive_anon 12288 [ 48.097792][ T5786] total_active_anon 0 [ 48.101798][ T5786] total_inactive_file 0 [ 48.105943][ T5786] total_active_file 0 [ 48.110031][ T5786] total_unevictable 0 [ 48.114089][ T5786] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1113,pid=5785,uid=0 [ 48.128236][ T5928] netlink: 'syz.4.1182': attribute type 21 has an invalid length. [ 48.128744][ T5786] Memory cgroup out of memory: Killed process 5785 (syz.3.1113) total-vm:95680kB, anon-rss:944kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 48.153795][ T29] audit: type=1400 audit(1754770140.907:290): avc: denied { getopt } for pid=5925 comm="syz.1.1181" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 48.219079][ T5937] netlink: 'syz.1.1186': attribute type 1 has an invalid length. [ 48.226942][ T5937] netlink: 'syz.1.1186': attribute type 3 has an invalid length. [ 48.234695][ T5937] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1186'. [ 48.261332][ T5941] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1189'. [ 48.270369][ T5941] netlink: 43 bytes leftover after parsing attributes in process `syz.4.1189'. [ 48.279433][ T5941] netlink: 'syz.4.1189': attribute type 6 has an invalid length. [ 48.287192][ T5941] netlink: 'syz.4.1189': attribute type 5 has an invalid length. [ 48.294975][ T5941] netlink: 43 bytes leftover after parsing attributes in process `syz.4.1189'. [ 48.312240][ T29] audit: type=1400 audit(1754770141.127:291): avc: denied { bind } for pid=5944 comm="syz.1.1191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 48.405650][ T5955] loop4: detected capacity change from 0 to 256 [ 48.455863][ T5955] FAT-fs (loop4): Directory bread(block 64) failed [ 48.462514][ T5955] FAT-fs (loop4): Directory bread(block 65) failed [ 48.469557][ T5955] FAT-fs (loop4): Directory bread(block 66) failed [ 48.478524][ T5955] FAT-fs (loop4): Directory bread(block 67) failed [ 48.485225][ T5955] FAT-fs (loop4): Directory bread(block 68) failed [ 48.509370][ T5955] FAT-fs (loop4): Directory bread(block 69) failed [ 48.515964][ T5955] FAT-fs (loop4): Directory bread(block 70) failed [ 48.524543][ T5786] syz.3.1113 (5786) used greatest stack depth: 7304 bytes left [ 48.548478][ T5955] FAT-fs (loop4): Directory bread(block 71) failed [ 48.573816][ T5955] FAT-fs (loop4): Directory bread(block 72) failed [ 48.596492][ T5955] FAT-fs (loop4): Directory bread(block 73) failed [ 48.744199][ T5995] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1216'. [ 48.753261][ T5995] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1216'. [ 48.761048][ T5997] netlink: 'syz.4.1215': attribute type 11 has an invalid length. [ 48.783351][ T6000] loop0: detected capacity change from 0 to 512 [ 48.797042][ T6000] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 48.832807][ T6000] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 48.853573][ T6008] syz.1.1219 (6008): /proc/6008/oom_adj is deprecated, please use /proc/6008/oom_score_adj instead. [ 48.865403][ T6000] EXT4-fs (loop0): 1 truncate cleaned up [ 48.871695][ T6000] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.953853][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.491923][ T6106] netlink: 300 bytes leftover after parsing attributes in process `syz.0.1262'. [ 49.592692][ T6120] gre1: entered allmulticast mode [ 49.663401][ T6128] netlink: 'syz.2.1273': attribute type 27 has an invalid length. [ 49.855736][ T6156] vhci_hcd: invalid port number 85 [ 49.860981][ T6156] vhci_hcd: default hub control req: 0501 v0005 i0055 l4 [ 49.965128][ T6174] netlink: 'syz.0.1295': attribute type 21 has an invalid length. [ 49.973024][ T6174] IPv6: NLM_F_CREATE should be specified when creating new route [ 49.980902][ T6173] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1294'. [ 49.996544][ T6174] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 50.003858][ T6174] IPv6: NLM_F_CREATE should be set when creating new route [ 50.011078][ T6174] IPv6: NLM_F_CREATE should be set when creating new route [ 50.018298][ T6174] IPv6: NLM_F_CREATE should be set when creating new route [ 50.033740][ T6180] tmpfs: Bad value for 'mpol' [ 50.130262][ T6196] netlink: 'syz.1.1305': attribute type 5 has an invalid length. [ 50.300678][ T6228] netlink: 'syz.4.1322': attribute type 30 has an invalid length. [ 50.312534][ T6228] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0) [ 50.321807][ T6228] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255 [ 50.551597][ T6262] mmap: syz.2.1339 (6262) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 50.619736][ T6274] netlink: 'syz.1.1345': attribute type 11 has an invalid length. [ 50.983057][ T6337] netdevsim netdevsim1: Direct firmware load for ./file0/file1 failed with error -2 [ 51.134446][ T6362] wg1: entered promiscuous mode [ 51.139381][ T6362] wg1: entered allmulticast mode [ 51.957978][ T6509] usb usb3: usbfs: process 6509 (syz.2.1458) did not claim interface 0 before use [ 51.983625][ T6516] loop3: detected capacity change from 0 to 256 [ 52.069947][ T29] kauditd_printk_skb: 30 callbacks suppressed [ 52.070033][ T29] audit: type=1400 audit(1754770144.887:322): avc: denied { write } for pid=6528 comm="syz.4.1464" name="event1" dev="devtmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 52.144034][ T6535] loop4: detected capacity change from 0 to 1024 [ 52.181685][ T29] audit: type=1400 audit(1754770144.987:323): avc: denied { read append } for pid=6536 comm="syz.3.1467" name="qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 52.205042][ T29] audit: type=1400 audit(1754770144.987:324): avc: denied { open } for pid=6536 comm="syz.3.1467" path="/dev/qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 52.229945][ T6535] EXT4-fs: Ignoring removed nomblk_io_submit option [ 52.273997][ T6535] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 52.346796][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.380794][ T6567] loop3: detected capacity change from 0 to 512 [ 52.416179][ T6577] __nla_validate_parse: 18 callbacks suppressed [ 52.416244][ T6577] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1485'. [ 52.439473][ T6567] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 52.475253][ T6567] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.1482: Invalid block bitmap block 0 in block_group 0 [ 52.498741][ T6592] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1490'. [ 52.517727][ T6567] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 52.529879][ T6594] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1494'. [ 52.540614][ T6567] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #11: comm syz.3.1482: attempt to clear invalid blocks 983261 len 1 [ 52.574415][ T6567] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.1482: Invalid inode table block 0 in block_group 0 [ 52.609048][ T6567] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 52.621799][ T6567] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 52.639500][ T6567] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.1482: Invalid inode table block 0 in block_group 0 [ 52.670710][ T6567] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 52.690591][ T6567] EXT4-fs error (device loop3): ext4_truncate:4666: inode #11: comm syz.3.1482: mark_inode_dirty error [ 52.708662][ T6567] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 52.729298][ T6567] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.1482: Invalid inode table block 0 in block_group 0 [ 52.763043][ T6567] EXT4-fs (loop3): 1 truncate cleaned up [ 52.780997][ T6567] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.801457][ T6630] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 52.861549][ T6567] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.1482: Invalid inode bitmap blk 0 in block_group 0 [ 52.898712][ T6643] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 52.918622][ T29] audit: type=1400 audit(1754770145.717:325): avc: denied { relabelto } for pid=6642 comm="syz.1.1518" name="file0" dev="tmpfs" ino=1502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 52.945552][ T29] audit: type=1400 audit(1754770145.717:326): avc: denied { associate } for pid=6642 comm="syz.1.1518" name="file0" dev="tmpfs" ino=1502 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0" [ 53.009786][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.019411][ T29] audit: type=1400 audit(1754770145.817:327): avc: denied { unlink } for pid=3303 comm="syz-executor" name="file0" dev="tmpfs" ino=1502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 53.251675][ T6676] loop4: detected capacity change from 0 to 512 [ 53.285843][ T6681] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1535'. [ 53.307717][ T6681] validate_nla: 6 callbacks suppressed [ 53.307732][ T6681] netlink: 'syz.1.1535': attribute type 2 has an invalid length. [ 53.321016][ T6681] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1535'. [ 53.337528][ T6676] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.351060][ T6688] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1538'. [ 53.360090][ T6688] tc_dump_action: action bad kind [ 53.369497][ T6676] ext4 filesystem being mounted at /316/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 53.407957][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.448525][ T6700] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1545'. [ 53.481801][ T6700] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1545'. [ 53.490958][ T6700] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1545'. [ 53.502408][ T6706] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1547'. [ 53.580465][ T29] audit: type=1400 audit(1754770146.387:328): avc: denied { ioctl } for pid=6715 comm="syz.4.1550" path="/dev/nvram" dev="devtmpfs" ino=98 ioctlcmd=0x4b64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 53.631244][ T6726] 0·: renamed from hsr0 (while UP) [ 53.653076][ T29] audit: type=1400 audit(1754770146.457:329): avc: denied { node_bind } for pid=6727 comm="syz.4.1558" saddr=172.20.20.54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 53.682115][ T6726] 0·: entered allmulticast mode [ 53.687058][ T6726] hsr_slave_0: entered allmulticast mode [ 53.692792][ T6726] hsr_slave_1: entered allmulticast mode [ 53.699577][ T6726] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 53.769627][ T6740] loop1: detected capacity change from 0 to 2048 [ 53.802215][ T6740] EXT4-fs (loop1): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.839785][ T29] audit: type=1400 audit(1754770146.657:330): avc: denied { create } for pid=6737 comm="syz.1.1563" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 53.840166][ T6740] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 53.932041][ T29] audit: type=1326 audit(1754770146.737:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6761 comm="syz.2.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f958a5bebe9 code=0x7ffc0000 [ 53.966559][ T3303] EXT4-fs (loop1): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 54.085281][ T6788] netlink: 'syz.4.1586': attribute type 21 has an invalid length. [ 54.172729][ T6802] netlink: 'syz.3.1592': attribute type 39 has an invalid length. [ 54.227504][ T6810] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 54.285115][ T6810] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 54.308628][ T6822] netlink: 'syz.3.1603': attribute type 31 has an invalid length. [ 54.689396][ T6888] netlink: 'syz.3.1636': attribute type 30 has an invalid length. [ 55.054757][ T6960] netlink: 'syz.2.1672': attribute type 21 has an invalid length. [ 55.253760][ T6997] loop2: detected capacity change from 0 to 256 [ 55.330183][ T6997] FAT-fs (loop2): Directory bread(block 64) failed [ 55.354908][ T6997] FAT-fs (loop2): Directory bread(block 65) failed [ 55.377847][ T6997] FAT-fs (loop2): Directory bread(block 66) failed [ 55.398807][ T6997] FAT-fs (loop2): Directory bread(block 67) failed [ 55.408454][ T7011] wireguard0: entered promiscuous mode [ 55.413555][ T6997] FAT-fs (loop2): Directory bread(block 68) failed [ 55.413955][ T7011] wireguard0: entered allmulticast mode [ 55.420677][ T6997] FAT-fs (loop2): Directory bread(block 69) failed [ 55.449260][ T6997] FAT-fs (loop2): Directory bread(block 70) failed [ 55.465989][ T6997] FAT-fs (loop2): Directory bread(block 71) failed [ 55.482942][ T6997] FAT-fs (loop2): Directory bread(block 72) failed [ 55.511162][ T6997] FAT-fs (loop2): Directory bread(block 73) failed [ 55.790573][ T7031] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.827212][ T7031] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.882974][ T7031] netdevsim netdevsim2 netdevsim0: left allmulticast mode [ 56.090316][ T7064] loop4: detected capacity change from 0 to 512 [ 56.102624][ T7064] journal_path: Lookup failure for './file0/../file0' [ 56.109541][ T7064] EXT4-fs: error: could not find journal device path [ 56.254932][ T7001] syz.0.1691 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 56.269115][ T7001] CPU: 0 UID: 0 PID: 7001 Comm: syz.0.1691 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) [ 56.269153][ T7001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 56.269165][ T7001] Call Trace: [ 56.269172][ T7001] [ 56.269181][ T7001] __dump_stack+0x1d/0x30 [ 56.269223][ T7001] dump_stack_lvl+0xe8/0x140 [ 56.269276][ T7001] dump_stack+0x15/0x1b [ 56.269293][ T7001] dump_header+0x81/0x220 [ 56.269328][ T7001] oom_kill_process+0x342/0x400 [ 56.269398][ T7001] out_of_memory+0x979/0xb80 [ 56.269513][ T7001] try_charge_memcg+0x5e6/0x9e0 [ 56.269545][ T7001] obj_cgroup_charge_pages+0xa6/0x150 [ 56.269585][ T7001] __memcg_kmem_charge_page+0x9f/0x170 [ 56.269697][ T7001] __alloc_frozen_pages_noprof+0x188/0x360 [ 56.269782][ T7001] alloc_pages_mpol+0xb3/0x250 [ 56.269815][ T7001] alloc_pages_noprof+0x90/0x130 [ 56.269858][ T7001] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 56.269975][ T7001] __kvmalloc_node_noprof+0x30f/0x4e0 [ 56.270032][ T7001] ? ip_set_alloc+0x1f/0x30 [ 56.270064][ T7001] ? ip_set_alloc+0x1f/0x30 [ 56.270095][ T7001] ? __kmalloc_cache_noprof+0x189/0x320 [ 56.270179][ T7001] ip_set_alloc+0x1f/0x30 [ 56.270263][ T7001] hash_netiface_create+0x282/0x740 [ 56.270303][ T7001] ? __pfx_hash_netiface_create+0x10/0x10 [ 56.270404][ T7001] ip_set_create+0x3c9/0x960 [ 56.270462][ T7001] ? __nla_parse+0x40/0x60 [ 56.270491][ T7001] nfnetlink_rcv_msg+0x4c6/0x590 [ 56.270541][ T7001] netlink_rcv_skb+0x120/0x220 [ 56.270564][ T7001] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 56.270614][ T7001] nfnetlink_rcv+0x16b/0x1690 [ 56.270647][ T7001] ? nlmon_xmit+0x4f/0x60 [ 56.270677][ T7001] ? consume_skb+0x49/0x150 [ 56.270722][ T7001] ? nlmon_xmit+0x4f/0x60 [ 56.270751][ T7001] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 56.270775][ T7001] ? __dev_queue_xmit+0x1200/0x2000 [ 56.270800][ T7001] ? __dev_queue_xmit+0x182/0x2000 [ 56.270827][ T7001] ? ref_tracker_free+0x37d/0x3e0 [ 56.270862][ T7001] ? __netlink_deliver_tap+0x4dc/0x500 [ 56.270924][ T7001] netlink_unicast+0x5c0/0x690 [ 56.270965][ T7001] netlink_sendmsg+0x58b/0x6b0 [ 56.271025][ T7001] ? __pfx_netlink_sendmsg+0x10/0x10 [ 56.271051][ T7001] __sock_sendmsg+0x142/0x180 [ 56.271129][ T7001] ____sys_sendmsg+0x31e/0x4e0 [ 56.271154][ T7001] ___sys_sendmsg+0x17b/0x1d0 [ 56.271186][ T7001] __x64_sys_sendmsg+0xd4/0x160 [ 56.271273][ T7001] x64_sys_call+0x191e/0x2ff0 [ 56.271300][ T7001] do_syscall_64+0xd2/0x200 [ 56.271327][ T7001] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 56.271352][ T7001] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 56.271419][ T7001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.271441][ T7001] RIP: 0033:0x7f5d8c59ebe9 [ 56.271455][ T7001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.271473][ T7001] RSP: 002b:00007f5d8afff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 56.271496][ T7001] RAX: ffffffffffffffda RBX: 00007f5d8c7c5fa0 RCX: 00007f5d8c59ebe9 [ 56.271511][ T7001] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003 [ 56.271596][ T7001] RBP: 00007f5d8c621e19 R08: 0000000000000000 R09: 0000000000000000 [ 56.271611][ T7001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 56.271625][ T7001] R13: 00007f5d8c7c6038 R14: 00007f5d8c7c5fa0 R15: 00007ffe0fef61d8 [ 56.271643][ T7001] [ 56.271650][ T7001] memory: usage 307200kB, limit 307200kB, failcnt 502 [ 56.611558][ T7001] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0 [ 56.619475][ T7001] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0 [ 56.626820][ T7001] Memory cgroup stats for /syz0: [ 56.629723][ T7001] cache 0 [ 56.637607][ T7001] rss 0 [ 56.640420][ T7001] shmem 0 [ 56.643347][ T7001] mapped_file 0 [ 56.646824][ T7001] dirty 0 [ 56.649782][ T7001] writeback 0 [ 56.653065][ T7001] workingset_refault_anon 45 [ 56.657646][ T7001] workingset_refault_file 437 [ 56.662334][ T7001] swap 188416 [ 56.665761][ T7001] swapcached 0 [ 56.669251][ T7001] pgpgin 16073 [ 56.672616][ T7001] pgpgout 16072 [ 56.676059][ T7001] pgfault 34831 [ 56.679622][ T7001] pgmajfault 27 [ 56.683098][ T7001] inactive_anon 0 [ 56.686717][ T7001] active_anon 0 [ 56.690183][ T7001] inactive_file 0 [ 56.693808][ T7001] active_file 4096 [ 56.697525][ T7001] unevictable 0 [ 56.701004][ T7001] hierarchical_memory_limit 314572800 [ 56.706453][ T7001] hierarchical_memsw_limit 9223372036854771712 [ 56.712737][ T7001] total_cache 0 [ 56.716333][ T7001] total_rss 0 [ 56.716342][ T7001] total_shmem 0 [ 56.716349][ T7001] total_mapped_file 0 [ 56.716357][ T7001] total_dirty 0 [ 56.716364][ T7001] total_writeback 0 [ 56.716371][ T7001] total_workingset_refault_anon 45 [ 56.716384][ T7001] total_workingset_refault_file 437 [ 56.716394][ T7001] total_swap 188416 [ 56.716400][ T7001] total_swapcached 0 [ 56.716408][ T7001] total_pgpgin 16073 [ 56.716417][ T7001] total_pgpgout 16072 [ 56.716424][ T7001] total_pgfault 34831 [ 56.716433][ T7001] total_pgmajfault 27 [ 56.768328][ T7001] total_inactive_anon 0 [ 56.768338][ T7001] total_active_anon 0 [ 56.768505][ T7001] total_inactive_file 0 [ 56.768515][ T7001] total_active_file 4096 [ 56.768527][ T7001] total_unevictable 0 [ 56.768536][ T7001] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1691,pid=7000,uid=0 [ 56.768618][ T7001] Memory cgroup out of memory: Killed process 7000 (syz.0.1691) total-vm:95680kB, anon-rss:1072kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 57.269402][ T7144] vhci_hcd: invalid port number 85 [ 57.274549][ T7144] vhci_hcd: default hub control req: 0501 v0005 i0055 l4 [ 57.293317][ T7148] netlink: 'syz.0.1762': attribute type 13 has an invalid length. [ 57.419467][ T7166] netlink: 'syz.4.1772': attribute type 21 has an invalid length. [ 57.427373][ T7166] IPv6: NLM_F_CREATE should be specified when creating new route [ 57.436452][ T7167] tmpfs: Bad value for 'mpol' [ 57.452325][ T7166] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 57.459573][ T7166] IPv6: NLM_F_CREATE should be set when creating new route [ 57.466765][ T7166] IPv6: NLM_F_CREATE should be set when creating new route [ 57.473980][ T7166] IPv6: NLM_F_CREATE should be set when creating new route [ 57.510421][ T7174] __nla_validate_parse: 20 callbacks suppressed [ 57.510438][ T7174] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1775'. [ 57.531309][ T7169] bridge_slave_0: left allmulticast mode [ 57.536988][ T7169] bridge_slave_0: left promiscuous mode [ 57.542766][ T7169] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.567930][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 57.568006][ T29] audit: type=1400 audit(1754770150.377:347): avc: denied { create } for pid=7185 comm="syz.1.1782" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 57.632938][ T7169] bridge_slave_1: left allmulticast mode [ 57.638819][ T7169] bridge_slave_1: left promiscuous mode [ 57.644516][ T7169] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.665408][ T29] audit: type=1400 audit(1754770150.397:348): avc: denied { listen } for pid=7184 comm="syz.2.1781" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 57.684795][ T29] audit: type=1400 audit(1754770150.417:349): avc: denied { read write } for pid=7185 comm="syz.1.1782" name="file0" dev="tmpfs" ino=1740 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 57.690578][ T7199] netlink: 'syz.4.1788': attribute type 5 has an invalid length. [ 57.707608][ T29] audit: type=1400 audit(1754770150.417:350): avc: denied { open } for pid=7185 comm="syz.1.1782" path="/341/file0" dev="tmpfs" ino=1740 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 57.738122][ T29] audit: type=1400 audit(1754770150.437:351): avc: denied { unlink } for pid=3303 comm="syz-executor" name="file0" dev="tmpfs" ino=1740 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 57.778792][ T7169] bond0: (slave bond_slave_0): Releasing backup interface [ 57.797993][ T7169] bond0: (slave bond_slave_1): Releasing backup interface [ 57.820319][ T7169] team0: Port device team_slave_0 removed [ 57.841616][ T7169] team0: Port device team_slave_1 removed [ 57.859260][ T7169] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 57.866676][ T7169] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 57.880357][ T7169] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 57.887852][ T7169] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 57.907599][ T7169] batman_adv: batadv0: Removing interface: netdevsim1 [ 58.024974][ T29] audit: type=1400 audit(1754770150.837:352): avc: denied { getopt } for pid=7219 comm="syz.0.1799" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 58.110793][ T7231] netlink: 'syz.2.1804': attribute type 10 has an invalid length. [ 58.165243][ T7231] team0 (unregistering): Port device C removed [ 58.209065][ T7231] team0 (unregistering): Port device team_slave_1 removed [ 58.268301][ T7244] team0: Port device bridge0 added [ 58.297432][ T7246] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=7246 comm=syz.4.1811 [ 58.359053][ T7250] SELinux: Context system_u:object_r:traceroute_exec_t:s0 is not valid (left unmapped). [ 58.373524][ T29] audit: type=1400 audit(1754770151.187:353): avc: denied { relabelto } for pid=7249 comm="syz.0.1813" name="ptmx" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:traceroute_exec_t:s0" [ 58.400931][ T29] audit: type=1400 audit(1754770151.187:354): avc: denied { associate } for pid=7249 comm="syz.0.1813" name="ptmx" dev="devtmpfs" ino=92 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 srawcon="system_u:object_r:traceroute_exec_t:s0" [ 58.403665][ T7254] validate_nla: 1 callbacks suppressed [ 58.403679][ T7254] netlink: 'syz.0.1815': attribute type 11 has an invalid length. [ 58.473954][ T7259] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1817'. [ 58.549027][ T29] audit: type=1326 audit(1754770151.357:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7265 comm="syz.1.1821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63b6f2ebe9 code=0x7ffc0000 [ 58.572546][ T29] audit: type=1326 audit(1754770151.357:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7265 comm="syz.1.1821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f63b6f2ebe9 code=0x7ffc0000 [ 58.608476][ T7264] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1820'. [ 58.752812][ T7299] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1837'. [ 58.821944][ T7311] netlink: 'syz.0.1843': attribute type 4 has an invalid length. [ 58.846327][ T7314] netlink: 16126 bytes leftover after parsing attributes in process `syz.4.1845'. [ 58.855601][ T7314] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.1845'. [ 58.864916][ T7314] netlink: 16126 bytes leftover after parsing attributes in process `syz.4.1845'. [ 59.018493][ T7344] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1857'. [ 59.055204][ T7348] wg1: entered promiscuous mode [ 59.060128][ T7348] wg1: entered allmulticast mode [ 59.089741][ T7354] netdevsim netdevsim3: Direct firmware load for ./file0/file1 failed with error -2 [ 59.245380][ T7384] loop0: detected capacity change from 0 to 512 [ 59.415920][ T7415] netlink: 'syz.3.1894': attribute type 8 has an invalid length. [ 59.423751][ T7415] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1894'. [ 59.439497][ T7421] netlink: 'syz.1.1896': attribute type 21 has an invalid length. [ 59.447354][ T7421] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1896'. [ 59.827143][ T7489] netlink: 'syz.4.1932': attribute type 11 has an invalid length. [ 59.873390][ T7501] netlink: 'syz.0.1935': attribute type 3 has an invalid length. [ 59.905478][ T7506] loop4: detected capacity change from 0 to 764 [ 59.947415][ T7513] netlink: 'syz.0.1942': attribute type 21 has an invalid length. [ 59.955702][ T7511] loop2: detected capacity change from 0 to 1024 [ 59.968454][ T7506] Symlink component flag not implemented [ 59.978911][ T7511] EXT4-fs: Ignoring removed nomblk_io_submit option [ 59.979428][ T7506] Symlink component flag not implemented (7) [ 60.021274][ T7511] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 60.078369][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.226529][ T7553] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 61.245967][ T7740] 0·: renamed from hsr0 (while UP) [ 61.277534][ T7740] 0·: entered allmulticast mode [ 61.277562][ T7740] hsr_slave_0: entered allmulticast mode [ 61.277597][ T7740] hsr_slave_1: entered allmulticast mode [ 61.278055][ T7740] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 61.534326][ T7794] netlink: 'syz.1.2076': attribute type 21 has an invalid length. [ 61.767516][ T7838] netlink: 'syz.2.2094': attribute type 31 has an invalid length. [ 61.856369][ T7854] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 61.902879][ T7854] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 61.926025][ T7863] loop2: detected capacity change from 0 to 164 [ 61.946310][ T7863] Unsupported NM flag settings (8) [ 62.634966][ T7995] netlink: 'syz.0.2176': attribute type 1 has an invalid length. [ 62.642740][ T7995] __nla_validate_parse: 21 callbacks suppressed [ 62.642756][ T7995] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2176'. [ 62.690683][ T8005] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2180'. [ 62.699823][ T8005] netlink: 43 bytes leftover after parsing attributes in process `syz.2.2180'. [ 62.708887][ T8005] netlink: 43 bytes leftover after parsing attributes in process `syz.2.2180'. [ 63.006824][ T8058] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2206'. [ 63.015934][ T8058] netlink: 196 bytes leftover after parsing attributes in process `syz.0.2206'. [ 63.052950][ T8058] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2206'. [ 63.077645][ T8058] netlink: 196 bytes leftover after parsing attributes in process `syz.0.2206'. [ 63.115881][ T8071] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2221'. [ 63.154498][ T8077] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2212'. [ 63.179816][ T8080] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0) [ 63.180247][ T29] kauditd_printk_skb: 22 callbacks suppressed [ 63.180261][ T29] audit: type=1400 audit(1754770155.997:379): avc: denied { load_policy } for pid=8078 comm="syz.4.2211" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 63.188351][ T8080] SELinux: failed to load policy [ 63.239441][ T8088] loop2: detected capacity change from 0 to 128 [ 63.352202][ T8102] loop4: detected capacity change from 0 to 512 [ 63.392497][ T8102] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 63.418398][ T8102] EXT4-fs (loop4): 1 truncate cleaned up [ 63.466476][ T8102] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.498509][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.664597][ T8132] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 63.836491][ T8144] wg1: left allmulticast mode [ 63.878193][ T29] audit: type=1326 audit(1754770156.687:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8160 comm="syz.4.2254" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe0d8dcebe9 code=0x0 [ 63.911860][ T8144] 0·: left allmulticast mode [ 63.916491][ T8144] hsr_slave_0: left allmulticast mode [ 63.921911][ T8144] hsr_slave_1: left allmulticast mode [ 63.949516][ T8144] netdevsim netdevsim0 netdevsim0: left allmulticast mode [ 64.650048][ T8211] validate_nla: 4 callbacks suppressed [ 64.650066][ T8211] netlink: 'syz.1.2279': attribute type 21 has an invalid length. [ 65.002750][ T8174] syz.2.2261 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 65.016954][ T8174] CPU: 1 UID: 0 PID: 8174 Comm: syz.2.2261 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) [ 65.017061][ T8174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 65.017073][ T8174] Call Trace: [ 65.017080][ T8174] [ 65.017087][ T8174] __dump_stack+0x1d/0x30 [ 65.017108][ T8174] dump_stack_lvl+0xe8/0x140 [ 65.017129][ T8174] dump_stack+0x15/0x1b [ 65.017173][ T8174] dump_header+0x81/0x220 [ 65.017214][ T8174] oom_kill_process+0x342/0x400 [ 65.017249][ T8174] out_of_memory+0x979/0xb80 [ 65.017284][ T8174] try_charge_memcg+0x5e6/0x9e0 [ 65.017314][ T8174] obj_cgroup_charge_pages+0xa6/0x150 [ 65.017386][ T8174] __memcg_kmem_charge_page+0x9f/0x170 [ 65.017424][ T8174] __alloc_frozen_pages_noprof+0x188/0x360 [ 65.017544][ T8174] alloc_pages_mpol+0xb3/0x250 [ 65.017579][ T8174] alloc_pages_noprof+0x90/0x130 [ 65.017612][ T8174] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 65.017703][ T8174] __kvmalloc_node_noprof+0x30f/0x4e0 [ 65.017745][ T8174] ? ip_set_alloc+0x1f/0x30 [ 65.017782][ T8174] ? ip_set_alloc+0x1f/0x30 [ 65.017817][ T8174] ? __kmalloc_cache_noprof+0x189/0x320 [ 65.017910][ T8174] ip_set_alloc+0x1f/0x30 [ 65.017945][ T8174] hash_netiface_create+0x282/0x740 [ 65.017982][ T8174] ? __pfx_hash_netiface_create+0x10/0x10 [ 65.018047][ T8174] ip_set_create+0x3c9/0x960 [ 65.018078][ T8174] ? __nla_parse+0x40/0x60 [ 65.018143][ T8174] nfnetlink_rcv_msg+0x4c6/0x590 [ 65.018187][ T8174] netlink_rcv_skb+0x120/0x220 [ 65.018209][ T8174] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 65.018244][ T8174] nfnetlink_rcv+0x16b/0x1690 [ 65.018315][ T8174] ? nlmon_xmit+0x4f/0x60 [ 65.018343][ T8174] ? consume_skb+0x49/0x150 [ 65.018443][ T8174] ? nlmon_xmit+0x4f/0x60 [ 65.018518][ T8174] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 65.018547][ T8174] ? __dev_queue_xmit+0x1200/0x2000 [ 65.018572][ T8174] ? __dev_queue_xmit+0x182/0x2000 [ 65.018599][ T8174] ? ref_tracker_free+0x37d/0x3e0 [ 65.018651][ T8174] ? __netlink_deliver_tap+0x4dc/0x500 [ 65.018678][ T8174] netlink_unicast+0x5c0/0x690 [ 65.018721][ T8174] netlink_sendmsg+0x58b/0x6b0 [ 65.018746][ T8174] ? __pfx_netlink_sendmsg+0x10/0x10 [ 65.018767][ T8174] __sock_sendmsg+0x142/0x180 [ 65.018805][ T8174] ____sys_sendmsg+0x31e/0x4e0 [ 65.018874][ T8174] ___sys_sendmsg+0x17b/0x1d0 [ 65.018911][ T8174] __x64_sys_sendmsg+0xd4/0x160 [ 65.018936][ T8174] x64_sys_call+0x191e/0x2ff0 [ 65.018963][ T8174] do_syscall_64+0xd2/0x200 [ 65.019069][ T8174] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 65.019097][ T8174] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 65.019177][ T8174] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.019204][ T8174] RIP: 0033:0x7f958a5bebe9 [ 65.019219][ T8174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.019289][ T8174] RSP: 002b:00007f9589027038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 65.019312][ T8174] RAX: ffffffffffffffda RBX: 00007f958a7e5fa0 RCX: 00007f958a5bebe9 [ 65.019325][ T8174] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003 [ 65.019337][ T8174] RBP: 00007f958a641e19 R08: 0000000000000000 R09: 0000000000000000 [ 65.019349][ T8174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 65.019362][ T8174] R13: 00007f958a7e6038 R14: 00007f958a7e5fa0 R15: 00007ffd4223d358 [ 65.019383][ T8174] [ 65.349394][ T8174] memory: usage 307200kB, limit 307200kB, failcnt 380 [ 65.356150][ T8174] memory+swap: usage 307448kB, limit 9007199254740988kB, failcnt 0 [ 65.364157][ T8174] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0 [ 65.371522][ T8174] Memory cgroup stats for /syz2: [ 65.371744][ T8174] cache 0 [ 65.379632][ T8174] rss 0 [ 65.382396][ T8174] shmem 0 [ 65.385328][ T8174] mapped_file 0 [ 65.388842][ T8174] dirty 0 [ 65.391770][ T8174] writeback 0 [ 65.395061][ T8174] workingset_refault_anon 17 [ 65.399691][ T8174] workingset_refault_file 433 [ 65.404356][ T8174] swap 253952 [ 65.407636][ T8174] swapcached 0 [ 65.411039][ T8174] pgpgin 22041 [ 65.414436][ T8174] pgpgout 22040 [ 65.417891][ T8174] pgfault 47291 [ 65.421446][ T8174] pgmajfault 15 [ 65.424891][ T8174] inactive_anon 0 [ 65.428534][ T8174] active_anon 0 [ 65.431989][ T8174] inactive_file 0 [ 65.435619][ T8174] active_file 4096 [ 65.439346][ T8174] unevictable 0 [ 65.442809][ T8174] hierarchical_memory_limit 314572800 [ 65.448168][ T8174] hierarchical_memsw_limit 9223372036854771712 [ 65.454407][ T8174] total_cache 0 [ 65.457859][ T8174] total_rss 0 [ 65.461157][ T8174] total_shmem 0 [ 65.464646][ T8174] total_mapped_file 0 [ 65.468642][ T8174] total_dirty 0 [ 65.472093][ T8174] total_writeback 0 [ 65.475892][ T8174] total_workingset_refault_anon 17 [ 65.481182][ T8174] total_workingset_refault_file 433 [ 65.486376][ T8174] total_swap 253952 [ 65.490244][ T8174] total_swapcached 0 [ 65.494140][ T8174] total_pgpgin 22041 [ 65.498099][ T8174] total_pgpgout 22040 [ 65.502168][ T8174] total_pgfault 47291 [ 65.506133][ T8174] total_pgmajfault 15 [ 65.510170][ T8174] total_inactive_anon 0 [ 65.514314][ T8174] total_active_anon 0 [ 65.518329][ T8174] total_inactive_file 0 [ 65.522503][ T8174] total_active_file 4096 [ 65.526733][ T8174] total_unevictable 0 [ 65.530774][ T8174] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2261,pid=8173,uid=0 [ 65.545420][ T8174] Memory cgroup out of memory: Killed process 8173 (syz.2.2261) total-vm:95680kB, anon-rss:1072kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 65.573615][ T8272] netlink: 'syz.1.2308': attribute type 10 has an invalid length. [ 65.591814][ T8272] team0 (unregistering): Port device team_slave_0 removed [ 65.602293][ T8272] team0 (unregistering): Port device team_slave_1 removed [ 65.696742][ T8174] syz.2.2261 (8174) used greatest stack depth: 6416 bytes left [ 65.891276][ T29] audit: type=1326 audit(1754770158.697:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8305 comm="syz.4.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0d8dcebe9 code=0x7ffc0000 [ 65.914867][ T29] audit: type=1326 audit(1754770158.697:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8305 comm="syz.4.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0d8dcebe9 code=0x7ffc0000 [ 65.979790][ T29] audit: type=1326 audit(1754770158.737:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8305 comm="syz.4.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7fe0d8dcebe9 code=0x7ffc0000 [ 66.003224][ T29] audit: type=1326 audit(1754770158.737:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8305 comm="syz.4.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0d8dcebe9 code=0x7ffc0000 [ 66.026569][ T29] audit: type=1326 audit(1754770158.737:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8305 comm="syz.4.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0d8dcebe9 code=0x7ffc0000 [ 66.102692][ T8334] ipip0: entered promiscuous mode [ 66.149225][ T8344] netlink: 'syz.3.2341': attribute type 4 has an invalid length. [ 66.274667][ T8368] netdevsim netdevsim0: Direct firmware load for ./file0/file1 failed with error -2 [ 66.335222][ T8379] netlink: 'syz.2.2357': attribute type 5 has an invalid length. [ 66.477195][ T8407] bond0: Error: Cannot enslave bond to itself. [ 66.898630][ T29] audit: type=1326 audit(1754770159.707:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8489 comm="syz.3.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5810bbebe9 code=0x7ffc0000 [ 66.946531][ T8499] openvswitch: netlink: Flow key attr not present in new flow. [ 66.972176][ T29] audit: type=1326 audit(1754770159.717:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8489 comm="syz.3.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f5810bbebe9 code=0x7ffc0000 [ 66.995587][ T29] audit: type=1326 audit(1754770159.717:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8489 comm="syz.3.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5810bbebe9 code=0x7ffc0000 [ 67.060115][ T8514] netlink: 'syz.1.2424': attribute type 11 has an invalid length. [ 67.164690][ T8540] netlink: 'syz.4.2432': attribute type 21 has an invalid length. [ 67.488489][ T8600] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 67.495771][ T8600] IPv6: NLM_F_CREATE should be set when creating new route [ 67.502985][ T8600] IPv6: NLM_F_CREATE should be set when creating new route [ 67.510187][ T8600] IPv6: NLM_F_CREATE should be set when creating new route [ 67.693147][ T8634] program syz.1.2481 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 67.703597][ T8634] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 67.833803][ T8657] __nla_validate_parse: 17 callbacks suppressed [ 67.833821][ T8657] netlink: 2116 bytes leftover after parsing attributes in process `syz.2.2491'. [ 67.855745][ T8655] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2492'. [ 67.875603][ T8660] netlink: 'syz.2.2495': attribute type 9 has an invalid length. [ 67.883384][ T8660] netlink: 'syz.2.2495': attribute type 7 has an invalid length. [ 67.891125][ T8660] netlink: 'syz.2.2495': attribute type 8 has an invalid length. [ 68.101273][ T8704] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled [ 68.214267][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 68.214283][ T29] audit: type=1400 audit(1754770161.027:393): avc: denied { getopt } for pid=8718 comm="syz.3.2522" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 68.362249][ T8732] netlink: 148 bytes leftover after parsing attributes in process `syz.0.2529'. [ 68.371366][ T8732] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 68.434963][ T8743] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2533'. [ 68.446806][ T8743] netlink: 'syz.4.2533': attribute type 2 has an invalid length. [ 68.454666][ T8743] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2533'. [ 68.460473][ T29] audit: type=1326 audit(1754770161.277:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8670 comm="syz.2.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f958a5bebe9 code=0x7ffc0000 [ 68.486955][ T29] audit: type=1326 audit(1754770161.277:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8670 comm="syz.2.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f958a5bebe9 code=0x7ffc0000 [ 68.722863][ T8780] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2549'. [ 68.755752][ T29] audit: type=1326 audit(1754770161.517:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8773 comm="syz.1.2547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63b6f2ebe9 code=0x7ffc0000 [ 68.779125][ T29] audit: type=1326 audit(1754770161.517:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8773 comm="syz.1.2547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63b6f2ebe9 code=0x7ffc0000 [ 68.802441][ T29] audit: type=1326 audit(1754770161.517:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8773 comm="syz.1.2547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f63b6f2ebe9 code=0x7ffc0000 [ 68.825782][ T29] audit: type=1326 audit(1754770161.517:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8773 comm="syz.1.2547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63b6f2ebe9 code=0x7ffc0000 [ 68.849269][ T29] audit: type=1326 audit(1754770161.517:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8773 comm="syz.1.2547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63b6f2ebe9 code=0x7ffc0000 [ 68.963993][ T8797] loop3: detected capacity change from 0 to 2048 [ 69.008898][ T8797] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 69.053098][ T8797] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 69.121911][ T3306] EXT4-fs (loop3): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 69.141683][ T8833] loop1: detected capacity change from 0 to 512 [ 69.150839][ T8833] ======================================================= [ 69.150839][ T8833] WARNING: The mand mount option has been deprecated and [ 69.150839][ T8833] and is ignored by this kernel. Remove the mand [ 69.150839][ T8833] option from the mount to silence this warning. [ 69.150839][ T8833] ======================================================= [ 69.193934][ T8840] bond0: (slave gre0): Error: Device can not be enslaved while up [ 69.205869][ T8833] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 69.232613][ T8833] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 69.250828][ T8833] System zones: 0-2, 18-18, 34-34 [ 69.259109][ T8833] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.282375][ T8833] ext4 filesystem being mounted at /529/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.296562][ T8852] netlink: 4696 bytes leftover after parsing attributes in process `syz.3.2585'. [ 69.323147][ T8852] netlink: 4696 bytes leftover after parsing attributes in process `syz.3.2585'. [ 69.332353][ T8852] netlink: 508 bytes leftover after parsing attributes in process `syz.3.2585'. [ 69.400760][ T29] audit: type=1400 audit(1754770162.217:401): avc: denied { remove_name } for pid=8831 comm="syz.1.2586" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 69.423332][ T29] audit: type=1400 audit(1754770162.217:402): avc: denied { rename } for pid=8831 comm="syz.1.2586" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 69.478292][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.496239][ T8876] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2596'. [ 69.569561][ T8891] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 69.607734][ T8898] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 69.615499][ T8898] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 70.033277][ T8978] validate_nla: 2 callbacks suppressed [ 70.033292][ T8978] netlink: 'syz.1.2646': attribute type 28 has an invalid length. [ 70.145809][ T8997] netlink: 'syz.0.2659': attribute type 3 has an invalid length. [ 70.844330][ T9106] netdevsim netdevsim4 netdevsim0: left allmulticast mode [ 70.961379][ T9116] loop4: detected capacity change from 0 to 2048 [ 70.999710][ T9116] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.021261][ T9116] ext4 filesystem being mounted at /555/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 71.062924][ T9116] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2716: bg 0: block 345: padding at end of block bitmap is not set [ 71.130916][ T9116] EXT4-fs (loop4): Remounting filesystem read-only [ 71.162221][ T9116] EXT4-fs warning (device loop4): ext4_xattr_inode_lookup_create:1597: inode #18: comm syz.4.2716: cleanup dec ref error -117 [ 71.217333][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.735515][ T9185] loop1: detected capacity change from 0 to 512 [ 71.839246][ T9185] EXT4-fs: Ignoring removed nomblk_io_submit option [ 71.886894][ T9185] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.925747][ T9191] loop4: detected capacity change from 0 to 128 [ 71.932121][ T9185] ext4 filesystem being mounted at /568/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 71.985813][ T9185] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.2749: corrupted xattr block 19: overlapping e_value [ 72.036044][ T9185] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop1 ino=15 [ 72.065410][ T9185] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.2749: corrupted xattr block 19: overlapping e_value [ 72.096477][ T9185] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop1 ino=15 [ 72.125925][ T9185] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.2749: corrupted xattr block 19: overlapping e_value [ 72.148618][ T9185] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.2749: corrupted xattr block 19: overlapping e_value [ 72.168580][ T9185] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop1 ino=15 [ 72.205785][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.484745][ T9229] netlink: 'syz.1.2768': attribute type 21 has an invalid length. [ 72.517419][ T9229] netlink: 'syz.1.2768': attribute type 4 has an invalid length. [ 72.525286][ T9229] netlink: 'syz.1.2768': attribute type 5 has an invalid length. [ 72.626611][ T9237] gretap2: entered promiscuous mode [ 73.003257][ T9269] netlink: 'syz.3.2785': attribute type 21 has an invalid length. [ 73.021615][ T9273] syz.2.2787 uses obsolete (PF_INET,SOCK_PACKET) [ 73.099879][ T9281] __nla_validate_parse: 12 callbacks suppressed [ 73.099897][ T9281] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2791'. [ 73.230078][ T29] kauditd_printk_skb: 13083 callbacks suppressed [ 73.230094][ T29] audit: type=1326 audit(1754770166.047:13486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9076 comm="syz.0.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ff00000 [ 73.260022][ T9300] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2803'. [ 73.279030][ T29] audit: type=1326 audit(1754770166.087:13487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9076 comm="syz.0.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ff00000 [ 73.302750][ T29] audit: type=1326 audit(1754770166.087:13488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9076 comm="syz.0.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ff00000 [ 73.326324][ T29] audit: type=1326 audit(1754770166.087:13489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9076 comm="syz.0.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ff00000 [ 73.349878][ T29] audit: type=1326 audit(1754770166.087:13490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9076 comm="syz.0.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ff00000 [ 73.373601][ T29] audit: type=1326 audit(1754770166.087:13491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9076 comm="syz.0.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ff00000 [ 73.397084][ T29] audit: type=1326 audit(1754770166.087:13492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9076 comm="syz.0.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ff00000 [ 73.420594][ T29] audit: type=1326 audit(1754770166.087:13493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9076 comm="syz.0.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ff00000 [ 73.444166][ T29] audit: type=1326 audit(1754770166.087:13494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9076 comm="syz.0.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ff00000 [ 73.467855][ T29] audit: type=1326 audit(1754770166.087:13495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9076 comm="syz.0.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ff00000 [ 73.501227][ T9307] netlink: 'syz.2.2814': attribute type 27 has an invalid length. [ 73.730841][ T9307] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 73.748258][ T9336] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2820'. [ 73.751473][ T9307] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 73.829128][ T41] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.840497][ T41] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.862075][ T41] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.904391][ T41] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.982450][ T9369] netlink: 124 bytes leftover after parsing attributes in process `syz.4.2836'. [ 74.004426][ T9369] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2836'. [ 74.015978][ T9371] bridge_slave_0: left allmulticast mode [ 74.021784][ T9371] bridge_slave_0: left promiscuous mode [ 74.027425][ T9371] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.037814][ T9371] bridge_slave_1: left allmulticast mode [ 74.043623][ T9371] bridge_slave_1: left promiscuous mode [ 74.049632][ T9371] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.090883][ T9371] bond0: (slave bond_slave_0): Releasing backup interface [ 74.109039][ T9371] bond0: (slave bond_slave_1): Releasing backup interface [ 74.129440][ T9392] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2845'. [ 74.139178][ T9371] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 74.147841][ T9371] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 74.414640][ T9433] bridge_slave_0: left allmulticast mode [ 74.420391][ T9433] bridge_slave_0: left promiscuous mode [ 74.426039][ T9433] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.437255][ T9433] bridge_slave_1: left allmulticast mode [ 74.443049][ T9433] bridge_slave_1: left promiscuous mode [ 74.448797][ T9433] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.472422][ T9433] bond0: (slave bond_slave_0): Releasing backup interface [ 74.509781][ T9433] bond0: (slave bond_slave_1): Releasing backup interface [ 74.558179][ T9433] team0: Port device team_slave_0 removed [ 74.608370][ T9433] team0: Port device team_slave_1 removed [ 74.625448][ T9433] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 74.632908][ T9433] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 74.684999][ T9433] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 74.692468][ T9433] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 74.817811][ T9449] ipip0: entered promiscuous mode [ 74.845713][ T9409] syz.1.2849 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 74.859933][ T9409] CPU: 1 UID: 0 PID: 9409 Comm: syz.1.2849 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) [ 74.859967][ T9409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 74.859988][ T9409] Call Trace: [ 74.859995][ T9409] [ 74.860002][ T9409] __dump_stack+0x1d/0x30 [ 74.860027][ T9409] dump_stack_lvl+0xe8/0x140 [ 74.860122][ T9409] dump_stack+0x15/0x1b [ 74.860143][ T9409] dump_header+0x81/0x220 [ 74.860216][ T9409] oom_kill_process+0x342/0x400 [ 74.860338][ T9409] out_of_memory+0x979/0xb80 [ 74.860425][ T9409] try_charge_memcg+0x5e6/0x9e0 [ 74.860458][ T9409] obj_cgroup_charge_pages+0xa6/0x150 [ 74.860574][ T9409] __memcg_kmem_charge_page+0x9f/0x170 [ 74.860617][ T9409] __alloc_frozen_pages_noprof+0x188/0x360 [ 74.860665][ T9409] alloc_pages_mpol+0xb3/0x250 [ 74.860727][ T9409] alloc_pages_noprof+0x90/0x130 [ 74.860856][ T9409] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 74.860909][ T9409] __kvmalloc_node_noprof+0x30f/0x4e0 [ 74.860943][ T9409] ? ip_set_alloc+0x1f/0x30 [ 74.861014][ T9409] ? ip_set_alloc+0x1f/0x30 [ 74.861048][ T9409] ? __kmalloc_cache_noprof+0x189/0x320 [ 74.861083][ T9409] ip_set_alloc+0x1f/0x30 [ 74.861141][ T9409] hash_netiface_create+0x282/0x740 [ 74.861184][ T9409] ? __pfx_hash_netiface_create+0x10/0x10 [ 74.861302][ T9409] ip_set_create+0x3c9/0x960 [ 74.861332][ T9409] ? __nla_parse+0x40/0x60 [ 74.861434][ T9409] nfnetlink_rcv_msg+0x4c6/0x590 [ 74.861594][ T9409] netlink_rcv_skb+0x120/0x220 [ 74.861613][ T9409] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 74.861655][ T9409] nfnetlink_rcv+0x16b/0x1690 [ 74.861691][ T9409] ? nlmon_xmit+0x4f/0x60 [ 74.861726][ T9409] ? consume_skb+0x49/0x150 [ 74.861764][ T9409] ? nlmon_xmit+0x4f/0x60 [ 74.861829][ T9409] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 74.861887][ T9409] ? __dev_queue_xmit+0x1200/0x2000 [ 74.861911][ T9409] ? __dev_queue_xmit+0x182/0x2000 [ 74.861999][ T9409] ? ref_tracker_free+0x37d/0x3e0 [ 74.862025][ T9409] ? __netlink_deliver_tap+0x4dc/0x500 [ 74.862049][ T9409] netlink_unicast+0x5c0/0x690 [ 74.862162][ T9409] netlink_sendmsg+0x58b/0x6b0 [ 74.862185][ T9409] ? __pfx_netlink_sendmsg+0x10/0x10 [ 74.862210][ T9409] __sock_sendmsg+0x142/0x180 [ 74.862240][ T9409] ____sys_sendmsg+0x31e/0x4e0 [ 74.862339][ T9409] ___sys_sendmsg+0x17b/0x1d0 [ 74.862370][ T9409] __x64_sys_sendmsg+0xd4/0x160 [ 74.862398][ T9409] x64_sys_call+0x191e/0x2ff0 [ 74.862423][ T9409] do_syscall_64+0xd2/0x200 [ 74.862463][ T9409] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 74.862488][ T9409] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 74.862513][ T9409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.862537][ T9409] RIP: 0033:0x7f63b6f2ebe9 [ 74.862624][ T9409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.862642][ T9409] RSP: 002b:00007f63b598f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 74.862660][ T9409] RAX: ffffffffffffffda RBX: 00007f63b7155fa0 RCX: 00007f63b6f2ebe9 [ 74.862673][ T9409] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003 [ 74.862688][ T9409] RBP: 00007f63b6fb1e19 R08: 0000000000000000 R09: 0000000000000000 [ 74.862788][ T9409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 74.862802][ T9409] R13: 00007f63b7156038 R14: 00007f63b7155fa0 R15: 00007ffe08724ec8 [ 74.862819][ T9409] [ 74.862826][ T9409] memory: usage 307200kB, limit 307200kB, failcnt 252 [ 75.056514][ T9466] netlink: 'syz.3.2874': attribute type 10 has an invalid length. [ 75.058633][ T9409] memory+swap: usage 307380kB, limit 9007199254740988kB, failcnt 0 [ 75.217011][ T9409] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0 [ 75.224367][ T9409] Memory cgroup stats for /syz1: [ 75.227358][ T9409] cache 0 [ 75.229528][ T9466] team0: Port device bridge0 added [ 75.232331][ T9409] rss 4096 [ 75.243444][ T9409] shmem 0 [ 75.243489][ T9463] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2873'. [ 75.246368][ T9409] mapped_file 0 [ 75.246377][ T9409] dirty 0 [ 75.261717][ T9409] writeback 0 [ 75.265016][ T9409] workingset_refault_anon 25 [ 75.269651][ T9409] workingset_refault_file 63 [ 75.274236][ T9409] swap 184320 [ 75.277510][ T9409] swapcached 8192 [ 75.281288][ T9409] pgpgin 31726 [ 75.284653][ T9409] pgpgout 31722 [ 75.288125][ T9409] pgfault 63164 [ 75.291678][ T9409] pgmajfault 19 [ 75.295123][ T9409] inactive_anon 8192 [ 75.299056][ T9409] active_anon 0 [ 75.302509][ T9409] inactive_file 8192 [ 75.306396][ T9409] active_file 0 [ 75.309879][ T9409] unevictable 0 [ 75.313330][ T9409] hierarchical_memory_limit 314572800 [ 75.318742][ T9409] hierarchical_memsw_limit 9223372036854771712 [ 75.324918][ T9409] total_cache 0 [ 75.328369][ T9409] total_rss 4096 [ 75.331947][ T9409] total_shmem 0 [ 75.335458][ T9409] total_mapped_file 0 [ 75.339481][ T9409] total_dirty 0 [ 75.342926][ T9409] total_writeback 0 [ 75.346759][ T9409] total_workingset_refault_anon 25 [ 75.351932][ T9409] total_workingset_refault_file 63 [ 75.357038][ T9409] total_swap 184320 [ 75.360868][ T9409] total_swapcached 8192 [ 75.365015][ T9409] total_pgpgin 31726 [ 75.368942][ T9409] total_pgpgout 31722 [ 75.372913][ T9409] total_pgfault 63164 [ 75.376918][ T9409] total_pgmajfault 19 [ 75.380933][ T9409] total_inactive_anon 8192 [ 75.385341][ T9409] total_active_anon 0 [ 75.389336][ T9409] total_inactive_file 8192 [ 75.393790][ T9409] total_active_file 0 [ 75.397775][ T9409] total_unevictable 0 [ 75.401840][ T9409] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2849,pid=9408,uid=0 [ 75.416440][ T9409] Memory cgroup out of memory: Killed process 9408 (syz.1.2849) total-vm:95680kB, anon-rss:944kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 75.542720][ T9492] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2888'. [ 75.848949][ T9532] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2910'. [ 75.955307][ T9548] netlink: 'syz.4.2917': attribute type 8 has an invalid length. [ 75.963093][ T9548] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2917'. [ 76.002247][ T9553] loop3: detected capacity change from 0 to 512 [ 76.146467][ T9572] netlink: 'syz.0.2928': attribute type 21 has an invalid length. [ 76.421852][ T9604] netlink: 'syz.3.2943': attribute type 27 has an invalid length. [ 76.961982][ T9575] syz.4.2931 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 76.973030][ T9575] CPU: 1 UID: 0 PID: 9575 Comm: syz.4.2931 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) [ 76.973065][ T9575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 76.973081][ T9575] Call Trace: [ 76.973087][ T9575] [ 76.973097][ T9575] __dump_stack+0x1d/0x30 [ 76.973122][ T9575] dump_stack_lvl+0xe8/0x140 [ 76.973183][ T9575] dump_stack+0x15/0x1b [ 76.973201][ T9575] dump_header+0x81/0x220 [ 76.973240][ T9575] oom_kill_process+0x342/0x400 [ 76.973401][ T9575] out_of_memory+0x979/0xb80 [ 76.973442][ T9575] try_charge_memcg+0x5e6/0x9e0 [ 76.973475][ T9575] charge_memcg+0x51/0xc0 [ 76.973497][ T9575] mem_cgroup_swapin_charge_folio+0xcc/0x150 [ 76.973604][ T9575] __read_swap_cache_async+0x1df/0x350 [ 76.973653][ T9575] swap_cluster_readahead+0x376/0x3e0 [ 76.973727][ T9575] swapin_readahead+0xde/0x6f0 [ 76.973767][ T9575] ? __filemap_get_folio+0x4f7/0x6b0 [ 76.973883][ T9575] ? __rcu_read_unlock+0x34/0x70 [ 76.973910][ T9575] ? swap_cache_get_folio+0x77/0x200 [ 76.974023][ T9575] do_swap_page+0x301/0x2430 [ 76.974052][ T9575] ? css_rstat_updated+0xb7/0x240 [ 76.974088][ T9575] ? __pfx_default_wake_function+0x10/0x10 [ 76.974144][ T9575] handle_mm_fault+0x9a5/0x2c20 [ 76.974180][ T9575] do_user_addr_fault+0x636/0x1090 [ 76.974275][ T9575] exc_page_fault+0x62/0xa0 [ 76.974303][ T9575] asm_exc_page_fault+0x26/0x30 [ 76.974328][ T9575] RIP: 0033:0x7fe0d8ca5618 [ 76.974342][ T9575] Code: 48 f7 f1 48 01 d8 49 39 c4 4c 0f 42 e0 83 3d aa 27 35 00 00 0f 8e 09 fe ff ff e8 43 9e fe ff 49 39 c4 72 66 66 0f 1f 44 00 00 <69> 3d 76 00 e8 00 e8 03 00 00 48 8d 1d 77 09 35 00 e8 12 95 12 00 [ 76.974359][ T9575] RSP: 002b:00007ffeeb241fd0 EFLAGS: 00010216 [ 76.974375][ T9575] RAX: 0000000000012c79 RBX: 00007fe0d8ff7da0 RCX: 00000000000128e0 [ 76.974387][ T9575] RDX: 0000000000000399 RSI: 00007ffeeb241fb0 RDI: 0000000000000001 [ 76.974467][ T9575] RBP: 00007fe0d8ff7da0 R08: 0000000036e55b02 R09: 7fffffffffffffff [ 76.974482][ T9575] R10: 3fffffffffffffff R11: 0000000000000293 R12: 0000000000012cb8 [ 76.974498][ T9575] R13: 00007ffeeb2420c0 R14: ffffffffffffffff R15: 00007ffeeb2420e0 [ 76.974519][ T9575] [ 76.974527][ T9575] memory: usage 307200kB, limit 307200kB, failcnt 196 [ 77.190010][ T9575] memory+swap: usage 307388kB, limit 9007199254740988kB, failcnt 0 [ 77.197874][ T9575] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0 [ 77.205180][ T9575] Memory cgroup stats for /syz4: [ 77.205635][ T9575] cache 0 [ 77.213623][ T9575] rss 0 [ 77.216371][ T9575] shmem 0 [ 77.219334][ T9575] mapped_file 0 [ 77.222808][ T9575] dirty 0 [ 77.225790][ T9575] writeback 0 [ 77.229061][ T9575] workingset_refault_anon 12 [ 77.233687][ T9575] workingset_refault_file 2 [ 77.238201][ T9575] swap 192512 [ 77.241589][ T9575] swapcached 0 [ 77.244959][ T9575] pgpgin 56098 [ 77.248304][ T9575] pgpgout 56098 [ 77.251766][ T9575] pgfault 70620 [ 77.255213][ T9575] pgmajfault 13 [ 77.258700][ T9575] inactive_anon 0 [ 77.262325][ T9575] active_anon 0 [ 77.265774][ T9575] inactive_file 0 [ 77.269423][ T9575] active_file 0 [ 77.272876][ T9575] unevictable 0 [ 77.276330][ T9575] hierarchical_memory_limit 314572800 [ 77.281710][ T9575] hierarchical_memsw_limit 9223372036854771712 [ 77.287851][ T9575] total_cache 0 [ 77.291323][ T9575] total_rss 0 [ 77.294589][ T9575] total_shmem 0 [ 77.298021][ T9575] total_mapped_file 0 [ 77.302024][ T9575] total_dirty 0 [ 77.305471][ T9575] total_writeback 0 [ 77.309282][ T9575] total_workingset_refault_anon 12 [ 77.314455][ T9575] total_workingset_refault_file 2 [ 77.319477][ T9575] total_swap 192512 [ 77.323262][ T9575] total_swapcached 0 [ 77.327165][ T9575] total_pgpgin 56098 [ 77.331091][ T9575] total_pgpgout 56098 [ 77.335059][ T9575] total_pgfault 70620 [ 77.339053][ T9575] total_pgmajfault 13 [ 77.343020][ T9575] total_inactive_anon 0 [ 77.347148][ T9575] total_active_anon 0 [ 77.351128][ T9575] total_inactive_file 0 [ 77.355269][ T9575] total_active_file 0 [ 77.359280][ T9575] total_unevictable 0 [ 77.363284][ T9575] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.2931,pid=9575,uid=0 [ 77.377869][ T9575] Memory cgroup out of memory: Killed process 9575 (syz.4.2931) total-vm:95680kB, anon-rss:1072kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 77.694826][ T9604] 0·: left allmulticast mode [ 77.699580][ T9604] hsr_slave_0: left allmulticast mode [ 77.705088][ T9604] hsr_slave_1: left allmulticast mode [ 77.856199][ T9604] netdevsim netdevsim3 netdevsim0: left allmulticast mode [ 77.879391][ T9604] geneve2: left promiscuous mode [ 77.884367][ T9604] geneve2: left allmulticast mode [ 77.903644][ T9619] bond0: Error: Cannot enslave bond to itself. [ 77.913350][ T1808] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.922342][ T1808] netdevsim netdevsim3 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 77.956839][ T1808] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.965875][ T1808] netdevsim netdevsim3 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 77.980614][ T1808] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.989551][ T1808] netdevsim netdevsim3 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 77.998688][ T1808] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.007575][ T1808] netdevsim netdevsim3 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 78.678327][ T9715] __nla_validate_parse: 4 callbacks suppressed [ 78.678343][ T9715] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2994'. [ 78.724438][ T1808] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.746683][ T1808] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.778570][ T1808] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.795382][ T9722] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 78.802656][ T9722] IPv6: NLM_F_CREATE should be set when creating new route [ 78.809857][ T9722] IPv6: NLM_F_CREATE should be set when creating new route [ 78.817056][ T9722] IPv6: NLM_F_CREATE should be set when creating new route [ 78.826602][ T1808] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.844907][ T9724] program syz.4.2998 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 78.856861][ T9724] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 78.937098][ T9731] program syz.0.3011 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 78.943061][ T9733] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3000'. [ 78.988491][ T9731] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 79.034701][ T9741] openvswitch: netlink: Flow key attr not present in new flow. [ 79.110873][ T9751] (unnamed net_device) (uninitialized): option arp_interval: mode dependency failed, not supported in mode balance-tlb(5) [ 79.139859][ T9755] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3008'. [ 79.158526][ T9753] netlink: 2116 bytes leftover after parsing attributes in process `syz.4.3007'. [ 79.172171][ T3328] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.186853][ T3328] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.221680][ T9759] netlink: 148 bytes leftover after parsing attributes in process `syz.1.3023'. [ 79.230793][ T9759] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 79.246354][ T3328] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.271192][ T3328] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.334242][ T29] kauditd_printk_skb: 812 callbacks suppressed [ 79.334257][ T29] audit: type=1326 audit(1754770172.147:14308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9774 comm="syz.3.3024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5810bbebe9 code=0x7ffc0000 [ 79.369257][ T29] audit: type=1326 audit(1754770172.187:14309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9774 comm="syz.3.3024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f5810bbebe9 code=0x7ffc0000 [ 79.460702][ T9785] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled [ 79.877839][ T29] audit: type=1326 audit(1754770172.687:14310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9774 comm="syz.3.3024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5810bbebe9 code=0x7ffc0000 [ 79.927086][ T29] audit: type=1326 audit(1754770172.687:14311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9774 comm="syz.3.3024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5810bbebe9 code=0x7ffc0000 [ 80.039589][ T9803] netlink: 148 bytes leftover after parsing attributes in process `syz.4.3034'. [ 80.048690][ T9803] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 80.220770][ T9831] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3059'. [ 80.230681][ T9835] netlink: 148 bytes leftover after parsing attributes in process `syz.2.3061'. [ 80.239806][ T9835] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 80.356278][ T9852] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3069'. [ 80.397476][ T9857] loop1: detected capacity change from 0 to 512 [ 80.426086][ T9857] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 80.434816][ T9857] EXT4-fs (loop1): invalid journal inode [ 80.440801][ T9857] EXT4-fs (loop1): can't get journal size [ 80.458683][ T9857] EXT4-fs (loop1): 1 truncate cleaned up [ 80.464737][ T9857] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.531452][ T29] audit: type=1326 audit(1754770173.347:14312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9870 comm="syz.0.3066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ffc0000 [ 80.564090][ T9864] loop2: detected capacity change from 0 to 8192 [ 80.588137][ T29] audit: type=1326 audit(1754770173.347:14313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9870 comm="syz.0.3066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ffc0000 [ 80.611768][ T29] audit: type=1326 audit(1754770173.377:14314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9870 comm="syz.0.3066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f5d8c59ebe9 code=0x7ffc0000 [ 80.635256][ T29] audit: type=1326 audit(1754770173.377:14315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9870 comm="syz.0.3066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ffc0000 [ 80.658793][ T29] audit: type=1326 audit(1754770173.377:14316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9870 comm="syz.0.3066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8c59ebe9 code=0x7ffc0000 [ 80.659245][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.708819][ T3502] loop2: p2 p3 [ 80.717360][ T3502] loop2: p2 size 65536 extends beyond EOD, truncated [ 80.743814][ T9864] loop2: p2 p3 [ 80.747409][ T9864] loop2: p2 size 65536 extends beyond EOD, truncated [ 80.792371][ T9891] loop4: detected capacity change from 0 to 512 [ 80.803952][ T9890] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.3084'. [ 80.813633][ T3293] udevd[3293]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 80.823506][ T9891] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 80.833575][ T3502] udevd[3502]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 80.861549][ T3293] udevd[3293]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 80.871971][ T9891] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 80.873013][ T3502] udevd[3502]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 80.892397][ T9891] System zones: 0-2, 18-18, 34-34 [ 80.908443][ T9891] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.921524][ T9891] ext4 filesystem being mounted at /653/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.957367][ T9908] (unnamed net_device) (uninitialized): option arp_interval: mode dependency failed, not supported in mode balance-tlb(5) [ 80.984811][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.081751][ T9927] netlink: 'syz.1.3092': attribute type 7 has an invalid length. [ 81.089569][ T9927] netlink: 'syz.1.3092': attribute type 5 has an invalid length. [ 81.119095][ T9931] netlink: 'syz.3.3094': attribute type 10 has an invalid length. [ 81.138355][ T9936] loop0: detected capacity change from 0 to 512 [ 81.148813][ T9936] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 81.184163][ T9936] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 81.203139][ T9936] System zones: 0-2, 18-18, 34-34 [ 81.212048][ T9936] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.226667][ T9936] ext4 filesystem being mounted at /600/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.299508][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.584275][ T9999] netlink: 'syz.0.3127': attribute type 7 has an invalid length. [ 81.592135][ T9999] netlink: 'syz.0.3127': attribute type 5 has an invalid length. [ 81.645602][T10007] loop1: detected capacity change from 0 to 1024 [ 81.670722][T10007] EXT4-fs: Ignoring removed nobh option [ 81.676307][T10007] EXT4-fs: Ignoring removed bh option [ 81.736640][T10022] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 81.764156][T10007] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.801306][ T29] audit: type=1400 audit(1754770174.607:14317): avc: denied { setattr } for pid=10006 comm="syz.1.3130" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 81.827292][T10037] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 81.849641][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.899366][T10043] netlink: 'syz.3.3149': attribute type 28 has an invalid length. [ 81.990153][T10061] netlink: 'syz.1.3154': attribute type 3 has an invalid length. [ 82.147033][T10094] netlink: 'syz.2.3170': attribute type 28 has an invalid length. [ 82.203403][T10104] netlink: 'syz.2.3175': attribute type 3 has an invalid length. [ 82.279393][T10116] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 82.349092][T10130] loop0: detected capacity change from 0 to 2048 [ 82.390674][T10130] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.418794][T10130] ext4 filesystem being mounted at /619/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.462104][T10130] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3190: bg 0: block 345: padding at end of block bitmap is not set [ 82.494494][T10130] EXT4-fs (loop0): Remounting filesystem read-only [ 82.509054][T10130] EXT4-fs warning (device loop0): ext4_xattr_inode_lookup_create:1597: inode #18: comm syz.0.3190: cleanup dec ref error -117 [ 82.544215][T10162] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 82.565099][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.642025][T10177] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 82.861162][T10204] loop2: detected capacity change from 0 to 2048 [ 82.881361][T10210] netlink: 'syz.4.3230': attribute type 10 has an invalid length. [ 82.939601][T10204] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.941801][T10222] loop0: detected capacity change from 0 to 128 [ 82.951984][T10204] ext4 filesystem being mounted at /635/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.979691][T10204] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3227: bg 0: block 345: padding at end of block bitmap is not set [ 83.023623][T10204] EXT4-fs (loop2): Remounting filesystem read-only [ 83.031215][T10204] EXT4-fs warning (device loop2): ext4_xattr_inode_lookup_create:1597: inode #18: comm syz.2.3227: cleanup dec ref error -117 [ 83.074455][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.131580][T10240] loop1: detected capacity change from 0 to 2048 [ 83.167165][T10240] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.189192][T10240] ext4 filesystem being mounted at /653/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.195879][T10256] loop4: detected capacity change from 0 to 512 [ 83.207842][T10240] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3253: bg 0: block 345: padding at end of block bitmap is not set [ 83.215976][T10256] EXT4-fs: Ignoring removed nomblk_io_submit option [ 83.230178][T10240] EXT4-fs (loop1): Remounting filesystem read-only [ 83.236928][T10240] EXT4-fs warning (device loop1): ext4_xattr_inode_lookup_create:1597: inode #18: comm syz.1.3253: cleanup dec ref error -117 [ 83.270117][T10256] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.283576][T10256] ext4 filesystem being mounted at /695/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.295189][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.314181][T10256] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.3249: corrupted xattr block 19: overlapping e_value [ 83.371626][T10256] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=15 [ 83.387625][T10256] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.3249: corrupted xattr block 19: overlapping e_value [ 83.416911][T10256] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=15 [ 83.432685][T10256] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.3249: corrupted xattr block 19: overlapping e_value [ 83.460094][T10256] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.3249: corrupted xattr block 19: overlapping e_value [ 83.475288][T10256] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=15 [ 83.498715][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.603670][T10308] wg1: left allmulticast mode [ 83.614674][T10308] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.627282][T10308] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.656728][T10308] 0·: left allmulticast mode [ 83.661482][T10308] hsr_slave_0: left allmulticast mode [ 83.666948][T10308] hsr_slave_1: left allmulticast mode [ 83.821864][T10344] loop3: detected capacity change from 0 to 512 [ 83.836031][T10344] EXT4-fs: Ignoring removed nomblk_io_submit option [ 83.872755][T10344] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.885721][T10344] ext4 filesystem being mounted at /645/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.899444][T10344] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.3292: corrupted xattr block 19: overlapping e_value [ 83.913346][T10344] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 83.922441][T10344] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.3292: corrupted xattr block 19: overlapping e_value [ 83.936374][T10344] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 83.945794][T10344] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.3292: corrupted xattr block 19: overlapping e_value [ 83.959722][T10344] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.3292: corrupted xattr block 19: overlapping e_value [ 83.975690][T10357] gretap1: entered promiscuous mode [ 83.979092][T10344] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 84.051258][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.130806][T10377] __nla_validate_parse: 12 callbacks suppressed [ 84.130821][T10377] netlink: 256 bytes leftover after parsing attributes in process `syz.1.3305'. [ 84.344346][T10415] netlink: 256 bytes leftover after parsing attributes in process `syz.0.3322'. [ 84.427955][ T29] audit: type=1400 audit(1754770177.237:14318): avc: denied { append } for pid=10428 comm="syz.0.3332" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 84.451313][ T29] audit: type=1400 audit(1754770177.237:14319): avc: denied { open } for pid=10428 comm="syz.0.3332" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 84.475631][T10434] random: crng reseeded on system resumption [ 84.510442][T10443] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3338'. [ 84.519461][T10443] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3338'. [ 84.528467][T10443] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3338'. [ 84.745244][T10482] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check. [ 84.792144][T10489] netlink: 220 bytes leftover after parsing attributes in process `syz.0.3358'. [ 84.801309][T10489] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3358'. [ 84.810329][T10489] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3358'. [ 84.824695][T10489] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3358'. [ 84.836000][T10489] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3358'. [ 84.952882][T10516] program syz.1.3374 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 85.164554][T10545] delete_channel: no stack [ 85.169957][ T29] audit: type=1400 audit(1754770177.977:14320): avc: denied { setopt } for pid=10545 comm="syz.0.3389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 86.058460][T10627] wg1: entered promiscuous mode [ 86.063366][T10627] wg1: entered allmulticast mode [ 86.116499][T10630] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check. [ 86.295826][ T29] audit: type=1400 audit(1754770179.107:14321): avc: denied { mounton } for pid=10658 comm="syz.3.3442" path="/676/file3" dev="tmpfs" ino=3419 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 86.295872][T10659] ext2: Unexpected value for 'acl' [ 86.420580][T10680] validate_nla: 7 callbacks suppressed [ 86.420673][T10680] netlink: 'syz.1.3449': attribute type 30 has an invalid length. [ 86.444749][T10682] program syz.4.3453 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 86.487009][T10689] delete_channel: no stack [ 86.546820][ T29] audit: type=1326 audit(1754770179.357:14322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10703 comm="syz.3.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5810bbebe9 code=0x7ffc0000 [ 86.570454][ T29] audit: type=1326 audit(1754770179.357:14323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10703 comm="syz.3.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5810bbebe9 code=0x7ffc0000 [ 86.601308][ T29] audit: type=1326 audit(1754770179.417:14324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10703 comm="syz.3.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f5810bbebe9 code=0x7ffc0000 [ 86.624868][ T29] audit: type=1326 audit(1754770179.417:14325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10703 comm="syz.3.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5810bbebe9 code=0x7ffc0000 [ 86.808732][ T29] audit: type=1326 audit(1754770179.607:14326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10746 comm="syz.2.3484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f958a5bebe9 code=0x7ffc0000 [ 86.832460][ T29] audit: type=1326 audit(1754770179.607:14327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10746 comm="syz.2.3484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f958a5bebe9 code=0x7ffc0000 [ 86.837792][T10750] program syz.2.3487 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 86.945196][T10766] loop0: detected capacity change from 0 to 512 [ 86.955532][T10766] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 86.992309][T10766] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 3: comm syz.0.3493: lblock 0 mapped to illegal pblock 3 (length 1) [ 87.018280][T10766] EXT4-fs warning (device loop0): dx_probe:791: inode #2: lblock 0: comm syz.0.3493: error -117 reading directory block [ 87.047936][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.186206][T10799] loop3: detected capacity change from 0 to 512 [ 87.214334][T10799] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 87.236749][T10799] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #2: block 3: comm syz.3.3511: lblock 0 mapped to illegal pblock 3 (length 1) [ 87.267952][T10799] EXT4-fs warning (device loop3): dx_probe:791: inode #2: lblock 0: comm syz.3.3511: error -117 reading directory block [ 87.298905][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.853057][T10929] netlink: 'syz.0.3574': attribute type 21 has an invalid length. [ 88.133877][T10985] netlink: 'syz.2.3603': attribute type 21 has an invalid length. [ 88.494505][T11057] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067968) [ 88.504776][T11057] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647 [ 88.608341][T11075] netlink: 'syz.0.3646': attribute type 21 has an invalid length. [ 88.840736][T11121] netlink: 'syz.3.3670': attribute type 4 has an invalid length. [ 88.848561][T11121] netlink: 'syz.3.3670': attribute type 5 has an invalid length. [ 89.012487][T11151] netlink: 'syz.4.3685': attribute type 4 has an invalid length. [ 89.020307][T11151] netlink: 'syz.4.3685': attribute type 5 has an invalid length. [ 89.140788][T11174] __nla_validate_parse: 25 callbacks suppressed [ 89.140805][T11174] netlink: 2 bytes leftover after parsing attributes in process `syz.3.3695'. [ 89.179747][T11170] netlink: 108 bytes leftover after parsing attributes in process `syz.4.3693'. [ 89.185642][T11178] loop1: detected capacity change from 0 to 512 [ 89.198750][T11170] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3693'. [ 89.208216][T11178] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 89.227553][T11178] EXT4-fs (loop1): invalid journal inode [ 89.234341][T11178] EXT4-fs (loop1): can't get journal size [ 89.244254][T11178] EXT4-fs (loop1): 1 truncate cleaned up [ 89.259932][T11185] netlink: 'syz.0.3699': attribute type 4 has an invalid length. [ 89.267674][T11185] netlink: 'syz.0.3699': attribute type 5 has an invalid length. [ 89.271100][T11178] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.275485][T11185] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.3699'. [ 89.312669][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.385604][T11200] SELinux: Context system_u: is not valid (left unmapped). [ 89.430465][ T29] kauditd_printk_skb: 35 callbacks suppressed [ 89.430481][ T29] audit: type=1400 audit(1754770182.247:14363): avc: denied { setattr } for pid=11201 comm="syz.3.3708" name="SCTPv6" dev="sockfs" ino=30816 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 89.457449][T11207] random: crng reseeded on system resumption [ 89.470702][ T29] audit: type=1400 audit(1754770182.247:14364): avc: denied { write } for pid=11206 comm="syz.0.3712" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 89.470749][ T29] audit: type=1400 audit(1754770182.247:14365): avc: denied { open } for pid=11206 comm="syz.0.3712" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 89.506281][ T29] audit: type=1400 audit(1754770182.317:14366): avc: denied { ioctl } for pid=11206 comm="syz.0.3712" path="/dev/snapshot" dev="devtmpfs" ino=90 ioctlcmd=0x330d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 89.604583][ T29] audit: type=1400 audit(1754770182.407:14367): avc: denied { create } for pid=11219 comm="syz.1.3717" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 89.624410][ T29] audit: type=1400 audit(1754770182.417:14368): avc: denied { getopt } for pid=11219 comm="syz.1.3717" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 89.655221][T11229] netlink: 2 bytes leftover after parsing attributes in process `syz.4.3722'. [ 89.669645][ T29] audit: type=1400 audit(1754770182.417:14369): avc: denied { prog_load } for pid=11221 comm="syz.2.3718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 89.689019][ T29] audit: type=1400 audit(1754770182.417:14370): avc: denied { bpf } for pid=11221 comm="syz.2.3718" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 89.709797][ T29] audit: type=1400 audit(1754770182.417:14371): avc: denied { perfmon } for pid=11221 comm="syz.2.3718" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 89.716275][T11234] usb usb1: check_ctrlrecip: process 11234 (syz.4.3724) requesting ep 01 but needs 81 [ 89.731147][ T29] audit: type=1400 audit(1754770182.417:14372): avc: denied { prog_run } for pid=11221 comm="syz.2.3718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 89.740415][T11234] usb usb1: usbfs: process 11234 (syz.4.3724) did not claim interface 0 before use [ 90.157360][T11297] loop2: detected capacity change from 0 to 512 [ 90.219901][T11297] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 90.236133][T11297] EXT4-fs (loop2): invalid journal inode [ 90.254051][T11297] EXT4-fs (loop2): can't get journal size [ 90.263661][T11297] EXT4-fs (loop2): 1 truncate cleaned up [ 90.294955][T11297] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.345368][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.447360][T11343] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3777'. [ 90.698659][T11391] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3810'. [ 90.738819][T11395] loop1: detected capacity change from 0 to 128 [ 90.763126][T11395] FAT-fs (loop1): Directory bread(block 162) failed [ 90.787528][T11395] FAT-fs (loop1): Directory bread(block 163) failed [ 90.802934][T11395] FAT-fs (loop1): Directory bread(block 164) failed [ 90.809718][T11395] FAT-fs (loop1): Directory bread(block 165) failed [ 90.816403][T11395] FAT-fs (loop1): Directory bread(block 166) failed [ 90.833382][T11395] FAT-fs (loop1): Directory bread(block 167) failed [ 90.847374][T11395] FAT-fs (loop1): Directory bread(block 168) failed [ 90.875549][T11395] FAT-fs (loop1): Directory bread(block 169) failed [ 90.901425][T11395] FAT-fs (loop1): Directory bread(block 162) failed [ 90.922201][T11395] FAT-fs (loop1): Directory bread(block 163) failed [ 90.949763][T11395] syz.1.3801: attempt to access beyond end of device [ 90.949763][T11395] loop1: rw=3, sector=226, nr_sectors = 6 limit=128 [ 90.980911][T11395] syz.1.3801: attempt to access beyond end of device [ 90.980911][T11395] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 91.071001][T11450] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3828'. [ 91.079995][T11450] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3828'. [ 91.116120][T11450] geneve3: entered promiscuous mode [ 91.121498][T11450] geneve3: entered allmulticast mode [ 91.147765][ T51] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 91.173665][ T51] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 91.195587][ T51] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 91.216792][ T51] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 91.234138][T11473] loop2: detected capacity change from 0 to 128 [ 91.251614][T11473] FAT-fs (loop2): Directory bread(block 162) failed [ 91.264733][T11473] FAT-fs (loop2): Directory bread(block 163) failed [ 91.287149][T11473] FAT-fs (loop2): Directory bread(block 164) failed [ 91.305790][T11473] FAT-fs (loop2): Directory bread(block 165) failed [ 91.322796][T11473] FAT-fs (loop2): Directory bread(block 166) failed [ 91.337338][T11473] FAT-fs (loop2): Directory bread(block 167) failed [ 91.354342][T11473] FAT-fs (loop2): Directory bread(block 168) failed [ 91.363941][T11473] FAT-fs (loop2): Directory bread(block 169) failed [ 91.385043][T11473] FAT-fs (loop2): Directory bread(block 162) failed [ 91.404728][T11473] FAT-fs (loop2): Directory bread(block 163) failed [ 91.421932][T11499] netlink: 100 bytes leftover after parsing attributes in process `syz.4.3852'. [ 91.428657][T11473] syz.2.3839: attempt to access beyond end of device [ 91.428657][T11473] loop2: rw=3, sector=226, nr_sectors = 6 limit=128 [ 91.452624][T11473] syz.2.3839: attempt to access beyond end of device [ 91.452624][T11473] loop2: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 91.708364][T11548] validate_nla: 4 callbacks suppressed [ 91.708377][T11548] netlink: 'syz.3.3875': attribute type 5 has an invalid length. [ 91.755893][T11548] geneve4: entered promiscuous mode [ 91.761262][T11548] geneve4: entered allmulticast mode [ 91.782403][ T1808] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 91.808590][ T51] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 91.821080][ T51] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 91.849381][ T51] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 92.138867][T11626] netlink: 'syz.3.3912': attribute type 12 has an invalid length. [ 92.344739][T11663] netlink: 'syz.0.3931': attribute type 12 has an invalid length. [ 92.465301][T11685] loop4: detected capacity change from 0 to 764 [ 92.509511][T11685] Symlink component flag not implemented [ 92.515150][T11685] Symlink component flag not implemented [ 92.558470][T11685] Symlink component flag not implemented (129) [ 92.564702][T11685] Symlink component flag not implemented (6) [ 92.572994][T11700] netlink: 'syz.1.3949': attribute type 12 has an invalid length. [ 92.590675][T11685] rock: directory entry would overflow storage [ 92.596879][T11685] rock: sig=0x4f50, size=4, remaining=3 [ 92.602458][T11685] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 93.345806][T11837] loop0: detected capacity change from 0 to 764 [ 93.390545][T11837] Symlink component flag not implemented [ 93.396214][T11837] Symlink component flag not implemented [ 93.422779][T11837] Symlink component flag not implemented (129) [ 93.428999][T11837] Symlink component flag not implemented (6) [ 93.447307][T11837] rock: directory entry would overflow storage [ 93.453528][T11837] rock: sig=0x4f50, size=4, remaining=3 [ 93.459186][T11837] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 94.171373][T11969] __nla_validate_parse: 11 callbacks suppressed [ 94.171388][T11969] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4079'. [ 94.190663][T11969] netlink: 10 bytes leftover after parsing attributes in process `syz.2.4079'. [ 94.378799][T12006] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4098'. [ 94.407357][T12011] netlink: 'syz.2.4110': attribute type 2 has an invalid length. [ 94.441296][T12006] netlink: 10 bytes leftover after parsing attributes in process `syz.0.4098'. [ 94.509121][T12026] loop2: detected capacity change from 0 to 164 [ 94.531751][T12026] process 'syz.2.4106' launched './file0' with NULL argv: empty string added [ 94.547561][T12026] syz.2.4106: attempt to access beyond end of device [ 94.547561][T12026] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 94.589995][T12026] syz.2.4106: attempt to access beyond end of device [ 94.589995][T12026] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 94.656723][ T29] kauditd_printk_skb: 75 callbacks suppressed [ 94.656739][ T29] audit: type=1326 audit(94.626:14448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12043 comm="syz.1.4115" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f63b6f2ebe9 code=0x0 [ 94.700245][T12047] netlink: 'syz.3.4118': attribute type 2 has an invalid length. [ 94.708112][T12052] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4119'. [ 94.721236][T12052] netlink: 10 bytes leftover after parsing attributes in process `syz.4.4119'. [ 94.773305][T12059] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 94.778649][ T29] audit: type=1400 audit(94.746:14449): avc: denied { read write } for pid=12058 comm="syz.1.4124" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 94.793096][T12059] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 94.804748][ T29] audit: type=1400 audit(94.746:14450): avc: denied { open } for pid=12058 comm="syz.1.4124" path="/dev/raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 94.835406][ T29] audit: type=1400 audit(94.746:14451): avc: denied { ioctl } for pid=12058 comm="syz.1.4124" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 94.902547][ T29] audit: type=1400 audit(94.876:14452): avc: denied { write } for pid=12067 comm="syz.0.4126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 94.919636][T12075] loop4: detected capacity change from 0 to 164 [ 94.934684][ T29] audit: type=1400 audit(94.906:14453): avc: denied { read } for pid=12074 comm="syz.3.4132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 94.958545][ T29] audit: type=1400 audit(94.936:14454): avc: denied { write } for pid=12079 comm="syz.0.4134" name="001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 95.001026][T12075] syz.4.4131: attempt to access beyond end of device [ 95.001026][T12075] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 95.016092][T12075] syz.4.4131: attempt to access beyond end of device [ 95.016092][T12075] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 95.041858][T12087] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4137'. [ 95.091909][T12093] loop0: detected capacity change from 0 to 764 [ 95.123102][T12093] Symlink component flag not implemented [ 95.128880][T12093] Symlink component flag not implemented (7) [ 95.144470][T12093] Symlink component flag not implemented (7) [ 95.154099][ T29] audit: type=1326 audit(95.126:14455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12098 comm="syz.2.4143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f958a5bebe9 code=0x7ffc0000 [ 95.194977][ T29] audit: type=1326 audit(95.126:14456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12098 comm="syz.2.4143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f958a5bebe9 code=0x7ffc0000 [ 95.217820][ T29] audit: type=1326 audit(95.126:14457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12098 comm="syz.2.4143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f958a5bebe9 code=0x7ffc0000 [ 95.305974][T12121] loop3: detected capacity change from 0 to 164 [ 95.321912][T12121] syz.3.4153: attempt to access beyond end of device [ 95.321912][T12121] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 95.341948][T12121] syz.3.4153: attempt to access beyond end of device [ 95.341948][T12121] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 95.347939][T12123] loop4: detected capacity change from 0 to 128 [ 95.407367][T12136] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4159'. [ 95.426842][T12123] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 95.471102][T12144] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4162'. [ 95.526972][ T3300] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 95.550599][T12156] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4170'. [ 95.690588][T12178] loop2: detected capacity change from 0 to 764 [ 95.751779][T12178] Symlink component flag not implemented [ 95.773401][T12178] Symlink component flag not implemented (7) [ 95.807945][T12178] Symlink component flag not implemented (7) [ 95.933418][T12215] loop0: detected capacity change from 0 to 128 [ 95.974858][T12215] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 96.029019][ T3299] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 96.079452][T12232] team_slave_0: entered promiscuous mode [ 96.085261][T12232] team_slave_0: entered allmulticast mode [ 96.167749][T12243] loop0: detected capacity change from 0 to 256 [ 96.176443][T12246] loop2: detected capacity change from 0 to 128 [ 96.193920][T12246] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 96.211570][T12243] FAT-fs (loop0): codepage cp865 not found [ 96.245977][ T3304] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 97.081730][T12282] loop1: detected capacity change from 0 to 256 [ 97.122317][T12282] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 322, start 00000905) [ 97.154653][T12282] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 322, start 00000905) [ 97.183783][T12282] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 322, start 00000905) [ 97.213535][T12295] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (1088) [ 97.223227][T12295] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023 [ 97.350360][T12320] loop0: detected capacity change from 0 to 256 [ 97.366665][T12320] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 322, start 00000905) [ 97.367112][T12319] loop1: detected capacity change from 0 to 1764 [ 97.383604][ T2991] udevd[2991]: worker [3502] terminated by signal 33 (Unknown signal 33) [ 97.392752][T12320] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 322, start 00000905) [ 97.403588][ T2991] udevd[2991]: worker [3502] failed while handling '/devices/virtual/block/loop0' [ 97.416716][T12320] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 322, start 00000905) [ 98.130560][T12372] loop4: detected capacity change from 0 to 1764 [ 98.287360][T12401] loop1: detected capacity change from 0 to 512 [ 98.301212][ T2991] udevd[2991]: worker [3293] terminated by signal 33 (Unknown signal 33) [ 98.301299][ T2991] udevd[2991]: worker [3293] failed while handling '/devices/virtual/block/loop1' [ 98.338153][T12401] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.352740][T12401] EXT4-fs error (device loop1): ext4_readdir:264: inode #12: block 32: comm syz.1.4286: path /873/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 98.364101][T12412] loop2: detected capacity change from 0 to 1024 [ 98.384704][T12401] EXT4-fs (loop1): Remounting filesystem read-only [ 98.392072][T12412] ext4: Unknown parameter 'obj_role' [ 98.506690][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.542498][T12428] loop1: detected capacity change from 0 to 736 [ 98.700458][T12448] loop1: detected capacity change from 0 to 1024 [ 98.707374][T12448] ext4: Unknown parameter 'obj_role' [ 98.905260][T12478] loop4: detected capacity change from 0 to 1024 [ 98.912277][T12478] ext4: Unknown parameter 'obj_role' [ 98.951849][T12484] loop2: detected capacity change from 0 to 512 [ 98.980528][T12484] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.004730][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.041954][T12491] loop4: detected capacity change from 0 to 1024 [ 99.059873][T12491] EXT4-fs: Ignoring removed nobh option [ 99.065492][T12491] EXT4-fs: Ignoring removed bh option [ 99.106605][T12491] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.162920][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.172025][T12495] bridge_slave_0: left allmulticast mode [ 99.177661][T12495] bridge_slave_0: left promiscuous mode [ 99.183655][T12495] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.212998][T12495] bridge_slave_1: left allmulticast mode [ 99.218710][T12495] bridge_slave_1: left promiscuous mode [ 99.224486][T12495] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.246704][T12495] bond0: (slave bond_slave_0): Releasing backup interface [ 99.268657][T12495] bond0: (slave bond_slave_1): Releasing backup interface [ 99.293777][T12495] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 99.304263][T12495] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 99.320908][T12495] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 99.333005][T12495] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 99.334766][T12518] loop4: detected capacity change from 0 to 2048 [ 99.372747][ T31] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.399759][ T31] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.416992][ T31] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.418988][T12518] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.426326][ T31] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.530365][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.541106][T12529] loop3: detected capacity change from 0 to 1024 [ 99.587276][T12529] EXT4-fs: Ignoring removed nobh option [ 99.592983][T12529] EXT4-fs: Ignoring removed bh option [ 99.750051][T12529] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.809076][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.309092][ T29] kauditd_printk_skb: 89 callbacks suppressed [ 100.309107][ T29] audit: type=1326 audit(100.286:14547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12546 comm="syz.3.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5810bbebe9 code=0x7ffc0000 [ 100.341783][T12548] loop3: detected capacity change from 0 to 512 [ 100.372146][T12548] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.388006][ T29] audit: type=1326 audit(100.316:14548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12546 comm="syz.3.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5810bbebe9 code=0x7ffc0000 [ 100.411114][ T29] audit: type=1326 audit(100.316:14549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12546 comm="syz.3.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5810bbec23 code=0x7ffc0000 [ 100.433955][ T29] audit: type=1326 audit(100.316:14550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12546 comm="syz.3.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5810bbd69f code=0x7ffc0000 [ 100.456792][ T29] audit: type=1326 audit(100.316:14551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12546 comm="syz.3.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f5810bbec77 code=0x7ffc0000 [ 100.479764][ T29] audit: type=1326 audit(100.316:14552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12546 comm="syz.3.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5810bbd550 code=0x7ffc0000 [ 100.502906][ T29] audit: type=1326 audit(100.316:14553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12546 comm="syz.3.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5810bbe7eb code=0x7ffc0000 [ 100.525915][ T29] audit: type=1326 audit(100.316:14554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12546 comm="syz.3.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5810bbd84a code=0x7ffc0000 [ 100.548778][ T29] audit: type=1326 audit(100.316:14555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12546 comm="syz.3.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5810bbd84a code=0x7ffc0000 [ 100.571579][ T29] audit: type=1326 audit(100.316:14556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12546 comm="syz.3.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f5810bbd457 code=0x7ffc0000 [ 100.609998][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.643115][T12559] loop3: detected capacity change from 0 to 512 [ 100.683656][ T2991] udevd[2991]: worker [3640] terminated by signal 33 (Unknown signal 33) [ 100.700151][ T2991] udevd[2991]: worker [3640] failed while handling '/devices/virtual/block/loop3' [ 100.719878][T12559] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.802691][T12568] loop1: detected capacity change from 0 to 1764 [ 100.830891][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.864234][ T3286] ================================================================== [ 100.872344][ T3286] BUG: KCSAN: data-race in set_nlink / set_nlink [ 100.878677][ T3286] [ 100.880990][ T3286] read to 0xffff888106d65120 of 4 bytes by task 2991 on cpu 0: [ 100.888519][ T3286] set_nlink+0x29/0xb0 [ 100.892587][ T3286] kernfs_iop_permission+0x1e2/0x220 [ 100.897880][ T3286] inode_permission+0x1ca/0x310 [ 100.902740][ T3286] link_path_walk+0x162/0x900 [ 100.907426][ T3286] path_lookupat+0x63/0x2a0 [ 100.911937][ T3286] filename_lookup+0x147/0x340 [ 100.916738][ T3286] vfs_statx+0x9d/0x390 [ 100.920901][ T3286] vfs_fstatat+0x115/0x170 [ 100.925319][ T3286] __se_sys_newfstatat+0x55/0x260 [ 100.930344][ T3286] __x64_sys_newfstatat+0x55/0x70 [ 100.935377][ T3286] x64_sys_call+0x135a/0x2ff0 [ 100.940055][ T3286] do_syscall_64+0xd2/0x200 [ 100.944563][ T3286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.950464][ T3286] [ 100.952771][ T3286] write to 0xffff888106d65120 of 4 bytes by task 3286 on cpu 1: [ 100.960388][ T3286] set_nlink+0x99/0xb0 [ 100.964453][ T3286] kernfs_iop_permission+0x1e2/0x220 [ 100.969742][ T3286] inode_permission+0x1ca/0x310 [ 100.974609][ T3286] link_path_walk+0x162/0x900 [ 100.979289][ T3286] path_openat+0x1de/0x2170 [ 100.983792][ T3286] do_filp_open+0x109/0x230 [ 100.988293][ T3286] do_sys_openat2+0xa6/0x110 [ 100.992891][ T3286] __x64_sys_openat+0xf2/0x120 [ 100.997673][ T3286] x64_sys_call+0x2e9c/0x2ff0 [ 101.002358][ T3286] do_syscall_64+0xd2/0x200 [ 101.006864][ T3286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.012753][ T3286] [ 101.015069][ T3286] value changed: 0x00000009 -> 0x00000008 [ 101.020775][ T3286] [ 101.023085][ T3286] Reported by Kernel Concurrency Sanitizer on: [ 101.029224][ T3286] CPU: 1 UID: 0 PID: 3286 Comm: udevd Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) [ 101.040941][ T3286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 101.050993][ T3286] ==================================================================