last executing test programs: 1m18.453865718s ago: executing program 2 (id=1001): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002140)=@delchain={0x1bc, 0x65, 0x4, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x5, 0x9}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0xfffffffe}, @TCA_RATE={0x6, 0x5, {0x0, 0xfd}}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_matchall={{0xd}, {0x170, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x10, 0xd73a5076a6b6823c}}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0x9, 0xb}}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0x0, 0x8}}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0xfff2, 0xf}}, @TCA_MATCHALL_ACT={0x134, 0x2, [@m_simple={0x64, 0x1a, 0x0, 0x0, {{0xb}, {0x4}, {0x35, 0x6, "d6b0c8e20057dac80e31390b3b0e548571ee1c8bbec8ab8f408993f3daba27165a1f9cfc8a67806d3ea32812f9a903f58d"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_simple={0xcc, 0x1c, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x4, 0x2188fabc, 0x5, 0x7, 0x5}}, @TCA_DEF_DATA={0xa, 0x3, 'route\x00'}, @TCA_DEF_DATA={0xb, 0x3, 'flower\x00'}]}, {0x6d, 0x6, "b3bc06cb02b23badcfcc18c6c47d49fe85fe97d5ea57a6086542e8025b7c7e7c4d3b3c0b2729ce503a68a27e53da1d44b97dadedebd12d761c181defc266a8f255efa880dbad403441bc11981c8803e430b56dbd55e28744c3765054f8e172929a8e5041b0d830e7da"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0x0, 0xfff2}}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0xffe0, 0xa}}, @TCA_MATCHALL_FLAGS={0x8}]}}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x81}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 1m18.40885775s ago: executing program 2 (id=1004): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x18) r1 = perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x3, 0x4, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000180)='cpu>=0||!') 1m18.319943984s ago: executing program 2 (id=1010): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01005ee1fadefcdbdf250100000008000100", @ANYRES32=r2, @ANYBLOB="3c00028038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003"], 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840) 1m18.243917837s ago: executing program 2 (id=1014): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000001380)='./file2\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRESHEX, @ANYRESOCT], 0x1, 0x1256, &(0x7f0000002400)="$eJzs3E9rXFUYB+B3plNnOjV/1FptF3rQjauhycKVIEFSkAwotRFaQZiSiQ65zoTMGBgRY1duXfoZxKU7RfwC2boX3GUjrrIQrzh3apJ2qk0jmVKfZ3Nf7rm/e84hl8Ad7jl7r3350cZ6v7HeGkS5VIryZkTaT5GiHHe8sFIcb9xcWWo2l6+ldHXp+sKrKaXZF39479NvXvpxcP7db2e/q8bu/Pt7vy7+sntx99LeH9c/7PRTp5+6vUFqpVu93qB1K2untU5/o5HS21m71W+nTrff3jrSvp71NjeHqdVdm6lvbrX7/dTqDtNGe5gGvTTYGqbWB61ONzUajTRTD+7r7L9fsvr1fp5/H5HnZ+OJyPM8L0U9SvFkzMRsfB4RT8XT8UxciGfjYjwXz8el0VWnMXwAAAAAAAAAAAAAAAAAAAD4/9gfreY/WP9/Lupxfrz+fy7mJ67/PzPtQQMAAAAAAAAAAAAAAAAAAMBj5p0bN1eWms3laynVIrIvtle3V4tj0b60Hp3Ioh1XYi5+j9EeAYWivvpmc/lKGjkTETvj/M726pmI6riTv/ILo+0ExvnK6PSd/EKRT3E7O5SvRr3ovxYR7ViMubhwqP/aQX5xYr4Wr7x8aPyNmMt3InqRxdqo74P8ZwspvfFW86785dF1AAAA8DhopL/NH33/LXb5azTu117kj/H7wF3v15W4XJnu3InoDz/ZaGVZe+toUbvnzNSK6qMxjOMU5ZPEqzGp6eeIyMpHmr76KeK/GHOp9BD3+bj0j8/P6RSloqiNn+WT3DCimFDpUXh+jl3cPtHcJxfT+5/E6Tn4o9/TVDk3lREBAAAAAAAAAADwIB7ke8Df4qG/IqzEhC/LXp/OVAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgWAAAAABAmL91Gh0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMFQAAAD//3MPuIc=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file2\x00', 0x143142, 0x64) syz_clone(0x3104300, &(0x7f00000002c0), 0x0, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000440)="28989bac3cb25b73395ae40277daff1f") pwritev2(r0, &(0x7f0000000800)=[{&(0x7f00000001c0)="5ef2f1197cdf1c48bce88008834393a4c796f1049afc", 0x16}, {}], 0x2, 0x8, 0x2, 0x0) 1m17.593834725s ago: executing program 2 (id=1034): unshare(0x40600) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r1, r0, 0x5, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x401, 0x0, 0x1, 0xffffffffffffffff}}, 0x40) 1m17.294514588s ago: executing program 2 (id=1042): r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f00000000c0)=0x4, 0x4) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000000)=0x1, 0x4) bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e20, 0x5, @local, 0xe}, 0x1c) 1m17.23563159s ago: executing program 32 (id=1042): r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f00000000c0)=0x4, 0x4) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000000)=0x1, 0x4) bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e20, 0x5, @local, 0xe}, 0x1c) 30.543184482s ago: executing program 0 (id=3022): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000600)='sys_enter\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) syz_mount_image$iso9660(&(0x7f0000000540), &(0x7f00000001c0)='./file1\x00', 0x14004, &(0x7f00000005c0)=ANY=[@ANYRES32=0x0], 0x4, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=") chown(&(0x7f0000000040)='./file1\x00', 0x0, 0x0) 30.419742557s ago: executing program 0 (id=3026): r0 = epoll_create1(0x0) r1 = io_uring_setup(0x2e31, &(0x7f0000000780)={0x0, 0x6d1f, 0x0, 0xfffffbfd, 0x1c4}) close_range(r1, 0xffffffffffffffff, 0x0) epoll_pwait(r0, &(0x7f0000000140)=[{}], 0x1, 0x80000000, 0x0, 0x0) 30.407593927s ago: executing program 0 (id=3027): r0 = socket(0x11, 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x4616, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x3, 0xb, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) setsockopt(r0, 0x107, 0x1, &(0x7f00000001c0)="010000000000060000071a80010061cc", 0x10) close(r0) 30.35050295s ago: executing program 0 (id=3030): pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x2000000) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff) sendfile(r0, r1, 0x0, 0xfffc80) 30.275557103s ago: executing program 0 (id=3033): mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000005c0)={0x0, 0xffffffffffffffff, 0x0, 0x31, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x140070, 0x0) 30.10720333s ago: executing program 0 (id=3043): r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f0000000280)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10, &(0x7f0000001140)=[{&(0x7f0000000200)="9c", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x4e23, @rand_addr=0x64010101}, 0x10, &(0x7f0000000880)=[{&(0x7f0000000380)="cd441415e1bb", 0x6}], 0x1}}], 0x2, 0x48000) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={0x0}, &(0x7f0000000000)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f00000000c0)={r1, 0x160}, 0x8) 15.066634625s ago: executing program 33 (id=3043): r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f0000000280)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10, &(0x7f0000001140)=[{&(0x7f0000000200)="9c", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x4e23, @rand_addr=0x64010101}, 0x10, &(0x7f0000000880)=[{&(0x7f0000000380)="cd441415e1bb", 0x6}], 0x1}}], 0x2, 0x48000) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={0x0}, &(0x7f0000000000)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f00000000c0)={r1, 0x160}, 0x8) 789.881037ms ago: executing program 6 (id=4170): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2e, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='kfree\x00', r0, 0x0, 0x4}, 0x18) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCFLSH(r1, 0x5608, 0x0) 660.001512ms ago: executing program 6 (id=4174): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x7fa962bfffff, 0x13012, r0, 0x0) mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0) 656.184273ms ago: executing program 3 (id=4175): bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x5e, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) getgroups(0x0, 0x0) 565.523786ms ago: executing program 3 (id=4178): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x3, 0x4, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000180)='cpu>=0||!') 553.664367ms ago: executing program 6 (id=4179): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="0209b60302"], 0x10}}, 0x20000050) 504.791589ms ago: executing program 5 (id=4182): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'macvlan1\x00', 0x0}) sendto$packet(r0, &(0x7f00000005c0)="330520000000160006007ef52f555f2ab34eb67eabe2dfe8bf30f8784f9970ea54fefe7117599e7dae76", 0x2a, 0x8894, &(0x7f0000000000)={0x11, 0xd, r1, 0x1, 0x5f, 0x6, @multicast}, 0x14) 491.99808ms ago: executing program 6 (id=4183): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x258, 0x128, 0x43, 0xa0, 0x128, 0x98, 0x1c0, 0x178, 0x178, 0x1c0, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00', {0xff}}, 0x12a, 0xc0, 0x128, 0x0, {0x0, 0x7a010000}, [@common=@inet=@ecn={{0x28}, {0x1, 0x20, 0x2, 0x1}}, @inet=@rpfilter={{0x28}, {0xd}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x8, 0x5, 0x2, 0x20, 'snmp\x00', 'syz0\x00', {0x101}}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x1000}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2b8) 479.53538ms ago: executing program 3 (id=4184): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000340)=[{0x200000000006, 0x0, 0x6, 0x7ffc0002}]}) getrandom(0x0, 0x0, 0x0) 479.17067ms ago: executing program 4 (id=4185): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c80)=@delchain={0x1e8, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x6}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0xac, 0x2, [@TCA_BPF_FLAGS={0x8, 0x8, 0x1}, @TCA_BPF_POLICE={0x48, 0x2, [@TCA_POLICE_RESULT={0x8, 0x5, 0x2}, @TCA_POLICE_RATE64={0xc, 0x8, 0xb}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x9}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xfffffffffffffffe}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}, @TCA_POLICE_RATE64={0xc, 0x8, 0x1}]}, @TCA_BPF_OPS={{0x6, 0x4, 0x3}, {0x1c, 0x5, [{0x3, 0x49, 0x7, 0x4}, {0x3, 0x9, 0x9, 0xb24}, {0x6, 0x8, 0x8, 0x6}]}}, @TCA_BPF_FLAGS={0x8}, @TCA_BPF_POLICE={0x24, 0x2, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x2}, @TCA_POLICE_RATE64={0xc, 0x8, 0xfb91}, @TCA_POLICE_RESULT={0x8, 0x5, 0x4}]}, @TCA_BPF_FLAGS={0x8, 0x8, 0x80000000}]}}, @filter_kind_options=@f_bpf={{0x8}, {0x100, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0xdc, 0x1, [@m_simple={0x4c, 0x1e, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x7, 0x3, '%!\x00'}]}, {0x15, 0x6, "9787c29d6ac649e7ec160dfef7c4cea330"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_connmark={0x8c, 0x5, 0x0, 0x0, {{0xd}, {0x4}, {0x59, 0x6, "0ef6a460a5bbda16e826eafe044d3376872c48b74ae60f057b238fb15e2207986c5639bfbc3d91ee00b5a433e95b6b3527d9711d16abc0abaea910bcdffe4d3ec14fb60880000000000000873a3f054bcbf1e53f85"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}, @TCA_BPF_OPS={{0x6}, {0x4}}]}}]}, 0x1e8}, 0x1, 0x0, 0x0, 0x81}, 0x20000080) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400}) 427.760572ms ago: executing program 5 (id=4187): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000080000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='timer_start\x00', r1}, 0x18) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000940)) 409.915273ms ago: executing program 4 (id=4188): write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="007a707573657420006370750806"], 0x12) unlink(&(0x7f0000000340)='./cgroup.cpu/cpuset.cpus\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 398.512573ms ago: executing program 3 (id=4189): r0 = io_uring_setup(0x516, &(0x7f0000000640)={0x0, 0xddaa, 0x1, 0x503fa, 0x8100014e}) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20082, 0x0) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000e40)='\b', 0x17ff}], 0x5) close_range(r0, 0xffffffffffffffff, 0x0) 396.771713ms ago: executing program 5 (id=4190): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003500)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4e0664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa7666b5ded16ee7025f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b3a2327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6cd28cf28fe2ee593e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c191355391771f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde34ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f2708e09ae8268dcc15411483b8506386aa0ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae4c697bfc674e03231c42f7eaaf5166bbc4653c71805f9448416e379cc1c40f8f866c9b319a849dd00ff9b84857436ed362c4632bfc3fa7357c24f15bbb07bd91893e61df7eb6dc5e071a9cc2faa7a32a91c4d982f5cfb725dca80b23874877a4980dbd70cda040b1ce527e7188159df77b493efbbd7bfe2680bf44e49eb68e5e33a0a5726072b2699d6244cd5c4a82bf18c668a3d43cec78c5fe1f12283d5dde6d0ea0b1b81ee7c065c938577e4ec93f22f1e6106f337625b7f7798011a6"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd4d}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000002ec0)=@deltfilter={0x38, 0x2d, 0x1, 0xfffffffe, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xa, 0x1}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}}, 0x0) 371.137045ms ago: executing program 4 (id=4191): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000004c0)='kmem_cache_free\x00', r0}, 0x18) r1 = socket(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={{0x14, 0x453, 0x1, 0x0, 0x0, {0x5}}, [], {0x14, 0x3eb}}, 0x28}, 0x1, 0x0, 0x0, 0x240208d1}, 0x40000) 367.579445ms ago: executing program 1 (id=4192): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="8400000010000304465f51bf525f2ce93eb2c653", @ANYRES32=0x0, @ANYBLOB="00030000000000005c0012800b00010062726964676500004c0002800c001f0001000000000000000500160001000000060027000e000000050029000000000008000400"], 0x84}, 0x1, 0x0, 0x0, 0x4}, 0x8044) 300.725798ms ago: executing program 4 (id=4193): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) unshare(0x60000480) 299.942928ms ago: executing program 5 (id=4203): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x4616, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x3, 0xb, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x28, r1, 0xc4fc9e906872338b, 0x3, 0xf0ffff, {{0x5}, {@val={0x8}, @val={0xc}}}}, 0x28}}, 0x0) 254.82749ms ago: executing program 1 (id=4194): unshare(0x2a020400) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffff"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc) 254.57849ms ago: executing program 6 (id=4195): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x806, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x8}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 178.249623ms ago: executing program 4 (id=4196): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1, 0x0, 0xff}, 0x18) pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0) 165.415163ms ago: executing program 1 (id=4197): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x18) mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x6002, &(0x7f0000000000)=0x3, 0xf, 0x0) set_mempolicy_home_node(&(0x7f0000ffc000/0x4000)=nil, 0x403f, 0x0, 0x0) 140.672215ms ago: executing program 5 (id=4198): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000000)={0x4003, 0x0, 0x0, 0x0, 0x131, 0x7}) 135.450695ms ago: executing program 4 (id=4199): pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RGETLOCK(r1, &(0x7f0000000640)=ANY=[], 0x200002e6) fcntl$setpipe(r1, 0x407, 0x7000000) fcntl$setpipe(r0, 0x407, 0x80000001) 101.898046ms ago: executing program 5 (id=4200): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@debug}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61) 101.254976ms ago: executing program 6 (id=4211): io_setup(0x400, &(0x7f0000000000)=0x0) io_destroy(r0) io_setup(0x36, &(0x7f0000000040)) io_pgetevents(r0, 0x101, 0x0, 0x0, 0x0, 0x0) 100.674846ms ago: executing program 1 (id=4201): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000002c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x59c, &(0x7f0000001840)="$eJzs3U9oHGUbAPBnZrNN/+T70g++Dz6lh6JChdJN0j9aPbVXsVDoQfCiYbMNJZtsySbahIDpvYg9iEov9aYHj4oHD+LFo1cvimeh2KDQ9KArm51N03S3bmI2W7O/H0z2fWdm93nfmX3e7AwzTAB962j9TxrxVERcTCKGNywbiGzh0cZ6qytLxfsrS8UkarVLvySRRMS9laVic/0kez0UEcsR8f+I+CYfcTxd/8h9zUJ1YXFqvFwuzWb1kbnpqyPVhcUTV6bHJ0uTpZlTL7505uzpM2MnxzY2935tYy2/tb7e+PHmuze+e+X2zU8/O7JcfH88iXMxlC3b2I+d1Ngm+Ti3af7pbgTroaTXDWBbclme11PpfzEcuSzrW6ltHBwGd6V5QBfVBiNq6zYUgT6QSHroU83fAfXj3+a0m78/7pxvHIDU466uLBXfiWb8gca5idi/dmxy8NfkoSOT+vHm4d1sKHvS8vWIGB0YePT7n2Tfv+0b3YkG0lVfn2/sqEf3f7o+/kSL8Weoee70b2qOf6vZ+LfaIn6uzfh3scMYv7/+00dt418fjKdbxk/W4yct4qcR8WaH8W+99uXZdstqH0cci9bxm5LHnx8euXylXBpt/G0Z46tjR15u3/+Ig23iN87Z7l9ryMb+78valHbY/y++/fyZ5cfEf/7Zx+//Vtv/QES812H8/9z75NV2y+5cT+7WfwVsdf8nkY/bHcZ/4dzRH7Kis4YAAAAAAAAAALCD0rVr2ZK0sF5O00KhcQ/vf+NgWq5U545frszPTDSueTsc+bR5pdVwo57U62PZ9bjN+slN9VO5LGDuwFq9UKyUJ3rcdwAAAAAAAAAAAAAAAAAAAHhSHNp0//9vubX7/zc/rhrYq9o/8hvY6+Q/9K+H8z/pWTuA3ef/P/StmvyH/iX/oX/Jf+hf8h/6l/yH/iX/oX/JfwAAAAAAAAAAAAAAAAAAAAAAAAAA6IqLFy7Up9r9laVivT4xsDA/VXnrxESpOlWYni8WipXZq4XJSmWyXCoUK9N/9XlJpXJ1NGbmr43MlapzI9WFxTemK/MzzWeKlvJd7xEAAAAAAAAAAAAAAAAAAAD88wytTUlaiMg36mlaKET8KyIOJ5FcvlIujUbEvyPi+1x+sF4f63WjAQAAAAAAAAAAAAAAAAAAYI+pLixOjZfLpdnuFQayUF0M0XlhYCsrR8Tyzjaj/olbflc+24A93nR7o5B7Mr6HT36hh4MSAAAAAAAAAAAAAAAAAAD0qQc3/Xb6jj+62yAAAAAAAAAAAAAAAAAAAADoS+nPSUTUp2PDzw1tXrovWc2tvUbE27cufXBtfG5udqw+/+76/LkPs/kne9F+oFPNPE0jop7HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAPVhcWp8XK5NLvNwmAH6/S6jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADb8WcAAAD//y4WzlE=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x41, 0x2) truncate(&(0x7f00000000c0)='./file1\x00', 0x8008) fallocate(r0, 0x8, 0x4000, 0x4000) 68.302138ms ago: executing program 1 (id=4202): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x2000000000000050, 0x0, 0x0}, 0x94) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 32.82649ms ago: executing program 3 (id=4204): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000880)='ns\x00') syz_open_procfs$namespace(0x0, &(0x7f0000000640)='ns/cgroup\x00') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) statx(r0, &(0x7f0000000080)='./cgroup\x00', 0x4000, 0x800, &(0x7f0000000240)) 15.66207ms ago: executing program 1 (id=4205): socket$netlink(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100fcffffff02000000050000001400038004000400080002000000000004000100180001801400020073797a5f74756e0000000000000000000552f58e9d2a1bb9fd45a945a2b24e77868c9ee4ec88608f380959025e72b33797b51311f3d4f7cad5f11e1ea661366dd9ea1e152afe994a9f235c6f46d9db1bbd0cacc35a0d4f7a511e8e70d123bf78b71a577fc703b559e7"], 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x24000010) 0s ago: executing program 3 (id=4206): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="3700000013000318680907070000000f0000ff3f13000000170a001700000000040037000d00030001362564aa58b9a6c011f6bbf44dc4", 0x37}], 0x1) kernel console output (not intermixed with test programs): 5: corrupted in-inode xattr: invalid ea_ino [ 81.162830][ T7412] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.1735: couldn't read orphan inode 15 (err -117) [ 81.177524][ T7412] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.229501][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.538011][ T7455] bridge0: port 3(macsec2) entered blocking state [ 81.544815][ T7455] bridge0: port 3(macsec2) entered disabled state [ 81.581409][ T7455] macsec2: entered allmulticast mode [ 81.587153][ T7455] bridge0: entered allmulticast mode [ 81.614708][ T7455] macsec2: left allmulticast mode [ 81.620130][ T7455] bridge0: left allmulticast mode [ 81.782500][ T7488] EXT4-fs: Ignoring removed bh option [ 81.788625][ T7488] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 81.807011][ T7488] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.837399][ T3327] EXT4-fs error (device loop3): ext4_read_inline_dir:1486: inode #12: block 7: comm syz-executor: path /385/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 81.860601][ T3327] EXT4-fs (loop3): Remounting filesystem read-only [ 81.869364][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.900761][ T7500] atomic_op ffff88811a755528 conn xmit_atomic 0000000000000000 [ 81.931047][ T7504] bridge0: port 3(macsec1) entered blocking state [ 81.937559][ T7504] bridge0: port 3(macsec1) entered disabled state [ 81.944246][ T7504] macsec1: entered allmulticast mode [ 81.950666][ T7504] bridge0: entered allmulticast mode [ 81.956835][ T7504] macsec1: left allmulticast mode [ 81.961909][ T7504] bridge0: left allmulticast mode [ 82.455530][ T44] Bluetooth: hci0: command 0x1003 tx timeout [ 82.455755][ T3923] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 82.490765][ T7520] set_capacity_and_notify: 3 callbacks suppressed [ 82.490784][ T7520] loop4: detected capacity change from 0 to 1024 [ 82.504247][ T7520] EXT4-fs: Ignoring removed bh option [ 82.510109][ T7520] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 82.527428][ T7520] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.564286][ T3328] EXT4-fs error (device loop4): ext4_read_inline_dir:1486: inode #12: block 7: comm syz-executor: path /355/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 82.587828][ T3328] EXT4-fs (loop4): Remounting filesystem read-only [ 82.596363][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.659009][ T7537] netlink: 'syz.4.1787': attribute type 10 has an invalid length. [ 82.668217][ T7537] veth0_macvtap: left promiscuous mode [ 82.674294][ T7537] team0: Device veth0_macvtap failed to register rx_handler [ 82.693209][ T7541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1789'. [ 82.729324][ T7545] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1792'. [ 82.864636][ T7566] IPv6: NLM_F_CREATE should be specified when creating new route [ 82.904675][ T7570] netlink: 228 bytes leftover after parsing attributes in process `syz.1.1804'. [ 82.994488][ T7580] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1810'. [ 83.045353][ T7586] loop4: detected capacity change from 0 to 128 [ 83.075517][ T7585] FAT-fs (loop4): error, invalid access to FAT (entry 0x0fff0000) [ 83.083387][ T7585] FAT-fs (loop4): Filesystem has been set read-only [ 83.251445][ T7616] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1826'. [ 83.257161][ T7611] bond1: entered promiscuous mode [ 83.265788][ T7611] bond1: entered allmulticast mode [ 83.290945][ T7611] 8021q: adding VLAN 0 to HW filter on device bond1 [ 83.310511][ T7611] bond1 (unregistering): Released all slaves [ 83.596932][ T7656] bond1: entered promiscuous mode [ 83.602023][ T7656] bond1: entered allmulticast mode [ 83.620324][ T7656] 8021q: adding VLAN 0 to HW filter on device bond1 [ 83.636589][ T7656] bond1 (unregistering): Released all slaves [ 83.790329][ T7692] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1860'. [ 83.894336][ T7703] bond1: entered promiscuous mode [ 83.900289][ T7703] bond1: entered allmulticast mode [ 83.905813][ T7703] 8021q: adding VLAN 0 to HW filter on device bond1 [ 83.920335][ T7703] bond1 (unregistering): Released all slaves [ 83.935482][ T7704] bridge0: port 3(macsec2) entered blocking state [ 83.941984][ T7704] bridge0: port 3(macsec2) entered disabled state [ 83.976590][ T7704] macsec2: entered allmulticast mode [ 83.982215][ T7704] bridge0: entered allmulticast mode [ 84.004188][ T7704] macsec2: left allmulticast mode [ 84.009702][ T7704] bridge0: left allmulticast mode [ 84.086585][ T7715] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1872'. [ 84.286432][ T7728] loop4: detected capacity change from 0 to 512 [ 84.318961][ T7728] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 84.342439][ T7737] nfs4: Bad value for 'source' [ 84.345383][ T7728] EXT4-fs (loop4): orphan cleanup on readonly fs [ 84.356572][ T7728] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #16: comm syz.4.1878: corrupted inode contents [ 84.371004][ T7728] EXT4-fs (loop4): Remounting filesystem read-only [ 84.378335][ T7728] EXT4-fs (loop4): 1 truncate cleaned up [ 84.384348][ T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 84.395296][ T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 84.406451][ T37] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started [ 84.417916][ T7728] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 84.459247][ T7739] bond1: entered promiscuous mode [ 84.464512][ T7739] bond1: entered allmulticast mode [ 84.515223][ T7739] 8021q: adding VLAN 0 to HW filter on device bond1 [ 84.522498][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.536149][ T7739] bond1 (unregistering): Released all slaves [ 84.546526][ T7744] usb usb8: usbfs: process 7744 (syz.3.1884) did not claim interface 0 before use [ 84.657107][ T7751] loop4: detected capacity change from 0 to 1024 [ 84.663859][ T7751] EXT4-fs: Ignoring removed orlov option [ 84.680618][ T7755] syz.5.1890 uses obsolete (PF_INET,SOCK_PACKET) [ 84.738387][ T7751] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 84.767412][ T7765] __nla_validate_parse: 1 callbacks suppressed [ 84.767430][ T7765] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1894'. [ 84.800843][ T7751] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.818089][ T7768] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1895'. [ 84.847139][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.877690][ T7774] loop5: detected capacity change from 0 to 512 [ 84.905875][ T7774] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 84.925798][ T7774] EXT4-fs (loop5): orphan cleanup on readonly fs [ 84.937054][ T7774] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #16: comm syz.5.1897: corrupted inode contents [ 84.955898][ T7774] EXT4-fs (loop5): Remounting filesystem read-only [ 84.972188][ T7774] EXT4-fs (loop5): 1 truncate cleaned up [ 84.978508][ T2342] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 84.989095][ T2342] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 85.000492][ T2342] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started [ 85.014496][ T7790] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1903'. [ 85.038585][ T7774] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 85.101513][ T7799] openvswitch: netlink: Missing key (keys=40, expected=100) [ 85.109448][ T29] kauditd_printk_skb: 266 callbacks suppressed [ 85.109504][ T29] audit: type=1326 audit(1765014971.774:1547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7771 comm="syz.1.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fea3c5d2005 code=0x7ffc0000 [ 85.141307][ T29] audit: type=1400 audit(1765014971.774:1548): avc: denied { kexec_image_load } for pid=7801 comm="syz.4.1909" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1 [ 85.162026][ T29] audit: type=1326 audit(1765014971.804:1549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7771 comm="syz.1.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fea3c5d2005 code=0x7ffc0000 [ 85.186847][ T29] audit: type=1326 audit(1765014971.854:1550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7771 comm="syz.1.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fea3c5d2005 code=0x7ffc0000 [ 85.186997][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.211601][ T29] audit: type=1326 audit(1765014971.874:1551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7771 comm="syz.1.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fea3c5d2005 code=0x7ffc0000 [ 85.254060][ T29] audit: type=1326 audit(1765014971.904:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7771 comm="syz.1.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fea3c5d2005 code=0x7ffc0000 [ 85.278610][ T7805] netlink: 'syz.3.1911': attribute type 1 has an invalid length. [ 85.286175][ T29] audit: type=1326 audit(1765014971.914:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7771 comm="syz.1.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fea3c5d2005 code=0x7ffc0000 [ 85.286856][ T7805] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1911'. [ 85.310655][ T29] audit: type=1326 audit(1765014971.914:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7771 comm="syz.1.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fea3c5d2005 code=0x7ffc0000 [ 85.310690][ T29] audit: type=1326 audit(1765014971.914:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7771 comm="syz.1.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fea3c5d2005 code=0x7ffc0000 [ 85.310722][ T29] audit: type=1326 audit(1765014971.914:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7771 comm="syz.1.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fea3c5d2005 code=0x7ffc0000 [ 85.436430][ T7813] netlink: 'syz.5.1914': attribute type 1 has an invalid length. [ 85.531881][ T7825] netlink: 'syz.3.1919': attribute type 16 has an invalid length. [ 85.540069][ T7825] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1919'. [ 85.606405][ T7837] xt_hashlimit: max too large, truncated to 1048576 [ 85.719640][ T7855] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1933'. [ 85.730791][ T7858] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1935'. [ 85.843170][ T7871] loop3: detected capacity change from 0 to 2048 [ 85.860136][ T7874] 9pnet_fd: Insufficient options for proto=fd [ 85.915638][ T7871] loop3: p1 < > p4 [ 85.922051][ T7871] loop3: p4 size 8388608 extends beyond EOD, truncated [ 86.042242][ T7890] loop5: detected capacity change from 0 to 1024 [ 86.065567][ T7890] EXT4-fs: Ignoring removed bh option [ 86.071724][ T7896] 9pnet_fd: p9_fd_create_unix (7896): problem connecting socket: ./file0: -2 [ 86.076714][ T7890] EXT4-fs: inline encryption not supported [ 86.097931][ T7890] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 86.130032][ T7890] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 86.154843][ T7903] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1955'. [ 86.174170][ T7890] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 2: comm syz.5.1950: lblock 2 mapped to illegal pblock 2 (length 1) [ 86.237374][ T7890] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 48: comm syz.5.1950: lblock 0 mapped to illegal pblock 48 (length 1) [ 86.252481][ T7890] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.1950: Failed to acquire dquot type 0 [ 86.275629][ T7909] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 86.293448][ T7909] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 86.302316][ T7890] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 86.311940][ T7890] EXT4-fs error (device loop5): ext4_evict_inode:253: inode #11: comm syz.5.1950: mark_inode_dirty error [ 86.324843][ T7909] loop4: detected capacity change from 0 to 256 [ 86.332536][ T7890] EXT4-fs warning (device loop5): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 86.344037][ T7890] EXT4-fs (loop5): 1 orphan inode deleted [ 86.350687][ T7890] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.364037][ T2342] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:11: lblock 1 mapped to illegal pblock 1 (length 1) [ 86.393435][ T2342] EXT4-fs error (device loop5): ext4_release_dquot:7022: comm kworker/u8:11: Failed to release dquot type 0 [ 86.405039][ T7890] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 1: comm syz.5.1950: lblock 1 mapped to illegal pblock 1 (length 1) [ 86.447203][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.462004][ T5805] EXT4-fs error (device loop5): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 86.480831][ T7917] loop3: detected capacity change from 0 to 128 [ 86.487767][ T7917] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 86.499766][ T5805] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 86.515170][ T5805] EXT4-fs error (device loop5): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error [ 86.526707][ T7917] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 86.592715][ T37] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 86.603429][ T7922] netlink: 'syz.5.1967': attribute type 1 has an invalid length. [ 86.632976][ T7925] 9pnet_fd: Insufficient options for proto=fd [ 86.742734][ T7935] netlink: 'syz.5.1972': attribute type 21 has an invalid length. [ 86.768552][ T7935] netlink: 'syz.5.1972': attribute type 1 has an invalid length. [ 86.777005][ T7935] netlink: 144 bytes leftover after parsing attributes in process `syz.5.1972'. [ 87.069490][ T7976] loop0: detected capacity change from 0 to 512 [ 87.088984][ T7976] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 87.110743][ T7976] EXT4-fs (loop0): orphan cleanup on readonly fs [ 87.128774][ T7986] A link change request failed with some changes committed already. Interface nicvf0 may have been left with an inconsistent configuration, please check. [ 87.146666][ T7976] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #16: comm syz.0.1990: corrupted inode contents [ 87.155781][ T7990] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1999'. [ 87.167607][ T7976] EXT4-fs (loop0): Remounting filesystem read-only [ 87.167806][ T7976] EXT4-fs (loop0): 1 truncate cleaned up [ 87.168013][ T37] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 87.168052][ T37] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 87.168076][ T37] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started [ 87.168800][ T7976] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 87.310746][ T3322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.469005][ T8027] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 87.477341][ T8027] EXT4-fs (loop4): orphan cleanup on readonly fs [ 87.487045][ T8027] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #16: comm syz.4.2017: corrupted inode contents [ 87.490913][ T8033] veth0_to_bridge: entered promiscuous mode [ 87.508381][ T8027] EXT4-fs (loop4): Remounting filesystem read-only [ 87.508410][ T8032] veth0_to_bridge: left promiscuous mode [ 87.521236][ T8030] set_capacity_and_notify: 1 callbacks suppressed [ 87.521253][ T8030] loop3: detected capacity change from 0 to 512 [ 87.525427][ T8027] EXT4-fs (loop4): 1 truncate cleaned up [ 87.541053][ T8030] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 87.549217][ T2723] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 87.555335][ T8030] EXT4-fs (loop3): orphan cleanup on readonly fs [ 87.560571][ T2723] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 87.569299][ T8030] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #16: comm syz.3.2018: corrupted inode contents [ 87.580768][ T2723] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started [ 87.591325][ T8030] EXT4-fs (loop3): Remounting filesystem read-only [ 87.607577][ T8030] EXT4-fs (loop3): 1 truncate cleaned up [ 87.608038][ T8027] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 87.626758][ T2342] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 87.637571][ T2342] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 87.648635][ T2342] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started [ 87.667459][ T8030] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 87.692343][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.703130][ T8039] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 87.756695][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.791194][ T8052] SELinux: Context system_u:object is not valid (left unmapped). [ 88.018641][ T8087] loop0: detected capacity change from 0 to 164 [ 88.137949][ T8104] 9pnet_fd: Insufficient options for proto=fd [ 88.168423][ T8107] delete_channel: no stack [ 88.257919][ T8125] loop3: detected capacity change from 0 to 128 [ 88.521125][ T8169] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.569165][ T8173] ------------[ cut here ]------------ [ 88.574914][ T8173] verifier bug: REG INVARIANTS VIOLATION (true_reg2): range bounds violation u64=[0x0, 0x7800000000] s64=[0x0, 0xffffffffffffffff] u32=[0x80000000, 0x0] s32=[0x0, 0xffffffff] var_off=(0x0, 0x7800000000) [ 88.595720][ T8173] WARNING: kernel/bpf/verifier.c:2748 at 0x0, CPU#0: syz.3.2085/8173 [ 88.604154][ T8173] Modules linked in: [ 88.608420][ T8173] CPU: 0 UID: 0 PID: 8173 Comm: syz.3.2085 Not tainted syzkaller #0 PREEMPT(voluntary) [ 88.618664][ T8173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 88.629310][ T8173] RIP: 0010:reg_bounds_sanity_check+0x27d/0x660 [ 88.636009][ T8173] Code: 24 78 4c 8b 44 24 70 4c 8b 4c 24 60 41 ff 74 24 20 41 55 53 ff 74 24 68 ff 74 24 78 ff b4 24 90 00 00 00 ff b4 24 b0 00 00 00 <67> 48 0f b9 3a 48 83 c4 38 4c 8b ac 24 98 00 00 00 49 8d 85 80 08 [ 88.656672][ T8173] RSP: 0018:ffffc9000fb433a0 EFLAGS: 00010246 [ 88.663385][ T8173] RAX: ffff8881039bab90 RBX: 00000000ffffffff RCX: 0000000000000000 [ 88.671664][ T8173] RDX: ffffffff865f8120 RSI: ffffffff8660c296 RDI: ffffffff86db5ed0 [ 88.679973][ T8173] RBP: ffff88811aa2c840 R08: 0000007800000000 R09: 0000000000000000 [ 88.688252][ T8173] R10: ffffffff88edda78 R11: 00000000ffffffff R12: ffff88811aa2c800 [ 88.696648][ T8173] R13: 0000000000000000 R14: ffff88811aa2c84c R15: ffff88811aa2c838 [ 88.705140][ T8173] FS: 00007f8bba15f6c0(0000) GS:ffff8882aedcd000(0000) knlGS:0000000000000000 [ 88.705163][ T8173] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.705224][ T8173] CR2: 00007ffea00a1000 CR3: 000000011bcfa000 CR4: 00000000003506f0 [ 88.705260][ T8173] Call Trace: [ 88.705278][ T8173] [ 88.705473][ T8173] reg_set_min_max+0x1f2/0x260 [ 88.741971][ T8173] check_cond_jmp_op+0x13bd/0x1a80 [ 88.747471][ T8173] do_check+0x3347/0x81f0 [ 88.752034][ T8173] do_check_common+0xccf/0x1300 [ 88.757243][ T8173] bpf_check+0x2f98/0xc860 [ 88.761915][ T8173] ? __alloc_frozen_pages_noprof+0x18f/0x360 [ 88.768185][ T8173] ? alloc_pages_bulk_noprof+0x4b9/0x540 [ 88.774079][ T8173] ? __vmap_pages_range_noflush+0xbc4/0xcf0 [ 88.780462][ T8173] ? pcpu_block_update+0x24e/0x3b0 [ 88.785823][ T8173] ? _find_next_zero_bit+0x64/0xa0 [ 88.791195][ T8173] ? pcpu_block_update+0x24e/0x3b0 [ 88.796724][ T8173] ? pcpu_block_refresh_hint+0x157/0x170 [ 88.802661][ T8173] ? pcpu_block_update_hint_alloc+0x63d/0x660 [ 88.809102][ T8173] ? css_rstat_updated+0xb7/0x240 [ 88.814328][ T8173] ? mod_memcg_state+0x182/0x270 [ 88.819502][ T8173] ? __rcu_read_unlock+0x4f/0x70 [ 88.824803][ T8173] ? pcpu_memcg_post_alloc_hook+0xec/0x170 [ 88.830916][ T8173] ? bpf_prog_alloc+0x5b/0x150 [ 88.835902][ T8173] ? pcpu_alloc_noprof+0xd0d/0x1240 [ 88.841324][ T8173] ? should_fail_ex+0x30/0x280 [ 88.846373][ T8173] ? __kmalloc_noprof+0x2b4/0x5a0 [ 88.851627][ T8173] ? security_bpf_prog_load+0x60/0x140 [ 88.857447][ T8173] ? selinux_bpf_prog_load+0xad/0xd0 [ 88.862982][ T8173] ? security_bpf_prog_load+0x9e/0x140 [ 88.868724][ T8173] bpf_prog_load+0xf6e/0x1140 [ 88.873649][ T8173] ? security_bpf+0x2b/0x90 [ 88.878473][ T8173] __sys_bpf+0x469/0x7c0 [ 88.882941][ T8173] __x64_sys_bpf+0x41/0x50 [ 88.888055][ T8173] x64_sys_call+0x28e1/0x3000 [ 88.892969][ T8173] do_syscall_64+0xd8/0x2a0 [ 88.897812][ T8173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.903969][ T8173] RIP: 0033:0x7f8bbb6ff749 [ 88.908577][ T8173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.928947][ T8173] RSP: 002b:00007f8bba15f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 88.937764][ T8173] RAX: ffffffffffffffda RBX: 00007f8bbb955fa0 RCX: 00007f8bbb6ff749 [ 88.946120][ T8173] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005 [ 88.954708][ T8173] RBP: 00007f8bbb783f91 R08: 0000000000000000 R09: 0000000000000000 [ 88.963472][ T8173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.971772][ T8173] R13: 00007f8bbb956038 R14: 00007f8bbb955fa0 R15: 00007ffea00a0be8 [ 88.980136][ T8173] [ 88.983308][ T8173] ---[ end trace 0000000000000000 ]--- [ 89.391781][ T8232] netlink: 'syz.5.2112': attribute type 1 has an invalid length. [ 89.779415][ T8248] sctp: [Deprecated]: syz.5.2120 (pid 8248) Use of struct sctp_assoc_value in delayed_ack socket option. [ 89.779415][ T8248] Use struct sctp_sack_info instead [ 90.075873][ T8285] loop5: detected capacity change from 0 to 2048 [ 90.115700][ T8285] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.145828][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.206049][ T29] kauditd_printk_skb: 865 callbacks suppressed [ 90.206069][ T29] audit: type=1326 audit(1765014976.874:2400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8299 comm="syz.5.2138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 90.245833][ T8302] __nla_validate_parse: 2 callbacks suppressed [ 90.245853][ T8302] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2141'. [ 90.287392][ T29] audit: type=1326 audit(1765014976.874:2401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8299 comm="syz.5.2138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 90.311742][ T29] audit: type=1326 audit(1765014976.904:2402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8299 comm="syz.5.2138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 90.335925][ T29] audit: type=1326 audit(1765014976.904:2403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8299 comm="syz.5.2138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 90.359427][ T29] audit: type=1326 audit(1765014976.904:2404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8299 comm="syz.5.2138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 90.383640][ T29] audit: type=1326 audit(1765014976.914:2405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8299 comm="syz.5.2138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 90.407811][ T29] audit: type=1326 audit(1765014976.934:2406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8299 comm="syz.5.2138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 90.431280][ T29] audit: type=1326 audit(1765014976.934:2407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8299 comm="syz.5.2138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 90.455436][ T29] audit: type=1400 audit(1765014976.934:2408): avc: denied { getopt } for pid=8303 comm="syz.0.2140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 90.475066][ T29] audit: type=1326 audit(1765014976.944:2409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8299 comm="syz.5.2138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 90.502566][ T8309] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 90.509129][ T8309] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 90.518314][ T8309] vhci_hcd vhci_hcd.0: Device attached [ 90.569779][ T8310] vhci_hcd: connection closed [ 90.569973][ T123] vhci_hcd: stop threads [ 90.579527][ T123] vhci_hcd: release socket [ 90.584135][ T123] vhci_hcd: disconnect device [ 90.827454][ T8339] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2152'. [ 90.961347][ T8347] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2156'. [ 91.272416][ T5830] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 91.280672][ T5830] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 91.288111][ T5830] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 91.295565][ T5830] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 91.302973][ T5830] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 91.311183][ T5830] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 91.318641][ T5830] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 91.326139][ T5830] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 91.333549][ T5830] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 91.341793][ T5830] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 91.407641][ T8374] loop0: detected capacity change from 0 to 8192 [ 91.437361][ T5830] hid-generic 0003:0004:0000.0001: hidraw0: USB HID v0.02 Device [syz0] on syz1 [ 91.439471][ T8374] vfat: Unknown parameter 'syzkaller0' [ 91.555027][ T8392] SELinux: policydb version 1224736768 does not match my version range 15-35 [ 91.564101][ T8392] SELinux: failed to load policy [ 91.633836][ T8403] loop5: detected capacity change from 0 to 1024 [ 91.652863][ T8403] EXT4-fs: Ignoring removed orlov option [ 91.676720][ T8403] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.755541][ T8403] SELinux: failed to load policy [ 91.775241][ T8414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2187'. [ 91.786029][ T8416] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2188'. [ 91.846208][ T8414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2187'. [ 91.936063][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.974472][ T8419] program syz.0.2191 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 92.195294][ T8451] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2205'. [ 92.417814][ T8491] wireguard0: entered promiscuous mode [ 92.423487][ T8491] wireguard0: entered allmulticast mode [ 92.566072][ T8515] netlink: 'syz.3.2236': attribute type 11 has an invalid length. [ 92.588011][ T8511] vhci_hcd: invalid port number 96 [ 92.593173][ T8511] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 92.647035][ T8525] loop3: detected capacity change from 0 to 128 [ 92.777718][ T8549] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2252'. [ 92.786845][ T8549] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2252'. [ 92.796555][ T8549] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2252'. [ 93.094192][ T8600] loop0: detected capacity change from 0 to 128 [ 93.104571][ T8600] bond0: Removing last ns target with arp_interval on [ 93.112993][ T8600] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.127323][ T8728] netlink: 'syz.3.2333': attribute type 1 has an invalid length. [ 94.249756][ T8733] xt_CT: You must specify a L4 protocol and not use inversions on it [ 94.310634][ T8735] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 94.317932][ T8735] IPv6: NLM_F_CREATE should be set when creating new route [ 94.325231][ T8735] IPv6: NLM_F_CREATE should be set when creating new route [ 94.534836][ T8770] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 94.630548][ T8784] SELinux: policydb version 0 does not match my version range 15-35 [ 94.673652][ T8784] SELinux: failed to load policy [ 95.013254][ T5830] kernel read not supported for file bpf-prog (pid: 5830 comm: kworker/1:10) [ 95.137879][ T8839] loop3: detected capacity change from 0 to 128 [ 95.301212][ T29] kauditd_printk_skb: 56 callbacks suppressed [ 95.301229][ T29] audit: type=1400 audit(1765014981.964:2466): avc: denied { ioctl } for pid=8855 comm="syz.4.2392" path="socket:[21807]" dev="sockfs" ino=21807 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 95.301452][ T8859] __nla_validate_parse: 17 callbacks suppressed [ 95.301522][ T8859] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2392'. [ 95.347576][ T8859] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2392'. [ 95.389518][ T29] audit: type=1400 audit(1765014982.054:2467): avc: denied { read write } for pid=8862 comm="syz.0.2394" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 95.390753][ T8859] macvlan0: entered allmulticast mode [ 95.417748][ T29] audit: type=1400 audit(1765014982.054:2468): avc: denied { open } for pid=8862 comm="syz.0.2394" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 95.419640][ T8859] veth1_vlan: entered allmulticast mode [ 95.426876][ T8858] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2391'. [ 95.458751][ T8858] netlink: 108 bytes leftover after parsing attributes in process `syz.3.2391'. [ 95.477565][ T8858] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2391'. [ 95.500787][ T8858] netlink: 108 bytes leftover after parsing attributes in process `syz.3.2391'. [ 95.509931][ T8858] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2391'. [ 95.519614][ T8873] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2398'. [ 95.536861][ T8875] netlink: 7 bytes leftover after parsing attributes in process `syz.4.2399'. [ 95.547846][ T8875] netlink: 7 bytes leftover after parsing attributes in process `syz.4.2399'. [ 95.582945][ T5830] kernel read not supported for file bpf-prog (pid: 5830 comm: kworker/1:10) [ 95.775286][ T29] audit: type=1400 audit(1765014982.444:2469): avc: denied { create } for pid=8909 comm="syz.3.2413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 95.814105][ T29] audit: type=1400 audit(1765014982.464:2470): avc: denied { ioctl } for pid=8909 comm="syz.3.2413" path="socket:[20997]" dev="sockfs" ino=20997 ioctlcmd=0x5302 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 95.825136][ T8914] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8914 comm=syz.3.2415 [ 95.931394][ T29] audit: type=1326 audit(1765014982.594:2471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8921 comm="syz.3.2419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bbb6ff749 code=0x7ffc0000 [ 95.955964][ T29] audit: type=1326 audit(1765014982.594:2472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8921 comm="syz.3.2419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bbb6ff749 code=0x7ffc0000 [ 95.980291][ T29] audit: type=1326 audit(1765014982.594:2473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8921 comm="syz.3.2419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8bbb6ff749 code=0x7ffc0000 [ 96.004553][ T29] audit: type=1326 audit(1765014982.594:2474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8921 comm="syz.3.2419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bbb6ff749 code=0x7ffc0000 [ 96.028924][ T29] audit: type=1326 audit(1765014982.594:2475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8921 comm="syz.3.2419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bbb6ff749 code=0x7ffc0000 [ 96.202430][ T8943] loop4: detected capacity change from 0 to 128 [ 96.501226][ T8968] macsec2: entered promiscuous mode [ 96.507076][ T8968] bond0: entered promiscuous mode [ 96.512337][ T8968] bond_slave_0: entered promiscuous mode [ 96.518393][ T8968] bond_slave_1: entered promiscuous mode [ 96.528068][ T8968] bond0: left promiscuous mode [ 96.533120][ T8968] bond_slave_0: left promiscuous mode [ 96.539108][ T8968] bond_slave_1: left promiscuous mode [ 96.565423][ T8970] bond1: option arp_interval: invalid value (18446744072758484506) [ 96.573421][ T8970] bond1: option arp_interval: allowed values 0 - 2147483647 [ 96.585392][ T8970] bond1 (unregistering): Released all slaves [ 96.698774][ T8991] loop5: detected capacity change from 0 to 1024 [ 96.706585][ T8991] EXT4-fs: Ignoring removed nomblk_io_submit option [ 96.734532][ T8991] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.776374][ T8991] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.918809][ T9018] bond_slave_0: entered promiscuous mode [ 96.924611][ T9018] bond_slave_1: entered promiscuous mode [ 96.940024][ T9018] macsec1: entered promiscuous mode [ 96.945311][ T9018] bond0: entered promiscuous mode [ 96.952617][ T9018] bond0: left promiscuous mode [ 96.957906][ T9018] bond_slave_0: left promiscuous mode [ 96.963330][ T9018] bond_slave_1: left promiscuous mode [ 97.507553][ T9074] loop4: detected capacity change from 0 to 512 [ 97.546260][ T9074] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2490: bg 0: block 248: padding at end of block bitmap is not set [ 97.561766][ T9074] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.2490: Failed to acquire dquot type 1 [ 97.573748][ T9074] EXT4-fs (loop4): 1 truncate cleaned up [ 97.580415][ T9074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.580620][ T9085] netlink: 'syz.5.2493': attribute type 15 has an invalid length. [ 97.593771][ T9074] ext4 filesystem being mounted at /488/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.632865][ T9074] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 97.666697][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.063679][ T9155] loop5: detected capacity change from 0 to 512 [ 98.089862][ T9155] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2518: bg 0: block 248: padding at end of block bitmap is not set [ 98.104525][ T9155] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.2518: Failed to acquire dquot type 1 [ 98.117829][ T9155] EXT4-fs (loop5): 1 truncate cleaned up [ 98.123957][ T9155] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.136792][ T9155] ext4 filesystem being mounted at /290/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.150301][ T9163] netlink: 'syz.1.2521': attribute type 16 has an invalid length. [ 98.161958][ T9155] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 98.182499][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.394930][ T9198] IPv6: NLM_F_CREATE should be specified when creating new route [ 98.476752][ T9212] SELinux: Context system_u:object_r:modules_dep_t:s0 is not valid (left unmapped). [ 98.525093][ T9216] loop3: detected capacity change from 0 to 736 [ 98.581117][ T9222] netlink: 'syz.5.2546': attribute type 1 has an invalid length. [ 98.656253][ T9232] loop3: detected capacity change from 0 to 512 [ 98.666962][ T9232] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.679978][ T9232] ext4 filesystem being mounted at /568/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.697480][ T9232] EXT4-fs (loop3): shut down requested (0) [ 98.706222][ T9232] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=12 [ 98.725089][ T9232] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=12 [ 98.768444][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.845342][ T9250] loop3: detected capacity change from 0 to 128 [ 98.933280][ T9264] loop0: detected capacity change from 0 to 512 [ 98.950971][ T9267] loop5: detected capacity change from 0 to 512 [ 98.960690][ T9264] EXT4-fs (loop0): too many log groups per flexible block group [ 98.971399][ T9267] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2 [ 98.980837][ T9264] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 98.988287][ T9267] EXT4-fs (loop5): 1 truncate cleaned up [ 98.994133][ T9264] EXT4-fs (loop0): mount failed [ 98.999633][ T9267] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.999764][ T9272] netlink: 'syz.1.2567': attribute type 64 has an invalid length. [ 99.032652][ T9267] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000. [ 99.074248][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.581816][ T9316] loop5: detected capacity change from 0 to 512 [ 99.619174][ T9316] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.635694][ T9316] ext4 filesystem being mounted at /316/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 99.680150][ T9316] EXT4-fs (loop5): shut down requested (0) [ 99.694464][ T9316] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop5 ino=12 [ 99.709350][ T9316] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop5 ino=12 [ 99.775075][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.841146][ T9332] loop5: detected capacity change from 0 to 512 [ 99.855216][ T9332] ------------[ cut here ]------------ [ 99.860726][ T9332] EA inode 11 i_nlink=2 [ 99.860743][ T9332] WARNING: fs/ext4/xattr.c:1058 at 0x0, CPU#1: syz.5.2589/9332 [ 99.872628][ T9332] Modules linked in: [ 99.876676][ T9332] CPU: 1 UID: 0 PID: 9332 Comm: syz.5.2589 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 99.888056][ T9332] Tainted: [W]=WARN [ 99.891954][ T9332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 99.902217][ T9332] RIP: 0010:ext4_xattr_inode_update_ref+0x305/0x320 [ 99.908957][ T9332] Code: 51 d6 9c ff 4c 8d 2d ba ca 20 05 49 8d 7e 40 e8 61 68 b8 ff 49 8b 6e 40 4c 89 e7 e8 75 63 b8 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 2b ff ff ff e8 5c b9 b9 03 66 66 66 2e 0f 1f 84 [ 99.928723][ T9332] RSP: 0018:ffffc900045bb5a0 EFLAGS: 00010246 [ 99.935067][ T9332] RAX: ffff8881019b6d90 RBX: ffff88811ae557b0 RCX: ffffffff81bb353b [ 99.943100][ T9332] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff86dbffe0 [ 99.951160][ T9332] RBP: 000000000000000b R08: 000188811ae55763 R09: 0000000000000000 [ 99.959248][ T9332] R10: ffffc900045bb4d0 R11: 0001c900045bb4d0 R12: ffff88811ae55760 [ 99.967323][ T9332] R13: ffffffff86dbffe0 R14: ffff88811ae55718 R15: 0000000000000001 [ 99.975457][ T9332] FS: 00007fa2237ef6c0(0000) GS:ffff8882aeecd000(0000) knlGS:0000000000000000 [ 99.984410][ T9332] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.991055][ T9332] CR2: 00007f61194f6f30 CR3: 000000010425e000 CR4: 00000000003506f0 [ 99.999076][ T9332] Call Trace: [ 100.002404][ T9332] [ 100.005447][ T9332] ext4_xattr_set_entry+0x77f/0x1020 [ 100.010827][ T9332] ext4_xattr_ibody_set+0x184/0x3c0 [ 100.016097][ T9332] ext4_expand_extra_isize_ea+0xcbb/0x11f0 [ 100.021991][ T9332] __ext4_expand_extra_isize+0x246/0x280 [ 100.027680][ T9332] __ext4_mark_inode_dirty+0x29d/0x3f0 [ 100.033275][ T9332] ext4_evict_inode+0x7c4/0xd40 [ 100.038214][ T9332] ? __pfx_ext4_evict_inode+0x10/0x10 [ 100.043650][ T9332] evict+0x2af/0x510 [ 100.047657][ T9332] ? __dquot_initialize+0x146/0x7c0 [ 100.052894][ T9332] iput+0x4bd/0x650 [ 100.056873][ T9332] ext4_process_orphan+0x1a9/0x1c0 [ 100.062102][ T9332] ext4_orphan_cleanup+0x6a8/0xa00 [ 100.067363][ T9332] ext4_fill_super+0x3411/0x37a0 [ 100.072406][ T9332] ? set_blocksize+0x1a8/0x310 [ 100.077268][ T9332] ? sb_set_blocksize+0xfc/0x170 [ 100.082285][ T9332] ? setup_bdev_super+0x30e/0x370 [ 100.087372][ T9332] ? __pfx_ext4_fill_super+0x10/0x10 [ 100.092699][ T9332] get_tree_bdev_flags+0x291/0x300 [ 100.097879][ T9332] ? __pfx_ext4_fill_super+0x10/0x10 [ 100.103186][ T9332] get_tree_bdev+0x1f/0x30 [ 100.107725][ T9332] ext4_get_tree+0x1c/0x30 [ 100.112251][ T9332] vfs_get_tree+0x57/0x1d0 [ 100.116731][ T9332] do_new_mount+0x24d/0x6a0 [ 100.121272][ T9332] path_mount+0x4ab/0xb80 [ 100.125697][ T9332] ? user_path_at+0xbf/0x130 [ 100.130382][ T9332] __se_sys_mount+0x28c/0x2e0 [ 100.135150][ T9332] __x64_sys_mount+0x67/0x80 [ 100.139780][ T9332] x64_sys_call+0x2cca/0x3000 [ 100.144608][ T9332] do_syscall_64+0xd8/0x2a0 [ 100.149202][ T9332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.155178][ T9332] RIP: 0033:0x7fa224d90eea [ 100.159611][ T9332] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.179361][ T9332] RSP: 002b:00007fa2237eee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 100.187894][ T9332] RAX: ffffffffffffffda RBX: 00007fa2237eeef0 RCX: 00007fa224d90eea [ 100.195920][ T9332] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fa2237eeeb0 [ 100.203916][ T9332] RBP: 0000200000000180 R08: 00007fa2237eeef0 R09: 0000000000800700 [ 100.212003][ T9332] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 100.220032][ T9332] R13: 00007fa2237eeeb0 R14: 000000000000046f R15: 000000000000002c [ 100.228095][ T9332] [ 100.231166][ T9332] ---[ end trace 0000000000000000 ]--- [ 100.240612][ T9332] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #18: comm syz.5.2589: iget: bad extra_isize 90 (inode size 256) [ 100.254167][ T9332] EXT4-fs (loop5): Remounting filesystem read-only [ 100.263425][ T9332] EXT4-fs warning (device loop5): ext4_evict_inode:273: xattr delete (err -30) [ 100.272508][ T9332] EXT4-fs (loop5): 1 orphan inode deleted [ 100.278640][ T9332] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 100.291326][ T9332] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.356522][ T9360] __nla_validate_parse: 8 callbacks suppressed [ 100.356540][ T9360] netlink: 7 bytes leftover after parsing attributes in process `syz.1.2602'. [ 100.385365][ T9360] netlink: 7 bytes leftover after parsing attributes in process `syz.1.2602'. [ 100.432990][ T9369] sctp: [Deprecated]: syz.1.2606 (pid 9369) Use of struct sctp_assoc_value in delayed_ack socket option. [ 100.432990][ T9369] Use struct sctp_sack_info instead [ 100.503567][ T29] kauditd_printk_skb: 61 callbacks suppressed [ 100.503581][ T29] audit: type=1326 audit(1765014987.164:2533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9376 comm="syz.1.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 100.540619][ T29] audit: type=1326 audit(1765014987.164:2534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9376 comm="syz.1.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 100.564091][ T29] audit: type=1326 audit(1765014987.204:2535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9376 comm="syz.1.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 100.596056][ T9381] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2612'. [ 100.602127][ T29] audit: type=1326 audit(1765014987.204:2536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9376 comm="syz.1.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 100.628564][ T29] audit: type=1326 audit(1765014987.204:2537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9376 comm="syz.1.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 100.651983][ T29] audit: type=1326 audit(1765014987.254:2538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9376 comm="syz.1.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 100.675435][ T29] audit: type=1326 audit(1765014987.254:2539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9376 comm="syz.1.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 100.698892][ T29] audit: type=1326 audit(1765014987.254:2540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9376 comm="syz.1.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 100.722339][ T29] audit: type=1326 audit(1765014987.254:2541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9376 comm="syz.1.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 100.745803][ T29] audit: type=1326 audit(1765014987.254:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9376 comm="syz.1.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 100.807884][ T9391] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2617'. [ 100.854413][ T9393] 9pnet: Could not find request transport: f [ 100.863404][ T9398] team0: No ports can be present during mode change [ 100.910919][ T9402] loop3: detected capacity change from 0 to 512 [ 100.924848][ T9404] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2623'. [ 100.934997][ T9404] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 100.948364][ T9402] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.988520][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.162122][ T9440] netlink: 212 bytes leftover after parsing attributes in process `syz.4.2638'. [ 101.201085][ T9444] netlink: 'syz.4.2640': attribute type 1 has an invalid length. [ 101.418808][ T9466] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2651'. [ 101.434838][ T9466] netlink: 'syz.0.2651': attribute type 15 has an invalid length. [ 101.598183][ T9490] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.2662'. [ 101.608131][ T9490] netlink: zone id is out of range [ 101.608199][ T9473] Process accounting resumed [ 101.613469][ T9490] netlink: zone id is out of range [ 101.624331][ T9490] netlink: zone id is out of range [ 101.630209][ T9490] netlink: zone id is out of range [ 101.652445][ T9490] netlink: zone id is out of range [ 101.658127][ T9490] netlink: zone id is out of range [ 101.663446][ T9490] netlink: zone id is out of range [ 101.668777][ T9490] netlink: zone id is out of range [ 101.674124][ T9490] netlink: zone id is out of range [ 101.773181][ T9511] option changes via remount are deprecated (pid=9510 comm=syz.4.2672) [ 101.932805][ T9533] IPv6: NLM_F_CREATE should be specified when creating new route [ 101.950260][ T9541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2686'. [ 102.067499][ T9561] netlink: 300 bytes leftover after parsing attributes in process `syz.0.2695'. [ 102.099900][ T9564] xt_addrtype: both incoming and outgoing interface limitation cannot be selected [ 102.279563][ T9597] loop0: detected capacity change from 0 to 512 [ 102.315950][ T9597] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.333165][ T9597] ext4 filesystem being mounted at /485/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 102.414680][ T9614] bond1: option updelay: invalid value (18446744073709510910) [ 102.422325][ T9614] bond1: option updelay: allowed values 0 - 2147483647 [ 102.430272][ T9614] bond1 (unregistering): Released all slaves [ 102.455697][ T3322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.805760][ T9664] netlink: 'syz.5.2742': attribute type 21 has an invalid length. [ 102.824289][ T9664] netlink: 'syz.5.2742': attribute type 1 has an invalid length. [ 102.840839][ T9670] sch_fq: defrate 0 ignored. [ 102.961041][ T9684] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 102.996462][ T9684] EXT4-fs (loop5): 1 truncate cleaned up [ 103.002565][ T9684] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.065551][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.893215][ T9791] set_capacity_and_notify: 1 callbacks suppressed [ 103.893231][ T9791] loop0: detected capacity change from 0 to 512 [ 103.919420][ T9791] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.932700][ T9791] ext4 filesystem being mounted at /494/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 103.932946][ T9793] loop3: detected capacity change from 0 to 1024 [ 103.966451][ T9791] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #12: comm syz.0.2800: corrupted xattr block 6: invalid header [ 103.978955][ T9793] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945) [ 103.989437][ T9793] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 104.000419][ T9791] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=12 [ 104.009683][ T9791] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #12: comm syz.0.2800: corrupted xattr block 6: invalid header [ 104.025825][ T9793] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 104.031279][ T9791] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=12 [ 104.035463][ T9793] EXT4-fs (loop3): orphan cleanup on readonly fs [ 104.043579][ T9791] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #12: comm syz.0.2800: corrupted xattr block 6: invalid header [ 104.062533][ T9793] EXT4-fs error (device loop3): ext4_read_inode_bitmap:167: comm syz.3.2801: Inode bitmap for bg 0 marked uninitialized [ 104.070441][ T9808] loop5: detected capacity change from 0 to 1024 [ 104.077522][ T9793] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 104.082818][ T9791] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=12 [ 104.099774][ T9808] EXT4-fs: Ignoring removed oldalloc option [ 104.103359][ T9791] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #12: comm syz.0.2800: corrupted xattr block 6: invalid header [ 104.109725][ T9808] EXT4-fs: Ignoring removed nomblk_io_submit option [ 104.123624][ T9793] EXT4-fs (loop3): ext4_remount: Checksum for group 0 failed (32298!=35945) [ 104.135033][ T9791] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=12 [ 104.148036][ T9791] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #12: comm syz.0.2800: corrupted xattr block 6: invalid header [ 104.162351][ T9791] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=12 [ 104.173633][ T9808] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.175595][ T9791] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #12: comm syz.0.2800: corrupted xattr block 6: invalid header [ 104.217658][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.229237][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.229400][ T3322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.352034][ T9830] loop5: detected capacity change from 0 to 2048 [ 104.433188][ T9830] loop5: unable to read partition table [ 104.439280][ T9830] loop5: partition table beyond EOD, truncated [ 104.445665][ T9830] loop_reread_partitions: partition scan of loop5 () failed (rc=-5) [ 104.557905][ T9856] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9856 comm=syz.5.2828 [ 104.846970][ T9874] mmap: syz.1.2834 (9874) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 105.142643][ T9900] program syz.0.2846 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 105.379881][ T9922] __nla_validate_parse: 14 callbacks suppressed [ 105.379909][ T9922] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2857'. [ 105.557492][ T9934] netlink: 'syz.5.2863': attribute type 3 has an invalid length. [ 105.828613][ T29] kauditd_printk_skb: 111 callbacks suppressed [ 105.828632][ T29] audit: type=1326 audit(1765015248.493:2654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9938 comm="syz.4.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49392ef749 code=0x7ffc0000 [ 105.859016][ T29] audit: type=1326 audit(1765015248.493:2655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9938 comm="syz.4.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49392ef749 code=0x7ffc0000 [ 105.882488][ T29] audit: type=1326 audit(1765015248.503:2656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9938 comm="syz.4.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f49392ef749 code=0x7ffc0000 [ 105.906030][ T29] audit: type=1326 audit(1765015248.503:2657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9938 comm="syz.4.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49392ef749 code=0x7ffc0000 [ 105.929620][ T29] audit: type=1326 audit(1765015248.503:2658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9938 comm="syz.4.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49392ef749 code=0x7ffc0000 [ 105.953170][ T29] audit: type=1326 audit(1765015248.503:2659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9938 comm="syz.4.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f49392ef749 code=0x7ffc0000 [ 105.976685][ T29] audit: type=1326 audit(1765015248.503:2660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9938 comm="syz.4.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49392ef749 code=0x7ffc0000 [ 106.015354][ T29] audit: type=1400 audit(1765015248.683:2661): avc: denied { read } for pid=9942 comm="syz.4.2867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 106.174487][ T9953] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2871'. [ 106.183580][ T9953] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2871'. [ 106.205607][ T9953] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2871'. [ 106.215018][ T9953] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2871'. [ 106.248677][ T9953] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2871'. [ 106.258052][ T9953] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2871'. [ 106.290613][ T9966] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2876'. [ 106.298667][ T9967] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) ! [ 106.362508][ T9969] SELinux: failed to load policy [ 106.384227][ T9977] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2881'. [ 106.416727][ T29] audit: type=1326 audit(1765015249.083:2662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9980 comm="syz.3.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bbb6ff749 code=0x7ffc0000 [ 106.446117][ T29] audit: type=1326 audit(1765015249.103:2663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9980 comm="syz.3.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8bbb6ff749 code=0x7ffc0000 [ 106.773864][T10026] netlink: 'syz.1.2904': attribute type 10 has an invalid length. [ 106.782194][T10026] netlink: 168 bytes leftover after parsing attributes in process `syz.1.2904'. [ 106.812889][T10026] team0: Port device syz_tun added [ 107.048298][T10057] loop4: detected capacity change from 0 to 512 [ 107.065659][T10057] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #18: comm syz.4.2919: iget: bad extra_isize 90 (inode size 256) [ 107.080695][T10057] EXT4-fs (loop4): Remounting filesystem read-only [ 107.088098][T10057] EXT4-fs warning (device loop4): ext4_evict_inode:273: xattr delete (err -30) [ 107.097913][T10057] EXT4-fs (loop4): 1 orphan inode deleted [ 107.104487][T10057] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.134626][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.204170][T10080] tipc: Started in network mode [ 107.209160][T10080] tipc: Node identity ac14140f, cluster identity 4711 [ 107.218153][T10080] tipc: Enabling of bearer rejected, failed to enable media [ 107.226588][T10081] netlink: 'syz.1.2930': attribute type 2 has an invalid length. [ 107.240695][T10073] loop5: detected capacity change from 0 to 8192 [ 107.288882][T10084] loop3: detected capacity change from 0 to 512 [ 107.302081][T10084] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #18: comm syz.3.2932: iget: bad extra_isize 90 (inode size 256) [ 107.316697][T10084] EXT4-fs (loop3): Remounting filesystem read-only [ 107.323420][T10084] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -30) [ 107.332708][T10084] EXT4-fs (loop3): 1 orphan inode deleted [ 107.339524][T10084] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.366793][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.486429][T10101] 9pnet: Could not find request transport: 0xffffffffffffffff [ 107.645794][T10118] loop5: detected capacity change from 0 to 512 [ 107.652650][T10118] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 107.664625][T10118] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.2946: invalid indirect mapped block 4294967295 (level 0) [ 107.678938][T10118] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.2946: invalid indirect mapped block 4294967295 (level 1) [ 107.695841][T10118] EXT4-fs (loop5): 1 orphan inode deleted [ 107.701624][T10118] EXT4-fs (loop5): 1 truncate cleaned up [ 107.707946][T10118] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.744633][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.094330][T10172] program syz.3.2971 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 108.249084][T10181] 9pnet: Could not find request transport: t [ 108.288884][T10191] option changes via remount are deprecated (pid=10189 comm=syz.3.2979) [ 108.442146][T10220] IPv6: NLM_F_CREATE should be specified when creating new route [ 108.687410][T10261] loop0: detected capacity change from 0 to 1024 [ 108.695079][T10261] EXT4-fs: Ignoring removed i_version option [ 108.702708][T10261] EXT4-fs: Ignoring removed nobh option [ 108.718903][T10261] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.745927][ T3322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.828898][T10276] loop4: detected capacity change from 0 to 512 [ 108.846784][T10278] netlink: 'syz.5.3021': attribute type 4 has an invalid length. [ 108.866902][T10280] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 108.876189][T10280] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 108.885026][T10280] Symlink component flag not implemented [ 108.890733][T10280] Symlink component flag not implemented [ 108.897908][T10280] Symlink component flag not implemented (7) [ 108.904555][T10280] Symlink component flag not implemented (116) [ 109.074648][T10301] set_capacity_and_notify: 1 callbacks suppressed [ 109.074666][T10301] loop4: detected capacity change from 0 to 2048 [ 109.099150][T10301] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.137225][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.329005][T10326] C: renamed from team_slave_0 (while UP) [ 109.357135][T10326] netlink: 'syz.3.3045': attribute type 3 has an invalid length. [ 109.365220][T10326] net_ratelimit: 289 callbacks suppressed [ 109.365233][T10326] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 109.408287][T10333] loop4: detected capacity change from 0 to 512 [ 109.446094][T10333] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.3048: inode has both inline data and extents flags [ 109.478935][T10341] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 109.486612][T10341] vhci_hcd: invalid port number 253 [ 109.491937][T10333] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.3048: couldn't read orphan inode 15 (err -117) [ 109.508184][T10343] loop3: detected capacity change from 0 to 128 [ 109.516812][T10333] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.518321][T10343] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 109.566416][T10343] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 109.593688][ T123] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 109.615197][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.805519][T10371] netlink: 'syz.5.3061': attribute type 2 has an invalid length. [ 109.822866][T10371] bond1 (unregistering): Released all slaves [ 110.231482][T10394] loop5: detected capacity change from 0 to 512 [ 110.247148][T10394] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.518848][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.768721][T10446] __nla_validate_parse: 11 callbacks suppressed [ 110.768742][T10446] netlink: 830 bytes leftover after parsing attributes in process `syz.1.3090'. [ 111.147577][T10470] loop4: detected capacity change from 0 to 512 [ 111.166122][T10470] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 111.174379][T10470] EXT4-fs (loop4): orphan cleanup on readonly fs [ 111.183695][T10470] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #16: comm syz.4.3101: corrupted inode contents [ 111.195837][T10470] EXT4-fs (loop4): Remounting filesystem read-only [ 111.202536][T10470] EXT4-fs (loop4): 1 truncate cleaned up [ 111.208451][ T123] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 111.219508][ T123] __quota_error: 102 callbacks suppressed [ 111.219615][ T123] Quota error (device loop4): write_blk: dquota write failed [ 111.233298][ T123] Quota error (device loop4): remove_free_dqentry: Can't write block (5) with free entries [ 111.243673][ T123] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 111.254581][ T123] Quota error (device loop4): write_blk: dquota write failed [ 111.262317][ T123] Quota error (device loop4): free_dqentry: Can't move quota data block (5) to free list [ 111.285009][ T123] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started [ 111.295162][ T123] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 111.304213][ T123] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 111.314713][T10470] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 111.427915][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.539268][T10478] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3103'. [ 111.639180][ T29] audit: type=1326 audit(111.617:2766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10485 comm="syz.4.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49392ef749 code=0x7ffc0000 [ 111.681698][ T29] audit: type=1326 audit(111.617:2767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10485 comm="syz.4.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49392ef749 code=0x7ffc0000 [ 111.704764][ T29] audit: type=1326 audit(111.617:2768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10485 comm="syz.4.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f49392ef749 code=0x7ffc0000 [ 111.727726][ T29] audit: type=1326 audit(111.617:2769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10485 comm="syz.4.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49392ef749 code=0x7ffc0000 [ 111.812110][T10494] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 112.005385][T10510] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3118'. [ 112.533094][T10524] loop5: detected capacity change from 0 to 512 [ 112.570702][T10524] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 112.629882][T10524] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 112.644822][T10524] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3124: bg 0: block 248: padding at end of block bitmap is not set [ 112.659575][T10524] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.3124: Failed to acquire dquot type 1 [ 112.671407][T10524] EXT4-fs (loop5): 1 truncate cleaned up [ 112.677767][T10524] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 112.715494][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 112.775032][ T44] Bluetooth: hci0: command 0x1003 tx timeout [ 112.778706][ T3923] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 112.910398][T10555] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3138'. [ 112.997166][T10560] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3137'. [ 113.008653][T10559] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3140'. [ 113.183385][T10574] loop5: detected capacity change from 0 to 512 [ 113.194574][T10574] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 113.215276][T10574] EXT4-fs (loop5): warning: maximal mount count reached, running e2fsck is recommended [ 113.248687][T10574] EXT4-fs error (device loop5): ext4_orphan_get:1391: comm syz.5.3147: inode #15: comm syz.5.3147: iget: illegal inode # [ 113.282197][T10574] EXT4-fs (loop5): Remounting filesystem read-only [ 113.291039][T10584] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 113.325818][T10574] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.354926][T10587] loop3: detected capacity change from 0 to 256 [ 113.378205][T10587] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 113.397062][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.435111][T10592] loop5: detected capacity change from 0 to 128 [ 113.466278][T10594] loop3: detected capacity change from 0 to 512 [ 113.490236][T10594] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.677377][T10606] netlink: 'syz.4.3161': attribute type 12 has an invalid length. [ 113.685302][T10606] netlink: 'syz.4.3161': attribute type 29 has an invalid length. [ 113.693142][T10606] netlink: 'syz.4.3161': attribute type 2 has an invalid length. [ 113.700959][T10606] netlink: 260 bytes leftover after parsing attributes in process `syz.4.3161'. [ 113.761238][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.898934][T10628] netlink: 4096 bytes leftover after parsing attributes in process `syz.5.3172'. [ 114.167677][T10650] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3181'. [ 114.496464][T10675] netlink: 'syz.1.3192': attribute type 4 has an invalid length. [ 115.056422][T10726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 115.085419][T10726] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 115.370432][T10759] loop3: detected capacity change from 0 to 512 [ 115.395210][T10759] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.3231: bad orphan inode 11862016 [ 115.427172][T10759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 115.460220][T10752] loop5: detected capacity change from 0 to 32768 [ 115.505350][T10752] loop5: p1 p2 p3 < > p4 < p5 p6 > [ 115.511069][T10752] loop5: p1 start 460800 is beyond EOD, truncated [ 115.517555][T10752] loop5: p2 size 83886080 extends beyond EOD, truncated [ 115.526255][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 115.527319][T10752] loop5: p5 start 460800 is beyond EOD, truncated [ 115.541851][T10752] loop5: p6 size 83886080 extends beyond EOD, truncated [ 115.573759][T10771] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) ! [ 115.756107][T10792] program syz.5.3246 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 115.775344][T10782] loop3: detected capacity change from 0 to 4096 [ 115.793549][T10782] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.835194][T10800] SELinux: security_context_str_to_sid (VWW) failed with errno=-22 [ 115.853284][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.933652][T10807] loop5: detected capacity change from 0 to 1024 [ 115.946180][T10807] EXT4-fs: inline encryption not supported [ 115.952379][T10807] EXT4-fs: Ignoring removed nobh option [ 115.958292][T10807] EXT4-fs: Ignoring removed bh option [ 115.987852][T10807] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.054160][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.254109][T10843] netlink: 4568 bytes leftover after parsing attributes in process `syz.5.3268'. [ 116.263362][T10843] netlink: 4568 bytes leftover after parsing attributes in process `syz.5.3268'. [ 116.346235][T10850] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3271'. [ 116.400070][T10852] loop3: detected capacity change from 0 to 1024 [ 116.408144][ T29] kauditd_printk_skb: 86 callbacks suppressed [ 116.408159][ T29] audit: type=1400 audit(116.387:2854): avc: denied { create } for pid=10853 comm="syz.5.3273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 116.414296][ T29] audit: type=1400 audit(116.387:2855): avc: denied { write } for pid=10853 comm="syz.5.3273" path="socket:[26748]" dev="sockfs" ino=26748 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 116.468066][T10852] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 116.490967][ T29] audit: type=1326 audit(116.467:2856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10857 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 116.520710][T10852] EXT4-fs error (device loop3): ext4_free_blocks:6728: comm syz.3.3272: Freeing blocks not in datazone - block = 0, count = 16 [ 116.530756][ T29] audit: type=1326 audit(116.497:2857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10857 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 116.556900][ T29] audit: type=1326 audit(116.497:2858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10857 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 116.579825][ T29] audit: type=1326 audit(116.497:2859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10857 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 116.632390][ T2342] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:11: bg 0: block 112: padding at end of block bitmap is not set [ 116.656917][ T2342] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 29 with max blocks 39 with error 117 [ 116.670012][ T2342] EXT4-fs (loop3): This should not happen!! Data will be lost [ 116.670012][ T2342] [ 116.681490][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 116.859392][T10877] sctp: [Deprecated]: syz.5.3291 (pid 10877) Use of struct sctp_assoc_value in delayed_ack socket option. [ 116.859392][T10877] Use struct sctp_sack_info instead [ 116.896917][T10879] ieee802154 phy1 wpan1: encryption failed: -22 [ 117.005569][ T29] audit: type=1400 audit(116.987:2860): avc: denied { module_load } for pid=10886 comm="syz.1.3296" path=2F6D656D66643AFD0F6D33232F202864656C6574656429 dev="hugetlbfs" ino=27821 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=system permissive=1 [ 117.033498][T10887] Invalid ELF header magic: != ELF [ 117.040199][T10891] netlink: 'syz.4.3298': attribute type 10 has an invalid length. [ 117.048418][T10891] netlink: 168 bytes leftover after parsing attributes in process `syz.4.3298'. [ 117.103801][T10900] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3290'. [ 117.109761][T10891] team0: Port device syz_tun added [ 117.255565][T10912] netlink: 'syz.3.3299': attribute type 10 has an invalid length. [ 117.263888][T10912] ipvlan0: entered allmulticast mode [ 117.269457][T10912] veth0_vlan: entered allmulticast mode [ 117.317234][T10912] team0: Device ipvlan0 failed to register rx_handler [ 117.651246][T10946] netlink: 'syz.3.3314': attribute type 1 has an invalid length. [ 117.698801][T10948] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3315'. [ 117.735711][ T29] audit: type=1400 audit(117.717:2861): avc: denied { execheap } for pid=10951 comm="syz.1.3317" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 117.862058][T10962] loop5: detected capacity change from 0 to 1024 [ 117.911631][T10962] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.948966][ T29] audit: type=1400 audit(117.927:2862): avc: denied { setattr } for pid=10959 comm="syz.5.3322" name="file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 117.982901][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.996053][T10973] netlink: 52 bytes leftover after parsing attributes in process `syz.1.3326'. [ 118.086820][ T29] audit: type=1400 audit(118.067:2863): avc: denied { bind } for pid=10979 comm="syz.3.3330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 118.484260][T11013] loop3: detected capacity change from 0 to 736 [ 118.605476][T11019] loop3: detected capacity change from 0 to 4096 [ 118.626070][T11019] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 118.663716][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.834086][T11047] netlink: 182 bytes leftover after parsing attributes in process `syz.3.3361'. [ 118.904286][T11051] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3362'. [ 119.106099][T11071] kernel profiling enabled (shift: 63) [ 119.111859][T11071] profiling shift: 63 too large [ 119.122904][T11074] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3374'. [ 119.275673][T11087] loop5: detected capacity change from 0 to 512 [ 119.287909][T11087] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 119.297254][T11087] EXT4-fs (loop5): invalid journal inode [ 119.303167][T11087] EXT4-fs (loop5): can't get journal size [ 119.321245][T11087] EXT4-fs (loop5): 1 truncate cleaned up [ 119.329761][T11087] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.381472][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.590268][T11107] loop5: detected capacity change from 0 to 164 [ 119.620067][T11107] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 119.653242][T11107] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 119.673318][T11107] Symlink component flag not implemented [ 119.679043][T11107] Symlink component flag not implemented [ 119.687194][T11107] Symlink component flag not implemented (7) [ 119.693212][T11107] Symlink component flag not implemented (116) [ 120.010710][T11144] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.075551][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.629819][T11197] set_capacity_and_notify: 1 callbacks suppressed [ 120.629846][T11197] loop5: detected capacity change from 0 to 2048 [ 120.668418][T11197] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.035206][ T2342] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:11: bg 0: block 345: padding at end of block bitmap is not set [ 121.052159][ T2342] EXT4-fs (loop5): Remounting filesystem read-only [ 121.073388][T11224] loop4: detected capacity change from 0 to 128 [ 121.212414][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.416123][ T29] kauditd_printk_skb: 203 callbacks suppressed [ 121.416201][ T29] audit: type=1400 audit(121.397:3067): avc: denied { setopt } for pid=11255 comm="syz.3.3457" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 121.483927][ T29] audit: type=1400 audit(121.457:3068): avc: denied { firmware_load } for pid=11262 comm="syz.5.3460" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1 [ 121.557992][ T29] audit: type=1400 audit(121.537:3069): avc: denied { read write } for pid=11250 comm="syz.4.3454" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 121.581081][ T29] audit: type=1400 audit(121.537:3070): avc: denied { open } for pid=11250 comm="syz.4.3454" path="/dev/raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 121.665044][ T29] audit: type=1400 audit(121.587:3071): avc: denied { ioctl } for pid=11250 comm="syz.4.3454" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 121.758852][ T29] audit: type=1400 audit(121.737:3072): avc: denied { block_suspend } for pid=11278 comm="syz.3.3467" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 121.856400][ T29] audit: type=1400 audit(121.837:3073): avc: denied { ioctl } for pid=11283 comm="syz.5.3470" path="socket:[27348]" dev="sockfs" ino=27348 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 121.937170][ T29] audit: type=1326 audit(121.917:3074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11290 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 121.979397][ T29] audit: type=1326 audit(121.917:3075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11290 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 122.002401][ T29] audit: type=1326 audit(121.917:3076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11290 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa224d8f749 code=0x7ffc0000 [ 122.116963][T11304] netlink: 'syz.1.3479': attribute type 10 has an invalid length. [ 122.155403][T11304] lo: entered promiscuous mode [ 122.160412][T11304] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 122.386067][T11342] __nla_validate_parse: 1 callbacks suppressed [ 122.386088][T11342] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3495'. [ 122.617434][T11364] loop3: detected capacity change from 0 to 256 [ 122.688159][T11364] FAT-fs (loop3): Directory bread(block 64) failed [ 122.694719][T11364] FAT-fs (loop3): Directory bread(block 65) failed [ 122.745027][T11364] FAT-fs (loop3): Directory bread(block 66) failed [ 122.751579][T11364] FAT-fs (loop3): Directory bread(block 67) failed [ 122.784995][T11364] FAT-fs (loop3): Directory bread(block 68) failed [ 122.791632][T11364] FAT-fs (loop3): Directory bread(block 69) failed [ 122.815080][T11364] FAT-fs (loop3): Directory bread(block 70) failed [ 122.821692][T11364] FAT-fs (loop3): Directory bread(block 71) failed [ 122.834378][T11381] sctp: [Deprecated]: syz.5.3511 (pid 11381) Use of int in maxseg socket option. [ 122.834378][T11381] Use struct sctp_assoc_value instead [ 122.852271][T11364] FAT-fs (loop3): Directory bread(block 72) failed [ 122.865210][T11364] FAT-fs (loop3): Directory bread(block 73) failed [ 123.434777][T11426] program syz.4.3534 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 123.724856][T11461] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3552'. [ 123.784484][T11465] loop3: detected capacity change from 0 to 8192 [ 123.838344][T11473] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3557'. [ 123.865941][T11471] loop5: detected capacity change from 0 to 2048 [ 123.913215][T11471] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 123.920496][T11483] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 123.934625][T11483] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 123.957694][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.987968][T11487] loop5: detected capacity change from 0 to 128 [ 123.997820][T11488] netlink: 4568 bytes leftover after parsing attributes in process `syz.3.3562'. [ 124.007087][T11488] netlink: 4568 bytes leftover after parsing attributes in process `syz.3.3562'. [ 124.088322][T11492] loop5: detected capacity change from 0 to 512 [ 124.116210][T11492] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.3563: bad orphan inode 11862016 [ 124.137746][T11492] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 124.275148][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 124.307439][T11506] loop5: detected capacity change from 0 to 256 [ 124.335777][T11506] FAT-fs (loop5): error, clusters badly computed (0 != 128) [ 124.343116][T11506] FAT-fs (loop5): Filesystem has been set read-only [ 124.373401][T11506] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 124.439770][T11521] loop3: detected capacity change from 0 to 128 [ 124.467005][ T791] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0 [ 124.526298][ T791] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0 [ 124.567459][T11538] sctp: [Deprecated]: syz.3.3582 (pid 11538) Use of int in max_burst socket option deprecated. [ 124.567459][T11538] Use struct sctp_assoc_value instead [ 124.583488][T11535] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3583'. [ 124.596445][ T791] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0 [ 124.658598][ T791] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0 [ 124.672500][T11549] netlink: 'syz.5.3587': attribute type 13 has an invalid length. [ 124.689749][T11553] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3589'. [ 124.742920][T11549] gretap0: refused to change device tx_queue_len [ 124.750795][T11549] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 124.865679][ T791] bridge_slave_1: left allmulticast mode [ 124.871562][ T791] bridge_slave_1: left promiscuous mode [ 124.877618][ T791] bridge0: port 2(bridge_slave_1) entered disabled state [ 124.887038][ T791] bridge_slave_0: left allmulticast mode [ 124.892985][ T791] bridge_slave_0: left promiscuous mode [ 124.898949][ T791] bridge0: port 1(bridge_slave_0) entered disabled state [ 124.969117][T11583] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3603'. [ 124.978135][T11583] netlink: 'syz.1.3603': attribute type 30 has an invalid length. [ 124.986007][T11583] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3603'. [ 124.997926][ T791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 125.007561][ T791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 125.016944][ T791] bond0 (unregistering): Released all slaves [ 125.045182][T11518] chnl_net:caif_netlink_parms(): no params data found [ 125.086795][ T791] hsr_slave_0: left promiscuous mode [ 125.092515][ T791] hsr_slave_1: left promiscuous mode [ 125.101053][ T791] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 125.116418][ T791] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 125.159993][ T791] team0 (unregistering): Port device team_slave_1 removed [ 125.170884][ T791] team0 (unregistering): Port device team_slave_0 removed [ 125.247611][T11518] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.254765][T11518] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.266872][T11518] bridge_slave_0: entered allmulticast mode [ 125.283581][T11518] bridge_slave_0: entered promiscuous mode [ 125.290728][T11614] program syz.5.3615 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 125.294447][T11518] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.307221][T11518] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.317277][T11518] bridge_slave_1: entered allmulticast mode [ 125.323960][T11518] bridge_slave_1: entered promiscuous mode [ 125.355881][T11518] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 125.372071][T11619] loop5: detected capacity change from 0 to 1024 [ 125.382327][T11518] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 125.400828][T11619] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.3617: Failed to acquire dquot type 0 [ 125.425960][T11619] EXT4-fs error (device loop5): mb_free_blocks:2037: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 125.442312][T11518] team0: Port device team_slave_0 added [ 125.447826][T11619] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #13: comm syz.5.3617: corrupted inode contents [ 125.449178][T11518] team0: Port device team_slave_1 added [ 125.478650][T11619] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #13: comm syz.5.3617: mark_inode_dirty error [ 125.490979][T11518] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 125.498016][T11518] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 125.524013][T11518] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 125.535001][T11619] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #13: comm syz.5.3617: corrupted inode contents [ 125.547647][T11619] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.3617: mark_inode_dirty error [ 125.561375][T11518] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 125.568662][T11518] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 125.595556][T11518] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 125.596043][T11619] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #13: comm syz.5.3617: corrupted inode contents [ 125.618505][T11619] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.3617: mark_inode_dirty error [ 125.630206][T11619] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #13: comm syz.5.3617: corrupted inode contents [ 125.643398][T11619] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem [ 125.652214][T11619] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #13: comm syz.5.3617: corrupted inode contents [ 125.665559][T11619] EXT4-fs error (device loop5): ext4_truncate:4635: inode #13: comm syz.5.3617: mark_inode_dirty error [ 125.679029][T11619] EXT4-fs error (device loop5) in ext4_process_orphan:345: Corrupt filesystem [ 125.695594][T11619] EXT4-fs (loop5): 1 truncate cleaned up [ 125.728855][T11518] hsr_slave_0: entered promiscuous mode [ 125.736465][T11619] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.765637][T11518] hsr_slave_1: entered promiscuous mode [ 125.772075][T11518] debugfs: 'hsr0' already exists in 'hsr' [ 125.778021][T11518] Cannot create hsr debugfs directory [ 125.834459][T11646] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 125.846626][T11646] bond0: (slave lo): Error: Device type is different from other slaves [ 125.857573][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.908554][T11648] 9pnet: Could not find request transport: r [ 126.041646][T11518] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 126.062881][T11518] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 126.081895][T11518] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 126.098211][T11518] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 126.160736][T11691] loop5: detected capacity change from 0 to 128 [ 126.188785][T11691] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 126.189697][T11518] 8021q: adding VLAN 0 to HW filter on device bond0 [ 126.227255][T11518] 8021q: adding VLAN 0 to HW filter on device team0 [ 126.239109][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.246495][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 126.257281][ T5805] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 126.270356][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.277726][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 126.373170][T11518] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 126.499180][ T29] kauditd_printk_skb: 181 callbacks suppressed [ 126.499206][ T29] audit: type=1400 audit(126.477:3256): avc: denied { connect } for pid=11730 comm="syz.5.3662" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 126.583714][T11742] loop5: detected capacity change from 0 to 1024 [ 126.590979][T11518] veth0_vlan: entered promiscuous mode [ 126.600278][T11518] veth1_vlan: entered promiscuous mode [ 126.621387][T11518] veth0_macvtap: entered promiscuous mode [ 126.630639][T11742] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 126.644984][T11518] veth1_macvtap: entered promiscuous mode [ 126.657485][T11518] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 126.672389][T11742] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4215: comm syz.5.3664: Allocating blocks 497-513 which overlap fs metadata [ 126.672431][T11518] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 126.688876][T11741] EXT4-fs (loop5): pa ffff888100496380: logic 16, phys. 129, len 24 [ 126.695035][ T29] audit: type=1400 audit(126.667:3257): avc: denied { ioctl } for pid=11741 comm="syz.5.3664" path="/558/file1/file1" dev="loop5" ino=15 ioctlcmd=0x6612 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 126.702312][T11741] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 1 [ 126.743535][ T123] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.758498][ T123] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.776093][ T29] audit: type=1400 audit(126.757:3258): avc: denied { mounton } for pid=11518 comm="syz-executor" path="/root/syzkaller.FGONKk/syz-tmp" dev="sda1" ino=2049 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 126.801019][ T123] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.810276][ T123] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.819627][ T29] audit: type=1400 audit(126.777:3259): avc: denied { mount } for pid=11518 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 126.842056][ T29] audit: type=1400 audit(126.777:3260): avc: denied { mount } for pid=11518 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 126.864234][ T29] audit: type=1400 audit(126.777:3261): avc: denied { mounton } for pid=11518 comm="syz-executor" path="/root/syzkaller.FGONKk/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 126.891714][ T29] audit: type=1400 audit(126.777:3262): avc: denied { mounton } for pid=11518 comm="syz-executor" path="/root/syzkaller.FGONKk/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=29290 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 126.920101][ T29] audit: type=1400 audit(126.787:3263): avc: denied { mounton } for pid=11518 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 126.943386][ T29] audit: type=1400 audit(126.787:3264): avc: denied { mount } for pid=11518 comm="syz-executor" name="/" dev="gadgetfs" ino=4468 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 126.969203][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.984518][ T29] audit: type=1326 audit(126.957:3265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11747 comm="syz.3.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bbb6ff749 code=0x7ffc0000 [ 127.073911][T11762] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3673'. [ 127.124894][T11771] netlink: 'syz.6.3676': attribute type 4 has an invalid length. [ 127.140283][T11771] .`: renamed from bond0 (while UP) [ 127.189693][T11776] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11776 comm=syz.6.3679 [ 127.202488][T11776] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11776 comm=syz.6.3679 [ 127.319604][T11791] ip6t_rpfilter: unknown options [ 127.381120][T11796] loop6: detected capacity change from 0 to 1024 [ 127.404689][T11796] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.3687: Failed to acquire dquot type 0 [ 127.420034][T11796] EXT4-fs error (device loop6): mb_free_blocks:2037: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 127.435202][T11796] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #13: comm syz.6.3687: corrupted inode contents [ 127.481584][T11796] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #13: comm syz.6.3687: mark_inode_dirty error [ 127.499090][T11796] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #13: comm syz.6.3687: corrupted inode contents [ 127.511573][T11796] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #13: comm syz.6.3687: mark_inode_dirty error [ 127.526067][T11796] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #13: comm syz.6.3687: corrupted inode contents [ 127.538200][T11796] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #13: comm syz.6.3687: mark_inode_dirty error [ 127.544264][T11802] loop3: detected capacity change from 0 to 1024 [ 127.556632][T11796] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #13: comm syz.6.3687: corrupted inode contents [ 127.573157][T11796] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem [ 127.586128][T11796] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #13: comm syz.6.3687: corrupted inode contents [ 127.602154][T11802] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.614617][T11796] EXT4-fs error (device loop6): ext4_truncate:4635: inode #13: comm syz.6.3687: mark_inode_dirty error [ 127.626981][T11796] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem [ 127.636996][T11796] EXT4-fs (loop6): 1 truncate cleaned up [ 127.643427][T11796] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.678774][T11802] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.3690: Allocating blocks 497-513 which overlap fs metadata [ 127.723083][T11518] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.734276][T11801] EXT4-fs (loop3): pa ffff888100496380: logic 16, phys. 129, len 24 [ 127.742447][T11801] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 1 [ 127.780441][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.893270][T11837] 9pnet: Could not find request transport: f [ 127.978759][T11854] netlink: 'syz.3.3710': attribute type 5 has an invalid length. [ 128.057426][T11868] __nla_validate_parse: 2 callbacks suppressed [ 128.057442][T11868] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3717'. [ 128.074579][T11869] xt_socket: unknown flags 0x24 [ 128.134065][T11875] loop3: detected capacity change from 0 to 2048 [ 128.175481][T11875] EXT4-fs: Ignoring removed nomblk_io_submit option [ 128.199655][T11875] EXT4-fs error (device loop3): ext4_read_inline_dir:1486: inode #12: block 5: comm syz.3.3721: path /816/file1/file0: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=7952, size=80 fake=0 [ 128.233910][T11886] loop6: detected capacity change from 0 to 512 [ 128.240790][T11875] EXT4-fs (loop3): Remounting filesystem read-only [ 128.292112][T11895] netlink: 'syz.1.3729': attribute type 5 has an invalid length. [ 128.299186][T11886] EXT4-fs warning (device loop6): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 128.320056][T11886] EXT4-fs (loop6): mount failed [ 128.416615][T11906] syz.6.3733: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 128.431211][T11906] CPU: 1 UID: 0 PID: 11906 Comm: syz.6.3733 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 128.431255][T11906] Tainted: [W]=WARN [ 128.431304][T11906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 128.431318][T11906] Call Trace: [ 128.431325][T11906] [ 128.431340][T11906] __dump_stack+0x1d/0x30 [ 128.431371][T11906] dump_stack_lvl+0xe8/0x140 [ 128.431433][T11906] dump_stack+0x15/0x1b [ 128.431477][T11906] warn_alloc+0x12b/0x1a0 [ 128.431501][T11906] ? __schedule+0x85f/0xcd0 [ 128.431564][T11906] ? __rcu_read_unlock+0x4f/0x70 [ 128.431593][T11906] __vmalloc_node_range_noprof+0xa0/0x1310 [ 128.431667][T11906] ? __futex_wait+0x1fa/0x260 [ 128.431693][T11906] ? __pfx_futex_wake_mark+0x10/0x10 [ 128.431748][T11906] ? __rcu_read_unlock+0x4f/0x70 [ 128.431769][T11906] ? avc_has_perm_noaudit+0xab/0x130 [ 128.431883][T11906] ? should_fail_ex+0x30/0x280 [ 128.431908][T11906] ? should_failslab+0x8c/0xb0 [ 128.432017][T11906] vmalloc_user_noprof+0x7d/0xb0 [ 128.432052][T11906] ? xskq_create+0x80/0xe0 [ 128.432094][T11906] xskq_create+0x80/0xe0 [ 128.432170][T11906] xsk_init_queue+0x95/0xf0 [ 128.432211][T11906] xsk_setsockopt+0x3f5/0x640 [ 128.432249][T11906] ? __pfx_xsk_setsockopt+0x10/0x10 [ 128.432341][T11906] __sys_setsockopt+0x184/0x200 [ 128.432380][T11906] __x64_sys_setsockopt+0x64/0x80 [ 128.432411][T11906] x64_sys_call+0x21d5/0x3000 [ 128.432443][T11906] do_syscall_64+0xd8/0x2a0 [ 128.432485][T11906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.432569][T11906] RIP: 0033:0x7f0ec2e7f749 [ 128.432588][T11906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.432674][T11906] RSP: 002b:00007f0ec18df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 128.432700][T11906] RAX: ffffffffffffffda RBX: 00007f0ec30d5fa0 RCX: 00007f0ec2e7f749 [ 128.432716][T11906] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 128.432728][T11906] RBP: 00007f0ec2f03f91 R08: 0000000000000052 R09: 0000000000000000 [ 128.432740][T11906] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.432790][T11906] R13: 00007f0ec30d6038 R14: 00007f0ec30d5fa0 R15: 00007fff504bc058 [ 128.432814][T11906] [ 128.432835][T11906] Mem-Info: [ 128.492889][T11908] loop3: detected capacity change from 0 to 2048 [ 128.497348][T11906] active_anon:5277 inactive_anon:11 isolated_anon:0 [ 128.497348][T11906] active_file:12478 inactive_file:13054 isolated_file:0 [ 128.497348][T11906] unevictable:0 dirty:219 writeback:0 [ 128.497348][T11906] slab_reclaimable:2195 slab_unreclaimable:17237 [ 128.497348][T11906] mapped:28762 shmem:1786 pagetables:1098 [ 128.497348][T11906] sec_pagetables:0 bounce:0 [ 128.497348][T11906] kernel_misc_reclaimable:0 [ 128.497348][T11906] free:1888398 free_pcp:6344 free_cma:0 [ 128.497429][T11906] Node 0 active_anon:21108kB inactive_anon:44kB active_file:49912kB inactive_file:52216kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:115048kB dirty:876kB writeback:0kB shmem:7144kB kernel_stack:3424kB pagetables:4392kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 128.738278][T11906] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 128.768156][T11906] lowmem_reserve[]: 0 2880 7859 7859 [ 128.773558][T11906] Node 0 DMA32 free:2945940kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949572kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3528kB free_cma:0kB [ 128.805155][T11906] lowmem_reserve[]: 0 0 4978 4978 [ 128.810275][T11906] Node 0 Normal free:4584416kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28260kB inactive_anon:44kB active_file:49912kB inactive_file:52192kB unevictable:0kB writepending:908kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:22612kB local_pcp:20812kB free_cma:0kB [ 128.843476][T11906] lowmem_reserve[]: 0 0 0 0 [ 128.848080][T11906] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 128.860927][T11906] Node 0 DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 1*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 716*4096kB (M) = 2945940kB [ 128.877139][T11906] Node 0 Normal: 1144*4kB (UME) 900*8kB (UME) 590*16kB (UME) 526*32kB (UME) 447*64kB (UME) 297*128kB (UME) 193*256kB (UME) 111*512kB (UME) 67*1024kB (UME) 44*2048kB (UM) 1029*4096kB (UM) = 4584416kB [ 128.896983][T11906] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 128.906484][T11906] 29067 total pagecache pages [ 128.911169][T11906] 14 pages in swap cache [ 128.915457][T11906] Free swap = 124940kB [ 128.919623][T11906] Total swap = 124996kB [ 128.923781][T11906] 2097051 pages RAM [ 128.927623][T11906] 0 pages HighMem/MovableOnly [ 128.932353][T11906] 81258 pages reserved [ 128.947033][T11911] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 128.976595][T11908] Alternate GPT is invalid, using primary GPT. [ 128.983179][T11908] loop3: p1 p2 p3 [ 128.987158][T11908] loop3: partition table partially beyond EOD, truncated [ 129.093919][T11923] loop4: detected capacity change from 0 to 512 [ 129.251678][T11926] loop6: detected capacity change from 0 to 8192 [ 129.552072][T11969] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3761'. [ 129.623774][T11975] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3764'. [ 129.633235][T11975] netlink: 'syz.6.3764': attribute type 30 has an invalid length. [ 129.641401][T11975] netlink: 'syz.6.3764': attribute type 29 has an invalid length. [ 129.649719][T11975] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3764'. [ 129.751706][T11980] loop3: detected capacity change from 0 to 1024 [ 129.768295][T11984] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3769'. [ 129.845545][T11980] EXT4-fs error (device loop3): mb_free_blocks:2037: group 0, inode 16: block 145:freeing already freed block (bit 9); block bitmap corrupt. [ 130.109650][T12006] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 130.135782][T12006] EXT4-fs (loop6): 1 truncate cleaned up [ 130.299369][T12019] netlink: 556 bytes leftover after parsing attributes in process `syz.6.3781'. [ 130.553238][T12028] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002] [ 130.617938][T12028] System zones: 0-2, 18-18, 34-35 [ 130.895439][T12051] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(6) [ 130.902009][T12051] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 130.909695][T12051] vhci_hcd vhci_hcd.0: Device attached [ 130.936069][T12052] vhci_hcd: connection closed [ 130.936924][ T123] vhci_hcd: stop threads [ 130.946436][ T123] vhci_hcd: release socket [ 130.951066][ T123] vhci_hcd: disconnect device [ 131.169653][T12067] program syz.3.3801 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 131.225735][T12069] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3802'. [ 131.816397][ T29] kauditd_printk_skb: 63 callbacks suppressed [ 131.816414][ T29] audit: type=1326 audit(131.797:3326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12120 comm="syz.1.3827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 131.861908][ T29] audit: type=1326 audit(131.827:3327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12120 comm="syz.1.3827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 131.885909][ T29] audit: type=1326 audit(131.827:3328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12120 comm="syz.1.3827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 131.909741][ T29] audit: type=1326 audit(131.827:3329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12120 comm="syz.1.3827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 131.933645][ T29] audit: type=1326 audit(131.837:3330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12120 comm="syz.1.3827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 131.957465][ T29] audit: type=1326 audit(131.837:3331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12120 comm="syz.1.3827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 131.981645][ T29] audit: type=1326 audit(131.837:3332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12120 comm="syz.1.3827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea3c59f749 code=0x7ffc0000 [ 132.007522][T12134] netlink: 2184 bytes leftover after parsing attributes in process `syz.4.3831'. [ 132.027609][T12134] netlink: 144 bytes leftover after parsing attributes in process `syz.4.3831'. [ 132.111457][ T29] audit: type=1400 audit(132.087:3333): avc: denied { read } for pid=12144 comm="syz.1.3837" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 132.135568][T12149] batadv_slave_0: entered promiscuous mode [ 132.154446][T12149] batman_adv: batadv0: Adding interface: macsec2 [ 132.160879][T12149] batman_adv: batadv0: The MTU of interface macsec2 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 132.186288][T12149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 132.196842][T12149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.235909][T12149] batman_adv: batadv0: Interface activated: macsec2 [ 132.244034][T12152] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3839'. [ 132.605982][ T29] audit: type=1400 audit(132.587:3334): avc: denied { name_bind } for pid=12186 comm="syz.4.3855" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 132.639795][T12191] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0 [ 132.654418][ T29] audit: type=1400 audit(132.587:3335): avc: denied { write } for pid=12188 comm="syz.5.3856" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 132.707004][T12191] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0 [ 132.748658][T12201] set_capacity_and_notify: 3 callbacks suppressed [ 132.748679][T12201] loop3: detected capacity change from 0 to 128 [ 132.764477][T12201] EXT4-fs mount: 10 callbacks suppressed [ 132.764509][T12201] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 132.786137][T12205] loop4: detected capacity change from 0 to 128 [ 132.794733][T12205] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 132.808514][T12191] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0 [ 132.808577][ T3327] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 132.827237][T12205] EXT4-fs warning (device loop4): verify_group_input:137: Cannot add at group 9 (only 1 groups) [ 132.852328][ T3328] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 132.878061][T12210] loop4: detected capacity change from 0 to 512 [ 132.886232][T12191] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0 [ 132.906467][T12210] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002] [ 132.914644][T12210] System zones: 0-2, 18-18, 34-35 [ 132.923081][T12210] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 132.929038][ T31] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20002 - 0 [ 132.958096][ T31] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20002 - 0 [ 132.978733][ T123] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20002 - 0 [ 133.005255][ T123] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20002 - 0 [ 133.039779][T12216] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 133.132712][T12228] loop5: detected capacity change from 0 to 1024 [ 133.145621][T12228] EXT4-fs: Ignoring removed mblk_io_submit option [ 133.152425][T12228] EXT4-fs: Ignoring removed nobh option [ 133.170466][T12228] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 133.198781][T12238] loop6: detected capacity change from 0 to 256 [ 133.212534][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.246202][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.369522][T12258] __nla_validate_parse: 3 callbacks suppressed [ 133.369537][T12258] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3886'. [ 133.384843][T12258] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3886'. [ 133.611493][T12295] netlink: 'syz.6.3904': attribute type 2 has an invalid length. [ 133.620022][T12295] netlink: 16158 bytes leftover after parsing attributes in process `syz.6.3904'. [ 133.684560][T12305] loop6: detected capacity change from 0 to 256 [ 133.774389][T12319] xt_hashlimit: max too large, truncated to 1048576 [ 133.810704][T12323] loop3: detected capacity change from 0 to 1024 [ 133.818593][T12323] EXT4-fs: Ignoring removed orlov option [ 133.837662][T12323] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.879636][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.020285][T12358] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3930'. [ 134.041992][T12360] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 134.123275][T12375] veth0: entered promiscuous mode [ 134.132973][T12372] veth0: left promiscuous mode [ 134.175484][T12379] netlink: 488 bytes leftover after parsing attributes in process `syz.6.3940'. [ 134.184579][T12379] netlink: 488 bytes leftover after parsing attributes in process `syz.6.3940'. [ 134.463789][T12425] netlink: 488 bytes leftover after parsing attributes in process `syz.4.3961'. [ 134.473081][T12425] netlink: 488 bytes leftover after parsing attributes in process `syz.4.3961'. [ 134.702231][T12470] loop4: detected capacity change from 0 to 1024 [ 134.735320][T12470] EXT4-fs: Ignoring removed orlov option [ 134.757203][T12470] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 134.786759][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.828069][T12483] netlink: 340 bytes leftover after parsing attributes in process `syz.4.3986'. [ 135.011377][T12507] loop6: detected capacity change from 0 to 164 [ 135.222927][T12541] loop3: detected capacity change from 0 to 164 [ 135.577042][T12609] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4043'. [ 135.595109][T12609] netlink: 'syz.4.4043': attribute type 5 has an invalid length. [ 135.919948][T12657] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002] [ 135.942580][T12657] System zones: 0-2, 18-18, 34-35 [ 135.975399][T12657] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.396471][T12688] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.397880][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.440361][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.575425][T12698] netlink: 'syz.4.4085': attribute type 1 has an invalid length. [ 136.638483][T12698] 8021q: adding VLAN 0 to HW filter on device bond2 [ 136.678482][T12706] wireguard0: entered promiscuous mode [ 136.684216][T12706] wireguard0: entered allmulticast mode [ 136.764895][T12711] veth0: entered promiscuous mode [ 136.780190][T12710] veth0: left promiscuous mode [ 137.194412][T12739] EXT4-fs: Ignoring removed oldalloc option [ 137.218065][T12739] EXT4-fs: Ignoring removed nomblk_io_submit option [ 137.267875][T12739] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.292619][T12751] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 137.345311][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.410872][ T29] kauditd_printk_skb: 111 callbacks suppressed [ 137.410896][ T29] audit: type=1400 audit(137.367:3447): avc: denied { getopt } for pid=12758 comm="syz.4.4114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 137.473117][ T29] audit: type=1400 audit(137.397:3448): avc: denied { write } for pid=12764 comm="syz.3.4116" path="socket:[33912]" dev="sockfs" ino=33912 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 137.577107][ T29] audit: type=1326 audit(137.557:3449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12775 comm="syz.3.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bbb6ff749 code=0x7ffc0000 [ 137.665188][ T29] audit: type=1326 audit(137.557:3450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12775 comm="syz.3.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bbb6ff749 code=0x7ffc0000 [ 137.688280][ T29] audit: type=1326 audit(137.557:3451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12775 comm="syz.3.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f8bbb6ff749 code=0x7ffc0000 [ 137.711154][ T29] audit: type=1326 audit(137.557:3452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12775 comm="syz.3.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bbb6ff749 code=0x7ffc0000 [ 137.734226][ T29] audit: type=1326 audit(137.587:3453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12775 comm="syz.3.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bbb6ff749 code=0x7ffc0000 [ 137.757243][ T29] audit: type=1326 audit(137.597:3454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12785 comm="syz.6.4125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ec2e7f749 code=0x7ffc0000 [ 137.780167][ T29] audit: type=1326 audit(137.597:3455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12785 comm="syz.6.4125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f0ec2e7f749 code=0x7ffc0000 [ 137.803143][ T29] audit: type=1326 audit(137.597:3456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12785 comm="syz.6.4125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ec2e7f749 code=0x7ffc0000 [ 138.304776][T12846] set_capacity_and_notify: 4 callbacks suppressed [ 138.304796][T12846] loop6: detected capacity change from 0 to 128 [ 138.414548][T12865] loop6: detected capacity change from 0 to 256 [ 138.563400][T12880] netlink: 'syz.3.4166': attribute type 1 has an invalid length. [ 138.626633][T12880] 8021q: adding VLAN 0 to HW filter on device bond1 [ 138.922336][T12917] __nla_validate_parse: 2 callbacks suppressed [ 138.922357][T12917] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4186'. [ 138.942871][T12915] xt_CT: You must specify a L4 protocol and not use inversions on it [ 139.031577][T12932] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4192'. [ 139.040624][T12932] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4192'. [ 139.054761][T12932] bridge1: entered promiscuous mode [ 139.060102][T12932] bridge1: entered allmulticast mode [ 139.317385][T12956] loop5: detected capacity change from 0 to 512 [ 139.370039][T12956] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002] [ 139.388362][T12956] System zones: 0-2, 18-18, 34-35 [ 139.406736][T12956] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.406746][T12968] netlink: 3 bytes leftover after parsing attributes in process `syz.3.4206'. [ 139.406856][T12968] ================================================================== [ 139.419238][T12968] BUG: KCSAN: data-race in data_push_tail / string [ 139.419288][T12968] [ 139.419298][T12968] write to 0xffffffff88ea0060 of 1 bytes by task 12956 on cpu 1: [ 139.419319][T12968] string+0x187/0x220 [ 139.419347][T12968] vsnprintf+0x532/0x860 [ 139.419373][T12968] vscnprintf+0x41/0x90 [ 139.419399][T12968] printk_sprint+0x30/0x2d0 [ 139.419433][T12968] vprintk_store+0x599/0x860 [ 139.419478][T12968] vprintk_emit+0x15a/0x610 [ 139.419517][T12968] vprintk_default+0x26/0x30 [ 139.419550][T12968] vprintk+0x1d/0x30 [ 139.419576][T12968] _printk+0x79/0xa0 [ 139.419618][T12968] __ext4_msg+0x18f/0x1a0 [ 139.419639][T12968] ext4_fill_super+0x2f8c/0x37a0 [ 139.419661][T12968] get_tree_bdev_flags+0x291/0x300 [ 139.419683][T12968] get_tree_bdev+0x1f/0x30 [ 139.419702][T12968] ext4_get_tree+0x1c/0x30 [ 139.419722][T12968] vfs_get_tree+0x57/0x1d0 [ 139.419742][T12968] do_new_mount+0x24d/0x6a0 [ 139.419763][T12968] path_mount+0x4ab/0xb80 [ 139.419783][T12968] __se_sys_mount+0x28c/0x2e0 [ 139.419806][T12968] __x64_sys_mount+0x67/0x80 [ 139.419828][T12968] x64_sys_call+0x2cca/0x3000 [ 139.419857][T12968] do_syscall_64+0xd8/0x2a0 [ 139.419894][T12968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.419919][T12968] [ 139.419928][T12968] read to 0xffffffff88ea0060 of 8 bytes by task 12968 on cpu 0: [ 139.419947][T12968] data_push_tail+0x100/0x470 [ 139.419982][T12968] data_alloc+0x11b/0x390 [ 139.420013][T12968] prb_reserve+0x964/0xb60 [ 139.420045][T12968] vprintk_store+0x56d/0x860 [ 139.420079][T12968] vprintk_emit+0x15a/0x610 [ 139.420115][T12968] vprintk_default+0x26/0x30 [ 139.420153][T12968] vprintk+0x1d/0x30 [ 139.420178][T12968] _printk+0x79/0xa0 [ 139.420213][T12968] __nla_validate_parse+0x1738/0x1d00 [ 139.420246][T12968] __nla_parse+0x40/0x60 [ 139.420272][T12968] rtnl_setlink+0xcf/0x490 [ 139.420310][T12968] rtnetlink_rcv_msg+0x5fe/0x6d0 [ 139.420348][T12968] netlink_rcv_skb+0x123/0x220 [ 139.420381][T12968] rtnetlink_rcv+0x1c/0x30 [ 139.420417][T12968] netlink_unicast+0x5c0/0x690 [ 139.420447][T12968] netlink_sendmsg+0x58b/0x6b0 [ 139.420512][T12968] __sock_sendmsg+0x145/0x180 [ 139.420551][T12968] sock_write_iter+0x1a7/0x1f0 [ 139.420587][T12968] do_iter_readv_writev+0x4a1/0x540 [ 139.420611][T12968] vfs_writev+0x2df/0x8b0 [ 139.420639][T12968] do_writev+0xe7/0x210 [ 139.420666][T12968] __x64_sys_writev+0x45/0x50 [ 139.420689][T12968] x64_sys_call+0x1ba5/0x3000 [ 139.420718][T12968] do_syscall_64+0xd8/0x2a0 [ 139.420754][T12968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.420779][T12968] [ 139.420785][T12968] value changed: 0x00000000ffffe353 -> 0x662d345458453601 [ 139.420800][T12968] [ 139.420806][T12968] Reported by Kernel Concurrency Sanitizer on: [ 139.420824][T12968] CPU: 0 UID: 0 PID: 12968 Comm: syz.3.4206 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 139.420861][T12968] Tainted: [W]=WARN [ 139.420870][T12968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 139.420887][T12968] ================================================================== [ 139.744074][T12968] 0X: renamed from caif0 [ 139.750959][T12968] 0X: entered allmulticast mode [ 139.756265][T12968] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 139.808130][ T5805] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.