last executing test programs: 3m5.817761413s ago: executing program 1 (id=2006): mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0xfefffffe, 0x2) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 3m5.519776658s ago: executing program 1 (id=2016): mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0xfefffffe, 0x2) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 3m4.605785925s ago: executing program 1 (id=2027): unshare(0x22020400) r0 = syz_open_dev$usbmon(&(0x7f0000001b00), 0x882c, 0x100) ioctl$MON_IOCQ_URB_LEN(r0, 0x9201) 3m4.561146938s ago: executing program 1 (id=2032): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x0, 0x2, 0x0, 0x0, 0x7f}}) ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0x80585414, 0x0) 3m4.399153615s ago: executing program 1 (id=2034): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) mkdirat(r0, &(0x7f0000002040)='./file0\x00', 0x5) 3m4.331262909s ago: executing program 1 (id=2036): ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x1) syz_emit_ethernet(0x1379, &(0x7f0000000c80)=ANY=[@ANYBLOB="15420408cee3ffffffffffff86dd6099cea613432c03cb697a653e336f000000500000000000ff0200000000000000000000000000011600002e"], 0x0) syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="69e1629b6174391e7dd7a2d786dd60b6000000302c03cb697a653e336f000000500000000000ff0200000000000000000000000000013a000003"], 0x0) 2m48.996839068s ago: executing program 32 (id=2036): ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x1) syz_emit_ethernet(0x1379, &(0x7f0000000c80)=ANY=[@ANYBLOB="15420408cee3ffffffffffff86dd6099cea613432c03cb697a653e336f000000500000000000ff0200000000000000000000000000011600002e"], 0x0) syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="69e1629b6174391e7dd7a2d786dd60b6000000302c03cb697a653e336f000000500000000000ff0200000000000000000000000000013a000003"], 0x0) 50.240229755s ago: executing program 2 (id=7136): perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x9}, 0x106200, 0x1000, 0x20da, 0x0, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) alarm(0x3672) 50.105012422s ago: executing program 2 (id=7141): r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) 50.020019186s ago: executing program 2 (id=7144): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000140)='./file2\x00', 0x2004db, &(0x7f0000000300), 0x12, 0x52c, &(0x7f0000000980)="$eJzs3U9sI1cZAPBvJsnam6bNFnoAVOhSCgtarZ1426jqhXKqEKqE6JHDNiROFMWOo9gpTViJ7JE7EpU4wYkzByQOSD1xR+IANy7lgFRgBWoqIWHksZ04f5yY3cTejX8/aeQ38xx/72V23ht93swLYGzdjIi9iLgWEe9GxGzneNLZ4s321nrfJw/vL+0/vL+URLP5zj+SrL51LHp+puWZzmfmI+J7b0X8IDkW9I8R9Z3d9cVKpbzVOVRsVDeL9Z3dO2vVxdXyanmjVFqYX5h7/e5rpQvr60vVX398PSJ+99svfvSHvW/8qNWsmU5dbz8uUrvrUwdxIprZr/g7lxFsBCYiYrLz7+f/9kg/xEVKI+IzEfFydv3PxkR2No86epq+OcTWAQCXodmc7dyRdvcBgKsuzXJgSVro5AJmIk0LhXYO74WYTiu1euP2Sm17Y7mdK7sRU+nKWqU818kV3oipZGVtsjyflbv7lXLp2P7diHg+In6au57tF5ZqleVR3vgAwBh75tj8/+9ce/4/5WsAAOAqyR8Wc6NsBwAwPPlRNwAAGDrzPwCMH/M/AIwf8z8AjB/zPwCMH/M/AIyV7779dmtr7neef7383s72eu29O8vl+nqhur1UWKptbRZWa7XV7Jk91fM+r1Krbc6/GtvvFxvleqNY39m9V61tbzTuZc/1vleeGkqvAICzPP/Sh39OImLvjevZFj3P+z93rn7xslsHXKZ01A0ARmZi1A0ARsZjPmF8ycfD+Ppvs9mMnrV7I+LBQannYaB9/4vQBwOFSa0bCk+eW59/jPw/8FST/4fx9Wj5f/fycBXI/8P4ajYTa/4DwJiR4weSc+p7v/+fa/bsDPb9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxJM9mWpIXOWuAzkaaFQsSzEXEjppKVtUp5LiKei4g/5aZyrf35iLBuEAA8zdK/JZ31v27NvjJzvPZa7tNc9hoRP/z5Oz97f7HR2JqPuJb88+B444PO8dIo2g8AnKc7T3fn8a5PHt5f6m7DbM/H32ovLtqKu9/Z2jWTMZm95rNcw/S/ks5+W+t+ZeIC4u89iIjPndb/5NOZLAfSXvn0ePxW7GcvN34cjZ8eiZ9mde3X1u/isxfQFhg3H7bGnzdPu/7SuJm9nn7957MR6vF1x7/9E+NfejD+TfQZ/24OGuPV33/7xMHmbLvuQcQXJiP2ux/eM/504yd94r8yYPy/vPill/vVNX8RcStO639yJFaxUd0s1nd276xVF1fLq+WNUmlhfmHu9buvlYpZjrrYzVSf9Pc3bj/XL36r/9N94ufP6f9XB+z/L//z7ve/fEb8r3/lMP6P4/D8v3BG/Nac+LUB4y9O/ybfr64Vfznrf3Ki/+ed/9sDxv/or7vLA74VABiC+s7u+mKlUt56/EL+zPekFxFigEISsXfJIQ4LuV/95K3z35wbWnsesRD9qiaelBZemULuyWjGAIVRj0zAZTu86EfdEgAAAAAAAAAAAAAAoJ8h/DnRRTymBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE71vwAAAP//TVbWig==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x0, 0x1) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) 49.925409631s ago: executing program 2 (id=7147): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)={0x5c, r1, 0x917, 0xa7, 0x1000000, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x3f}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @loopback={0xe4}}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @empty=0xe4ffffff}}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x4}]}, 0x5c}}, 0x0) 49.878077412s ago: executing program 2 (id=7149): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) symlink(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 49.812335756s ago: executing program 2 (id=7152): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001000000ff7f00000000800000", @ANYRES32=0x0, @ANYRES32=r0], 0x24}}, 0x0) 34.794138452s ago: executing program 33 (id=7152): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001000000ff7f00000000800000", @ANYRES32=0x0, @ANYRES32=r0], 0x24}}, 0x0) 1.044397788s ago: executing program 5 (id=9073): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000100000abc000000090a010400000000000000000a0000040900020073797a310000000008000a40000000010900010073797a3100000000080005400000000d7800128014110180090001006c6173740000000004000280100001800c000100636f756e74657200100001800b0001006e756d67656e0000100001800a0001006c696d6974000000100001800b00010072656a6563740000200001800700010072740000140002800800024000000001080002400000000408000340000001"], 0xe4}, 0x1, 0x0, 0x0, 0x4044040}, 0x40) 976.772021ms ago: executing program 5 (id=9079): r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x48, 0x0, 0x2, 0xffeffffe}, {0x6, 0x29, 0x7, 0x205}]}, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r0) 589.21198ms ago: executing program 3 (id=9102): io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0x20f42, 0x0) io_submit(r0, 0x1, &(0x7f0000000500)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x8, 0xc, r1, &(0x7f0000000080)='E', 0x1, 0x8000}]) 485.061435ms ago: executing program 3 (id=9108): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x35}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) 471.104996ms ago: executing program 4 (id=9109): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="5953fdfffffffddbdf256b000000080043"], 0x28}}, 0x50) 453.086657ms ago: executing program 0 (id=9110): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c1, &(0x7f00000005c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2rrAwMpOZzWSNMZHNyu1+Ps0++8zznfk9k4fsbJEnH748Obqfx8MnX/wSWZZEZxjDOEliEJ1ofBULht8EAPAsOymK+L2Y2SSXRES2vbIAgC1a7+9/d9786VLKAgC26N677729f3Bw550ssrg7+fp4VP5nX/6cHd9/GB/HOB7Ea9GP04jqQWE3qqeFsnm3KIppNy8N4uZkejwqk5MPntbn3/8tosrvRT8GVdfZ00aVf+vgzl4+08pPyzqer68/LPO3ox8vnoUX8reX5GOUxquvtOq/Ff34+aP4JMZxvypinv9yL8/fLL794/P3y/LKfDI9HvWqcXPFziW/NAAAAAAAAAAAAAAAAAAAAAAAXGG36r1zepHfiJuTsqvef2fnNNLy17wxWNyfZ5ZPmhO19wcqimJaxPetLQXzoh44z3fjpW57Y0EAAAAAAAAAAAAAAAAAAAC4vh5/+tnR4Xj84NGFNJrdALoR8ee9iP96nmGr50asHtyrr3k4Hnfq5sKYp2m7J3aaMUnEyjLKSVzQbfm3xnPna24aP/xYTnCTE2atnteXT3B3+/NqVtfRYbL8Wr1oerJ6kXyXRszHpLHmtdJ/OlTEJssvXXqov/Hc0xeqxnTFmEhWFfbGr7M7V/ck52eRVnd1aXy3brTi59bGWq97ZLP4398rkmq3jt723owAAAAAAAAAAAAAAAAAAOCam3/6d8nBJyujncJHgQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4Iubf/79BY1qH1xicxqPH//MUAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuAb+CgAA//8HIVi7") r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') lseek(r0, 0xfffd, 0x0) 429.817028ms ago: executing program 4 (id=9111): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="d800000010008104687da3aa7143a0b8c81d080b25000000e8fe55a19c9d8714060014000000001208000a0043000040a8001200040001", 0x37}], 0x1}, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="7c00000000010104000000000000000002000000240001801400018008000100ac14143208000200ac1414000c0002800500010000000000240002801400018008000100e000000108000200e00000010c00028005000100000000000800074000000000180006801400038006"], 0x7c}}, 0x0) 407.49085ms ago: executing program 0 (id=9112): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=") setresuid(0x0, 0xee00, 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb) 390.21133ms ago: executing program 4 (id=9114): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x10) write(r0, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000000100000000000000080003000b000000", 0x24) 370.819121ms ago: executing program 3 (id=9116): r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r0, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d) socket$can_raw(0x1d, 0x3, 0x1) 358.098191ms ago: executing program 4 (id=9117): setuid(0xee00) r0 = socket$netlink(0x10, 0x3, 0x4) write(r0, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27) 350.850022ms ago: executing program 0 (id=9118): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000f40), r0) sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010067bd7000fbdbdf25010000005c00018014000300fe80320000000a0000000000000000bb060001000a00000008000600777272000c0007002e000000050000000800090027000000060002001100000008000b00736970000800080009000000060004"], 0x70}, 0x1, 0x0, 0x0, 0x20004084}, 0x20008800) 330.665373ms ago: executing program 3 (id=9119): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x5) pwrite64(r0, &(0x7f0000000140)='2', 0xff10, 0x8000c61) read$msr(r0, &(0x7f0000001200)=""/244, 0xfffffc9c) 329.253823ms ago: executing program 6 (id=9120): set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='rdma.current\x00', 0x275a, 0x0) fsetxattr(r0, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f0000000080)=':\x00', 0xffdf, 0x0) 314.739174ms ago: executing program 4 (id=9121): syz_mount_image$ext4(&(0x7f0000000900)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000240)={[{@nouid32}, {@nodioread_nolock}, {@noquota}, {@jqfmt_vfsv1}, {@journal_dev={'journal_dev', 0x3d, 0x9}}, {@commit}]}, 0x1, 0x5a3, &(0x7f00000002c0)="$eJzs3T1sG3UbAPDnznHTj7xv+krvK72gDhUgFamqk/QDClO7IipV6oDEApHjRlWcuIodaKJIpHuF6IAAdSkbDIwgBgbEwsjKwseMVNEIpKYDGDk+p2nqFCfEMcS/n3TJ/3939vP8fX7OvtOdHEDfOtr4k0Y8EREXk4jhdcsGIlt4tLneyvJi8f7yYjGJev3Sz0kkEXFvebHYWj/J/h+KiKWI+H9EfJWPOJ6uPeW+VqM6vzA1Xi6XZrP+SG366kh1fuHElenxydJkaebU8y+cOXv6zNjJsfXp3q+v7+W3NtYb3998+8Y3L92++fEnR5aK744ncS6GsmXrx7GTmq9JPs5tmH+6G8F6KOl1AmxLLqvzRin9L4Yjl1V9O/X1O4fBXUkP6KL6YER9zbom0AcSRQ99qvU9oHH825p28/vHnfPNA5BG3JXlxeJb0Yo/0Dw3EftXj00O/pI8dGTSON48vJuJsictXY+I0YGBR9//Sfb+277RnUiQrvryfHNDPbr907X9T7TZ/wy1zp3+Ra3930q2/1tpEz+3yf7vYocxfnv1xw82jX99MJ5sGz9Zi5+0iZ9GxOsdxr/1yudnN1tW/zDiWLSP35I8/vzwyOUr5dJo82/bGF8cO/Li5uOPOLhJ/OY52/2riawf/74sp7TD8X/29adPLT0m/rNPP377t3v9D0TEOx3G/8+9j17ebNmd68ndxreArW7/JPJxu8P4z507+l3WdNYQAAAAAAAAAAB2ULp6LVuSFtbaaVooNO/h/W8cTMuVau345crczETzmrfDkU9bV1oNN/tJoz+WXY/b6p/c0D+VywLmDqz2C8VKeaLHYwcAAAAAAAAAAAAAAAAAAIC/i0Mb7v//Nbd6///Gn6sG9qrNf/Ib2OvUP/Svh+s/6VkewO7z+Q99q67+oX+pf+hf6h/6l/qH/tW2/g/sfh7A7vP5D/1L/QMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChMdXvLy8WG/2Jgfm5qcobJyZK1anC9FyxUKzMXi1MViqT5VKhWJn+s+dLKpWrozEzd22kVqrWRqrzC69NV+ZmWr8pWsp3fUQAAAAAAAAAAAAAAAAAAADwzzO0OiVpISLf7KdpoRDxr4g4nERy+Uq5NBoR/46Ib3P5wUZ/rNdJAwAAAAAAAAAAAAAAAAAAwB5TnV+YGi+XS7PdawxkoTp71A+1ruYzsJWVI2JpZ9NoPOOWH5XPXsDubqY+aeQ6fB/2faOHOyUAAAAAAAAAAAAAAAAAAOhTD2767fQRv3c3IQAAAAAAAAAAAAAAAAAAAOhL6U9JRDSmY8PPDG1cui9Zya3+j4g3b11679p4rTY71ph/d21+7f1s/sle5A90qlWnaUQ06hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oDq/MDVeLpdmt9kY7GCdXo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv+CAAA//9bQM66") r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 286.154345ms ago: executing program 0 (id=9122): unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000000)=[{0x3, 0x1000, 0x1000}], 0x1, &(0x7f0000000040)) 278.324736ms ago: executing program 6 (id=9123): capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x3c}) r0 = shmget$private(0x0, 0x4000, 0x8, &(0x7f0000ffb000/0x4000)=nil) shmctl$SHM_STAT(r0, 0xd, 0x0) 246.618027ms ago: executing program 6 (id=9124): openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.throttle.io_service_bytes\x00', 0x0, 0x0) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) write$vga_arbiter(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='trylock i'], 0xb) 226.275408ms ago: executing program 0 (id=9125): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_GET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)={0x60, r1, 0x1, 0x0, 0x0, {0x49}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x73}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}}]}, 0x60}}, 0x0) 194.41694ms ago: executing program 6 (id=9126): syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54dabaa5206d4a2a060b5ccc774b3ec4c81a1a9852327ff871d16d0d9344e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9aeb8576d329be6e4bb168f1434000000", @ANYRESHEX=0x0], 0xfd, 0x296, &(0x7f0000001080)="$eJzs3M1qE1EUwPFj0o80tU0WIiiIB92oi6GNL2CQFsSAUhtRF8LUTjRkTMrMWImI7c6tz1FcuhPUF+jGnQt30k0XCm66UCOdjzatQ6u2yYTm/4Myp3Pvydz5CmcGctfvvHpcq7hGxfQklVFJiSzLhkh+MwodC5cpPx6SdstycfT7pzO37t67XiyVpmZUp4uzlwuqOn723dPnr8998EZvvxl/Oyyr+fvr3wpfVk+unlr/NRt9esNTU+caDc+csy2dr7o1Q/WmbZmupdW6azk72it2Y2GhqWZ9fiy74Fiuq2a9qTWrqV5DPaep5kOzWlfDMHQsK/0m/c8Z5ZWZGbPYkcEgCSNxKx2naKZjG8sr3RgUAADoLUnV/4+qrlZdre9X/6eE+r9zqP+PkuNrEvsUuFn/Z8P7d8uln10cGQAAAAAAAAAAAAAAAAAAAAAAOIiNVivXarVy0TL6GxaRjIhE/yc9TnTGQc7/cPeHi0PW9sO9jIj9crG8WA6WQXuxIlWxxZKJQZEf/vUQCuLpa6WpCfXl5b29FOYvLZbT/vXh50fy8fmTQb7uzB+UbPv2C5KTE/I5Lr8Qmz8kF8635RuSk48PpCG2zPvX9Xb+i0nVqzdKu/JH/H4AAAAAABwFhm754/ndbzc0mjZkV3uwcvv9gOT2eT+w6/l6QE4PJLffAAAAAAD0E7f5rGbatuUQ7AiuiMiefZI+dCM9cqA6GKQ2z0HXt/41ujV64yAcarD2JNi1v+mc4JcSAAAAgI7YLvqTHgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1rj2nAMmEXf03U/3/mHmvbXLr7ewgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0jt8BAAD//ysQG/U=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x80000, 0x1) open_by_handle_at(r0, &(0x7f0000000040)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0) 94.431445ms ago: executing program 6 (id=9127): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x35}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) 94.300895ms ago: executing program 3 (id=9128): syz_mount_image$iso9660(&(0x7f00000002c0), &(0x7f00000000c0)='./file0\x00', 0x8010, &(0x7f0000000000)={[{@showassoc}, {@nojoliet}, {@map_acorn}]}, 0x1, 0x566, &(0x7f0000000540)="$eJzs3M9uG8cZAPBZmbJVFXUDBI0dxYeN04MLNAxJ1zKEAAHY1VLahOISu6vAPhVBLQVCpbRIUqDxzRe3BfoSaW99gp76RkGPPaZYLuk4tkjLfxIaze8HSDPkfjvzzYrYD6QwDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAiJLtTqcbhWE22r8Vz5dsF/neguOz8f71rWbBvCFE9U9YWwuXm6cuv/rN4Z/Vv66GS82jS2GtbtbC3R+/9sq7r7ZWZucvSOh7sDpN9vjg08WBUfg6+r6S+m7snnapW/FOOsrKPNvr76RxVubx1uZm553dQRkPsmFa3i6rdC9OWqFf5UV8LflF3N3auh6n7dv5/mhnuz9MZ0/efLvX6WzG77fHab8o89E777fLZDcbDrPRziSmPlzH3KxfiB9kVXzhwbW//qTcD4+OD7pnCeo9KajX6fW63V6vu3lj68bNTqf12BOdR4THIpb9omXZXtCdG57frP4DAAAA/7+iyWfs9fv/1cnn8FEYRF83lp0aAAAA8IJM/vN/6R9R/f4/hHA5RINsmHaWnRYAAADwAv3liXvsyvGF6N//CUWxGt0b3/p5dNKv4/on55rzzj06YjVoRReng0yazdb0UZJeiV5vgl6fRX81bQ6flEf0FAlszEkg/C1sNDEbd5r2zuxIM8v6IBum7SQfvtsN/f7FlSq9Vf3xk6M/hcny/zrauxiFw6Pjg/Zvf398Z5LLvXqUeyfTDRSP7aNYkMvnD/Y9PrLiL5uhVutcoum86828nYfXv9KcvvIUc94PbzQxb6w37fq3179Wz9ltz1v9evSTyWa651z5/XClibly7a26eevaKVn0Tsvi/HTwyW69h7N4pmtxhiyuL7gW4fDoQgjhTFn8aF4WAMtyOK8KPaj/j9bd1jPca7+p7u99h9X9fniziXlzY3JjbW2cckfvtKOw4I4+q7H3zj9rdftnuNrEXJ0Fn1pj3/vpZN7wymzepqpOiv+Xc+cth72o/kOd+/zkD+G1z764+/bRyUcfH3x88Emvd32z86tO50YvrE6WMW0WZArAD1dafBWtV3+OiiIb/6a7tdXtV7tpXOTJB3GRbe+kcTaq0iLZ7Y920nhc5FWe5MO682G2nZZxuT8e50UVD/IiHudldmvyzS/x9KtfyjT8clRlSTkepv0yjZN8VPWTKt7OyiQe7/96mJW7aTE5uRynSTbIkn6V5aO4le//PUnbcVym6UOB2XY6qrJBVndH8bjI9vrF7fjDfLi/l8bbaZkU2bjKmwFnc2WjQV7s9avsXGgv+2IDwEvisy/u/u6j4+ODT8/Y+e90c+DTnPX4rOeXsVQAYGpRlQYAAAAAAAAAAAAAAF4OT7v/7wV2VqcpLGd2nbN1wtpLkcZyOivPPU7rJVjF3M7sJnBqzPLuSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwz/8CAAD//3bhnLY=") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000880)=""/232, 0xe8) 93.756435ms ago: executing program 0 (id=9137): syz_usb_connect$cdc_ecm(0x4, 0x4d, &(0x7f0000000400)=ANY=[@ANYBLOB="12010003020000ff2505a1a440000102030109023b00010180200209040081020206000f052406000005240008000d240f01ffff0000ff010100050905820208000907020905030220000003a0"], 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x5, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x10000, 0x2, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x25, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x11000, 0x0, 0x1000000000000000, 0x4, 0x5, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xb) 93.385455ms ago: executing program 5 (id=9129): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a74000000060a0b0400000000000000000200000248000480440001800b00010074617267657400003400028008000240000000010d000100434f4e4e4d41524b000000ea14000300e4624777db9d97adbf2cd16d6fb1131fe40000000900020073797a32000000000900010073797a30"], 0x9c}}, 0x0) 61.877716ms ago: executing program 5 (id=9130): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0xfffffffc}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x15, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xb0}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x86}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x8c280b228f75a715}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 37.912398ms ago: executing program 6 (id=9131): syz_open_dev$vcsu(0x0, 0x40, 0x2000) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000024c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000038000000030a01040000000000000000010000010900030073797a32000000000c00024000000000000000010900010073797a300000000054000000060a01"], 0x7904}, 0x1, 0x0, 0x0, 0x4040}, 0x0) 29.871678ms ago: executing program 3 (id=9132): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x200006, 0x8, &(0x7f0000006680)) creat(&(0x7f0000000880)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1) unlink(&(0x7f0000000ac0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 29.259498ms ago: executing program 5 (id=9133): munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0) ioctl$FS_IOC_RESVSP(r0, 0xc0189436, &(0x7f0000000740)={0x0, 0x0, 0x800, 0x1005f, 0x3}) 21.871778ms ago: executing program 4 (id=9134): capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') umount2(&(0x7f00000000c0)='./file0\x00', 0x9) 0s ago: executing program 5 (id=9135): unshare(0x2c020400) r0 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_buf(r0, 0x1, 0x3b, 0x0, &(0x7f00000002c0)) kernel console output (not intermixed with test programs): 47][ T2517] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 204.029612][ T2517] EXT4-fs error (device loop3): ext4_release_dquot:7037: comm kworker/u8:11: Failed to release dquot type 0 [ 204.073771][ T2517] loop3: lost filesystem error report for type 5 error -117 [ 204.074114][ T3321] EXT4-fs error (device loop3): __ext4_get_inode_loc:4782: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 204.086964][ T50] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 144 with max blocks 2048 with error 117 [ 204.096236][T19458] ext4 filesystem being mounted at /858/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 204.118530][ T3321] loop3: lost filesystem error report for type 5 error -117 [ 204.118774][ T3321] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 204.126475][ T50] EXT4-fs (loop2): This should not happen!! Data will be lost [ 204.126475][ T50] [ 204.168618][ T3321] loop3: lost filesystem error report for type 5 error -117 [ 204.168718][ T3321] EXT4-fs error (device loop3): ext4_quota_off:7285: inode #3: comm syz-executor: mark_inode_dirty error [ 204.203015][ T3321] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 204.315671][T19482] EXT4-fs (loop4): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 204.339455][T19487] netem: incorrect ge model size [ 204.344403][T19487] netem: change failed [ 204.355898][T19482] EXT4-fs error (device loop4): ext4_map_blocks:776: inode #3: block 2: comm syz.4.7024: lblock 2 mapped to illegal pblock 2 (length 1) [ 204.356674][T19474] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.7013: bg 0: block 4: invalid block bitmap [ 204.383911][T19491] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7029'. [ 204.392932][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 204.392949][ C0] EXT4-fs (loop3): initial error at time 2000000015: ext4_validate_block_bitmap:432 [ 204.392967][ C0] EXT4-fs (loop3): last error at time 2000000015: ext4_validate_block_bitmap:432 [ 204.405939][T19474] EXT4-fs (loop3): Remounting filesystem read-only [ 204.425396][T19482] EXT4-fs error (device loop4): ext4_map_blocks:776: inode #3: block 48: comm syz.4.7024: lblock 0 mapped to illegal pblock 48 (length 1) [ 204.439585][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 204.439605][ C0] EXT4-fs (loop4): initial error at time 2000000015: ext4_map_blocks:776: inode 3: block 2 [ 204.439634][ C0] EXT4-fs (loop4): last error at time 2000000015: ext4_map_blocks:776: inode 3: block 2 [ 204.468094][T19482] EXT4-fs error (device loop4): ext4_acquire_dquot:7001: comm syz.4.7024: Failed to acquire dquot type 0 [ 204.487490][T19482] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 204.497502][T19474] EXT4-fs (loop3): 1 truncate cleaned up [ 204.567637][T19482] EXT4-fs error (device loop4): ext4_evict_inode:255: inode #11: comm syz.4.7024: mark_inode_dirty error [ 204.597967][T19482] EXT4-fs warning (device loop4): ext4_evict_inode:258: couldn't mark inode dirty (err -117) [ 204.627451][T19482] EXT4-fs (loop4): 1 orphan inode deleted [ 204.644595][T19509] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802c018, mo2=0002] [ 204.669139][ T2769] EXT4-fs error (device loop4): ext4_map_blocks:776: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1) [ 204.683765][T19509] ------------[ cut here ]------------ [ 204.689321][T19509] EA inode 11 i_nlink=0 [ 204.689342][T19509] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x313/0x350, CPU#1: syz.2.7037/19509 [ 204.704301][T19509] Modules linked in: [ 204.708271][T19509] CPU: 1 UID: 0 PID: 19509 Comm: syz.2.7037 Not tainted syzkaller #0 PREEMPT(full) [ 204.717953][ T2769] EXT4-fs error (device loop4): ext4_release_dquot:7037: comm kworker/u8:13: Failed to release dquot type 0 [ 204.729871][T19509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 204.730604][ T3324] EXT4-fs error (device loop4): __ext4_get_inode_loc:4782: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 204.739982][T19509] RIP: 0010:ext4_xattr_inode_update_ref+0x332/0x350 [ 204.740015][T19509] Code: 54 4b 99 ff 4c 8d 2d 2d b4 5d 05 49 8d 7e 40 e8 a4 df b5 ff 49 8b 6e 40 4c 89 e7 e8 d8 da b5 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 02 ff ff ff e8 af 9b dd 03 66 66 66 66 66 66 2e [ 204.740034][T19509] RSP: 0018:ffffc90007377778 EFLAGS: 00010246 [ 204.740097][T19509] RAX: ffff8881026bde88 RBX: ffff88811b475788 RCX: ffffffff81c013e8 [ 204.740111][T19509] RDX: 0000000000000000 RSI: 000000000000000b RDI: ffffffff871dc800 [ 204.740153][T19509] RBP: 000000000000000b R08: 000188811b47573b R09: 0000000000000000 [ 204.740218][T19509] R10: ffffc900073776a8 R11: 0001c900073776a8 R12: ffff88811b475738 [ 204.740237][T19509] R13: ffffffff871dc800 R14: ffff88811b4756f0 R15: 0000000000000001 [ 204.740251][T19509] FS: 00007fa79fbd76c0(0000) GS:ffff8882ae9db000(0000) knlGS:0000000000000000 [ 204.740266][T19509] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.740278][T19509] CR2: 0000001b34422ff8 CR3: 0000000103e6e000 CR4: 00000000003506f0 [ 204.740356][T19509] DR0: 0000000000007fff DR1: 0000200000000300 DR2: 0000000000000000 [ 204.740369][T19509] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 204.740383][T19509] Call Trace: [ 204.740389][T19509] [ 204.740399][T19509] ext4_xattr_inode_dec_ref_all+0x57c/0x880 [ 204.740431][T19509] ? errseq_check+0x2c/0x50 [ 204.740542][T19509] ext4_xattr_delete_inode+0x6c1/0x7a0 [ 204.740575][T19509] ext4_evict_inode+0xa1f/0xd60 [ 204.740602][T19509] ? __pfx_ext4_evict_inode+0x10/0x10 [ 204.740648][T19509] evict+0x2af/0x510 [ 204.754854][ T3324] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 204.760303][T19509] ? __ext4_msg+0x1aa/0x1c0 [ 204.760331][T19509] iput+0x41a/0x580 [ 204.760356][T19509] ext4_process_orphan+0x1a9/0x1c0 [ 204.760416][T19509] ext4_orphan_cleanup+0x6a8/0xa00 [ 204.760443][T19509] ext4_fill_super+0x3408/0x37c0 [ 204.760465][T19509] ? set_blocksize+0x14c/0x270 [ 204.760495][T19509] ? setup_bdev_super+0x30e/0x370 [ 204.760666][T19509] ? __pfx_ext4_fill_super+0x10/0x10 [ 204.760687][T19509] get_tree_bdev_flags+0x291/0x300 [ 204.760721][T19509] ? __pfx_ext4_fill_super+0x10/0x10 [ 204.760742][T19509] get_tree_bdev+0x1f/0x30 [ 204.760771][T19509] ext4_get_tree+0x1c/0x30 [ 204.760788][T19509] vfs_get_tree+0x57/0x1d0 [ 204.760854][T19509] do_new_mount+0x288/0x8d0 [ 204.760885][T19509] path_mount+0x4d0/0xbc0 [ 204.760910][T19509] __se_sys_mount+0x28c/0x2e0 [ 204.760935][T19509] __x64_sys_mount+0x67/0x80 [ 204.760983][T19509] x64_sys_call+0x2d61/0x3020 [ 204.781477][ T3324] EXT4-fs error (device loop4): ext4_quota_off:7285: inode #3: comm syz-executor: mark_inode_dirty error [ 204.786711][T19509] do_syscall_64+0x12c/0x370 [ 205.015189][T19509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.021127][T19509] RIP: 0033:0x7fa7a117da0a [ 205.021145][T19509] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 205.021183][T19509] RSP: 002b:00007fa79fbd6e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 205.021200][T19509] RAX: ffffffffffffffda RBX: 00007fa79fbd6ee0 RCX: 00007fa7a117da0a [ 205.021211][T19509] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 00007fa79fbd6ea0 [ 205.021224][T19509] RBP: 0000200000000180 R08: 00007fa79fbd6ee0 R09: 0000000000000004 [ 205.078316][T19509] R10: 0000000000000004 R11: 0000000000000246 R12: 0000200000000000 [ 205.086411][T19509] R13: 00007fa79fbd6ea0 R14: 000000000000047a R15: 0000200000000480 [ 205.094572][T19509] [ 205.097635][T19509] ---[ end trace 0000000000000000 ]--- [ 205.103294][T19509] EXT4-fs (loop2): 1 orphan inode deleted [ 205.162169][T19533] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7047'. [ 205.181823][T19533] netlink: 312 bytes leftover after parsing attributes in process `syz.0.7047'. [ 205.182765][T19535] netlink: 60 bytes leftover after parsing attributes in process `syz.5.7048'. [ 205.191231][T19533] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7047'. [ 205.208965][T19535] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7048'. [ 205.219919][T19535] netlink: 60 bytes leftover after parsing attributes in process `syz.5.7048'. [ 205.298000][ T3113] kernel read not supported for file /2992/net/igmp (pid: 3113 comm: kworker/0:2) [ 205.526778][T19584] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7072'. [ 205.558066][T19592] set_capacity_and_notify: 13 callbacks suppressed [ 205.558082][T19592] loop4: detected capacity change from 0 to 512 [ 205.616037][T19592] EXT4-fs warning (device loop4): ext4_xattr_inode_get:560: inode #11: comm syz.4.7075: EA inode hash validation failed [ 205.645892][T19592] EXT4-fs error (device loop4): ext4_do_update_inode:5569: inode #15: comm syz.4.7075: corrupted inode contents [ 205.661401][T19603] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 205.662116][T19592] EXT4-fs error (device loop4): ext4_dirty_inode:6450: inode #15: comm syz.4.7075: mark_inode_dirty error [ 205.669179][T19603] IPv6: NLM_F_CREATE should be set when creating new route [ 205.669180][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 205.669197][ C1] EXT4-fs (loop4): initial error at time 2000000017: ext4_do_update_inode:5569 [ 205.669196][T19603] IPv6: NLM_F_CREATE should be set when creating new route [ 205.669212][ C1] : inode 15 [ 205.669237][ C1] EXT4-fs (loop4): last error at time 2000000017: ext4_do_update_inode:5569: inode 15 [ 205.735793][T19592] EXT4-fs error (device loop4): ext4_do_update_inode:5569: inode #15: comm syz.4.7075: corrupted inode contents [ 205.748485][T19592] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2999: inode #15: comm syz.4.7075: mark_inode_dirty error [ 205.763667][T19592] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3002: inode #15: comm syz.4.7075: mark inode dirty (error -117) [ 205.776469][T19592] EXT4-fs warning (device loop4): ext4_evict_inode:275: xattr delete (err -117) [ 205.785721][T19592] EXT4-fs (loop4): 1 orphan inode deleted [ 206.093774][T19651] loop2: detected capacity change from 0 to 4096 [ 206.139302][T19654] loop2: detected capacity change from 0 to 512 [ 206.167530][T19654] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 206.191508][T19654] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.7104: invalid indirect mapped block 4294967295 (level 1) [ 206.211886][T19654] EXT4-fs (loop2): Remounting filesystem read-only [ 206.219192][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 206.219211][ C0] EXT4-fs (loop2): initial error at time 2000000017: ext4_free_branches:1023: inode 11 [ 206.219234][ C0] EXT4-fs (loop2): last error at time 2000000017: ext4_free_branches:1023: inode 11 [ 206.250628][T19654] EXT4-fs (loop2): 2 truncates cleaned up [ 206.433001][T19669] loop2: detected capacity change from 0 to 2048 [ 206.453033][ T28] kauditd_printk_skb: 24 callbacks suppressed [ 206.453046][ T28] audit: type=1326 audit(2000000018.015:23057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19670 comm="syz.5.7112" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa30411c799 code=0x0 [ 206.565613][T19679] loop2: detected capacity change from 0 to 1024 [ 206.585707][T19679] EXT4-fs: Ignoring removed orlov option [ 206.613483][T19679] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a002c018, mo2=0002] [ 206.621974][T19679] System zones: 0-1, 3-12 [ 206.739056][T19635] syz.3.7097 invoked oom-killer: gfp_mask=0x402d02(GFP_NOIO|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 206.754570][T19635] CPU: 0 UID: 0 PID: 19635 Comm: syz.3.7097 Tainted: G W syzkaller #0 PREEMPT(full) [ 206.754600][T19635] Tainted: [W]=WARN [ 206.754607][T19635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 206.754616][T19635] Call Trace: [ 206.754669][T19635] [ 206.754676][T19635] __dump_stack+0x1d/0x30 [ 206.754711][T19635] dump_stack_lvl+0x95/0xd0 [ 206.754732][T19635] dump_stack+0x15/0x1b [ 206.754752][T19635] dump_header+0x80/0x240 [ 206.754773][T19635] oom_kill_process+0x295/0x350 [ 206.754854][T19635] out_of_memory+0x97d/0xb80 [ 206.754874][T19635] try_charge_memcg+0x62e/0xa10 [ 206.754905][T19635] obj_cgroup_charge_pages+0x23/0xc0 [ 206.754929][T19635] __memcg_kmem_charge_page+0x9e/0x170 [ 206.754988][T19635] __alloc_frozen_pages_noprof+0x18a/0x360 [ 206.755011][T19635] alloc_pages_mpol+0xb3/0x260 [ 206.755027][T19635] alloc_pages_noprof+0x8f/0x130 [ 206.755078][T19635] __vmalloc_node_range_noprof+0xa46/0x12b0 [ 206.755097][T19635] __kvmalloc_node_noprof+0x3d4/0x650 [ 206.755145][T19635] ? futex_hash_allocate+0x190/0x9d0 [ 206.755160][T19635] ? futex_hash_allocate+0x190/0x9d0 [ 206.755175][T19635] futex_hash_allocate+0x190/0x9d0 [ 206.755275][T19635] ? cap_task_prctl+0x13f/0x6e0 [ 206.755297][T19635] futex_hash_prctl+0xd8/0xf0 [ 206.755311][T19635] __se_sys_prctl+0xa3d/0x13f0 [ 206.755388][T19635] __x64_sys_prctl+0x67/0x80 [ 206.755454][T19635] x64_sys_call+0x2533/0x3020 [ 206.755468][T19635] do_syscall_64+0x12c/0x370 [ 206.755548][T19635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.755560][T19635] RIP: 0033:0x7fec5209c799 [ 206.755569][T19635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 206.755579][T19635] RSP: 002b:00007fec50af7028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 206.755591][T19635] RAX: ffffffffffffffda RBX: 00007fec52315fa0 RCX: 00007fec5209c799 [ 206.755599][T19635] RDX: 0000000001000000 RSI: 0000000000000001 RDI: 000000000000004e [ 206.755688][T19635] RBP: 00007fec52132c99 R08: 0000000000000000 R09: 0000000000000000 [ 206.755698][T19635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 206.755707][T19635] R13: 00007fec52316038 R14: 00007fec52315fa0 R15: 00007fff6a7ab9b8 [ 206.755725][T19635] [ 206.755814][T19635] memory: usage 307200kB, limit 307200kB, failcnt 352 [ 206.852000][T19695] loop0: detected capacity change from 0 to 8192 [ 206.872512][T19635] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0 [ 207.010386][T19635] kmem: usage 306004kB, limit 9007199254740988kB, failcnt 0 [ 207.018001][T19635] Memory cgroup stats for /syz3: [ 207.019775][T19635] cache 57344 [ 207.028084][T19635] rss 1130496 [ 207.032013][T19635] shmem 0 [ 207.035102][T19635] mapped_file 57344 [ 207.039320][T19635] dirty 8192 [ 207.042517][T19635] writeback 0 [ 207.045794][T19635] workingset_refault_anon 0 [ 207.050948][T19635] workingset_refault_file 0 [ 207.055597][T19635] swap 0 [ 207.058689][T19635] swapcached 11616256 [ 207.062796][T19635] pgpgin 154082 [ 207.067760][T19635] pgpgout 153787 [ 207.081200][T19700] netlink: 'syz.2.7125': attribute type 178 has an invalid length. [ 207.091362][T19635] pgfault 232829 [ 207.094950][T19635] pgmajfault 4 [ 207.098312][T19635] inactive_anon 1130496 [ 207.108657][ T28] audit: type=1400 audit(2000000018.665:23058): avc: denied { firmware_load } for pid=19701 comm="syz.4.7126" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1 [ 207.141062][T19635] active_anon 0 [ 207.144555][T19635] inactive_file 0 [ 207.151056][T19635] active_file 77824 [ 207.160903][T19635] unevictable 0 [ 207.168803][T19635] hierarchical_memory_limit 314572800 [ 207.184079][T19635] hierarchical_memsw_limit 9223372036854771712 [ 207.196905][T19635] total_cache 57344 [ 207.205740][T19635] total_rss 1130496 [ 207.214535][T19635] total_shmem 0 [ 207.230813][T19635] total_mapped_file 57344 [ 207.240717][T19635] total_dirty 8192 [ 207.250895][T19635] total_writeback 0 [ 207.257009][T19635] total_workingset_refault_anon 0 [ 207.271902][T19635] total_workingset_refault_file 0 [ 207.277054][T19635] total_swap 0 [ 207.281829][T19635] total_swapcached 11616256 [ 207.296101][T19635] total_pgpgin 154082 [ 207.301841][T19635] total_pgpgout 153787 [ 207.306030][T19635] total_pgfault 232829 [ 207.312177][T19635] total_pgmajfault 4 [ 207.319249][T19635] total_inactive_anon 1130496 [ 207.324450][T19635] total_active_anon 0 [ 207.328456][T19635] total_inactive_file 0 [ 207.332990][T19635] total_active_file 77824 [ 207.337488][T19635] total_unevictable 0 [ 207.355977][ T28] audit: type=1326 audit(2000000018.915:23059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19723 comm="syz.2.7136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a117c799 code=0x7ffc0000 [ 207.384798][T19635] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.7097,pid=19634,uid=0 [ 207.428587][T19635] Memory cgroup out of memory: Killed process 19635 (syz.3.7097) total-vm:94032kB, anon-rss:1404kB, file-rss:22220kB, shmem-rss:0kB, UID:0 pgtables:112kB oom_score_adj:1000 [ 207.454950][ T28] audit: type=1326 audit(2000000018.915:23060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19723 comm="syz.2.7136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a117c799 code=0x7ffc0000 [ 207.479495][T19732] hub 9-0:1.0: USB hub found [ 207.492100][T19732] hub 9-0:1.0: 8 ports detected [ 207.522987][T19739] netlink: 'syz.0.7143': attribute type 5 has an invalid length. [ 207.538750][T19741] loop2: detected capacity change from 0 to 512 [ 207.557481][ T28] audit: type=1326 audit(2000000018.915:23061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19723 comm="syz.2.7136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a117c799 code=0x7ffc0000 [ 207.607599][ T28] audit: type=1326 audit(2000000018.915:23062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19723 comm="syz.2.7136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a117c799 code=0x7ffc0000 [ 207.675017][ T28] audit: type=1326 audit(2000000018.945:23063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19723 comm="syz.2.7136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7fa7a117c799 code=0x7ffc0000 [ 207.758584][ T28] audit: type=1326 audit(2000000018.945:23064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19723 comm="syz.2.7136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a117c799 code=0x7ffc0000 [ 207.838881][ T28] audit: type=1326 audit(2000000018.945:23065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19723 comm="syz.2.7136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a117c799 code=0x7ffc0000 [ 207.870648][T19760] loop4: detected capacity change from 0 to 1024 [ 207.920713][ T28] audit: type=1326 audit(2000000018.945:23066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19723 comm="syz.2.7136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fa7a117c799 code=0x7ffc0000 [ 207.975620][T19776] loop3: detected capacity change from 0 to 256 [ 208.007672][T19760] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #11: comm syz.4.7154: missing EA_INODE flag [ 208.125003][T19760] EXT4-fs (loop4): Remounting filesystem read-only [ 208.245572][T19792] loop3: detected capacity change from 0 to 512 [ 208.259908][T19792] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.7168: inode has both inline data and extents flags [ 208.359751][T19792] fserror_report: 11 callbacks suppressed [ 208.359766][T19792] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 208.368579][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 208.384130][ C0] EXT4-fs (loop3): initial error at time 2000000019: ext4_orphan_get:1391: inode 15 [ 208.393561][ C0] EXT4-fs (loop3): last error at time 2000000019: ext4_orphan_get:1391: inode 15 [ 208.423991][T19792] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.7168: couldn't read orphan inode 15 (err -117) [ 208.462471][T19792] fserror_report: 6 callbacks suppressed [ 208.462486][T19792] loop3: lost filesystem error report for type 5 error -117 [ 208.613034][T19819] tipc: Enabling of bearer rejected, failed to enable media [ 208.649394][T19824] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 208.793927][T19840] __nla_validate_parse: 6 callbacks suppressed [ 208.793945][T19840] netlink: 60 bytes leftover after parsing attributes in process `syz.4.7191'. [ 208.843292][T19840] netlink: 60 bytes leftover after parsing attributes in process `syz.4.7191'. [ 208.877289][T19847] EXT4-fs: Ignoring removed orlov option [ 208.902107][T19847] EXT4-fs (loop5): stripe (8) is not aligned with cluster size (16), stripe is disabled [ 209.002055][T19847] EXT4-fs error (device loop5): mb_free_blocks:2047: group 0, inode 15: block 385:freeing already freed block (bit 24); block bitmap corrupt. [ 209.609915][T19890] netlink: 'syz.5.7214': attribute type 29 has an invalid length. [ 209.651060][T19890] netlink: 'syz.5.7214': attribute type 29 has an invalid length. [ 209.758393][T19900] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7219'. [ 209.788130][T19900] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7219'. [ 209.797390][T19900] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7219'. [ 209.858663][T19900] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7219'. [ 209.878316][T19900] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7219'. [ 209.898157][T19900] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7219'. [ 209.946861][T19900] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7219'. [ 209.956109][T19900] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7219'. [ 210.487435][T19979] netlink: 'syz.0.7250': attribute type 13 has an invalid length. [ 210.513661][T19979] gretap0: refused to change device tx_queue_len [ 210.543843][T19979] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 210.599561][T19990] netlink: 'syz.4.7259': attribute type 3 has an invalid length. [ 210.817206][T20021] sg_write: data in/out 446940/208 bytes for SCSI command 0x0-- guessing data in; [ 210.817206][T20021] program syz.5.7274 not setting count and/or reply_len properly [ 210.888718][T20027] program syz.4.7277 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 211.844182][T20157] set_capacity_and_notify: 3 callbacks suppressed [ 211.844196][T20157] loop0: detected capacity change from 0 to 128 [ 211.875600][T20157] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 211.888261][T20161] loop5: detected capacity change from 0 to 128 [ 211.898937][T20157] FAT-fs (loop0): Filesystem has been set read-only [ 212.178275][ T28] kauditd_printk_skb: 9 callbacks suppressed [ 212.178288][ T28] audit: type=1400 audit(2000000023.735:23076): avc: denied { create } for pid=20188 comm="syz.3.7341" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=key permissive=1 [ 212.332865][T20209] xt_hashlimit: size too large, truncated to 1048576 [ 212.558896][T20222] loop3: detected capacity change from 0 to 512 [ 212.591363][T20224] loop4: detected capacity change from 0 to 1024 [ 212.598060][T20224] EXT4-fs: Ignoring removed orlov option [ 212.639767][T20222] ext4 filesystem being mounted at /1548/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 212.672034][T20224] EXT4-fs (loop4): stripe (8) is not aligned with cluster size (16), stripe is disabled [ 212.720076][T20237] loop5: detected capacity change from 0 to 164 [ 212.726624][T20224] EXT4-fs error (device loop4): mb_free_blocks:2047: group 0, inode 15: block 385:freeing already freed block (bit 24); block bitmap corrupt. [ 212.816461][T20243] ieee802154 phy0 wpan0: encryption failed: -22 [ 212.883610][T20251] bond2: option ad_user_port_key: invalid value (28003) [ 212.890828][ T28] audit: type=1400 audit(2000000024.445:23077): avc: denied { write } for pid=20253 comm="syz.3.7366" path="socket:[58044]" dev="sockfs" ino=58044 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 212.932052][T20258] SELinux: syz.3.7368 (20258) set checkreqprot to 1. This is no longer supported. [ 212.944662][T20251] bond2: option ad_user_port_key: allowed values 0 - 1023 [ 212.967691][T20251] bond2 (unregistering): Released all slaves [ 213.157937][T20278] loop4: detected capacity change from 0 to 512 [ 213.170382][T20281] loop3: detected capacity change from 0 to 128 [ 213.191503][T20278] EXT4-fs: Ignoring removed nobh option [ 213.202866][T20281] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 213.213601][T20281] FAT-fs (loop3): Filesystem has been set read-only [ 213.227426][T20278] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 213.254785][T20278] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.7377: iget: bad i_size value: 38620345925642 [ 213.276419][T20278] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 213.276757][T20278] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.7377: couldn't read orphan inode 15 (err -117) [ 213.285959][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 213.285987][ C0] EXT4-fs (loop4): initial error at time 2000000024: ext4_orphan_get:1391: inode 15 [ 213.286021][ C0] EXT4-fs (loop4): last error at time 2000000024: ext4_orphan_get:1391: inode 15 [ 213.324353][T20278] loop4: lost filesystem error report for type 5 error -117 [ 213.334086][T20278] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.7377: invalid indirect mapped block 3973251072 (level 0) [ 213.429439][T20301] loop4: detected capacity change from 0 to 512 [ 213.451332][T20301] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 213.489738][T20301] EXT4-fs (loop4): 1 truncate cleaned up [ 213.544161][ T28] audit: type=1400 audit(2000000025.095:23078): avc: denied { getopt } for pid=20311 comm="syz.5.7393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 213.674118][T20325] loop3: detected capacity change from 0 to 4096 [ 213.770828][ T28] audit: type=1326 audit(2000000025.335:23079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20337 comm="syz.3.7404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 213.795322][ T28] audit: type=1326 audit(2000000025.335:23080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20337 comm="syz.3.7404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 213.823095][ T28] audit: type=1326 audit(2000000025.335:23081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20337 comm="syz.3.7404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 213.853550][ T28] audit: type=1326 audit(2000000025.335:23082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20337 comm="syz.3.7404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 213.878235][ T28] audit: type=1326 audit(2000000025.355:23083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20337 comm="syz.3.7404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 213.941075][T20342] __nla_validate_parse: 12 callbacks suppressed [ 213.941127][T20342] netlink: 5 bytes leftover after parsing attributes in process `syz.3.7406'. [ 214.547400][T20360] loop5: detected capacity change from 0 to 764 [ 214.579565][T20360] rock: directory entry would overflow storage [ 214.586148][T20360] rock: sig=0x4654, size=5, remaining=4 [ 214.749345][T20384] xt_hashlimit: size too large, truncated to 1048576 [ 214.838654][ T28] audit: type=1326 audit(2000000026.395:23084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20392 comm="syz.3.7429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 214.907622][ T28] audit: type=1326 audit(2000000026.425:23085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20392 comm="syz.3.7429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 215.426478][T20428] SELinux: syz.0.7445 (20428) set checkreqprot to 1. This is no longer supported. [ 215.512790][T20431] ext4 filesystem being mounted at /1516/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 215.559232][T20431] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.7446: bg 0: block 217: padding at end of block bitmap is not set [ 215.573938][T20431] EXT4-fs (loop4): Remounting filesystem read-only [ 216.027627][T20472] sg_write: data in/out 404956/44 bytes for SCSI command 0x0-- guessing data in; [ 216.027627][T20472] program syz.4.7466 not setting count and/or reply_len properly [ 216.073019][T20452] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7457'. [ 216.083655][T20452] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7457'. [ 216.131653][T20479] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7469'. [ 216.310882][T20497] netlink: 60 bytes leftover after parsing attributes in process `syz.3.7477'. [ 216.348748][T20497] netlink: 60 bytes leftover after parsing attributes in process `syz.3.7477'. [ 216.521066][T20523] geneve1: entered promiscuous mode [ 216.526312][T20523] macsec2: entered promiscuous mode [ 216.532156][T20525] EXT4-fs: Ignoring removed mblk_io_submit option [ 216.549922][T20525] ext4: Invalid gid '0x00000000ffffffff' [ 216.571904][T20523] macsec2: entered allmulticast mode [ 216.577232][T20523] geneve1: entered allmulticast mode [ 216.619874][T20535] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 216.627774][T20523] geneve1: left allmulticast mode [ 216.633007][T20523] geneve1: left promiscuous mode [ 216.738345][T20546] netlink: 60 bytes leftover after parsing attributes in process `syz.3.7510'. [ 216.761800][T20546] unsupported nlmsg_type 40 [ 216.910714][T20553] set_capacity_and_notify: 4 callbacks suppressed [ 216.910730][T20553] loop3: detected capacity change from 0 to 128 [ 217.006106][T20553] EXT4-fs mount: 69 callbacks suppressed [ 217.006122][T20553] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 217.071825][T20553] ext4 filesystem being mounted at /1588/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 217.082863][T20563] loop0: detected capacity change from 0 to 128 [ 217.212699][ T3321] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 217.233500][T20573] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7514'. [ 217.305218][T20581] loop5: detected capacity change from 0 to 512 [ 217.351982][T20581] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 217.397879][T20581] ext4 filesystem being mounted at /974/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 217.429137][T20581] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 217.442855][T20594] loop3: detected capacity change from 0 to 1764 [ 217.480035][T20581] EXT4-fs: Cannot change quota options when quota turned on [ 217.549245][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 217.603066][T20608] netlink: 'syz.0.7529': attribute type 66 has an invalid length. [ 217.697842][T20618] netlink: 52 bytes leftover after parsing attributes in process `syz.3.7533'. [ 217.725741][T20618] netlink: 56 bytes leftover after parsing attributes in process `syz.3.7533'. [ 218.343370][T20677] netlink: 'syz.4.7562': attribute type 13 has an invalid length. [ 218.511795][T20689] loop0: detected capacity change from 0 to 4096 [ 218.549340][T20689] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 218.585602][T20677] gretap0: refused to change device tx_queue_len [ 218.607392][T20677] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 218.640912][ T4449] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.926945][T20717] loop3: detected capacity change from 0 to 128 [ 218.930279][T20715] loop0: detected capacity change from 0 to 1024 [ 218.959379][T20717] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 219.000071][T20715] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 219.014805][T20717] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 219.096384][T20715] EXT4-fs error (device loop0): ext4_generic_delete_entry:2666: inode #12: block 7: comm syz.0.7580: bad entry in directory: inode out of bounds - offset=0, inode=150994957, rec_len=16, size=56 fake=0 [ 219.160846][T20715] EXT4-fs (loop0): Remounting filesystem read-only [ 219.205049][ T4449] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.249225][T20735] tipc: Invalid UDP bearer configuration [ 219.249244][T20735] tipc: Enabling of bearer rejected, failed to enable media [ 219.426737][T20742] loop0: detected capacity change from 0 to 512 [ 219.464239][T20742] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 219.464266][T20742] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 219.464575][T20742] EXT4-fs (loop0): 1 truncate cleaned up [ 219.484325][T20742] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.497747][T20742] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. [ 219.542206][ T4449] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.784399][ T10] IPVS: starting estimator thread 0... [ 219.836731][T20764] __nla_validate_parse: 2 callbacks suppressed [ 219.836751][T20764] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7603'. [ 219.857287][T20766] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7602'. [ 219.885927][T20767] netlink: 'syz.5.7603': attribute type 13 has an invalid length. [ 219.912203][T20767] netlink: 44 bytes leftover after parsing attributes in process `syz.5.7603'. [ 219.921357][T20760] IPVS: using max 2592 ests per chain, 129600 per kthread [ 220.008848][T20773] random: crng reseeded on system resumption [ 220.192174][ T3324] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 220.230593][ T3324] CPU: 1 UID: 0 PID: 3324 Comm: syz-executor Tainted: G W syzkaller #0 PREEMPT(full) [ 220.230625][ T3324] Tainted: [W]=WARN [ 220.230670][ T3324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 220.230680][ T3324] Call Trace: [ 220.230686][ T3324] [ 220.230693][ T3324] __dump_stack+0x1d/0x30 [ 220.230733][ T3324] dump_stack_lvl+0x95/0xd0 [ 220.230755][ T3324] dump_stack+0x15/0x1b [ 220.230774][ T3324] dump_header+0x80/0x240 [ 220.230826][ T3324] oom_kill_process+0x295/0x350 [ 220.230847][ T3324] out_of_memory+0x97d/0xb80 [ 220.230869][ T3324] try_charge_memcg+0x62e/0xa10 [ 220.230959][ T3324] mem_cgroup_swapin_charge_folio+0x103/0x1f0 [ 220.231064][ T3324] __swap_cache_prepare_and_add+0x386/0x530 [ 220.231127][ T3324] swap_cache_alloc_folio+0xa2/0x120 [ 220.231154][ T3324] swap_cluster_readahead+0x26e/0x3d0 [ 220.231183][ T3324] swapin_readahead+0xde/0x840 [ 220.231206][ T3324] ? mm_trace_rss_stat+0x1d/0xf0 [ 220.231253][ T3324] ? __rcu_read_unlock+0x33/0x70 [ 220.231291][ T3324] ? __rcu_read_unlock+0x4e/0x70 [ 220.231311][ T3324] ? swap_cache_get_folio+0x26f/0x280 [ 220.231337][ T3324] do_swap_page+0x30d/0x2220 [ 220.231362][ T3324] ? css_rstat_updated+0xbb/0x280 [ 220.231453][ T3324] ? __rcu_read_lock+0x36/0x50 [ 220.231532][ T3324] ? pte_offset_map_rw_nolock+0x19e/0x200 [ 220.231620][ T3324] handle_mm_fault+0xb46/0x3020 [ 220.231655][ T3324] ? vma_start_read+0x1c7/0x2c0 [ 220.231682][ T3324] do_user_addr_fault+0x62f/0x1050 [ 220.231710][ T3324] ? arch_exit_to_user_mode_prepare+0x26/0x80 [ 220.231729][ T3324] ? trace_page_fault_user+0x1f/0xe0 [ 220.231803][ T3324] exc_page_fault+0x62/0xa0 [ 220.231883][ T3324] asm_exc_page_fault+0x26/0x30 [ 220.231900][ T3324] RIP: 0033:0x7fa03ce6a7b7 [ 220.231914][ T3324] Code: 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 00 b0 ed 00 48 69 8c 24 90 00 00 00 e8 03 00 00 8b 78 08 <48> 8b 44 24 18 48 c1 ea 12 4c 8b 0d f9 ae ed 00 48 01 d1 39 7c 24 [ 220.231974][ T3324] RSP: 002b:00007fff4ec133f0 EFLAGS: 00010206 [ 220.231991][ T3324] RAX: 0000001b33f24000 RBX: 0000000000000c89 RCX: 0000000000035778 [ 220.232004][ T3324] RDX: 000000000a0074a1 RSI: 00007fff4ec13480 RDI: 0000000000000002 [ 220.232017][ T3324] RBP: 00007fff4ec1342c R08: 0000000026275cea R09: 7fffffffffffffff [ 220.232031][ T3324] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388 [ 220.232044][ T3324] R13: 00000000000927c0 R14: 000000000003559f R15: 00007fff4ec13480 [ 220.232096][ T3324] [ 220.232103][ T3324] memory: usage 307200kB, limit 307200kB, failcnt 587 [ 220.508401][ T3324] memory+swap: usage 308408kB, limit 9007199254740988kB, failcnt 0 [ 220.519628][ T3324] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0 [ 220.527887][ T3324] Memory cgroup stats for /syz4: [ 220.528057][ T3324] cache 0 [ 220.551338][ T3324] rss 0 [ 220.568627][ T3324] shmem 0 [ 220.575194][ T3324] mapped_file 0 [ 220.578428][T20806] loop5: detected capacity change from 0 to 1024 [ 220.591850][ T3324] dirty 0 [ 220.594802][ T3324] writeback 0 [ 220.598080][ T3324] workingset_refault_anon 19 [ 220.608956][T20806] EXT4-fs: Ignoring removed bh option [ 220.624654][ T3324] workingset_refault_file 78 [ 220.640443][T20806] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 220.658628][ T3324] swap 1236992 [ 220.662043][ T3324] swapcached 1236992 [ 220.672236][ T3324] pgpgin 224070 [ 220.675708][ T3324] pgpgout 224066 [ 220.690737][T20806] EXT4-fs error (device loop5): ext4_lookup:1777: inode #2: comm syz.5.7621: bad inode number: 16 [ 220.702583][ T3324] pgfault 291639 [ 220.706139][ T3324] pgmajfault 14 [ 220.719280][ T3324] inactive_anon 0 [ 220.722948][ T3324] active_anon 0 [ 220.726393][ T3324] inactive_file 0 [ 220.738947][T20806] EXT4-fs (loop5): Remounting filesystem read-only [ 220.749282][ T3324] active_file 16384 [ 220.753147][ T3324] unevictable 0 [ 220.768641][ T3324] hierarchical_memory_limit 314572800 [ 220.774065][ T3324] hierarchical_memsw_limit 9223372036854771712 [ 220.781170][ T3324] total_cache 0 [ 220.784672][ T3324] total_rss 0 [ 220.788460][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.799971][ T3324] total_shmem 0 [ 220.803455][ T3324] total_mapped_file 0 [ 220.812306][ T3324] total_dirty 0 [ 220.834472][ T3324] total_writeback 0 [ 220.838303][ T3324] total_workingset_refault_anon 19 [ 220.852699][ T3324] total_workingset_refault_file 78 [ 220.857977][ T3324] total_swap 1236992 [ 220.862011][ T3324] total_swapcached 1236992 [ 220.866508][ T3324] total_pgpgin 224070 [ 220.872352][ T3324] total_pgpgout 224066 [ 220.876484][ T3324] total_pgfault 291639 [ 220.902274][ T3324] total_pgmajfault 14 [ 220.918634][ T3324] total_inactive_anon 0 [ 220.922983][ T3324] total_active_anon 0 [ 220.927185][ T3324] total_inactive_file 0 [ 220.965888][ T3324] total_active_file 16384 [ 220.973798][ T3324] total_unevictable 0 [ 220.977810][ T3324] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.7585,pid=20724,uid=0 [ 221.003658][ T3324] Memory cgroup out of memory: Killed process 20724 (syz.4.7585) total-vm:96080kB, anon-rss:1228kB, file-rss:22020kB, shmem-rss:0kB, UID:0 pgtables:116kB oom_score_adj:1000 [ 221.160505][ T28] kauditd_printk_skb: 11 callbacks suppressed [ 221.160519][ T28] audit: type=1400 audit(2000000032.725:23095): avc: denied { write } for pid=20840 comm="syz.3.7636" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 221.351056][ T28] audit: type=1400 audit(2000000032.915:23096): avc: denied { append } for pid=20857 comm="syz.3.7643" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 221.509974][T20870] žÿ: renamed from team_slave_1 (while UP) [ 221.544159][ T28] audit: type=1326 audit(2000000033.105:23097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20871 comm="syz.0.7650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2246dc799 code=0x7ffc0000 [ 221.606042][ T28] audit: type=1326 audit(2000000033.105:23098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20871 comm="syz.0.7650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2246dc799 code=0x7ffc0000 [ 221.665351][ T28] audit: type=1326 audit(2000000033.105:23099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20871 comm="syz.0.7650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2246dc799 code=0x7ffc0000 [ 221.721380][ T28] audit: type=1326 audit(2000000033.105:23100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20871 comm="syz.0.7650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fa2246dc799 code=0x7ffc0000 [ 221.789787][ T28] audit: type=1326 audit(2000000033.105:23101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20871 comm="syz.0.7650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2246dc799 code=0x7ffc0000 [ 221.858028][T20892] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7661'. [ 221.993954][T20900] loop3: detected capacity change from 0 to 128 [ 222.007072][T20900] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 222.007210][T20900] ext4 filesystem being mounted at /1637/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 222.013044][ T28] audit: type=1326 audit(2000000033.105:23102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20871 comm="syz.0.7650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fa2246dc799 code=0x7ffc0000 [ 222.059482][ T28] audit: type=1326 audit(2000000033.105:23103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20871 comm="syz.0.7650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fa2246dc799 code=0x7ffc0000 [ 222.138552][ T3321] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 222.384357][T20918] loop5: detected capacity change from 0 to 164 [ 222.431859][ T28] audit: type=1400 audit(2000000033.995:23104): avc: denied { mounton } for pid=20917 comm="syz.5.7673" path="/1015/file0/file0" dev="loop5" ino=1856 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=dir permissive=1 [ 222.471176][ T8293] rock: directory entry would overflow storage [ 222.499554][ T8293] rock: sig=0x4f50, size=4, remaining=3 [ 222.532784][ T8293] iso9660: Corrupted directory entry in block 5 of inode 1792 [ 222.577859][ T8293] iso9660: Corrupted directory entry in block 5 of inode 1792 [ 222.626431][T20929] netlink: 'syz.5.7676': attribute type 1 has an invalid length. [ 222.652043][T20929] netlink: 116 bytes leftover after parsing attributes in process `syz.5.7676'. [ 222.694855][T20935] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7681'. [ 222.721226][T20935] netlink: 'syz.4.7681': attribute type 1 has an invalid length. [ 222.780464][T20942] netlink: 'syz.5.7683': attribute type 3 has an invalid length. [ 222.813395][T20945] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7686'. [ 223.030415][T20973] loop3: detected capacity change from 0 to 512 [ 223.039364][T20973] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 223.059196][ T50] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 223.085053][ T50] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 223.151893][ T3321] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 223.163537][T20980] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7698'. [ 223.234194][ T50] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 223.245411][ T50] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 223.251745][T20987] loop4: detected capacity change from 0 to 1024 [ 223.297021][T20949] chnl_net:caif_netlink_parms(): no params data found [ 223.309678][ T50] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 223.320957][ T50] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 223.337566][T20987] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 223.361371][T20987] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 223.383057][T20987] EXT4-fs error (device loop4): ext4_get_journal_inode:5863: inode #32: comm syz.4.7701: iget: special inode unallocated [ 223.396711][ T50] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 223.407767][T20987] loop4: lost file I/O error report for ino 32 type 5 pos 0x0 len 0x0 error -117 [ 223.407889][ T50] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 223.407978][T20987] EXT4-fs (loop4): Remounting filesystem read-only [ 223.417140][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 223.417242][ C0] EXT4-fs (loop4): initial error at time 2000000034: ext4_get_journal_inode:5863: inode 32 [ 223.417276][ C0] EXT4-fs (loop4): last error at time 2000000034: ext4_get_journal_inode:5863: inode 32 [ 223.443412][T21001] loop0: detected capacity change from 0 to 512 [ 223.468289][T20987] EXT4-fs (loop4): no journal found [ 223.476742][T20987] EXT4-fs (loop4): can't get journal size [ 223.495989][T20987] EXT4-fs (loop4): filesystem is read-only [ 223.516098][T20987] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 223.547369][T20949] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.572178][T20949] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.600636][T20949] bridge_slave_0: entered allmulticast mode [ 223.609062][T21001] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 223.627688][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 223.639328][T20949] bridge_slave_0: entered promiscuous mode [ 223.650307][T21001] ext4 filesystem being mounted at /1502/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 223.674384][ T4449] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 223.678580][T20949] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.708086][T20949] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.716251][T20949] bridge_slave_1: entered allmulticast mode [ 223.725678][T20949] bridge_slave_1: entered promiscuous mode [ 223.793972][ T50] bridge0: port 3(batadv0) entered disabled state [ 223.820438][T21032] netlink: 320 bytes leftover after parsing attributes in process `syz.0.7714'. [ 223.850919][ T50] bridge_slave_1: left allmulticast mode [ 223.856790][ T50] bridge_slave_1: left promiscuous mode [ 223.881547][ T50] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.920204][ T50] bridge_slave_0: left allmulticast mode [ 223.947241][ T50] bridge_slave_0: left promiscuous mode [ 223.967468][ T50] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.007944][T21046] loop4: detected capacity change from 0 to 8192 [ 224.374811][T21090] loop4: detected capacity change from 0 to 256 [ 224.451274][ T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 224.479435][ T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 224.498874][ T50] bond0 (unregistering): Released all slaves [ 224.517005][ T50] bond1 (unregistering): Released all slaves [ 224.551931][T20949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 224.564527][T20949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 224.586592][ T50] tipc: Disabling bearer [ 224.603333][ T50] tipc: Disabling bearer [ 224.614738][T21108] loop5: detected capacity change from 0 to 512 [ 224.624618][ T50] tipc: Left network mode [ 224.641680][ T50] IPVS: stopping backup sync thread 4985 ... [ 224.647136][T20949] team0: Port device team_slave_0 added [ 224.680652][ T50] hsr_slave_0: left promiscuous mode [ 224.689253][T21108] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 224.702615][ T50] hsr_slave_1: left promiscuous mode [ 224.708262][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 224.719774][T21108] ext4 filesystem being mounted at /1034/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 224.730794][ T50] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 224.739459][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 224.748478][ T50] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 224.795536][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.808301][ T50] veth0_virt_wifi: left promiscuous mode [ 224.816694][ T50] veth1_macvtap: left promiscuous mode [ 224.826830][ T50] veth1_vlan: left promiscuous mode [ 224.835535][ T50] veth0_vlan: left promiscuous mode [ 224.864147][T21141] loop4: detected capacity change from 0 to 512 [ 224.877933][ T50] pimreg (unregistering): left allmulticast mode [ 224.929994][ T50] team_slave_1 (unregistering): left allmulticast mode [ 224.937540][ T50] team0 (unregistering): Port device team_slave_1 removed [ 224.945569][T21141] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 224.949299][ T50] team_slave_0 (unregistering): left allmulticast mode [ 224.958916][T21141] ext4 filesystem being mounted at /1576/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 224.976289][ T50] team0 (unregistering): Port device team_slave_0 removed [ 224.994347][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.013297][T20949] team0: Port device team_slave_1 added [ 225.023679][T21130] smc: net device bond0 applied user defined pnetid SYZ2 [ 225.028453][T20949] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 225.056676][T20949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 225.142048][T20949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 225.170946][T20949] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 225.170972][T20949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 225.171071][T20949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 225.210087][T20949] hsr_slave_0: entered promiscuous mode [ 225.271280][T20949] hsr_slave_1: entered promiscuous mode [ 225.342147][T21169] loop5: detected capacity change from 0 to 512 [ 225.410731][T21169] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 225.449482][T21175] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7767'. [ 225.476910][T21169] EXT4-fs error (device loop5): swap_inode_boot_loader:388: inode #5: comm syz.5.7766: iget: checksum invalid [ 225.499716][T21175] veth3: entered promiscuous mode [ 225.532898][T21185] netlink: 72 bytes leftover after parsing attributes in process `syz.3.7769'. [ 225.560232][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.640454][ T50] IPVS: stop unused estimator thread 0... [ 225.674803][T21204] netlink: 16255 bytes leftover after parsing attributes in process `syz.5.7776'. [ 225.722833][T21210] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7779'. [ 225.740552][T20949] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 225.760706][T20949] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 225.771052][T20949] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 225.789954][T20949] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 225.899275][T21245] tipc: Enabling of bearer rejected, failed to enable media [ 225.921180][T21248] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 225.938320][T20949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 225.983828][T21248] ext4 filesystem being mounted at /1044/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 225.991416][T20949] 8021q: adding VLAN 0 to HW filter on device team0 [ 226.023429][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.030513][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 226.045740][T21257] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 226.046811][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.065366][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 226.103338][T20949] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 226.127413][T20949] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 226.127954][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.165958][T21268] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 226.185957][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.188139][T21268] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it [ 226.206971][T21268] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.7799: Corrupt directory, running e2fsck is recommended [ 226.228980][T21268] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 226.242222][T20949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.243140][T21268] EXT4-fs error (device loop4): ext4_iget_extra_inode:5025: inode #15: comm syz.4.7799: corrupted in-inode xattr: e_name out of bounds [ 226.263846][T21268] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 226.268561][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 226.284126][ C0] EXT4-fs (loop4): initial error at time 2000000037: ext4_iget_extra_inode:5025: inode 15 [ 226.294175][ C0] EXT4-fs (loop4): last error at time 2000000037: ext4_iget_extra_inode:5025: inode 15 [ 226.305183][T21268] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.7799: couldn't read orphan inode 15 (err -117) [ 226.320789][T21268] loop4: lost filesystem error report for type 5 error -117 [ 226.321485][T21268] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 226.409815][T21268] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 226.448554][T21268] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it [ 226.474079][T21301] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 226.488792][T21268] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.7799: Corrupt directory, running e2fsck is recommended [ 226.512761][T21268] EXT4-fs error (device loop4): ext4_readdir:265: inode #2: block 3: comm syz.4.7799: path /1588/file0: bad entry in directory: directory entry overrun - offset=0, inode=4294967295, rec_len=65552, size=1024 fake=0 [ 226.513022][T21301] EXT4-fs (loop5): 1 truncate cleaned up [ 226.550791][T21268] EXT4-fs error (device loop4): ext4_readdir:265: inode #2: block 8: comm syz.4.7799: path /1588/file0: bad entry in directory: inode out of bounds - offset=0, inode=16810477, rec_len=1024, size=1024 fake=0 [ 226.577901][T20949] veth0_vlan: entered promiscuous mode [ 226.591307][T21301] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 226.599488][T20949] veth1_vlan: entered promiscuous mode [ 226.609618][T21301] EXT4-fs error (device loop5): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.5.7804: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 226.632888][T21301] EXT4-fs (loop5): Remounting filesystem read-only [ 226.638422][T20949] veth0_macvtap: entered promiscuous mode [ 226.659998][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.670163][T20949] veth1_macvtap: entered promiscuous mode [ 226.682911][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.689879][T20949] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 226.720732][T20949] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 226.735050][ T310] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.755409][ T310] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.783436][ T310] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.808646][T21329] tipc: Enabling of bearer rejected, failed to enable media [ 226.830290][ T310] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.845929][T21338] netlink: 68 bytes leftover after parsing attributes in process `syz.5.7820'. [ 226.852496][T21339] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7821'. [ 226.855350][T21338] netlink: 48 bytes leftover after parsing attributes in process `syz.5.7820'. [ 226.914706][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 226.914719][ T28] audit: type=1400 audit(2000000038.475:23108): avc: denied { getopt } for pid=21344 comm="syz.5.7824" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 226.933036][T21341] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 226.970428][T21352] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 227.021235][T21360] set_capacity_and_notify: 5 callbacks suppressed [ 227.021251][T21360] loop3: detected capacity change from 0 to 512 [ 227.037879][T21357] loop5: detected capacity change from 0 to 512 [ 227.050363][T21341] EXT4-fs (loop4): 1 truncate cleaned up [ 227.056912][T21341] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 227.095271][T21357] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 227.126030][T21341] EXT4-fs error (device loop4): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.4.7823: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 227.148218][T21360] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.7830: invalid indirect mapped block 4294967295 (level 1) [ 227.162587][T21341] EXT4-fs (loop4): Remounting filesystem read-only [ 227.172642][ T28] audit: type=1400 audit(2000000038.735:23109): avc: denied { connect } for pid=21373 comm="syz.6.7835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 227.201959][T21357] EXT4-fs (loop5): 1 truncate cleaned up [ 227.205146][T21360] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 227.207977][T21360] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.7830: invalid indirect mapped block 4294967295 (level 1) [ 227.208199][T21357] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 227.217154][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 227.217176][ C0] EXT4-fs (loop3): initial error at time 2000000038: ext4_free_branches:1023: inode 11 [ 227.254779][ T28] audit: type=1400 audit(2000000038.805:23110): avc: denied { append } for pid=21375 comm="syz.0.7836" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 227.259372][ C0] EXT4-fs (loop3): last error at time 2000000038: ext4_free_branches:1023: inode 11 [ 227.260304][T21360] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 227.287202][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.302083][T21360] EXT4-fs (loop3): 2 truncates cleaned up [ 227.320102][T21360] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 227.398746][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.416339][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.574006][ T28] audit: type=1400 audit(2000000039.135:23111): avc: denied { bind } for pid=21411 comm="syz.5.7853" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 227.658244][T21422] loop0: detected capacity change from 0 to 512 [ 227.691836][T21428] loop5: detected capacity change from 0 to 512 [ 227.712784][T21422] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 227.740683][T21422] ext4 filesystem being mounted at /1542/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 227.745717][T21428] EXT4-fs (loop5): couldn't mount RDWR because of unsupported optional features (9000000) [ 227.770279][T21428] EXT4-fs (loop5): Skipping orphan cleanup due to unknown ROCOMPAT features [ 227.796709][T21428] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 227.837188][ T4449] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.913796][T21441] loop6: detected capacity change from 0 to 2048 [ 227.948969][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.966306][T21441] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 227.972562][T21452] tipc: Enabled bearer , priority 0 [ 228.027204][T21456] loop3: detected capacity change from 0 to 512 [ 228.044954][T21456] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.7872: invalid indirect mapped block 4294967295 (level 1) [ 228.064762][T20949] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.098634][T21461] loop5: detected capacity change from 0 to 512 [ 228.156427][T21461] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 228.173431][T21456] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 228.173570][T21456] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.7872: invalid indirect mapped block 4294967295 (level 1) [ 228.173791][T21461] ext4 filesystem being mounted at /1060/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 228.182965][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 228.182990][ C1] EXT4-fs (loop3): initial error at time 2000000039: ext4_free_branches:1023: inode 11 [ 228.183037][ C1] EXT4-fs (loop3): last error at time 2000000039: ext4_free_branches:1023: inode 11 [ 228.183697][T21456] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 228.304145][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.336595][T21456] EXT4-fs (loop3): 2 truncates cleaned up [ 228.348709][T21456] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 228.494121][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.504119][ T28] audit: type=1400 audit(2000000040.045:23112): avc: denied { create } for pid=21478 comm="syz.5.7882" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=pppox_socket permissive=1 [ 228.849879][T21491] netlink: 'syz.4.7889': attribute type 1 has an invalid length. [ 228.858330][T21491] netlink: 'syz.4.7889': attribute type 3 has an invalid length. [ 228.860196][T21496] loop3: detected capacity change from 0 to 512 [ 228.879722][T21491] netlink: 32 bytes leftover after parsing attributes in process `syz.4.7889'. [ 228.958267][T21496] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 228.969473][ T10] tipc: Node number set to 1 [ 228.994027][T21496] EXT4-fs (loop3): 1 truncate cleaned up [ 229.013970][ T28] audit: type=1400 audit(2000000040.575:23113): avc: denied { kexec_image_load } for pid=21499 comm="syz.5.7891" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1 [ 229.037019][T21496] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.158870][T21507] EXT4-fs error (device loop3): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.3.7888: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 229.188828][T21507] EXT4-fs (loop3): Remounting filesystem read-only [ 229.240549][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.310466][T21518] netlink: 16255 bytes leftover after parsing attributes in process `syz.5.7899'. [ 229.371793][T21521] loop6: detected capacity change from 0 to 2048 [ 229.415734][T21532] loop3: detected capacity change from 0 to 512 [ 229.427050][T21532] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 229.437624][T21532] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 229.449084][T21532] System zones: 1-12 [ 229.453316][T21532] EXT4-fs error (device loop3): ext4_iget_extra_inode:5025: inode #15: comm syz.3.7906: corrupted in-inode xattr: e_value size too large [ 229.468263][T21532] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 229.468433][T21532] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.7906: couldn't read orphan inode 15 (err -117) [ 229.477578][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 229.477597][ C0] EXT4-fs (loop3): initial error at time 2000000041: ext4_iget_extra_inode:5025: inode 15 [ 229.477644][ C0] EXT4-fs (loop3): last error at time 2000000041: ext4_iget_extra_inode:5025: inode 15 [ 229.531943][ T8418] loop6: p3 p4 < > [ 229.535871][ T8418] loop6: p3 start 11362048 is beyond EOD, truncated [ 229.552336][T21532] loop3: lost filesystem error report for type 5 error -117 [ 229.553017][T21532] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.582576][T21521] loop6: p3 p4 < > [ 229.586641][T21521] loop6: p3 start 11362048 is beyond EOD, truncated [ 229.611102][ T28] audit: type=1400 audit(2000000041.165:23114): avc: denied { node_bind } for pid=21540 comm="syz.0.7911" saddr=::ffff:224.0.0.1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 229.658062][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.672227][T21547] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7914'. [ 229.737820][ T8295] udevd[8295]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory [ 229.877089][T21567] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 229.962537][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.052072][ T28] audit: type=1400 audit(2000000041.605:23115): avc: denied { setattr } for pid=21597 comm="syz.4.7941" name="" dev="pipefs" ino=62713 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 230.195227][T21620] EXT4-fs warning (device loop5): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 230.217070][T21620] EXT4-fs warning (device loop5): dx_probe:849: Enable large directory feature to access it [ 230.248023][T21620] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.7949: Corrupt directory, running e2fsck is recommended [ 230.267695][T21620] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117 [ 230.283261][T21620] EXT4-fs error (device loop5): ext4_iget_extra_inode:5025: inode #15: comm syz.5.7949: corrupted in-inode xattr: e_name out of bounds [ 230.297567][T21620] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 230.297762][T21620] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.7949: couldn't read orphan inode 15 (err -117) [ 230.306946][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 230.306963][ C1] EXT4-fs (loop5): initial error at time 2000000041: ext4_iget_extra_inode:5025: inode 15 [ 230.307008][ C1] EXT4-fs (loop5): last error at time 2000000041: ext4_iget_extra_inode:5025: inode 15 [ 230.345951][T21620] loop5: lost filesystem error report for type 5 error -117 [ 230.348902][T21620] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 230.401514][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.427214][ T28] audit: type=1326 audit(2000000041.985:23116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21650 comm="syz.5.7959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30411c799 code=0x7ffc0000 [ 230.461031][ T28] audit: type=1326 audit(2000000041.985:23117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21650 comm="syz.5.7959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30411c799 code=0x7ffc0000 [ 230.744671][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 230.771371][T21675] FAT-fs (loop5): Filesystem has been set read-only [ 230.793828][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 230.821909][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 230.841791][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 230.859691][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 230.878170][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 230.910679][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 230.935053][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 230.957417][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 230.988545][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 230.997255][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.034823][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.071785][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.093063][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.147289][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.179538][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.192844][T21693] 9p: Bad value for 'wfdno' [ 231.207759][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.238536][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.267787][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.304170][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.314440][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.386370][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.418615][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.444702][T21701] netlink: 'syz.4.7985': attribute type 3 has an invalid length. [ 231.458252][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.473884][T21701] netlink: 'syz.4.7985': attribute type 3 has an invalid length. [ 231.485069][T21675] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 1046) [ 231.917706][T21753] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 231.997088][ T4449] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.073876][T21781] set_capacity_and_notify: 6 callbacks suppressed [ 232.073892][T21781] loop6: detected capacity change from 0 to 512 [ 232.126033][T21792] netlink: 'syz.3.8028': attribute type 13 has an invalid length. [ 232.148738][T21792] __nla_validate_parse: 2 callbacks suppressed [ 232.148752][T21792] netlink: 14585 bytes leftover after parsing attributes in process `syz.3.8028'. [ 232.159506][T21781] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 232.188412][T21781] ext4 filesystem being mounted at /45/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 232.221123][T21802] loop3: detected capacity change from 0 to 512 [ 232.243026][T21802] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 232.259925][T21802] ext4 filesystem being mounted at /1706/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 232.272169][T21802] EXT4-fs warning (device loop3): verify_group_input:137: Cannot add at group 1025 (only 1 groups) [ 232.298251][T21805] loop0: detected capacity change from 0 to 512 [ 232.305634][T20949] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.328854][T21805] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 232.356331][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.556372][T21835] loop3: detected capacity change from 0 to 164 [ 232.595161][T21835] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 232.673497][T21856] loop0: detected capacity change from 0 to 128 [ 232.702313][ T35] hid_parser_main: 156 callbacks suppressed [ 232.702331][ T35] hid-generic 0080:0005:FFFFFFFE.0006: unknown main item tag 0x0 [ 232.720362][ T35] hid-generic 0080:0005:FFFFFFFE.0006: unknown main item tag 0x0 [ 232.744357][T21862] loop4: detected capacity change from 0 to 512 [ 232.754993][ T35] hid-generic 0080:0005:FFFFFFFE.0006: hidraw0: HID v0.03 Device [syz0] on syz1 [ 232.774283][T21862] ext4 filesystem being mounted at /1644/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 232.817994][T21866] fido_id[21866]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 232.846292][T21873] loop3: detected capacity change from 0 to 512 [ 232.852995][T21875] loop6: detected capacity change from 0 to 2048 [ 232.913890][T21873] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.8064: invalid indirect mapped block 256 (level 2) [ 232.929091][T21873] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 232.938531][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 232.954134][ C1] EXT4-fs (loop3): initial error at time 2000000044: ext4_free_branches:1023: inode 11 [ 232.963819][ C1] EXT4-fs (loop3): last error at time 2000000044: ext4_free_branches:1023: inode 11 [ 232.975700][T21873] EXT4-fs (loop3): 2 truncates cleaned up [ 233.020264][T21885] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096 [ 233.060434][T21891] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8070'. [ 233.131556][T21900] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8075'. [ 233.166334][T21904] wireguard2: entered promiscuous mode [ 233.180464][T21908] loop6: detected capacity change from 0 to 1024 [ 233.186907][T21904] wireguard2: entered allmulticast mode [ 233.205204][T21908] EXT4-fs: Ignoring removed orlov option [ 233.280121][T21922] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8084'. [ 233.297631][T21920] loop3: detected capacity change from 0 to 512 [ 233.352057][T21920] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.8083: inode has both inline data and extents flags [ 233.388446][T21920] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 233.388529][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 233.404161][ C1] EXT4-fs (loop3): initial error at time 2000000044: ext4_orphan_get:1391: inode 15 [ 233.413595][ C1] EXT4-fs (loop3): last error at time 2000000044: ext4_orphan_get:1391: inode 15 [ 233.442732][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 233.442798][ T28] audit: type=1326 audit(2000000045.005:23123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21932 comm="syz.6.8089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f285944c799 code=0x7ffc0000 [ 233.451896][T21920] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.8083: couldn't read orphan inode 15 (err -117) [ 233.474429][ T28] audit: type=1326 audit(2000000045.005:23124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21932 comm="syz.6.8089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f285944c799 code=0x7ffc0000 [ 233.510150][ T28] audit: type=1326 audit(2000000045.055:23125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21932 comm="syz.6.8089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f285944c799 code=0x7ffc0000 [ 233.522816][T21920] loop3: lost filesystem error report for type 5 error -117 [ 233.534147][ T28] audit: type=1326 audit(2000000045.055:23126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21932 comm="syz.6.8089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7f285944c799 code=0x7ffc0000 [ 233.534230][ T28] audit: type=1326 audit(2000000045.055:23127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21932 comm="syz.6.8089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f285944c799 code=0x7ffc0000 [ 233.534295][ T28] audit: type=1326 audit(2000000045.055:23128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21932 comm="syz.6.8089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f285944c799 code=0x7ffc0000 [ 233.534315][ T28] audit: type=1326 audit(2000000045.055:23129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21932 comm="syz.6.8089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f285944c799 code=0x7ffc0000 [ 233.534369][ T28] audit: type=1326 audit(2000000045.055:23130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21932 comm="syz.6.8089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f285944c799 code=0x7ffc0000 [ 233.688122][ T28] audit: type=1326 audit(2000000045.235:23131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21932 comm="syz.6.8089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f285944c799 code=0x7ffc0000 [ 233.816719][T21960] netlink: 'syz.6.8102': attribute type 24 has an invalid length. [ 233.850204][T21968] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8107'. [ 233.872103][T21966] rock: directory entry would overflow storage [ 233.878687][T21970] mmap: syz.4.8106 (21970): VmData 29196288 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 233.897336][T21966] rock: sig=0x4654, size=5, remaining=4 [ 234.092190][T22007] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8125'. [ 234.172682][T22015] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8129'. [ 234.222208][ T28] audit: type=1400 audit(2000000045.785:23132): avc: denied { write } for pid=22020 comm="syz.4.8132" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 234.277462][T22026] netlink: 'syz.4.8134': attribute type 13 has an invalid length. [ 234.315225][T22026] netlink: 14585 bytes leftover after parsing attributes in process `syz.4.8134'. [ 234.417446][T22041] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8142'. [ 234.452050][T22043] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8143'. [ 235.018659][T22074] delete_channel: no stack [ 236.415588][T22135] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 236.437757][T22135] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 236.468687][T22135] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 236.490950][T22135] EXT4-fs error (device loop5): ext4_get_journal_inode:5863: inode #5: comm syz.5.8179: unexpected bad inode w/o EXT4_IGET_BAD [ 236.516266][T22135] loop5: lost file I/O error report for ino 5 type 5 pos 0x0 len 0x0 error -117 [ 236.516506][T22135] EXT4-fs (loop5): no journal found [ 236.525569][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 236.525590][ C0] EXT4-fs (loop5): initial error at time 2000000048: ext4_get_journal_inode:5863: inode 5 [ 236.525620][ C0] EXT4-fs (loop5): last error at time 2000000048: ext4_get_journal_inode:5863: inode 5 [ 236.593615][T22135] EXT4-fs (loop5): can't get journal size [ 236.875168][T22147] EXT4-fs: inline encryption not supported [ 236.899022][T22147] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 236.913111][T22147] EXT4-fs error (device loop5): ext4_map_blocks:776: inode #3: block 2: comm syz.5.8184: lblock 2 mapped to illegal pblock 2 (length 1) [ 236.930455][T22147] loop5: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 236.930589][T22147] EXT4-fs (loop5): Remounting filesystem read-only [ 236.939764][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 236.939788][ C0] EXT4-fs (loop5): initial error at time 2000000048: ext4_map_blocks:776: inode 3: block 2 [ 236.939826][ C0] EXT4-fs (loop5): last error at time 2000000048: ext4_map_blocks:776: inode 3: block 2 [ 236.989315][T22147] EXT4-fs (loop5): 1 orphan inode deleted [ 237.604843][T22171] set_capacity_and_notify: 6 callbacks suppressed [ 237.604858][T22171] loop6: detected capacity change from 0 to 1024 [ 237.632671][T22171] EXT4-fs: Ignoring removed bh option [ 237.652080][T22171] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 237.680246][T22171] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e84ce028, mo2=0000] [ 237.688465][T22171] System zones: 0-1, 3-12 [ 237.701735][T22171] EXT4-fs error (device loop6): ext4_map_blocks:818: inode #3: block 1: comm syz.6.8193: lblock 1 mapped to illegal pblock 1 (length 1) [ 237.701770][T22171] loop6: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 237.701951][T22171] EXT4-fs (loop6): Remounting filesystem read-only [ 237.702131][T22171] EXT4-fs (loop6): 1 orphan inode deleted [ 237.848961][ T8650] kernel write not supported for file /snd/seq (pid: 8650 comm: kworker/1:4) [ 238.032689][T22228] loop3: detected capacity change from 0 to 4096 [ 238.140648][T22245] netem: change failed [ 238.292534][T22268] __nla_validate_parse: 2 callbacks suppressed [ 238.292550][T22268] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8222'. [ 238.313412][T22268] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8222'. [ 238.476103][T22293] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8220'. [ 238.601760][ T28] kauditd_printk_skb: 34 callbacks suppressed [ 238.601774][ T28] audit: type=1400 audit(2000000050.165:23162): avc: denied { create } for pid=22314 comm="syz.5.8242" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_fib_lookup_socket permissive=1 [ 238.698913][T22326] loop5: detected capacity change from 0 to 128 [ 238.718340][T22326] FAT-fs (loop5): Directory bread(block 524322) failed [ 238.743314][T22331] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8246'. [ 238.752337][T22326] FAT-fs (loop5): Directory bread(block 524323) failed [ 238.752363][T22326] FAT-fs (loop5): Directory bread(block 524324) failed [ 238.752380][T22326] FAT-fs (loop5): Directory bread(block 524325) failed [ 238.752405][T22326] FAT-fs (loop5): Directory bread(block 524326) failed [ 238.752423][T22326] FAT-fs (loop5): Directory bread(block 524327) failed [ 238.752503][T22326] FAT-fs (loop5): Directory bread(block 524328) failed [ 238.752521][T22326] FAT-fs (loop5): Directory bread(block 524329) failed [ 238.804347][T22326] FAT-fs (loop5): Directory bread(block 524322) failed [ 238.804769][ T28] audit: type=1326 audit(2000000050.365:23163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22332 comm="syz.6.8247" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f285944c799 code=0x0 [ 238.815729][T22331] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8246'. [ 238.835073][T22326] FAT-fs (loop5): Directory bread(block 524323) failed [ 238.851255][T22337] loop4: detected capacity change from 0 to 512 [ 238.852728][T22331] netlink: 'syz.0.8246': attribute type 13 has an invalid length. [ 238.920389][T22337] ext4 filesystem being mounted at /1694/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 238.924819][ T28] audit: type=1326 audit(2000000050.485:23164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22339 comm="syz.3.8250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 238.958489][ T28] audit: type=1326 audit(2000000050.515:23165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22339 comm="syz.3.8250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 238.964156][T22337] EXT4-fs error (device loop4): ext4_do_update_inode:5569: inode #2: comm syz.4.8249: corrupted inode contents [ 238.983896][ T28] audit: type=1326 audit(2000000050.515:23166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22339 comm="syz.3.8250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 238.983923][ T28] audit: type=1326 audit(2000000050.515:23167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22339 comm="syz.3.8250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 239.081370][T22337] EXT4-fs error (device loop4): ext4_dirty_inode:6450: inode #2: comm syz.4.8249: mark_inode_dirty error [ 239.083850][T22360] loop3: detected capacity change from 0 to 512 [ 239.100082][T22337] EXT4-fs error (device loop4): ext4_do_update_inode:5569: inode #2: comm syz.4.8249: corrupted inode contents [ 239.112304][T22337] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.8249: mark_inode_dirty error [ 239.124691][T22359] EXT4-fs warning (device loop4): ext4_es_cache_extent:1082: inode #2: comm syz.4.8249: ES cache extent failed: add [0,1,22,0x1] conflict with existing [0,8,576460752303423487,0x18] [ 239.124691][T22359] [ 239.124887][ T28] audit: type=1400 audit(2000000050.695:23168): avc: denied { create } for pid=22336 comm="syz.4.8249" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1 [ 239.146842][T22360] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 239.213598][T22360] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.8257: iget: bad i_size value: 38620345925642 [ 239.234701][T22360] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 239.238280][T22360] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.8257: couldn't read orphan inode 15 (err -117) [ 239.238307][T22360] loop3: lost filesystem error report for type 5 error -117 [ 239.238526][ C1] EXT4-fs (loop3): error count since last fsck: 2 [ 239.238543][ C1] EXT4-fs (loop3): initial error at time 2000000050: ext4_orphan_get:1391: inode 15 [ 239.238572][ C1] EXT4-fs (loop3): last error at time 2000000050: ext4_orphan_get:1396 [ 239.294990][T22374] loop4: detected capacity change from 0 to 512 [ 239.312269][T22374] ext4 filesystem being mounted at /1696/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 239.492726][ T28] audit: type=1326 audit(2000000051.055:23169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22393 comm="syz.5.8272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30411c799 code=0x7ffc0000 [ 239.530088][ T28] audit: type=1326 audit(2000000051.055:23170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22393 comm="syz.5.8272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30411c799 code=0x7ffc0000 [ 239.571121][ T28] audit: type=1326 audit(2000000051.055:23171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22393 comm="syz.5.8272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30411c799 code=0x7ffc0000 [ 239.602432][T22394] loop5: detected capacity change from 0 to 4096 [ 239.833177][T22430] loop6: detected capacity change from 0 to 512 [ 239.874964][T22430] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 240.164876][T22471] SELinux: policydb table sizes (0,0) do not match mine (6,6) [ 240.174956][T22471] SELinux: failed to load policy [ 241.276165][T22508] xt_CT: You must specify a L4 protocol and not use inversions on it [ 241.284610][T22510] netlink: 'syz.5.8326': attribute type 2 has an invalid length. [ 241.461965][T22532] loop5: detected capacity change from 0 to 512 [ 241.886981][T22574] smc: net device ip_vti0 erased user defined pnetid SYZ0 [ 241.926193][T22580] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8360'. [ 241.974046][T22586] netlink: 136 bytes leftover after parsing attributes in process `syz.4.8364'. [ 242.021941][T22590] loop6: detected capacity change from 0 to 2048 [ 242.024468][T22586] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 242.277102][T22638] netlink: 16 bytes leftover after parsing attributes in process `syz.6.8387'. [ 242.369787][T22650] netlink: 80 bytes leftover after parsing attributes in process `syz.6.8392'. [ 242.524775][T22675] netlink: 20 bytes leftover after parsing attributes in process `syz.6.8405'. [ 242.944198][T22730] bridge0: entered promiscuous mode [ 243.338244][T22794] set_capacity_and_notify: 1 callbacks suppressed [ 243.338262][T22794] loop6: detected capacity change from 0 to 512 [ 243.355354][T22798] loop4: detected capacity change from 0 to 512 [ 243.366974][T22798] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 243.374447][T22794] EXT4-fs: Ignoring removed nobh option [ 243.387553][T22802] loop5: detected capacity change from 0 to 512 [ 243.416571][T22798] EXT4-fs (loop4): 1 truncate cleaned up [ 243.417441][T22806] __nla_validate_parse: 2 callbacks suppressed [ 243.417453][T22806] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8467'. [ 243.438027][T22794] EXT4-fs (loop6): orphan cleanup on readonly fs [ 243.439756][T22802] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 243.446109][T22794] EXT4-fs error (device loop6): ext4_xattr_inode_iget:441: inode #11: comm syz.6.8463: casefold flag without casefold feature [ 243.468371][T22794] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 243.468543][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 243.478624][T22794] EXT4-fs error (device loop6): ext4_xattr_inode_iget:446: comm syz.6.8463: error while reading EA inode 11 err=-117 [ 243.484095][ C0] EXT4-fs (loop6): initial error at time 2000000055: ext4_xattr_inode_iget:441: inode 11 [ 243.499462][T22794] loop6: lost filesystem error report for type 5 error -117 [ 243.506168][ C0] EXT4-fs (loop6): last error at time 2000000055: ext4_xattr_inode_iget:441 [ 243.506424][T22794] EXT4-fs (loop6): 1 orphan inode deleted [ 243.513468][ C0] [ 243.527620][T22802] EXT4-fs (loop5): 1 orphan inode deleted [ 243.540342][T22802] EXT4-fs (loop5): 1 truncate cleaned up [ 243.591166][T22811] netlink: 'syz.3.8469': attribute type 10 has an invalid length. [ 243.657210][T22811] veth0_vlan: left promiscuous mode [ 243.686754][T22825] loop4: detected capacity change from 0 to 164 [ 243.694173][T22811] veth0_vlan: entered promiscuous mode [ 243.704389][T22811] team0: Device veth0_vlan failed to register rx_handler [ 243.724890][T22823] loop6: detected capacity change from 0 to 8192 [ 243.745881][T22823] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 243.822156][T22819] can0: slcan on ptm0. [ 243.884113][T22818] can0 (unregistered): slcan off ptm0. [ 243.980684][T22854] loop3: detected capacity change from 0 to 512 [ 244.007849][T22854] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 244.446450][T22905] netlink: 280 bytes leftover after parsing attributes in process `syz.3.8500'. [ 244.588417][T22921] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 244.642635][T22923] netlink: 240 bytes leftover after parsing attributes in process `syz.5.8508'. [ 244.679097][ T28] kauditd_printk_skb: 36 callbacks suppressed [ 244.679110][ T28] audit: type=1326 audit(2000000056.245:23208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22926 comm="syz.3.8510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 244.711891][ T28] audit: type=1326 audit(2000000056.275:23209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22926 comm="syz.3.8510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 244.761249][ T28] audit: type=1326 audit(2000000056.275:23210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22926 comm="syz.3.8510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 244.785372][ T28] audit: type=1326 audit(2000000056.275:23211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22926 comm="syz.3.8510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 244.828947][ T28] audit: type=1400 audit(2000000056.395:23212): avc: denied { ioctl } for pid=22930 comm="syz.3.8512" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 ioctlcmd=0x63a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 244.909758][ T28] audit: type=1400 audit(2000000056.475:23213): avc: denied { create } for pid=22940 comm="syz.3.8518" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=packet_socket permissive=1 [ 244.956063][T22952] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8523'. [ 245.422554][ T28] audit: type=1326 audit(2000000056.985:23214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23039 comm="syz.3.8565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 245.446875][T23042] loop5: detected capacity change from 0 to 1024 [ 245.455382][ T28] audit: type=1326 audit(2000000056.985:23215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23039 comm="syz.3.8565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 245.487833][ T28] audit: type=1326 audit(2000000057.015:23216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23039 comm="syz.3.8565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 245.511888][T23042] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 245.525308][T23042] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 245.543173][T23042] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 245.553557][ T28] audit: type=1326 audit(2000000057.015:23217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23039 comm="syz.3.8565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec5209c799 code=0x7ffc0000 [ 245.589085][T23042] EXT4-fs error (device loop5): ext4_get_journal_inode:5863: inode #5: comm syz.5.8567: unexpected bad inode w/o EXT4_IGET_BAD [ 245.613752][T23042] loop5: lost file I/O error report for ino 5 type 5 pos 0x0 len 0x0 error -117 [ 245.614415][T23042] EXT4-fs (loop5): no journal found [ 245.623503][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 245.623523][ C0] EXT4-fs (loop5): initial error at time 2000000057: ext4_get_journal_inode:5863: inode 5 [ 245.623547][ C0] EXT4-fs (loop5): last error at time 2000000057: ext4_get_journal_inode:5863: inode 5 [ 245.657266][T23042] EXT4-fs (loop5): can't get journal size [ 245.668915][T23042] EXT4-fs (loop5): ext4_remount: Checksum for group 0 failed (42152!=20869) [ 245.679046][T23065] netlink: 71 bytes leftover after parsing attributes in process `syz.4.8576'. [ 245.835041][T23086] loop4: detected capacity change from 0 to 1024 [ 245.843147][T23086] EXT4-fs: inline encryption not supported [ 245.862695][T23089] loop3: detected capacity change from 0 to 128 [ 245.876578][T23086] EXT4-fs: Ignoring removed nobh option [ 245.883324][T23086] EXT4-fs: Ignoring removed bh option [ 245.896779][T23092] loop5: detected capacity change from 0 to 512 [ 245.921944][T23092] ext4 filesystem being mounted at /1234/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 245.953622][T23099] GUP no longer grows the stack in syz.4.8590 (23099): 200000006000-200000008000 (200000004000) [ 245.964494][T23099] CPU: 1 UID: 0 PID: 23099 Comm: syz.4.8590 Tainted: G W syzkaller #0 PREEMPT(full) [ 245.964522][T23099] Tainted: [W]=WARN [ 245.964604][T23099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 245.964620][T23099] Call Trace: [ 245.964627][T23099] [ 245.964634][T23099] __dump_stack+0x1d/0x30 [ 245.964657][T23099] dump_stack_lvl+0x95/0xd0 [ 245.964678][T23099] dump_stack+0x15/0x1b [ 245.964754][T23099] fixup_user_fault+0x4fb/0x550 [ 245.964781][T23099] fault_in_user_writeable+0x5c/0xc0 [ 245.964898][T23099] futex_lock_pi+0x60b/0x7e0 [ 245.964925][T23099] ? __pfx_futex_wake_mark+0x10/0x10 [ 245.964950][T23099] do_futex+0x21f/0x380 [ 245.964993][T23099] __se_sys_futex+0x2f6/0x370 [ 245.965016][T23099] ? xfd_validate_state+0x45/0xf0 [ 245.965040][T23099] __x64_sys_futex+0x78/0x90 [ 245.965063][T23099] x64_sys_call+0x24ab/0x3020 [ 245.965100][T23099] do_syscall_64+0x12c/0x370 [ 245.965120][T23099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.965142][T23099] RIP: 0033:0x7fa03cf9c799 [ 245.965156][T23099] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 245.965218][T23099] RSP: 002b:00007fa03b9ef028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 245.965280][T23099] RAX: ffffffffffffffda RBX: 00007fa03d215fa0 RCX: 00007fa03cf9c799 [ 245.965292][T23099] RDX: 00000000fffff7fc RSI: 000000000000008d RDI: 0000200000004000 [ 245.965330][T23099] RBP: 00007fa03d032c99 R08: 0000000000000000 R09: 0000000000000000 [ 245.965342][T23099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 245.965353][T23099] R13: 00007fa03d216038 R14: 00007fa03d215fa0 R15: 00007fff4ec13088 [ 245.965370][T23099] [ 246.828570][T23211] Failed to initialize the IGMP autojoin socket (err -2) [ 247.234539][T23214] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8645'. [ 247.660372][T23222] EXT4-fs: Ignoring removed nobh option [ 247.703273][T23222] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 247.729977][T23222] EXT4-fs (loop5): 1 truncate cleaned up [ 247.736089][T23222] EXT4-fs mount: 44 callbacks suppressed [ 247.736155][T23222] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 247.768265][T23222] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8649'. [ 247.853876][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 247.947938][T23268] netlink: 'syz.6.8671': attribute type 28 has an invalid length. [ 248.071110][T23291] netlink: 36 bytes leftover after parsing attributes in process `syz.4.8681'. [ 248.086088][T23290] tipc: Invalid UDP bearer configuration [ 248.086100][T23290] tipc: Enabling of bearer rejected, failed to enable media [ 248.239500][T23309] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 248.370929][T23322] netlink: 'syz.6.8696': attribute type 93 has an invalid length. [ 248.533002][T23326] set_capacity_and_notify: 1 callbacks suppressed [ 248.533035][T23326] loop6: detected capacity change from 0 to 8192 [ 248.561933][ T1034] kernel write not supported for file /input/event2 (pid: 1034 comm: kworker/1:2) [ 248.577006][T23326] FAT-fs (loop6): error, invalid access to FAT (entry 0x00004614) [ 248.586211][T23326] FAT-fs (loop6): Filesystem has been set read-only [ 248.607909][T23326] FAT-fs (loop6): error, invalid access to FAT (entry 0x00004614) [ 248.616101][T23326] FAT-fs (loop6): error, invalid access to FAT (entry 0x00004614) [ 248.651556][T23326] syz.6.8698: attempt to access beyond end of device [ 248.651556][T23326] loop6: rw=8388608, sector=18010, nr_sectors = 1 limit=8192 [ 248.688602][T23326] Buffer I/O error on dev loop6, logical block 18010, async page read [ 248.714962][T23326] FAT-fs (loop6): error, invalid access to FAT (entry 0x00004614) [ 248.715409][T23352] netlink: 32 bytes leftover after parsing attributes in process `syz.3.8712'. [ 248.723290][T23326] FAT-fs (loop6): error, invalid access to FAT (entry 0x00004614) [ 248.757119][T23326] FAT-fs (loop6): error, invalid access to FAT (entry 0x00004614) [ 248.765341][T23326] FAT-fs (loop6): error, invalid access to FAT (entry 0x00004614) [ 248.778595][T23326] FAT-fs (loop6): error, invalid access to FAT (entry 0x00004614) [ 248.792366][T23326] FAT-fs (loop6): error, invalid access to FAT (entry 0x00004614) [ 248.831106][T23326] syz.6.8698: attempt to access beyond end of device [ 248.831106][T23326] loop6: rw=8388608, sector=18010, nr_sectors = 1 limit=8192 [ 248.872360][T23326] Buffer I/O error on dev loop6, logical block 18010, async page read [ 248.884930][T23326] FAT-fs (loop6): error, invalid access to FAT (entry 0x00004614) [ 248.901183][T23375] loop3: detected capacity change from 0 to 512 [ 248.908413][T23377] loop4: detected capacity change from 0 to 128 [ 248.916534][T23326] syz.6.8698: attempt to access beyond end of device [ 248.916534][T23326] loop6: rw=8388608, sector=18010, nr_sectors = 1 limit=8192 [ 248.939232][T23377] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 248.951885][T23326] Buffer I/O error on dev loop6, logical block 18010, async page read [ 248.955487][T23377] ext4 filesystem being mounted at /1780/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 248.964270][T23380] Failed to initialize the IGMP autojoin socket (err -2) [ 248.979547][T23377] EXT4-fs warning (device loop4): verify_group_input:137: Cannot add at group 127 (only 1 groups) [ 248.980659][T23326] syz.6.8698: attempt to access beyond end of device [ 248.980659][T23326] loop6: rw=8388608, sector=18010, nr_sectors = 1 limit=8192 [ 249.016771][T23375] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 249.041588][T23326] Buffer I/O error on dev loop6, logical block 18010, async page read [ 249.049984][T23326] syz.6.8698: attempt to access beyond end of device [ 249.049984][T23326] loop6: rw=8388608, sector=18010, nr_sectors = 1 limit=8192 [ 249.073911][T23326] Buffer I/O error on dev loop6, logical block 18010, async page read [ 249.074182][ T3324] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 249.082275][T23326] syz.6.8698: attempt to access beyond end of device [ 249.082275][T23326] loop6: rw=8388608, sector=18010, nr_sectors = 1 limit=8192 [ 249.105451][T23326] Buffer I/O error on dev loop6, logical block 18010, async page read [ 249.105664][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.113894][T23326] syz.6.8698: attempt to access beyond end of device [ 249.113894][T23326] loop6: rw=8388608, sector=18010, nr_sectors = 1 limit=8192 [ 249.113917][T23326] Buffer I/O error on dev loop6, logical block 18010, async page read [ 249.113944][T23326] syz.6.8698: attempt to access beyond end of device [ 249.113944][T23326] loop6: rw=8388608, sector=18010, nr_sectors = 1 limit=8192 [ 249.113963][T23326] Buffer I/O error on dev loop6, logical block 18010, async page read [ 249.114080][T23326] syz.6.8698: attempt to access beyond end of device [ 249.114080][T23326] loop6: rw=8388608, sector=18010, nr_sectors = 1 limit=8192 [ 249.114101][T23326] Buffer I/O error on dev loop6, logical block 18010, async page read [ 249.114132][T23326] syz.6.8698: attempt to access beyond end of device [ 249.114132][T23326] loop6: rw=8388608, sector=18010, nr_sectors = 1 limit=8192 [ 249.114153][T23326] Buffer I/O error on dev loop6, logical block 18010, async page read [ 249.473159][T23408] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8737'. [ 249.532523][T23418] vlan3: entered allmulticast mode [ 249.560494][T23418] macsec0: entered allmulticast mode [ 249.583492][T23418] veth1_macvtap: entered allmulticast mode [ 249.601073][T23426] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8744'. [ 249.699477][ T28] kauditd_printk_skb: 40 callbacks suppressed [ 249.699496][ T28] audit: type=1400 audit(2000000061.265:23258): avc: denied { map_create } for pid=23438 comm="syz.0.8752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 249.740537][ T28] audit: type=1400 audit(2000000061.295:23259): avc: denied { map_read map_write } for pid=23438 comm="syz.0.8752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 249.840788][ T28] audit: type=1400 audit(2000000061.325:23260): avc: denied { read write } for pid=23443 comm="syz.3.8755" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 249.878200][ T28] audit: type=1400 audit(2000000061.325:23261): avc: denied { open } for pid=23443 comm="syz.3.8755" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 249.943081][ T28] audit: type=1400 audit(2000000061.385:23262): avc: denied { getopt } for pid=23424 comm="syz.6.8746" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 249.993276][ T28] audit: type=1400 audit(2000000061.395:23263): avc: denied { mounton } for pid=23451 comm="syz.0.8759" path="/1704/file0" dev="tmpfs" ino=8742 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 249.995432][T23468] loop5: detected capacity change from 0 to 512 [ 250.107797][ T28] audit: type=1400 audit(2000000061.435:23264): avc: denied { read } for pid=23454 comm="syz.5.8761" dev="nsfs" ino=4026532370 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 250.143082][T23481] loop6: detected capacity change from 0 to 512 [ 250.151372][T23468] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 250.173829][ T28] audit: type=1400 audit(2000000061.435:23265): avc: denied { open } for pid=23454 comm="syz.5.8761" path="net:[4026532370]" dev="nsfs" ino=4026532370 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 250.197674][T23481] EXT4-fs: Ignoring removed oldalloc option [ 250.215596][ T28] audit: type=1400 audit(2000000061.435:23266): avc: denied { create } for pid=23454 comm="syz.5.8761" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 250.240324][T23468] ext4 filesystem being mounted at /1267/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 250.256052][ T28] audit: type=1400 audit(2000000061.435:23267): avc: denied { write } for pid=23454 comm="syz.5.8761" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 250.257119][T23481] EXT4-fs: Ignoring removed i_version option [ 250.355934][T23481] EXT4-fs (loop6): filesystem is read-only [ 250.387804][T23481] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 250.412926][T23481] EXT4-fs (loop6): filesystem is read-only [ 250.425556][T23481] EXT4-fs (loop6): orphan cleanup on readonly fs [ 250.434070][T23481] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.8771: bg 0: block 64: padding at end of block bitmap is not set [ 250.449694][T23481] loop6: lost filesystem error report for type 5 error -117 [ 250.451441][T23481] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 250.458797][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 250.458815][ C0] EXT4-fs (loop6): initial error at time 2000000062: ext4_validate_block_bitmap:441 [ 250.458832][ C0] EXT4-fs (loop6): last error at time 2000000062: ext4_validate_block_bitmap:441 [ 250.496508][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.496699][T23481] loop6: lost filesystem error report for type 5 error -117 [ 250.506705][T23481] EXT4-fs (loop6): 1 orphan inode deleted [ 250.521722][T23481] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 250.601405][T23506] loop5: detected capacity change from 0 to 512 [ 250.647949][T20949] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.658374][T23506] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 250.703837][T23506] ext4 filesystem being mounted at /1268/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 250.855461][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 251.039950][T23562] loop3: detected capacity change from 0 to 256 [ 251.070098][T23562] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 251.106932][T23562] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008) [ 251.115864][T23562] FAT-fs (loop3): Filesystem has been set read-only [ 251.887906][T23607] loop3: detected capacity change from 0 to 512 [ 251.890557][T23611] loop4: detected capacity change from 0 to 512 [ 251.916360][T23607] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.8817: bad orphan inode 13 [ 251.916398][T23607] loop3: lost filesystem error report for type 5 error -117 [ 251.926583][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 251.926606][ C0] EXT4-fs (loop3): initial error at time 2000000063: ext4_orphan_get:1417 [ 251.926626][ C0] EXT4-fs (loop3): last error at time 2000000063: ext4_orphan_get:1417 [ 251.928073][T23607] ext4_test_bit(bit=12, block=4) = 1 [ 251.928085][T23607] is_bad_inode(inode)=0 [ 251.928092][T23607] NEXT_ORPHAN(inode)=0 [ 251.928097][T23607] max_ino=32 [ 251.928103][T23607] i_nlink=1 [ 251.928455][T23607] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 251.943145][T23611] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 251.955117][T23611] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.8816: bg 0: block 104: invalid block bitmap [ 251.955196][T23611] loop4: lost filesystem error report for type 5 error -117 [ 251.955313][T23611] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 251.955330][T23611] loop4: lost filesystem error report for type 5 error -117 [ 251.955533][T23611] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.8816: invalid indirect mapped block 1 (level 1) [ 251.955559][T23611] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 251.955818][T23611] EXT4-fs (loop4): 1 truncate cleaned up [ 251.956324][T23611] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 251.959559][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.024332][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.285932][T23636] loop5: detected capacity change from 0 to 512 [ 252.309690][T23636] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 252.330305][T23636] EXT4-fs (loop5): 1 truncate cleaned up [ 252.336407][T23636] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 252.390295][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.754513][T23701] usb usb9: usbfs: process 23701 (syz.4.8860) did not claim interface 0 before use [ 252.793780][T23707] netlink: 36 bytes leftover after parsing attributes in process `syz.3.8864'. [ 252.824060][T23713] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8866'. [ 252.933960][T23723] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 252.947148][T23729] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 252.970226][T23723] ext4 filesystem being mounted at /1816/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 253.052209][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 253.151562][T23761] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 253.184154][T23761] ext4 filesystem being mounted at /1294/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 253.200479][T23769] program syz.0.8887 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 253.223592][T23761] EXT4-fs error (device loop5): ext4_acquire_dquot:7001: comm syz.5.8885: Failed to acquire dquot type 0 [ 253.305535][T23784] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 253.335746][T23784] ext4 filesystem being mounted at /1876/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 253.340729][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 253.404445][ T3321] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 253.666347][T23843] usb usb9: usbfs: process 23843 (syz.3.8913) did not claim interface 0 before use [ 253.737116][T23845] ieee802154 phy0 wpan0: encryption failed: -22 [ 253.758088][T23849] set_capacity_and_notify: 5 callbacks suppressed [ 253.758103][T23849] loop5: detected capacity change from 0 to 512 [ 253.806129][T23849] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 253.963025][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.252342][T23899] loop4: detected capacity change from 0 to 512 [ 254.293318][T23899] EXT4-fs (loop4): 1 truncate cleaned up [ 254.299566][T23899] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.329468][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.412020][T23925] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8952'. [ 254.549779][T23949] loop3: detected capacity change from 0 to 1024 [ 254.570085][T23949] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 254.600834][T23949] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 254.612276][T23949] EXT4-fs (loop3): orphan cleanup on readonly fs [ 254.622676][T23949] EXT4-fs warning (device loop3): ext4_enable_quotas:7236: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix. [ 254.640204][T23949] EXT4-fs (loop3): Cannot turn on quotas: error -5 [ 254.658816][T23949] EXT4-fs (loop3): 1 truncate cleaned up [ 254.669374][T23949] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 254.729313][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.922860][T24008] netlink: 'syz.6.8986': attribute type 13 has an invalid length. [ 254.987006][ T28] kauditd_printk_skb: 136 callbacks suppressed [ 254.987022][ T28] audit: type=1400 audit(2000000066.545:23401): avc: denied { read } for pid=24022 comm="syz.4.8992" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 255.020985][T24026] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8993'. [ 255.031889][T24028] netlink: 'syz.4.8994': attribute type 1 has an invalid length. [ 255.047774][T24008] gretap0: refused to change device tx_queue_len [ 255.065843][ T28] audit: type=1400 audit(2000000066.545:23402): avc: denied { kexec_image_load } for pid=24019 comm="syz.3.8991" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1 [ 255.098679][T24008] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 255.143782][ T28] audit: type=1400 audit(2000000066.705:23403): avc: denied { setopt } for pid=24044 comm="syz.3.9000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 255.227739][ T28] audit: type=1400 audit(2000000066.765:23404): avc: denied { execute } for pid=24051 comm="syz.0.9002" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=70216 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 255.310139][ T28] audit: type=1400 audit(2000000066.865:23405): avc: denied { create } for pid=24064 comm="syz.3.9008" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 255.353627][ T28] audit: type=1400 audit(2000000066.905:23406): avc: denied { write } for pid=24064 comm="syz.3.9008" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 255.385177][T24074] netlink: 56 bytes leftover after parsing attributes in process `syz.0.9012'. [ 255.399758][T24077] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9009'. [ 255.444446][ T28] audit: type=1400 audit(2000000066.915:23407): avc: denied { bind } for pid=24068 comm="syz.5.9011" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 255.514513][ T28] audit: type=1400 audit(2000000067.055:23408): avc: denied { connect } for pid=24085 comm="syz.6.9018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 255.567656][ T28] audit: type=1400 audit(2000000067.125:23409): avc: denied { create } for pid=24097 comm="syz.5.9023" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 255.579965][T24101] loop6: detected capacity change from 0 to 1024 [ 255.640794][T24101] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 255.643283][ T28] audit: type=1400 audit(2000000067.205:23410): avc: denied { setopt } for pid=24108 comm="syz.0.9028" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 255.708037][T20949] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.791995][T24127] loop5: detected capacity change from 0 to 512 [ 255.808569][T24127] EXT4-fs warning (device loop5): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 255.828911][T24127] EXT4-fs warning (device loop5): dx_probe:849: Enable large directory feature to access it [ 255.845763][T24127] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.9036: Corrupt directory, running e2fsck is recommended [ 255.862092][T24127] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117 [ 255.870862][T24127] EXT4-fs error (device loop5): ext4_iget_extra_inode:5025: inode #15: comm syz.5.9036: corrupted in-inode xattr: e_name out of bounds [ 255.885069][T24127] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 255.888568][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 255.898882][T24127] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.9036: couldn't read orphan inode 15 (err -117) [ 255.904193][ C1] EXT4-fs (loop5): initial error at time 2000000067: ext4_iget_extra_inode:5025: inode 15 [ 255.926553][T24141] netlink: 16 bytes leftover after parsing attributes in process `syz.6.9040'. [ 255.927402][ C1] EXT4-fs (loop5): last error at time 2000000067: ext4_iget_extra_inode:5025: inode 15 [ 255.950740][T24127] loop5: lost filesystem error report for type 5 error -117 [ 255.960070][T24127] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 256.128381][ T8293] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.139122][T24159] geneve2: entered promiscuous mode [ 256.200863][T24170] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9053'. [ 256.215525][T24170] veth0_to_bond: entered allmulticast mode [ 256.240708][T24170] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9053'. [ 256.281110][T24177] loop5: detected capacity change from 0 to 512 [ 256.288025][T24177] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 256.341056][T24177] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 548) [ 256.453329][T24200] netlink: 'syz.5.9068': attribute type 1 has an invalid length. [ 256.465060][T24198] loop3: detected capacity change from 0 to 2048 [ 256.504315][T24198] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 256.597172][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.605995][T24227] loop6: detected capacity change from 0 to 736 [ 256.920079][T24265] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9098'. [ 257.131790][T24289] netlink: 'syz.4.9111': attribute type 1 has an invalid length. [ 257.229810][T24305] SELinux: Context : is not valid (left unmapped). [ 257.244091][T24309] loop4: detected capacity change from 0 to 1024 [ 257.279422][T24309] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 257.333317][T24309] ext4 filesystem being mounted at /1858/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 257.367374][T24321] loop6: detected capacity change from 0 to 128 [ 257.426079][T24309] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.9121: bg 0: block 112: padding at end of block bitmap is not set [ 257.463499][T24329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9129'. [ 257.527055][T24333] netlink: 64 bytes leftover after parsing attributes in process `syz.6.9131'. [ 257.534960][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 257.554558][ T3005] ================================================================== [ 257.562670][ T3005] BUG: KCSAN: data-race in dentry_unlink_inode / step_into_slowpath [ 257.570666][ T3005] [ 257.573011][ T3005] write to 0xffff88811b4c3930 of 8 bytes by task 8295 on cpu 1: [ 257.580622][ T3005] dentry_unlink_inode+0x65/0x260 [ 257.585655][ T3005] d_delete+0xc8/0xe0 [ 257.589649][ T3005] d_delete_notify+0x32/0x100 [ 257.594313][ T3005] vfs_unlink+0x289/0x490 [ 257.598624][ T3005] filename_unlinkat+0x1e2/0x410 [ 257.603547][ T3005] __se_sys_unlink+0x2b/0xe0 [ 257.608126][ T3005] __x64_sys_unlink+0x1f/0x30 [ 257.612790][ T3005] x64_sys_call+0x2eb6/0x3020 [ 257.617459][ T3005] do_syscall_64+0x12c/0x370 [ 257.622036][ T3005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.627918][ T3005] [ 257.630230][ T3005] read to 0xffff88811b4c3930 of 8 bytes by task 3005 on cpu 0: [ 257.637754][ T3005] step_into_slowpath+0x12c/0x4c0 [ 257.642768][ T3005] path_lookupat+0x330/0x500 [ 257.647344][ T3005] filename_lookup+0x190/0x390 [ 257.652275][ T3005] do_readlinkat+0x74/0x2f0 [ 257.656768][ T3005] __x64_sys_readlink+0x47/0x60 [ 257.661607][ T3005] x64_sys_call+0x2b51/0x3020 [ 257.666310][ T3005] do_syscall_64+0x12c/0x370 [ 257.670881][ T3005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.676766][ T3005] [ 257.679082][ T3005] value changed: 0xffff88810572c938 -> 0x0000000000000000 [ 257.686255][ T3005] [ 257.688560][ T3005] Reported by Kernel Concurrency Sanitizer on: [ 257.694691][ T3005] CPU: 0 UID: 0 PID: 3005 Comm: udevd Tainted: G W syzkaller #0 PREEMPT(full) [ 257.705092][ T3005] Tainted: [W]=WARN [ 257.709227][ T3005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 257.719351][ T3005] ================================================================== [ 259.998657][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog