last executing test programs: 1m22.54376539s ago: executing program 2 (id=1410): r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x88182, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff98, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18) writev(r0, &(0x7f0000000040)=[{&(0x7f0000002500)='\f7', 0x2}, {&(0x7f0000000080)='0', 0x1}], 0x2) 1m22.53659614s ago: executing program 2 (id=1414): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) pipe2(&(0x7f0000001cc0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@access_uid}]}}) 1m22.422677442s ago: executing program 2 (id=1422): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sched_process_fork\x00', r1}, 0x10) syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) 1m22.395006033s ago: executing program 2 (id=1424): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=") close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, 0x0) 1m22.259877506s ago: executing program 2 (id=1428): prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) r0 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) 1m22.153602238s ago: executing program 2 (id=1433): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000001000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x47, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x4cf68d79c8eac253, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x200ed, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x4c58, 0x5, 0x0, 0x4, 0x87, 0x1020002, 0xb, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x1, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r1, 0x0) 1m22.120532379s ago: executing program 32 (id=1433): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000001000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x47, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x4cf68d79c8eac253, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x200ed, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x4c58, 0x5, 0x0, 0x4, 0x87, 0x1020002, 0xb, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x1, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r1, 0x0) 4.720149496s ago: executing program 5 (id=4112): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, 0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe00}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="02091f00050000000000000000000000020007003220000002"], 0x28}}, 0x0) 4.719843446s ago: executing program 5 (id=4113): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18) r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0) pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) lseek(r2, 0x0, 0x3) 3.891277413s ago: executing program 5 (id=4129): syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c04, &(0x7f0000000340), 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=") r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r0, 0x2007ffc) sendfile(r0, r0, 0x0, 0x800000009) r1 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x105042, 0x1db) writev(r1, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1) 3.715098297s ago: executing program 5 (id=4137): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x14004, &(0x7f0000000340), 0xfe, 0x272, &(0x7f0000000cc0)="$eJzs3U1oHGUcB+D/7IdrTJSoF0H8ABHRQIgHQfCiF4WAhCAiqBAR8SSJEBO8ZT158aBnW3LqJZTemvZYegm9FHpN2xzSSw8NPTT00B62zM5u2Ww2ZJv9Kpnngc3Mu/N+zIb5vZmEzEwAuTUZEZ9HRDEipiKiHBFJa4V3s9dko7g+trUQUat9cz+p18vKmWa78YioRsSnEaXmttXNH3Yfbn/1wT8r5ffPbX4/NqzP12pvd+fr/bNzf1+c/Xi10HhvorFs/Rz9lHR4r5REvDaIwZ4TSWnUe0A35v+8cDPN/esR8V49/+UoNCL77/ILV8vx0ZlO7V6OiP/u3Xhz2PsL9FetVk5/BlZrQO4U6ufASWE6IrL1QmF6OjuHv1VM4rel5T+mfl1aWfxl1DMV0AdJNfu9d+fLy5VL4235v1vM8t+VTwa8p8BApPn/dn7jdrq+X2zfOpI/zwGD9la2SPM/9dPah9Ex/8ApU2ktyD/kl/xDfsk/nAInzK78Q37JP+SX/MMpVm6uVDtuln/IL/mH/GrLv3/4gxxpzT8AkC+1yqivQAZGZdTzDwAAAAAAAAAAAAAAAAAAcNj62NZC8zWsMa/9H7H3RUSUDo6fPaisWH8eccSL9a8vPUjSak8lWbOe/PhOjx306Hyfr76eq3RbM/uevnKnv+M/q+tvD6bfvw4Wj7y33dpiRDWtPFMqHT7+k8bxd6wj+3/1mIbln7sboF+StvJn3w13/HaPN0Y7/ux2xJV0/pnpNP8V4o36svP8M9F6i+UT+v1Rjx0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNE8CAAD//yega0w=") open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]}) openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff) 3.456663411s ago: executing program 5 (id=4142): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x18) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) 3.154512217s ago: executing program 5 (id=4152): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x1, 0x0, 0x1, 0xa, 0x21005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r0) sendmsg$NFC_CMD_DEP_LINK_UP(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x6000040}, 0x804) 3.154313687s ago: executing program 33 (id=4152): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x1, 0x0, 0x1, 0xa, 0x21005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r0) sendmsg$NFC_CMD_DEP_LINK_UP(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x6000040}, 0x804) 1.865864293s ago: executing program 6 (id=4179): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x420, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @perf_bp={&(0x7f0000000080)}, 0xea12, 0x0, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x8) 1.728907136s ago: executing program 6 (id=4183): syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c04, &(0x7f0000000340), 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=") r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r0, 0x2007ffc) sendfile(r0, r0, 0x0, 0x800000009) r1 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x105042, 0x1db) writev(r1, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1) 1.52604127s ago: executing program 6 (id=4196): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x1}, 0x18) r1 = epoll_create(0x3ff) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000240)={0xa0000000}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000280)={0x2000000}) 1.463626981s ago: executing program 6 (id=4199): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10) sendmsg$TIPC_CMD_GET_MAX_PORTS(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x1c}, 0x1c}}, 0x0) 1.405318152s ago: executing program 6 (id=4202): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup(r0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}) write$tun(r2, &(0x7f0000000080)=ANY=[@ANYBLOB='\b\x00\x00\r\x00'], 0xfdef) 1.281484294s ago: executing program 4 (id=4209): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000002c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x599, &(0x7f0000001280)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=") r0 = inotify_init1(0x800) inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x60000526) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x0, 0x1aa) getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000) getdents64(r1, 0x0, 0x0) 1.187086386s ago: executing program 4 (id=4219): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50) rseq(&(0x7f0000000580)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) sync() 995.09997ms ago: executing program 4 (id=4222): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b00000000000000"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18) flistxattr(r0, &(0x7f0000000240)=""/115, 0x73) 967.373321ms ago: executing program 4 (id=4225): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000003c0)='io_uring_cqring_wait\x00', r0}, 0x18) r1 = syz_io_uring_setup(0x3827, &(0x7f0000000340)={0x0, 0x13ea, 0x2, 0x0, 0x3c6}, &(0x7f0000000040), &(0x7f0000000140)) io_uring_enter(r1, 0x2241, 0x1b86, 0x1, 0x0, 0x0) 944.197331ms ago: executing program 4 (id=4226): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0x9, @loopback, 0x5}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x9, @loopback, 0x106}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000fffffe7e8ae000"/24, 0x18) write$char_usb(r1, &(0x7f0000000540)="fd11b39d9ee1d722e1825e5b40b085bae6d12c32", 0x14) 906.864852ms ago: executing program 0 (id=4228): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="090829bd7000030000000100000008"], 0x60}, 0x1, 0x0, 0x0, 0x4040}, 0x4004000) 830.518204ms ago: executing program 0 (id=4229): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000001000080000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94) r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r2, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20) bpf$LINK_DETACH(0x22, &(0x7f0000000100)=r3, 0x4) 830.212184ms ago: executing program 1 (id=4230): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000002c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x599, &(0x7f0000001280)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=") r0 = inotify_init1(0x800) inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x60000526) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x0, 0x1aa) getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000) getdents64(r1, 0x0, 0x0) 829.998704ms ago: executing program 0 (id=4231): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xfd, 0x0, 0x1}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50) 829.795914ms ago: executing program 3 (id=4233): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x8, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x18) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)={0x2c, r3, 0xcd3a991b146a25f, 0x70bd2e, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008804}, 0x400a4) 828.296883ms ago: executing program 3 (id=4234): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) rmdir(0x0) 790.876074ms ago: executing program 3 (id=4235): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xb30, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x109}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18) r2 = syz_open_dev$sg(&(0x7f0000000280), 0x0, 0x62c42) ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f00000000c0)=ANY=[]) 762.767325ms ago: executing program 1 (id=4236): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0xf, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x2}, 0x18) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0) setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x2) lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v3, 0x18, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0) 750.363086ms ago: executing program 0 (id=4237): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000003e000701fcfffffff6dbdf25017c0000080003"], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) 721.925956ms ago: executing program 3 (id=4238): r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x200, 0x2) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x6, 0x2fd, 0x0, 0x0, 0x0, 0x0}) 721.390406ms ago: executing program 1 (id=4239): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10) sendmsg$TIPC_CMD_GET_MAX_PORTS(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x1c}, 0x1c}}, 0x0) 720.387736ms ago: executing program 3 (id=4249): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000001000012700000000000000000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r2, 0xffffffffffffffff, 0x100000000000000) 129.441867ms ago: executing program 6 (id=4240): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) write$P9_RREAD(r1, &(0x7f0000000580)={0x69, 0x75, 0x2, {0x5e, "e34a888bad6c22dcb43a375185af1585651f6bf8b50adacd3af1844943de54cd643c0c39c6d9bc2cc024e7099e09acff7bcd803a6887c09ac5aaadf5a75c5b20161ae4a7a129844322662fc865be98b6891a5b3e2127ef1bc89e84525d27"}}, 0x69) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7fffeffd) 129.239297ms ago: executing program 3 (id=4241): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r0}, 0x18) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x40}]}) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x10) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r1, 0xffffffffffffffff, 0x100000000000000) 125.677718ms ago: executing program 0 (id=4251): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xa, 0xfe, 0x7fff, 0xcc}, 0x50) 121.116447ms ago: executing program 1 (id=4242): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x400200, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x88c02, 0x0) write$cgroup_int(r2, 0x0, 0x2) 30.54456ms ago: executing program 1 (id=4243): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2000003, 0x13, r2, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) 2.50462ms ago: executing program 0 (id=4244): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000300)={'wg1\x00', 0x0}) sendmsg$ETHTOOL_MSG_WOL_GET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010030bd7400fddbdf251f0000002000018008000100", @ANYRES32=r3, @ANYBLOB="14000200776731"], 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x880) 2.21781ms ago: executing program 4 (id=4245): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x2}, 0x18) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r2) sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="bbfb2bbd7000fddbdf25670000000800c400020000000800c3"], 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x0) 0s ago: executing program 1 (id=4246): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x20, 0x0) mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0) kernel console output (not intermixed with test programs): T8127] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.328050][ T8127] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.403004][ T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.421970][ T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.438623][ T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.447737][ T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.486945][ T8153] netlink: 'syz.4.2003': attribute type 1 has an invalid length. [ 105.499212][ T8151] vhci_hcd: invalid port number 96 [ 105.504391][ T8151] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 105.543989][ T8153] 8021q: adding VLAN 0 to HW filter on device bond2 [ 105.737951][ T8180] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 105.748411][ T8180] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.779796][ T8180] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 105.790215][ T8180] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.869206][ T8180] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 105.879736][ T8180] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.948161][ T8180] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 105.958610][ T8180] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.049062][ T4467] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 106.057309][ T4467] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.077005][ T4467] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 106.085246][ T4467] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.148237][ T4467] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 106.156537][ T4467] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.175850][ T4467] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 106.184328][ T4467] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.420130][ T29] kauditd_printk_skb: 172 callbacks suppressed [ 106.420144][ T29] audit: type=1326 audit(106.408:2395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.5.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c293eec9 code=0x7ffc0000 [ 106.459599][ T29] audit: type=1326 audit(106.438:2396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.5.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34c293eec9 code=0x7ffc0000 [ 106.482476][ T29] audit: type=1326 audit(106.438:2397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.5.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c293eec9 code=0x7ffc0000 [ 106.505369][ T29] audit: type=1326 audit(106.438:2398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.5.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34c293eec9 code=0x7ffc0000 [ 106.528299][ T29] audit: type=1326 audit(106.448:2399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.5.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c293eec9 code=0x7ffc0000 [ 106.551660][ T29] audit: type=1326 audit(106.448:2400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.5.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34c293eec9 code=0x7ffc0000 [ 106.574502][ T29] audit: type=1326 audit(106.448:2401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.5.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c293eec9 code=0x7ffc0000 [ 106.597396][ T29] audit: type=1326 audit(106.448:2402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.5.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f34c293eec9 code=0x7ffc0000 [ 106.620349][ T29] audit: type=1326 audit(106.448:2403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.5.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c293eec9 code=0x7ffc0000 [ 106.643213][ T29] audit: type=1326 audit(106.448:2404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.5.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c293eec9 code=0x7ffc0000 [ 106.716092][ T8220] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.773030][ T8220] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.830828][ T8220] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.920039][ T8220] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.974880][ T4467] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.986288][ T4467] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.999325][ T4467] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.032125][ T4467] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.114830][ T8239] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 107.969359][ T8264] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.024781][ T8264] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.093511][ T8264] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.190143][ T8264] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.300816][ T4458] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.332116][ T4458] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.345885][ T4458] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.361416][ T4458] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.715663][ T8325] loop3: detected capacity change from 0 to 8192 [ 109.198198][ T8347] SELinux: failed to load policy [ 109.511493][ T8380] loop0: detected capacity change from 0 to 1024 [ 109.519401][ T8380] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 109.531638][ T8382] __nla_validate_parse: 4 callbacks suppressed [ 109.531658][ T8382] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2106'. [ 109.559395][ T8380] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.575582][ T8380] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 109.614869][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.664058][ T8402] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 109.673971][ T8402] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.706136][ T8410] netlink: 'syz.0.2118': attribute type 6 has an invalid length. [ 109.738077][ T8402] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 109.748063][ T8402] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.774447][ T8416] loop0: detected capacity change from 0 to 512 [ 109.781155][ T8416] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 109.798131][ T8402] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 109.808133][ T8402] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.857939][ T8402] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 109.867812][ T8402] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.943997][ T4472] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 109.952330][ T4472] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.963861][ T4472] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 109.972122][ T4472] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.983903][ T4472] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 109.992162][ T4472] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.003785][ T4472] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 110.012043][ T4472] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.311936][ T8436] netlink: 'syz.4.2129': attribute type 4 has an invalid length. [ 110.374299][ T8446] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.413497][ T8454] netlink: 'syz.4.2138': attribute type 10 has an invalid length. [ 110.428787][ T8446] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.479089][ T8446] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.589022][ T8446] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.727009][ T8476] 9pnet_fd: p9_fd_create_tcp (8476): problem connecting socket to 127.0.0.1 [ 111.039322][ T8488] syzkaller1: entered promiscuous mode [ 111.044904][ T8488] syzkaller1: entered allmulticast mode [ 111.488116][ T29] kauditd_printk_skb: 134 callbacks suppressed [ 111.488134][ T29] audit: type=1326 audit(111.478:2539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8514 comm="syz.1.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 111.517172][ T29] audit: type=1326 audit(111.478:2540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8514 comm="syz.1.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 111.549002][ T29] audit: type=1326 audit(111.478:2541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8514 comm="syz.1.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 111.571852][ T29] audit: type=1326 audit(111.478:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8514 comm="syz.1.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 111.594655][ T29] audit: type=1326 audit(111.478:2543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8514 comm="syz.1.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 111.638619][ T29] audit: type=1400 audit(111.628:2544): avc: denied { write } for pid=8518 comm="syz.3.2167" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 111.669516][ T8519] vhci_hcd: invalid port number 96 [ 111.669824][ T29] audit: type=1400 audit(111.658:2545): avc: denied { map } for pid=8518 comm="syz.3.2167" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 111.674669][ T8519] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 111.728876][ T29] audit: type=1400 audit(111.718:2546): avc: denied { sys_module } for pid=8516 comm="syz.1.2168" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 111.783449][ T8526] syzkaller1: entered promiscuous mode [ 111.789084][ T8526] syzkaller1: entered allmulticast mode [ 112.012410][ T4510] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.024345][ T4456] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.036809][ T29] audit: type=1326 audit(112.018:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8550 comm="syz.4.2178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f952eec9 code=0x7ffc0000 [ 112.059735][ T29] audit: type=1326 audit(112.018:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8550 comm="syz.4.2178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f952eec9 code=0x7ffc0000 [ 112.084039][ T4456] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.103784][ T4456] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.235625][ T8563] vhci_hcd: invalid port number 96 [ 112.241095][ T8563] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 112.547884][ T8591] SELinux: failed to load policy [ 112.633190][ T8605] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.807355][ T8605] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.927359][ T8605] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.950458][ T8634] SELinux: ebitmap: truncated map [ 112.956892][ T8634] SELinux: failed to load policy [ 112.988535][ T8605] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.091030][ T4456] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.118868][ T4456] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.138914][ T4456] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.157474][ T4456] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.238053][ T8658] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2226'. [ 113.328800][ T8670] vhci_hcd: invalid port number 96 [ 113.333959][ T8670] vhci_hcd: default hub control req: 0300 v0800 i0060 l0 [ 113.689830][ T8719] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 113.696401][ T8719] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 113.704072][ T8719] vhci_hcd vhci_hcd.0: Device attached [ 113.723400][ T8720] vhci_hcd: connection closed [ 113.723694][ T4474] vhci_hcd: stop threads [ 113.732837][ T4474] vhci_hcd: release socket [ 113.737397][ T4474] vhci_hcd: disconnect device [ 113.763440][ T8729] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2258'. [ 113.772538][ T8729] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2258'. [ 113.781727][ T8729] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2258'. [ 113.912897][ T8756] loop4: detected capacity change from 0 to 1024 [ 113.920234][ T8756] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 113.931296][ T8756] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 113.941862][ T8756] JBD2: no valid journal superblock found [ 113.947659][ T8756] EXT4-fs (loop4): Could not load journal inode [ 113.957380][ T8756] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 114.044883][ T8770] netem: change failed [ 114.071584][ T8772] netlink: 'syz.4.2277': attribute type 3 has an invalid length. [ 114.113280][ T8776] loop4: detected capacity change from 0 to 128 [ 114.206520][ T8784] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 114.219438][ T8784] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 114.453343][ T8808] bond2: entered promiscuous mode [ 114.458548][ T8808] bond2: entered allmulticast mode [ 114.466832][ T8808] 8021q: adding VLAN 0 to HW filter on device bond2 [ 114.478512][ T8808] bond2 (unregistering): Released all slaves [ 114.498837][ T8811] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2293'. [ 114.507824][ T8811] netlink: 120 bytes leftover after parsing attributes in process `syz.1.2293'. [ 114.518721][ T8811] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2293'. [ 114.605281][ T8820] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 114.614076][ T8820] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 115.454293][ T8851] loop3: detected capacity change from 0 to 512 [ 115.462404][ T8851] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 115.474912][ T8851] EXT4-fs (loop3): 1 truncate cleaned up [ 115.481069][ T8851] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.551855][ T6918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.588240][ T8863] netlink: 'syz.3.2315': attribute type 10 has an invalid length. [ 115.599259][ T8863] team0: Device hsr_slave_0 failed to register rx_handler [ 116.062377][ T8896] loop4: detected capacity change from 0 to 512 [ 116.074928][ T8896] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 116.138407][ T8903] syzkaller1: entered promiscuous mode [ 116.143936][ T8903] syzkaller1: entered allmulticast mode [ 116.384417][ T8936] SELinux: failed to load policy [ 116.470476][ T8946] loop0: detected capacity change from 0 to 512 [ 116.491006][ T8946] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.514813][ T29] kauditd_printk_skb: 179 callbacks suppressed [ 116.514833][ T29] audit: type=1400 audit(116.498:2728): avc: denied { create } for pid=8951 comm="syz.4.2355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 116.541774][ T29] audit: type=1400 audit(116.498:2729): avc: denied { bind } for pid=8951 comm="syz.4.2355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 116.582188][ T29] audit: type=1400 audit(116.548:2730): avc: denied { read } for pid=8953 comm="syz.3.2354" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 116.605114][ T29] audit: type=1400 audit(116.548:2731): avc: denied { open } for pid=8953 comm="syz.3.2354" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 116.628505][ T29] audit: type=1400 audit(116.548:2732): avc: denied { ioctl } for pid=8953 comm="syz.3.2354" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 116.655264][ T29] audit: type=1400 audit(116.618:2733): avc: denied { write open } for pid=8945 comm="syz.0.2352" path="/508/file1/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 116.677810][ T29] audit: type=1400 audit(116.618:2734): avc: denied { append } for pid=8945 comm="syz.0.2352" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 116.699530][ T29] audit: type=1400 audit(116.618:2735): avc: denied { ioctl } for pid=8945 comm="syz.0.2352" path="/508/file1/file1" dev="loop0" ino=15 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 116.745969][ T29] audit: type=1400 audit(116.648:2736): avc: denied { bind } for pid=8956 comm="syz.1.2356" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 116.765508][ T29] audit: type=1400 audit(116.648:2737): avc: denied { name_bind } for pid=8956 comm="syz.1.2356" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 116.787961][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.836437][ T8978] netlink: 'syz.0.2366': attribute type 10 has an invalid length. [ 116.846057][ T8978] team0: Device hsr_slave_0 failed to register rx_handler [ 117.112475][ T9021] netlink: 'syz.0.2385': attribute type 3 has an invalid length. [ 117.167640][ T9032] serio: Serial port ptm0 [ 117.198985][ T9036] capability: warning: `syz.0.2393' uses deprecated v2 capabilities in a way that may be insecure [ 117.496016][ T9083] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2415'. [ 117.507790][ T9083] xfrm1: entered promiscuous mode [ 117.512924][ T9083] xfrm1: entered allmulticast mode [ 117.520353][ T9083] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2415'. [ 117.658957][ T9103] loop5: detected capacity change from 0 to 512 [ 117.666353][ T9103] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 117.680956][ T9103] EXT4-fs (loop5): 1 truncate cleaned up [ 117.693577][ T9103] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.793597][ T9116] SELinux: failed to load policy [ 117.795533][ T6799] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.032761][ T9151] loop4: detected capacity change from 0 to 512 [ 118.034577][ T9152] loop5: detected capacity change from 0 to 512 [ 118.055985][ T9152] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 118.071289][ T9151] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 118.081836][ T9156] SELinux: failed to load policy [ 118.091078][ T9151] EXT4-fs (loop4): 1 truncate cleaned up [ 118.097372][ T9151] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.205107][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.260687][ T9183] veth1_to_bridge: entered promiscuous mode [ 118.267271][ T9183] veth1_to_bridge: left promiscuous mode [ 118.301728][ T9186] loop1: detected capacity change from 0 to 512 [ 118.316803][ T9186] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 118.330287][ T9194] SELinux: failed to load policy [ 118.383855][ T9203] loop0: detected capacity change from 0 to 512 [ 118.392388][ T9205] loop5: detected capacity change from 0 to 128 [ 118.400631][ T9203] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 118.434411][ T9203] EXT4-fs (loop0): 1 truncate cleaned up [ 118.445403][ T9203] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.544972][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.833124][ T9223] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=263 sclass=netlink_audit_socket pid=9223 comm=syz.0.2479 [ 118.908128][ T9230] SELinux: Context system_u:object_r:framebuf_device_t:s0 is not valid (left unmapped). [ 118.936493][ T9234] netlink: 'syz.5.2482': attribute type 3 has an invalid length. [ 119.021068][ T9252] serio: Serial port ptm0 [ 119.547640][ T9302] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2511'. [ 120.122314][ T9339] loop0: detected capacity change from 0 to 1024 [ 120.158317][ T9339] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 120.169370][ T9339] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 120.182478][ T9339] JBD2: no valid journal superblock found [ 120.188367][ T9339] EXT4-fs (loop0): Could not load journal inode [ 120.200551][ T9339] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 120.738080][ T9378] loop5: detected capacity change from 0 to 1024 [ 120.745383][ T9378] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 120.756613][ T9378] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 120.768040][ T9378] JBD2: no valid journal superblock found [ 120.773801][ T9378] EXT4-fs (loop5): Could not load journal inode [ 120.799370][ T9378] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 120.884560][ T9403] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2564'. [ 120.907879][ T9403] xfrm1: entered promiscuous mode [ 120.912959][ T9403] xfrm1: entered allmulticast mode [ 120.920271][ T9403] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2564'. [ 121.763871][ T9431] bond2: entered promiscuous mode [ 121.769073][ T9431] bond2: entered allmulticast mode [ 121.779834][ T9431] 8021q: adding VLAN 0 to HW filter on device bond2 [ 121.800139][ T9431] bond2 (unregistering): Released all slaves [ 121.902424][ T29] kauditd_printk_skb: 142 callbacks suppressed [ 121.902442][ T29] audit: type=1400 audit(121.888:2880): avc: denied { create } for pid=9460 comm="syz.1.2580" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 121.937125][ T29] audit: type=1326 audit(121.928:2881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9460 comm="syz.1.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 121.960137][ T29] audit: type=1326 audit(121.928:2882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9460 comm="syz.1.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 121.989859][ T29] audit: type=1326 audit(121.928:2883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9460 comm="syz.1.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 122.012761][ T29] audit: type=1326 audit(121.928:2884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9460 comm="syz.1.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 122.035730][ T29] audit: type=1326 audit(121.928:2885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9460 comm="syz.1.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 122.058690][ T29] audit: type=1326 audit(121.928:2886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9460 comm="syz.1.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 122.081684][ T29] audit: type=1326 audit(121.928:2887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9460 comm="syz.1.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 122.104590][ T29] audit: type=1326 audit(121.928:2888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9460 comm="syz.1.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 122.127477][ T29] audit: type=1326 audit(121.928:2889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9460 comm="syz.1.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 122.225087][ T9483] netlink: 'syz.0.2591': attribute type 10 has an invalid length. [ 122.257848][ T9488] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 122.272669][ T9488] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 122.494598][ T9520] netlink: 'syz.1.2610': attribute type 10 has an invalid length. [ 122.539710][ T9522] vhci_hcd: invalid port number 96 [ 122.544986][ T9522] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 122.671164][ T9538] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 122.686098][ T9538] 8021q: adding VLAN 0 to HW filter on device macvlan1 [ 123.240852][ T9555] netlink: 'syz.5.2636': attribute type 10 has an invalid length. [ 123.420352][ T9570] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=263 sclass=netlink_audit_socket pid=9570 comm=syz.4.2632 [ 123.549491][ T9583] loop4: detected capacity change from 0 to 1024 [ 123.608003][ T9583] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 123.648941][ T9583] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 123.768420][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.852795][ T9611] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2646'. [ 123.923690][ T9620] netlink: 'syz.3.2652': attribute type 10 has an invalid length. [ 124.692780][ T9657] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 124.716867][ T9659] netlink: 12 bytes leftover after parsing attributes in process `+}[@'. [ 124.756485][ T9659] netlink: 12 bytes leftover after parsing attributes in process `+}[@'. [ 124.796466][ T9672] loop1: detected capacity change from 0 to 512 [ 124.800033][ T9659] netlink: 12 bytes leftover after parsing attributes in process `+}[@'. [ 124.812103][ T9672] EXT4-fs (loop1): filesystem is read-only [ 124.818523][ T9672] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 124.841882][ T9672] EXT4-fs (loop1): filesystem is read-only [ 124.847803][ T9672] EXT4-fs (loop1): orphan cleanup on readonly fs [ 124.856828][ T9672] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #16: comm syz.1.2676: iget: bad i_size value: 648518346341360424 [ 124.881747][ T9672] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2676: couldn't read orphan inode 16 (err -117) [ 124.901868][ T9681] pim6reg: entered allmulticast mode [ 124.909798][ T9681] pim6reg: left allmulticast mode [ 124.923200][ T9622] 9pnet_fd: p9_fd_create_tcp (9622): problem connecting socket to 127.0.0.1 [ 124.924961][ T9672] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 124.961366][ T9683] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 125.007821][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.031090][ T9691] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2685'. [ 125.043596][ T9692] IPv6: sit1: Disabled Multicast RS [ 125.050279][ T9692] sit1: entered allmulticast mode [ 125.076997][ T4471] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 125.085498][ T9691] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2685'. [ 125.094589][ T4471] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 125.107536][ T4471] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 125.134800][ T4471] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 125.200763][ T9711] 9pnet_fd: p9_fd_create_tcp (9711): problem connecting socket to 127.0.0.1 [ 125.213470][ T9717] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 125.276755][ T9725] netlink: 'syz.1.2700': attribute type 10 has an invalid length. [ 125.291924][ T9729] loop4: detected capacity change from 0 to 512 [ 125.320317][ T9729] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.360091][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.431155][ T9755] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 125.465870][ T9762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2711'. [ 125.474830][ T9762] netlink: 'syz.1.2711': attribute type 15 has an invalid length. [ 125.482760][ T9762] netlink: 'syz.1.2711': attribute type 18 has an invalid length. [ 125.498959][ T9762] vxlan0: entered promiscuous mode [ 125.504814][ T4474] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 125.514416][ T4474] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 125.522970][ T4474] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 125.532664][ T4474] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 125.769015][ T9799] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.878398][ T9799] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.938240][ T9799] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.998494][ T9799] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.064421][ T4474] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.076753][ T4474] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.087557][ T4474] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.098387][ T4474] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.280259][ T9758] 9pnet_fd: p9_fd_create_tcp (9758): problem connecting socket to 127.0.0.1 [ 126.311746][ T9841] loop3: detected capacity change from 0 to 1024 [ 126.339723][ T9841] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.359370][ T9848] loop1: detected capacity change from 0 to 512 [ 126.370235][ T6918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.382234][ T9848] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.404219][ T9853] loop5: detected capacity change from 0 to 512 [ 126.413244][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.424264][ T9853] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.459009][ T6799] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.702841][ T9886] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2765'. [ 126.719811][ T9886] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2765'. [ 126.736090][ T9889] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0) [ 126.761439][ T9889] SELinux: failed to load policy [ 126.927643][ T9914] loop5: detected capacity change from 0 to 512 [ 126.953240][ T29] kauditd_printk_skb: 105 callbacks suppressed [ 126.953258][ T29] audit: type=1326 audit(126.948:2995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9916 comm="syz.1.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 126.982357][ T29] audit: type=1326 audit(126.948:2996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9916 comm="syz.1.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 127.005079][ T29] audit: type=1326 audit(126.948:2997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9916 comm="syz.1.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 127.027966][ T29] audit: type=1326 audit(126.948:2998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9916 comm="syz.1.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 127.050727][ T29] audit: type=1326 audit(126.948:2999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9916 comm="syz.1.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 127.144270][ T9922] netlink: 12 bytes leftover after parsing attributes in process `+}[@'. [ 127.189703][ T29] audit: type=1326 audit(127.163:3000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9930 comm="syz.1.2794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 127.212744][ T29] audit: type=1326 audit(127.163:3001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9930 comm="syz.1.2794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 127.266771][ T9931] netlink: 'syz.4.2786': attribute type 1 has an invalid length. [ 127.269060][ T29] audit: type=1326 audit(127.163:3002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9930 comm="syz.1.2794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 127.297476][ T29] audit: type=1326 audit(127.163:3003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9930 comm="syz.1.2794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 127.320615][ T29] audit: type=1326 audit(127.182:3004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9930 comm="syz.1.2794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 127.465755][ T9963] loop3: detected capacity change from 0 to 512 [ 127.496866][ T9963] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.540918][ T6918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.612059][ T9976] loop0: detected capacity change from 0 to 512 [ 127.658848][ T9976] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.713808][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.898830][T10010] openvswitch: netlink: Message has 6 unknown bytes. [ 128.447770][ T36] hid_parser_main: 96 callbacks suppressed [ 128.447814][ T36] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 128.461056][ T36] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 128.468784][ T36] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 128.499415][ T36] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 128.506924][ T36] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 128.514564][ T36] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 128.522043][ T36] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 128.529446][ T36] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 128.536919][ T36] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 128.544361][ T36] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 128.553319][ T36] hid-generic 0000:0000:0000.0004: hidraw0: HID v8.00 Device [syz0] on syz0 [ 128.951168][T10018] 9pnet_fd: p9_fd_create_tcp (10018): problem connecting socket to 127.0.0.1 [ 129.063700][T10091] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.081629][T10093] loop0: detected capacity change from 0 to 1024 [ 129.088539][T10093] EXT4-fs: Ignoring removed oldalloc option [ 129.094534][T10093] EXT4-fs: Ignoring removed bh option [ 129.107176][T10093] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.153420][T10091] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.191357][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.221207][T10091] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.297675][T10104] SELinux: ebitmap start bit (8192) is beyond the end of the bitmap (1472) [ 129.308459][T10104] SELinux: failed to load policy [ 129.318151][T10091] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.390629][ T4502] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.430149][ T4502] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.468777][ T4502] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.490884][ T4502] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.087766][T10139] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 130.107100][T10139] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 130.425669][T10115] 9pnet_fd: p9_fd_create_tcp (10115): problem connecting socket to 127.0.0.1 [ 130.626127][T10158] loop1: detected capacity change from 0 to 512 [ 130.745576][T10168] openvswitch: netlink: Message has 6 unknown bytes. [ 130.784883][T10172] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.842465][T10172] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.902704][T10183] loop3: detected capacity change from 0 to 512 [ 130.981115][T10172] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.045117][T10172] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.916863][T10213] loop3: detected capacity change from 0 to 128 [ 131.989797][T10218] __nla_validate_parse: 5 callbacks suppressed [ 131.989814][T10218] netlink: 80 bytes leftover after parsing attributes in process `syz.0.2914'. [ 132.158460][ T36] hid-generic 0003:0004:0000.0005: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 132.242019][T10244] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2929'. [ 132.270996][T10241] SELinux: ebitmap start bit (8192) is beyond the end of the bitmap (1472) [ 132.284844][T10241] SELinux: failed to load policy [ 132.323103][ T29] kauditd_printk_skb: 82 callbacks suppressed [ 132.323122][ T29] audit: type=1400 audit(131.962:3087): avc: denied { watch_reads } for pid=10254 comm="syz.3.2934" path="/proc/660" dev="proc" ino=28888 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 132.447572][ T29] audit: type=1400 audit(132.065:3088): avc: denied { create } for pid=10260 comm="syz.3.2937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 132.450309][T10266] loop3: detected capacity change from 0 to 512 [ 132.466525][ T29] audit: type=1400 audit(132.065:3089): avc: denied { bind } for pid=10260 comm="syz.3.2937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 132.491560][ T29] audit: type=1400 audit(132.065:3090): avc: denied { listen } for pid=10260 comm="syz.3.2937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 132.533596][T10266] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 132.612605][ T6918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.700996][ T29] audit: type=1326 audit(132.327:3091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10281 comm="syz.1.2944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 132.723994][ T29] audit: type=1326 audit(132.327:3092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10281 comm="syz.1.2944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 132.748225][ T29] audit: type=1326 audit(132.364:3093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10281 comm="syz.1.2944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 132.771162][ T29] audit: type=1326 audit(132.364:3094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10281 comm="syz.1.2944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 132.794082][ T29] audit: type=1326 audit(132.364:3095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10281 comm="syz.1.2944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 132.817103][ T29] audit: type=1326 audit(132.364:3096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10281 comm="syz.1.2944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc92c2beec9 code=0x7ffc0000 [ 132.893517][T10285] loop1: detected capacity change from 0 to 512 [ 132.904482][T10285] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 132.928794][T10285] EXT4-fs (loop1): 1 truncate cleaned up [ 132.938740][T10285] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 132.979827][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.046804][T10295] netem: incorrect gi model size [ 133.051872][T10295] netem: change failed [ 133.056833][T10297] random: crng reseeded on system resumption [ 133.229398][ T4465] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.241475][ T4510] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.252375][ T4510] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.263735][ T4510] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.332746][T10310] netlink: 1347 bytes leftover after parsing attributes in process `syz.4.2957'. [ 133.345957][T10311] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10311 comm=syz.5.2956 [ 133.358628][T10311] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=10311 comm=syz.5.2956 [ 133.400061][ T3392] hid-generic 0003:0004:0000.0006: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 133.426531][T10317] rdma_op ffff8881218ebd80 conn xmit_rdma 0000000000000000 [ 133.474191][T10319] loop4: detected capacity change from 0 to 512 [ 133.510965][T10319] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 133.525618][T10329] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2964'. [ 133.546368][T10329] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2964'. [ 133.598978][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.683336][T10349] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10349 comm=syz.4.2974 [ 133.696014][T10349] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=10349 comm=syz.4.2974 [ 133.820669][T10363] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2980'. [ 133.890713][T10370] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2982'. [ 133.937379][T10370] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2982'. [ 133.981638][T10376] netlink: 1347 bytes leftover after parsing attributes in process `syz.0.2985'. [ 134.085585][T10380] netlink: 'syz.0.2987': attribute type 12 has an invalid length. [ 134.087923][ T10] hid_parser_main: 55 callbacks suppressed [ 134.087946][ T10] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 134.106789][ T10] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 134.114217][ T10] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 134.121773][ T10] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 134.129252][ T10] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 134.136903][ T10] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 134.144415][ T10] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 134.151920][ T10] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 134.159368][ T10] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 134.167034][ T10] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 134.220100][ T10] hid-generic 0003:0004:0000.0007: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 134.278937][T10390] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2990'. [ 134.635556][T10424] loop5: detected capacity change from 0 to 512 [ 134.657485][T10424] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.700801][ T6799] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.776366][T10441] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 134.808999][T10442] pimreg: entered allmulticast mode [ 134.935364][T10446] pimreg: left allmulticast mode [ 135.052673][T10454] program syz.0.3019 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 135.097062][T10456] pim6reg1: entered promiscuous mode [ 135.102400][T10456] pim6reg1: entered allmulticast mode [ 135.297871][ C1] sd 0:0:1:0: [sda] tag#5724 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 135.308308][ C1] sd 0:0:1:0: [sda] tag#5724 CDB: Write(6) 0a 00 4e 21 ff ff [ 135.497753][T10477] loop5: detected capacity change from 0 to 512 [ 135.526600][T10481] pimreg: entered allmulticast mode [ 135.546790][T10477] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 135.564543][T10481] pimreg: left allmulticast mode [ 135.589340][T10483] netlink: 'syz.0.3034': attribute type 29 has an invalid length. [ 135.639980][T10489] loop5: detected capacity change from 0 to 128 [ 135.649948][T10488] netlink: 'syz.0.3034': attribute type 29 has an invalid length. [ 135.674623][T10489] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 135.718612][ T6799] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 136.083429][T10527] random: crng reseeded on system resumption [ 136.150939][T10536] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 136.150939][T10536] program syz.4.3056 not setting count and/or reply_len properly [ 136.193404][T10538] loop1: detected capacity change from 0 to 1024 [ 136.200472][T10538] EXT4-fs: inline encryption not supported [ 136.222121][T10538] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.343578][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.539856][T10565] random: crng reseeded on system resumption [ 136.596646][T10570] ALSA: seq fatal error: cannot create timer (-22) [ 136.655408][T10575] IPVS: Error joining to the multicast group [ 137.209140][T10633] ALSA: seq fatal error: cannot create timer (-19) [ 137.673169][T10638] loop4: detected capacity change from 0 to 512 [ 137.723094][T10638] EXT4-fs (loop4): orphan cleanup on readonly fs [ 137.745799][T10638] EXT4-fs error (device loop4): ext4_quota_enable:7128: comm syz.4.3103: inode #218103808: comm syz.4.3103: iget: illegal inode # [ 137.788369][T10638] EXT4-fs error (device loop4): ext4_quota_enable:7131: comm syz.4.3103: Bad quota inode: 218103808, type: 2 [ 137.810973][T10638] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix. [ 137.832090][T10656] ALSA: seq fatal error: cannot create timer (-22) [ 137.866980][T10638] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 137.881631][T10658] ip6gre1: entered allmulticast mode [ 137.897128][T10638] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 137.942687][T10668] loop3: detected capacity change from 0 to 512 [ 137.953611][ T29] kauditd_printk_skb: 77 callbacks suppressed [ 137.953628][ T29] audit: type=1400 audit(137.238:3174): avc: denied { remount } for pid=10635 comm="syz.4.3103" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 137.974991][T10667] loop0: detected capacity change from 0 to 8192 [ 137.981521][T10668] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 137.998151][T10638] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 138.016834][T10638] EXT4-fs error (device loop4): ext4_quota_enable:7128: comm syz.4.3103: inode #218103808: comm syz.4.3103: iget: illegal inode # [ 138.023193][T10667] FAT-fs (loop0): error, clusters badly computed (2 != 1) [ 138.037540][T10667] FAT-fs (loop0): Filesystem has been set read-only [ 138.037653][T10638] EXT4-fs error (device loop4): ext4_quota_enable:7131: comm syz.4.3103: Bad quota inode: 218103808, type: 2 [ 138.074871][T10638] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix. [ 138.113348][T10677] __nla_validate_parse: 6 callbacks suppressed [ 138.113366][T10677] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3119'. [ 138.130257][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.131602][T10679] netlink: 'syz.5.3121': attribute type 1 has an invalid length. [ 138.147173][T10679] netlink: 'syz.5.3121': attribute type 6 has an invalid length. [ 138.154920][T10679] netlink: 'syz.5.3121': attribute type 3 has an invalid length. [ 138.162728][T10679] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3121'. [ 138.366691][ T29] audit: type=1400 audit(137.622:3175): avc: denied { relabelfrom } for pid=10704 comm="syz.5.3135" name="NETLINK" dev="sockfs" ino=30311 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 138.390629][ T29] audit: type=1400 audit(137.622:3176): avc: denied { relabelto } for pid=10704 comm="syz.5.3135" name="NETLINK" dev="sockfs" ino=30311 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_tcpdiag_socket permissive=1 [ 138.592921][T10732] ALSA: seq fatal error: cannot create timer (-19) [ 138.695292][ T29] audit: type=1400 audit(137.921:3177): avc: denied { bind } for pid=10748 comm="syz.4.3154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 138.906585][ T29] audit: type=1400 audit(138.127:3178): avc: denied { setopt } for pid=10771 comm="syz.5.3164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 138.951188][T10782] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3170'. [ 138.991011][ T29] audit: type=1326 audit(138.202:3179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10788 comm="syz.3.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 139.013995][ T29] audit: type=1326 audit(138.202:3180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10788 comm="syz.3.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 139.038457][ T29] audit: type=1326 audit(138.249:3181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10788 comm="syz.3.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 139.061530][ T29] audit: type=1326 audit(138.249:3182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10788 comm="syz.3.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 139.084477][ T29] audit: type=1326 audit(138.249:3183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10788 comm="syz.3.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 139.281044][T10828] random: crng reseeded on system resumption [ 139.375560][T10840] can0: slcan on ttyS3. [ 139.382554][T10836] loop3: detected capacity change from 0 to 4096 [ 139.391497][T10836] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 139.403516][T10836] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.434556][T10840] can0 (unregistered): slcan off ttyS3. [ 139.447927][T10840] can0: slcan on ttyS3. [ 139.509350][T10839] can0 (unregistered): slcan off ttyS3. [ 139.643444][ T6918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.858773][T10852] loop3: detected capacity change from 0 to 512 [ 139.871997][T10852] EXT4-fs (loop3): orphan cleanup on readonly fs [ 139.888570][T10852] EXT4-fs error (device loop3): ext4_quota_enable:7128: comm syz.3.3197: inode #218103808: comm syz.3.3197: iget: illegal inode # [ 139.923380][T10852] EXT4-fs error (device loop3): ext4_quota_enable:7131: comm syz.3.3197: Bad quota inode: 218103808, type: 2 [ 139.955980][T10852] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix. [ 139.986514][T10852] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 140.015535][T10852] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 140.035531][T10868] SELinux: security_context_str_to_sid () failed with errno=-22 [ 140.090988][T10852] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 140.140992][T10852] EXT4-fs error (device loop3): ext4_quota_enable:7128: comm syz.3.3197: inode #218103808: comm syz.3.3197: iget: illegal inode # [ 140.159806][T10884] netlink: 'syz.0.3212': attribute type 3 has an invalid length. [ 140.179178][T10852] EXT4-fs error (device loop3): ext4_quota_enable:7131: comm syz.3.3197: Bad quota inode: 218103808, type: 2 [ 140.199379][T10852] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix. [ 140.229068][ T6918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.251871][T10899] loop0: detected capacity change from 0 to 512 [ 140.261090][T10899] EXT4-fs: Ignoring removed oldalloc option [ 140.267105][T10899] EXT4-fs: inline encryption not supported [ 140.273199][T10899] EXT4-fs: Ignoring removed mblk_io_submit option [ 140.281675][T10899] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 140.313904][T10899] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3219: bg 0: block 64: padding at end of block bitmap is not set [ 140.338532][T10899] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.3219: Failed to acquire dquot type 0 [ 140.365250][T10899] EXT4-fs (loop0): 1 truncate cleaned up [ 140.383085][T10899] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.398098][T10915] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3225'. [ 140.407230][T10915] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3225'. [ 140.436864][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.051753][T10931] loop0: detected capacity change from 0 to 512 [ 141.076547][T10931] EXT4-fs (loop0): orphan cleanup on readonly fs [ 141.083400][T10931] EXT4-fs error (device loop0): ext4_quota_enable:7128: comm syz.0.3228: inode #218103808: comm syz.0.3228: iget: illegal inode # [ 141.097922][T10931] EXT4-fs error (device loop0): ext4_quota_enable:7131: comm syz.0.3228: Bad quota inode: 218103808, type: 2 [ 141.110893][T10931] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix. [ 141.129024][T10931] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 141.136224][T10931] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 141.157731][T10931] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 141.179068][T10931] EXT4-fs error (device loop0): ext4_quota_enable:7128: comm syz.0.3228: inode #218103808: comm syz.0.3228: iget: illegal inode # [ 141.198563][T10931] EXT4-fs error (device loop0): ext4_quota_enable:7131: comm syz.0.3228: Bad quota inode: 218103808, type: 2 [ 141.219758][T10931] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix. [ 141.265821][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.485119][T10974] netlink: 'syz.0.3250': attribute type 10 has an invalid length. [ 141.493274][T10974] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3250'. [ 141.555123][T10986] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3257'. [ 141.564187][T10986] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3257'. [ 141.574232][T10986] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3257'. [ 141.631194][T10998] smc: net device bond0 applied user defined pnetid SYZ0 [ 141.642222][T10998] smc: net device bond0 erased user defined pnetid SYZ0 [ 141.670449][T11002] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3274'. [ 141.724323][T11010] netlink: 'syz.3.3266': attribute type 10 has an invalid length. [ 141.733867][T11010] batman_adv: batadv0: Adding interface: veth1_vlan [ 141.740493][T11010] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 141.784110][T11010] batman_adv: batadv0: Interface activated: veth1_vlan [ 141.995963][T11040] loop4: detected capacity change from 0 to 4096 [ 142.006589][T11047] netlink: 'syz.1.3284': attribute type 10 has an invalid length. [ 142.016577][T11047] veth1_vlan: left promiscuous mode [ 142.022810][T11040] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 142.034157][T11047] batman_adv: batadv0: Adding interface: veth1_vlan [ 142.040778][T11047] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 142.067075][T11047] batman_adv: batadv0: Interface activated: veth1_vlan [ 142.077111][T11040] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.376959][T11078] loop5: detected capacity change from 0 to 1024 [ 142.403603][T11078] journal_path: Non-blockdev passed as './file0' [ 142.410058][T11078] EXT4-fs: error: could not find journal device path [ 142.465074][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.526342][T11098] loop5: detected capacity change from 0 to 128 [ 142.631216][T11110] loop3: detected capacity change from 0 to 512 [ 142.654863][T11110] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 142.677022][T11110] EXT4-fs (loop3): orphan cleanup on readonly fs [ 142.706023][T11110] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.3314: corrupted inode contents [ 142.747867][T11110] EXT4-fs (loop3): Remounting filesystem read-only [ 142.777693][T11110] EXT4-fs (loop3): 1 truncate cleaned up [ 142.784167][ T4487] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 142.794787][ T4487] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 142.822986][ T4487] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started [ 142.846020][T11110] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 142.907528][ T6918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.115680][T11157] loop1: detected capacity change from 0 to 512 [ 143.144629][T11157] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 143.153682][T11157] EXT4-fs (loop1): orphan cleanup on readonly fs [ 143.198937][T11157] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3334: corrupted inode contents [ 143.229310][T11157] EXT4-fs (loop1): Remounting filesystem read-only [ 143.237794][T11157] EXT4-fs (loop1): 1 truncate cleaned up [ 143.243650][ T4482] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 143.254232][ T4482] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 143.266465][ T4482] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started [ 143.291927][T11157] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 143.327022][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.354915][ T29] kauditd_printk_skb: 145 callbacks suppressed [ 143.354934][ T29] audit: type=1326 audit(142.281:3315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11186 comm="syz.3.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 143.431314][ T29] audit: type=1326 audit(142.281:3316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11186 comm="syz.3.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 143.454381][ T29] audit: type=1326 audit(142.328:3317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11186 comm="syz.3.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 143.477467][ T29] audit: type=1326 audit(142.328:3318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11186 comm="syz.3.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 143.500579][ T29] audit: type=1326 audit(142.328:3319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11186 comm="syz.3.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 143.523488][ T29] audit: type=1326 audit(142.328:3320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11186 comm="syz.3.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 143.546442][ T29] audit: type=1326 audit(142.328:3321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11186 comm="syz.3.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 143.569401][ T29] audit: type=1326 audit(142.328:3322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11186 comm="syz.3.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 143.592315][ T29] audit: type=1326 audit(142.328:3323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11186 comm="syz.3.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 143.615272][ T29] audit: type=1326 audit(142.328:3324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11186 comm="syz.3.3347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 143.693896][T11215] 9pnet_fd: Insufficient options for proto=fd [ 143.805777][T11230] __nla_validate_parse: 5 callbacks suppressed [ 143.805795][T11230] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3368'. [ 143.866726][T11238] netlink: 51 bytes leftover after parsing attributes in process `syz.0.3370'. [ 144.107196][T11248] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=263 sclass=netlink_audit_socket pid=11248 comm=syz.4.3374 [ 144.271558][T11260] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3379'. [ 144.513271][T11268] 9pnet_fd: Insufficient options for proto=fd [ 144.554664][T11273] ALSA: seq fatal error: cannot create timer (-19) [ 144.574270][T11278] loop3: detected capacity change from 0 to 512 [ 144.593886][T11278] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 144.609983][T11278] EXT4-fs (loop3): mount failed [ 144.683658][T11291] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3394'. [ 144.692563][T11291] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3394'. [ 144.736970][T11291] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3394'. [ 144.745860][T11291] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3394'. [ 145.121080][T11326] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3408'. [ 145.137179][T11328] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3409'. [ 145.146279][T11328] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3409'. [ 145.226964][T11333] loop1: detected capacity change from 0 to 512 [ 145.253179][T11333] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 145.317799][T11333] EXT4-fs (loop1): mount failed [ 145.484177][T11343] loop5: detected capacity change from 0 to 1024 [ 145.510541][T11343] EXT4-fs: Ignoring removed bh option [ 145.526457][T11343] EXT4-fs: inline encryption not supported [ 145.547534][T11343] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 145.595643][T11343] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 145.605914][T11343] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 2: comm syz.5.3416: lblock 2 mapped to illegal pblock 2 (length 1) [ 145.628044][T11341] loop1: detected capacity change from 0 to 8192 [ 145.692385][T11343] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 48: comm syz.5.3416: lblock 0 mapped to illegal pblock 48 (length 1) [ 145.768515][T11343] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.3416: Failed to acquire dquot type 0 [ 145.781863][T11343] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 145.821556][T11343] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.3416: mark_inode_dirty error [ 145.834392][T11343] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 145.846189][T11343] EXT4-fs (loop5): 1 orphan inode deleted [ 145.853040][T11343] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 145.866710][ T4487] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:38: lblock 1 mapped to illegal pblock 1 (length 1) [ 145.889555][ T4487] EXT4-fs error (device loop5): ext4_release_dquot:6973: comm kworker/u8:38: Failed to release dquot type 0 [ 145.925011][T11343] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 48: comm syz.5.3416: lblock 0 mapped to illegal pblock 48 (length 1) [ 146.018737][ T6799] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.078345][T11362] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0) [ 146.100197][T11362] SELinux: failed to load policy [ 146.212478][T11391] loop5: detected capacity change from 0 to 1024 [ 146.224338][T11391] EXT4-fs: Ignoring removed orlov option [ 146.239382][T11391] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 146.256305][T11391] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3436: bg 0: block 232: padding at end of block bitmap is not set [ 146.296941][T11391] EXT4-fs (loop5): Remounting filesystem read-only [ 146.311304][T11391] EXT4-fs (loop5): error restoring inline_data for inode -- potential data loss! (inode 12, error -30) [ 146.352149][ T6799] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.557708][T11444] loop3: detected capacity change from 0 to 512 [ 146.603973][T11452] loop0: detected capacity change from 0 to 1024 [ 146.612338][T11444] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 146.628083][T11444] EXT4-fs (loop3): mount failed [ 146.649158][T11452] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.706375][T11467] batadv1: entered promiscuous mode [ 146.711685][T11467] batadv1: entered allmulticast mode [ 146.781556][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.190957][T11521] loop3: detected capacity change from 0 to 1024 [ 147.205871][T11521] EXT4-fs: Ignoring removed bh option [ 147.215919][T11521] EXT4-fs: inline encryption not supported [ 147.231060][T11521] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 147.245280][T11521] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 147.256631][T11521] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.3493: lblock 2 mapped to illegal pblock 2 (length 1) [ 147.272170][T11521] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.3493: lblock 0 mapped to illegal pblock 48 (length 1) [ 147.287605][T11521] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.3493: Failed to acquire dquot type 0 [ 147.313116][T11521] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 147.325638][T11521] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.3493: mark_inode_dirty error [ 147.338029][T11521] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 147.376619][T11521] EXT4-fs (loop3): 1 orphan inode deleted [ 147.382949][T11521] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 147.400544][ T4482] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:34: lblock 1 mapped to illegal pblock 1 (length 1) [ 147.438063][ T4482] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:34: Failed to release dquot type 0 [ 147.452891][T11521] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.3493: lblock 0 mapped to illegal pblock 48 (length 1) [ 147.480860][ T6918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.630156][T11548] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=8192 sclass=netlink_audit_socket pid=11548 comm=syz.1.3506 [ 147.680072][T11553] batadv1: entered promiscuous mode [ 147.685347][T11553] batadv1: entered allmulticast mode [ 147.830868][T11563] loop4: detected capacity change from 0 to 1024 [ 147.839865][T11563] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 147.862897][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.975488][ T36] hid_parser_main: 8 callbacks suppressed [ 147.975510][ T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 147.988927][ T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 147.996346][ T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 148.003778][ T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 148.011233][ T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 148.018767][ T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 148.026169][ T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 148.033617][ T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 148.041115][ T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 148.048541][ T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 148.059550][ T36] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz0] on syz1 [ 148.378182][ T37] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 148.387631][ T37] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 148.396981][ T37] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 148.405423][ T37] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 148.555870][T11622] loop3: detected capacity change from 0 to 1024 [ 148.580057][T11622] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 148.625359][ T6918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.173242][ T29] kauditd_printk_skb: 160 callbacks suppressed [ 149.173259][ T29] audit: type=1326 audit(147.567:3474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11648 comm="syz.0.3548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294816eec9 code=0x7ffc0000 [ 149.202573][ T29] audit: type=1326 audit(147.567:3475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11648 comm="syz.0.3548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f294816eec9 code=0x7ffc0000 [ 149.225564][ T29] audit: type=1326 audit(147.567:3476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11648 comm="syz.0.3548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294816eec9 code=0x7ffc0000 [ 149.248710][ T29] audit: type=1326 audit(147.567:3477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11648 comm="syz.0.3548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294816eec9 code=0x7ffc0000 [ 149.271789][ T29] audit: type=1400 audit(147.698:3478): avc: denied { ioctl } for pid=11660 comm="syz.4.3555" path="socket:[33487]" dev="sockfs" ino=33487 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 149.296805][ T29] audit: type=1326 audit(147.707:3479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11662 comm="syz.3.3556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 149.319751][ T29] audit: type=1326 audit(147.707:3480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11662 comm="syz.3.3556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3d8c4cd710 code=0x7ffc0000 [ 149.342965][ T29] audit: type=1326 audit(147.707:3481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11662 comm="syz.3.3556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3d8c4cd710 code=0x7ffc0000 [ 149.365917][ T29] audit: type=1326 audit(147.707:3482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11662 comm="syz.3.3556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 149.388877][ T29] audit: type=1326 audit(147.707:3483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11662 comm="syz.3.3556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=267 compat=0 ip=0x7f3d8c4ceec9 code=0x7ffc0000 [ 149.437037][T11669] tipc: Started in network mode [ 149.442036][T11669] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 149.453898][T11669] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 149.462339][T11669] tipc: Enabled bearer , priority 10 [ 149.468690][T11673] loop1: detected capacity change from 0 to 512 [ 149.487587][T11673] EXT4-fs: Ignoring removed i_version option [ 149.496076][T11673] EXT4-fs: quotafile must be on filesystem root [ 149.538626][T11677] ref_ctr_offset mismatch. inode: 0x8db offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 149.585252][ T3399] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz0] on syz1 [ 149.803409][ T3400] hid-generic 0000:0000:0000.000A: hidraw0: HID v0.00 Device [syz0] on syz1 [ 149.868994][T11725] team0: Caught tx_queue_len zero misconfig [ 149.923760][T11730] __nla_validate_parse: 29 callbacks suppressed [ 149.923848][T11730] netlink: 3 bytes leftover after parsing attributes in process `syz.5.3586'. [ 149.987203][T11730] batadv1: entered promiscuous mode [ 149.992449][T11730] batadv1: entered allmulticast mode [ 150.034695][T11732] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=8192 sclass=netlink_audit_socket pid=11732 comm=syz.3.3589 [ 150.153544][T11737] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3601'. [ 150.165796][T11737] netem: change failed [ 150.216340][T11747] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3596'. [ 150.228666][T11747] netlink: 'syz.5.3596': attribute type 1 has an invalid length. [ 150.236451][T11747] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3596'. [ 150.279815][T11750] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11750 comm=syz.0.3597 [ 150.429828][T11759] SELinux: unknown common r [ 150.446313][T11759] SELinux: failed to load policy [ 150.475828][T11765] team0: Caught tx_queue_len zero misconfig [ 150.538018][T11770] tipc: Started in network mode [ 150.542985][T11770] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 150.573408][T11770] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 150.581490][T11770] tipc: Enabled bearer , priority 10 [ 150.618805][T11773] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3609'. [ 150.658149][ T3400] tipc: Node number set to 1 [ 150.674087][T11782] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 150.685232][T11781] IPVS: stopping master sync thread 11782 ... [ 150.736598][T11790] hub 9-0:1.0: USB hub found [ 150.741379][T11790] hub 9-0:1.0: 8 ports detected [ 150.757236][T11788] SELinux: unknown common r [ 150.762401][T11788] SELinux: failed to load policy [ 150.806457][T11799] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3621'. [ 150.815776][T11799] netlink: 'syz.1.3621': attribute type 1 has an invalid length. [ 150.823675][T11799] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3621'. [ 150.837653][T11804] SELinux: Context Ü is not valid (left unmapped). [ 150.864581][T11809] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 151.044805][T11824] rdma_op ffff8881188f6180 conn xmit_rdma 0000000000000000 [ 151.184821][T11827] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11827 comm=syz.1.3643 [ 151.204601][T11829] SELinux: unknown common r [ 151.209465][T11829] SELinux: failed to load policy [ 151.641624][ T3399] tipc: Node number set to 1 [ 151.688369][T11843] loop0: detected capacity change from 0 to 512 [ 151.695374][T11843] EXT4-fs: Ignoring removed mblk_io_submit option [ 151.702174][T11843] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 151.724833][T11843] EXT4-fs (loop0): 1 truncate cleaned up [ 151.744733][T11843] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.933583][ T3399] hid-generic 0000:0000:0000.000B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 152.287109][T11869] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125 [ 152.480515][T11888] sch_tbf: peakrate 7 is lower than or equals to rate 7 ! [ 152.549604][T11896] loop3: detected capacity change from 0 to 128 [ 152.615667][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.680015][T11906] SELinux: ebitmap: truncated map [ 152.688260][T11906] SELinux: failed to load policy [ 152.694380][T11910] 9pnet_fd: Insufficient options for proto=fd [ 152.715573][ T4478] kworker/u8:32: attempt to access beyond end of device [ 152.715573][ T4478] loop3: rw=1, sector=145, nr_sectors = 16 limit=128 [ 152.731723][ T4478] kworker/u8:32: attempt to access beyond end of device [ 152.731723][ T4478] loop3: rw=1, sector=169, nr_sectors = 8 limit=128 [ 152.745817][ T4478] kworker/u8:32: attempt to access beyond end of device [ 152.745817][ T4478] loop3: rw=1, sector=185, nr_sectors = 8 limit=128 [ 152.762197][ T4478] kworker/u8:32: attempt to access beyond end of device [ 152.762197][ T4478] loop3: rw=1, sector=201, nr_sectors = 8 limit=128 [ 152.776267][T11915] sch_tbf: peakrate 7 is lower than or equals to rate 7 ! [ 152.776361][ T4478] kworker/u8:32: attempt to access beyond end of device [ 152.776361][ T4478] loop3: rw=1, sector=217, nr_sectors = 8 limit=128 [ 152.807124][ T4478] kworker/u8:32: attempt to access beyond end of device [ 152.807124][ T4478] loop3: rw=1, sector=233, nr_sectors = 8 limit=128 [ 152.853443][T11925] loop4: detected capacity change from 0 to 512 [ 152.854650][T11924] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125 [ 152.870225][ T4478] kworker/u8:32: attempt to access beyond end of device [ 152.870225][ T4478] loop3: rw=1, sector=249, nr_sectors = 8 limit=128 [ 152.902646][ T4478] kworker/u8:32: attempt to access beyond end of device [ 152.902646][ T4478] loop3: rw=1, sector=265, nr_sectors = 8 limit=128 [ 152.918174][T11931] vhci_hcd: invalid port number 236 [ 152.923760][T11925] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.940770][ T4478] kworker/u8:32: attempt to access beyond end of device [ 152.940770][ T4478] loop3: rw=1, sector=281, nr_sectors = 8 limit=128 [ 152.954807][ T4478] kworker/u8:32: attempt to access beyond end of device [ 152.954807][ T4478] loop3: rw=1, sector=297, nr_sectors = 8 limit=128 [ 152.968936][T11934] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3681'. [ 152.995965][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.076526][T11941] SELinux: ebitmap: truncated map [ 153.087079][T11941] SELinux: failed to load policy [ 153.148004][T11955] loop3: detected capacity change from 0 to 1024 [ 153.157911][T11955] EXT4-fs: Ignoring removed nobh option [ 153.163717][T11955] EXT4-fs: inline encryption not supported [ 153.183793][T11955] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 153.199138][T11957] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125 [ 153.224909][T11955] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 153.262387][ T6918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.297767][T11967] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125 [ 153.319215][T11969] loop5: detected capacity change from 0 to 512 [ 153.334173][T11969] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 153.369039][ T6799] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.417884][ T3399] Process accounting resumed [ 153.426768][T11989] 9pnet_fd: Insufficient options for proto=fd [ 153.554347][T12008] sctp: [Deprecated]: syz.3.3707 (pid 12008) Use of struct sctp_assoc_value in delayed_ack socket option. [ 153.554347][T12008] Use struct sctp_sack_info instead [ 153.593769][T12010] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3714'. [ 154.527993][ T29] kauditd_printk_skb: 293 callbacks suppressed [ 154.528034][ T29] audit: type=1326 audit(152.808:3777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12066 comm="syz.4.3741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f952eec9 code=0x7ffc0000 [ 154.584421][T12069] SELinux: Context system_u:object_r:netutils_exec_t:s0 is not valid (left unmapped). [ 154.584444][ T29] audit: type=1400 audit(152.854:3778): avc: denied { mac_admin } for pid=12068 comm="syz.4.3742" capability=33 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 154.615676][ T29] audit: type=1400 audit(152.864:3779): avc: denied { relabelto } for pid=12068 comm="syz.4.3742" name="cgroup.procs" dev="cgroup" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:netutils_exec_t:s0" [ 154.642599][ T29] audit: type=1400 audit(152.864:3780): avc: denied { associate } for pid=12068 comm="syz.4.3742" name="cgroup.procs" dev="cgroup" ino=249 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:netutils_exec_t:s0" [ 154.693618][T12072] loop4: detected capacity change from 0 to 128 [ 154.700657][ T29] audit: type=1400 audit(152.967:3781): avc: denied { mounton } for pid=12071 comm="syz.4.3743" path="/750/file0" dev="tmpfs" ino=3865 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 154.723122][ T29] audit: type=1400 audit(152.976:3782): avc: denied { mount } for pid=12071 comm="syz.4.3743" name="/" dev="loop4" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 154.825321][ T29] audit: type=1400 audit(153.079:3783): avc: denied { allowed } for pid=12071 comm="syz.4.3743" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 154.848379][ T29] audit: type=1400 audit(153.079:3784): avc: denied { create } for pid=12071 comm="syz.4.3743" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 154.869151][ T29] audit: type=1400 audit(153.098:3785): avc: denied { unmount } for pid=3320 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 154.905599][ T29] audit: type=1326 audit(153.154:3786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12074 comm="syz.4.3744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f952eec9 code=0x7ffc0000 [ 154.968376][ T3400] Process accounting resumed [ 155.143540][T12105] loop3: detected capacity change from 0 to 512 [ 155.163244][T12105] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 155.181244][T12105] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002] [ 155.189296][T12105] EXT4-fs (loop3): orphan cleanup on readonly fs [ 155.195740][T12105] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.3757: bad orphan inode 267 [ 155.213389][T12105] EXT4-fs (loop3): Remounting filesystem read-only [ 155.220718][T12105] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 155.233569][ T4478] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 155.381549][ T6918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 155.420776][T12125] loop3: detected capacity change from 0 to 1764 [ 156.063993][T12156] loop4: detected capacity change from 0 to 512 [ 156.115991][T12156] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 156.141464][T12156] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002] [ 156.168603][T12156] EXT4-fs (loop4): orphan cleanup on readonly fs [ 156.175072][T12156] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.3776: bad orphan inode 267 [ 156.213423][T12168] netlink: 168 bytes leftover after parsing attributes in process `syz.0.3780'. [ 156.222763][T12168] tipc: Started in network mode [ 156.227818][T12168] tipc: Node identity 0000000000005f120000000000000001, cluster identity 4711 [ 156.236682][T12168] tipc: Enabling of bearer rejected, failed to enable media [ 156.268807][T12156] EXT4-fs (loop4): Remounting filesystem read-only [ 156.286981][T12156] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 156.404869][T12183] loop0: detected capacity change from 0 to 512 [ 156.423653][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 156.440267][T12186] loop3: detected capacity change from 0 to 1024 [ 156.455898][T12183] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.468841][T12186] EXT4-fs: Ignoring removed oldalloc option [ 156.474980][T12186] EXT4-fs: Ignoring removed orlov option [ 156.481258][T12195] random: crng reseeded on system resumption [ 156.488677][T12186] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 156.499195][T12183] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 18: comm syz.0.3790: lblock 23 mapped to illegal pblock 18 (length 1) [ 156.516727][T12183] EXT4-fs (loop0): Remounting filesystem read-only [ 156.536442][T12186] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.559230][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.578207][T12186] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.3800: Allocating blocks 497-513 which overlap fs metadata [ 156.596413][T12185] EXT4-fs (loop3): pa ffff88810055d380: logic 80, phys. 481, len 2 [ 156.604411][T12185] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1 [ 156.638616][ T6918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.663262][T12207] ALSA: seq fatal error: cannot create timer (-19) [ 156.718705][T12214] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3801'. [ 156.727772][T12214] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3801'. [ 156.742752][T12214] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3801'. [ 156.751790][T12214] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3801'. [ 156.780587][T12218] loop0: detected capacity change from 0 to 512 [ 156.787808][T12218] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 156.799596][T12218] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002] [ 156.807946][T12218] EXT4-fs (loop0): orphan cleanup on readonly fs [ 156.814323][T12218] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.3803: bad orphan inode 267 [ 156.826681][T12218] EXT4-fs (loop0): Remounting filesystem read-only [ 156.833766][T12218] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 156.875340][T12223] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3805'. [ 156.884800][T12223] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3805'. [ 156.931977][T12227] loop1: detected capacity change from 0 to 512 [ 156.948088][T12227] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.967843][T12227] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #2: block 18: comm syz.1.3807: lblock 23 mapped to illegal pblock 18 (length 1) [ 156.992493][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 156.993378][T12227] EXT4-fs (loop1): Remounting filesystem read-only [ 157.029314][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.055874][T12239] loop1: detected capacity change from 0 to 1024 [ 157.064468][T12239] EXT4-fs: Ignoring removed nobh option [ 157.070052][T12239] EXT4-fs: inline encryption not supported [ 157.100787][T12239] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 157.141300][T12239] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 157.171429][T12249] loop0: detected capacity change from 0 to 1764 [ 157.210768][T12251] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3817'. [ 157.230387][T12251] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3817'. [ 157.245849][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.437879][T12278] loop4: detected capacity change from 0 to 1024 [ 157.444698][T12278] EXT4-fs: Ignoring removed nobh option [ 157.450387][T12278] EXT4-fs: inline encryption not supported [ 157.461884][T12281] netlink: 'syz.5.3831': attribute type 1 has an invalid length. [ 157.476154][T12283] netlink: 'syz.1.3833': attribute type 21 has an invalid length. [ 157.480637][T12278] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 157.498391][T12283] netlink: 'syz.1.3833': attribute type 1 has an invalid length. [ 157.506195][T12283] netlink: 144 bytes leftover after parsing attributes in process `syz.1.3833'. [ 157.550940][T12278] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 157.658547][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.805796][T12323] loop0: detected capacity change from 0 to 1024 [ 157.819220][T12323] EXT4-fs: Ignoring removed nobh option [ 157.824898][T12323] EXT4-fs: inline encryption not supported [ 157.826924][T12329] loop4: detected capacity change from 0 to 1024 [ 157.839777][T12329] EXT4-fs: Ignoring removed oldalloc option [ 157.845854][T12329] EXT4-fs: Ignoring removed orlov option [ 157.847719][T12323] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 157.863473][T12329] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 157.894594][T12323] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 157.897682][T12329] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 157.935232][T12329] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.3852: Allocating blocks 497-513 which overlap fs metadata [ 157.952775][T12328] EXT4-fs (loop4): pa ffff88810055d3f0: logic 80, phys. 481, len 2 [ 157.960761][T12328] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1 [ 157.969073][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.992587][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.482630][T12338] loop3: detected capacity change from 0 to 2048 [ 158.498283][T12338] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 158.531159][T12351] random: crng reseeded on system resumption [ 158.556105][ T6918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.570348][T12353] ALSA: seq fatal error: cannot create timer (-19) [ 159.473392][T12482] loop3: detected capacity change from 0 to 1024 [ 159.491527][T12482] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (58532!=20869) [ 159.506170][T12482] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002] [ 159.514635][T12482] EXT4-fs (loop3): failed to initialize system zone (-117) [ 159.522022][T12482] EXT4-fs (loop3): mount failed [ 159.891830][ T29] kauditd_printk_skb: 311 callbacks suppressed [ 159.891847][ T29] audit: type=1400 audit(157.812:4098): avc: denied { write } for pid=12532 comm="syz.3.3947" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 159.921232][ T29] audit: type=1400 audit(157.812:4099): avc: denied { open } for pid=12532 comm="syz.3.3947" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 159.946286][ T3400] IPVS: starting estimator thread 0... [ 160.044076][T12537] IPVS: using max 2544 ests per chain, 127200 per kthread [ 160.078617][T12541] loop3: detected capacity change from 0 to 512 [ 160.085454][T12541] EXT4-fs: Ignoring removed mblk_io_submit option [ 160.124038][T12541] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 160.134027][ T29] audit: type=1326 audit(157.896:4100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12539 comm="syz.0.3960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294816eec9 code=0x7ffc0000 [ 160.157055][ T29] audit: type=1326 audit(157.896:4101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12539 comm="syz.0.3960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f294816eec9 code=0x7ffc0000 [ 160.179991][ T29] audit: type=1326 audit(157.896:4102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12539 comm="syz.0.3960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294816eec9 code=0x7ffc0000 [ 160.203050][ T29] audit: type=1326 audit(157.896:4103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12539 comm="syz.0.3960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f294816eec9 code=0x7ffc0000 [ 160.225981][ T29] audit: type=1326 audit(157.906:4104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12539 comm="syz.0.3960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294816eec9 code=0x7ffc0000 [ 160.248900][ T29] audit: type=1326 audit(157.906:4105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12539 comm="syz.0.3960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f294816eec9 code=0x7ffc0000 [ 160.271862][ T29] audit: type=1326 audit(157.906:4106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12539 comm="syz.0.3960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294816eec9 code=0x7ffc0000 [ 160.294923][ T29] audit: type=1326 audit(157.906:4107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12539 comm="syz.0.3960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f294816eec9 code=0x7ffc0000 [ 160.296650][T12541] EXT4-fs (loop3): 1 truncate cleaned up [ 160.324183][T12541] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 160.974816][ T6918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.993015][T12617] loop0: detected capacity change from 0 to 2048 [ 161.085033][T12617] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.181744][T12646] loop1: detected capacity change from 0 to 512 [ 161.188633][T12646] EXT4-fs: Ignoring removed mblk_io_submit option [ 161.195335][T12646] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 161.211242][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.222157][T12645] netlink: 'syz.3.3990': attribute type 21 has an invalid length. [ 161.230173][T12646] EXT4-fs (loop1): 1 truncate cleaned up [ 161.236994][T12646] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.265264][T12652] loop0: detected capacity change from 0 to 128 [ 161.455715][ T4474] bio_check_eod: 143 callbacks suppressed [ 161.455732][ T4474] kworker/u8:28: attempt to access beyond end of device [ 161.455732][ T4474] loop0: rw=1, sector=145, nr_sectors = 16 limit=128 [ 161.476626][ T4474] kworker/u8:28: attempt to access beyond end of device [ 161.476626][ T4474] loop0: rw=1, sector=169, nr_sectors = 8 limit=128 [ 161.490278][ T4474] kworker/u8:28: attempt to access beyond end of device [ 161.490278][ T4474] loop0: rw=1, sector=185, nr_sectors = 8 limit=128 [ 161.503863][ T4474] kworker/u8:28: attempt to access beyond end of device [ 161.503863][ T4474] loop0: rw=1, sector=201, nr_sectors = 8 limit=128 [ 161.517523][ T4474] kworker/u8:28: attempt to access beyond end of device [ 161.517523][ T4474] loop0: rw=1, sector=217, nr_sectors = 8 limit=128 [ 161.531134][ T4474] kworker/u8:28: attempt to access beyond end of device [ 161.531134][ T4474] loop0: rw=1, sector=233, nr_sectors = 8 limit=128 [ 161.544791][ T4474] kworker/u8:28: attempt to access beyond end of device [ 161.544791][ T4474] loop0: rw=1, sector=249, nr_sectors = 8 limit=128 [ 161.563525][T12668] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 161.574250][ T4474] kworker/u8:28: attempt to access beyond end of device [ 161.574250][ T4474] loop0: rw=1, sector=265, nr_sectors = 8 limit=128 [ 161.575978][T12670] ipvlan2: entered promiscuous mode [ 161.587890][ T4474] kworker/u8:28: attempt to access beyond end of device [ 161.587890][ T4474] loop0: rw=1, sector=281, nr_sectors = 8 limit=128 [ 161.593378][T12668] vhci_hcd: invalid port number 253 [ 161.606695][ T4474] kworker/u8:28: attempt to access beyond end of device [ 161.606695][ T4474] loop0: rw=1, sector=297, nr_sectors = 8 limit=128 [ 161.611555][T12668] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub [ 161.644863][T12670] bridge0: port 3(ipvlan2) entered blocking state [ 161.651552][T12670] bridge0: port 3(ipvlan2) entered disabled state [ 161.658826][T12670] ipvlan2: entered allmulticast mode [ 161.664283][T12670] bridge0: entered allmulticast mode [ 161.672322][T12670] ipvlan2: left allmulticast mode [ 161.677418][T12670] bridge0: left allmulticast mode [ 161.864608][T12695] loop5: detected capacity change from 0 to 128 [ 162.163319][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.256114][T12728] netlink: 'syz.4.4033': attribute type 153 has an invalid length. [ 162.334433][T12742] loop4: detected capacity change from 0 to 512 [ 162.341077][T12742] EXT4-fs: Ignoring removed mblk_io_submit option [ 162.354996][T12748] loop5: detected capacity change from 0 to 2048 [ 162.360676][T12742] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 162.388795][T12742] EXT4-fs (loop4): 1 truncate cleaned up [ 162.395053][T12742] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 162.423593][T12748] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 162.445243][T12761] __nla_validate_parse: 6 callbacks suppressed [ 162.445259][T12761] netlink: 340 bytes leftover after parsing attributes in process `syz.3.4035'. [ 162.508778][ T6799] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.588548][T12776] loop3: detected capacity change from 0 to 512 [ 162.595561][T12776] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 162.786529][T12792] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 162.804764][T12792] vhci_hcd: invalid port number 253 [ 162.810036][T12792] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub [ 163.263650][T12811] loop1: detected capacity change from 0 to 2048 [ 163.317666][T12811] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 163.355857][T12823] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4062'. [ 163.381172][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.405065][T12829] loop0: detected capacity change from 0 to 512 [ 163.413383][T12829] EXT4-fs: Ignoring removed bh option [ 163.419514][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.432135][T12829] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 163.442268][T12831] loop4: detected capacity change from 0 to 1024 [ 163.444316][T12829] EXT4-fs (loop0): 1 truncate cleaned up [ 163.449420][T12831] EXT4-fs: Ignoring removed orlov option [ 163.459965][T12831] EXT4-fs: Ignoring removed nomblk_io_submit option [ 163.460461][T12829] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 163.480853][T12831] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 163.496665][T12837] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4069'. [ 163.505634][T12837] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4069'. [ 163.544022][T12841] netlink: 'syz.5.4071': attribute type 153 has an invalid length. [ 163.582849][T12847] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 163.590696][T12847] vhci_hcd: invalid port number 253 [ 163.596062][T12847] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub [ 163.684716][T12861] loop4: detected capacity change from 0 to 2048 [ 163.691220][T12866] netlink: 'syz.3.4082': attribute type 10 has an invalid length. [ 163.725464][T12866] team0: Port device dummy0 added [ 163.746813][T12868] netlink: 340 bytes leftover after parsing attributes in process `syz.5.4080'. [ 163.768115][T12866] netlink: 'syz.3.4082': attribute type 10 has an invalid length. [ 163.814289][T12866] team0: Port device dummy0 removed [ 163.842227][T12866] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 163.855660][T12883] netlink: 'syz.5.4088': attribute type 1 has an invalid length. [ 163.882173][T12887] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 163.912976][T12887] vhci_hcd: invalid port number 253 [ 163.918301][T12887] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub [ 163.973353][T12895] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4093'. [ 164.000166][T12902] netlink: 'syz.0.4105': attribute type 10 has an invalid length. [ 164.019178][T12902] bond0: (slave dummy0): Releasing backup interface [ 164.032591][T12902] team0: Port device dummy0 added [ 164.044077][T12908] loop5: detected capacity change from 0 to 2048 [ 164.056880][T12902] netlink: 'syz.0.4105': attribute type 10 has an invalid length. [ 164.067675][T12902] team0: Port device dummy0 removed [ 164.076095][T12902] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 164.347010][T12940] netlink: 'syz.1.4114': attribute type 10 has an invalid length. [ 164.360580][T12942] loop3: detected capacity change from 0 to 2048 [ 164.378296][T12940] bond0: (slave dummy0): Releasing backup interface [ 164.386871][T12940] team0: Port device dummy0 added [ 164.410874][T12940] netlink: 'syz.1.4114': attribute type 10 has an invalid length. [ 164.436321][T12940] team0: Port device dummy0 removed [ 164.471246][T12940] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 165.182680][T12974] loop5: detected capacity change from 0 to 2048 [ 165.277144][ T29] kauditd_printk_skb: 141 callbacks suppressed [ 165.277162][ T29] audit: type=1400 audit(162.854:4249): avc: denied { watch watch_reads } for pid=12988 comm="syz.0.4134" path="/889" dev="tmpfs" ino=4561 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 165.340382][T12997] loop5: detected capacity change from 0 to 128 [ 165.350149][ T29] audit: type=1400 audit(162.910:4250): avc: denied { mounton } for pid=12996 comm="syz.5.4137" path="/508/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bus" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 165.351652][T12995] loop0: detected capacity change from 0 to 1024 [ 165.362136][T12995] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 16: comm syz.0.4138: path /890/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0 [ 165.399537][ T29] audit: type=1400 audit(162.938:4251): avc: denied { watch } for pid=12994 comm="syz.0.4138" path="/890/file1" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 165.445003][T12997] loop5: detected capacity change from 128 to 64 [ 165.447010][T13001] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Out of memory [ 165.472645][T13001] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Out of memory [ 165.482410][T13001] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #13: comm syz.5.4137: mark_inode_dirty error [ 165.494635][T13001] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -12) [ 165.497646][ T29] audit: type=1400 audit(163.069:4252): avc: denied { connect } for pid=13002 comm="syz.4.4139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 165.523856][ T29] audit: type=1400 audit(163.069:4253): avc: denied { read } for pid=13002 comm="syz.4.4139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 165.551356][T13005] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4140'. [ 165.577679][ T6799] EXT4-fs error (device loop5): htree_dirblock_to_tree:1080: inode #2: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1 [ 165.607805][ T6799] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Out of memory [ 165.617926][ T6799] EXT4-fs error (device loop5): __ext4_unlink:3270: inode #2: comm syz-executor: mark_inode_dirty error [ 165.618438][ T29] audit: type=1400 audit(163.163:4254): avc: denied { remove_name } for pid=6799 comm="syz-executor" name="bus" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 165.651423][ T29] audit: type=1400 audit(163.163:4255): avc: denied { unlink } for pid=6799 comm="syz-executor" name="bus" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 165.709320][T13018] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 64993 [ 165.722006][T13020] netlink: 'syz.4.4148': attribute type 10 has an invalid length. [ 165.739376][T13020] bond0: (slave dummy0): Releasing backup interface [ 165.748787][T13020] team0: Port device dummy0 added [ 165.759556][T13020] netlink: 'syz.4.4148': attribute type 10 has an invalid length. [ 165.787380][T13020] team0: Port device dummy0 removed [ 165.794575][T13020] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 165.905392][T13031] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4154'. [ 165.934895][ T29] audit: type=1400 audit(163.471:4256): avc: denied { mounton } for pid=13034 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 166.126237][T13034] chnl_net:caif_netlink_parms(): no params data found [ 166.171835][T13034] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.178914][T13034] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.186411][T13034] bridge_slave_0: entered allmulticast mode [ 166.192970][T13034] bridge_slave_0: entered promiscuous mode [ 166.199719][T13034] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.206962][T13034] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.214489][T13034] bridge_slave_1: entered allmulticast mode [ 166.220991][T13034] bridge_slave_1: entered promiscuous mode [ 166.241732][T13034] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 166.252128][T13034] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 166.272635][T13034] team0: Port device team_slave_0 added [ 166.279136][T13034] team0: Port device team_slave_1 added [ 166.294947][T13034] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 166.302000][T13034] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.328084][T13034] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 166.339315][T13034] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 166.346313][T13034] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.372242][T13034] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 166.398618][T13034] hsr_slave_0: entered promiscuous mode [ 166.404650][T13034] hsr_slave_1: entered promiscuous mode [ 166.410477][T13034] debugfs: 'hsr0' already exists in 'hsr' [ 166.416237][T13034] Cannot create hsr debugfs directory [ 166.479133][T13034] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 166.488199][T13034] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 166.497104][T13034] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 166.505846][T13034] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 166.522036][T13034] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.529191][T13034] bridge0: port 2(bridge_slave_1) entered forwarding state [ 166.536524][T13034] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.543642][T13034] bridge0: port 1(bridge_slave_0) entered forwarding state [ 166.573228][T13034] 8021q: adding VLAN 0 to HW filter on device bond0 [ 166.586060][ T4482] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.594175][ T4482] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.605868][T13034] 8021q: adding VLAN 0 to HW filter on device team0 [ 166.616504][ T4487] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.623578][ T4487] bridge0: port 1(bridge_slave_0) entered forwarding state [ 166.634403][ T4482] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.641558][ T4482] bridge0: port 2(bridge_slave_1) entered forwarding state [ 166.704874][T13034] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 166.807623][T13034] veth0_vlan: entered promiscuous mode [ 166.815765][T13034] veth1_vlan: entered promiscuous mode [ 166.830590][T13034] veth0_macvtap: entered promiscuous mode [ 166.838023][T13034] veth1_macvtap: entered promiscuous mode [ 166.851095][T13034] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 166.862258][T13034] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 166.872124][ T4487] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.884910][ T4487] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.894013][ T4487] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.904705][ T4487] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.919736][ T29] audit: type=1400 audit(164.397:4257): avc: denied { mounton } for pid=13034 comm="syz-executor" path="/root/syzkaller.uNAPiT/syz-tmp" dev="sda1" ino=2051 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 166.944217][ T29] audit: type=1400 audit(164.397:4258): avc: denied { mounton } for pid=13034 comm="syz-executor" path="/root/syzkaller.uNAPiT/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 166.991487][T13096] netlink: 92 bytes leftover after parsing attributes in process `syz.1.4175'. [ 167.000588][T13096] netem: unknown loss type 0 [ 167.048873][T13105] team0: Port device dummy0 added [ 167.082338][T13105] team0: Port device dummy0 removed [ 167.091888][T13105] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 167.138747][ T4482] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe [ 167.180751][T13125] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4178'. [ 167.349455][T13140] loop6: detected capacity change from 0 to 2048 [ 167.465033][T13158] kernel read not supported for file /policy (pid: 13158 comm: syz.3.4191) [ 167.591357][T13172] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13172 comm=syz.6.4199 [ 167.752960][T13196] sch_tbf: burst 2976 is lower than device lo mtu (65550) ! [ 167.790460][T13200] loop4: detected capacity change from 0 to 1024 [ 167.812696][T13200] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 16: comm syz.4.4209: path /822/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0 [ 167.858125][T13210] __nla_validate_parse: 2 callbacks suppressed [ 167.858204][T13210] netlink: 92 bytes leftover after parsing attributes in process `syz.0.4216'. [ 167.873566][T13210] netem: unknown loss type 0 [ 167.878260][T13210] netem: change failed [ 168.145152][T13235] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4228'. [ 168.185253][T13240] loop1: detected capacity change from 0 to 1024 [ 168.211555][T13240] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 16: comm syz.1.4230: path /794/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0 [ 168.263220][T13250] program syz.3.4235 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 168.337998][T13259] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13259 comm=syz.1.4239 [ 168.416258][ T4474] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.426036][ T4474] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.490866][ T4474] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.500701][ T4474] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.555500][ T4474] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.565440][ T4474] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.640866][ T4474] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.650758][ T4474] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.706776][ T4474] bridge_slave_1: left allmulticast mode [ 168.712435][ T4474] bridge_slave_1: left promiscuous mode [ 168.718131][ T4474] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.726188][ T4474] bridge_slave_0: left allmulticast mode [ 168.731828][ T4474] bridge_slave_0: left promiscuous mode [ 168.737499][ T4474] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.782413][ T4474] bond1 (unregistering): (slave geneve2): Releasing active interface [ 168.823549][ T4474] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 168.833976][ T4474] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 168.844096][ T4474] bond0 (unregistering): Released all slaves [ 168.852769][ T4474] bond1 (unregistering): Released all slaves [ 168.902213][ T4474] hsr_slave_0: left promiscuous mode [ 168.908134][ T4474] hsr_slave_1: left promiscuous mode [ 168.914282][ T4474] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 168.921933][ T4474] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 168.934360][ T4474] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 168.941825][ T4474] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 168.945255][T13264] loop6: detected capacity change from 0 to 512 [ 168.968454][T13264] EXT4-fs: Ignoring removed mblk_io_submit option [ 168.978514][ T4474] veth1_vlan: left promiscuous mode [ 168.980144][T13264] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 168.983967][ T4474] veth0_vlan: left promiscuous mode [ 169.022149][T13264] EXT4-fs (loop6): 1 truncate cleaned up [ 169.083923][T13274] ./file0: Can't lookup blockdev [ 169.099315][ T4474] team0 (unregistering): Port device team_slave_1 removed [ 169.109578][ T4474] team0 (unregistering): Port device team_slave_0 removed [ 169.452166][T13279] ================================================================== [ 169.460573][T13279] BUG: KCSAN: data-race in filemap_splice_read / filemap_splice_read [ 169.468670][T13279] [ 169.471008][T13279] write to 0xffff88811a2fb528 of 8 bytes by task 13264 on cpu 0: [ 169.478753][T13279] filemap_splice_read+0x4f4/0x740 [ 169.483924][T13279] ext4_file_splice_read+0x8f/0xb0 [ 169.489081][T13279] splice_direct_to_actor+0x26c/0x680 [ 169.494476][T13279] do_splice_direct+0xda/0x150 [ 169.499262][T13279] do_sendfile+0x380/0x650 [ 169.503715][T13279] __x64_sys_sendfile64+0x105/0x150 [ 169.508956][T13279] x64_sys_call+0x2bb0/0x2ff0 [ 169.513664][T13279] do_syscall_64+0xd2/0x200 [ 169.518205][T13279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.524127][T13279] [ 169.526462][T13279] write to 0xffff88811a2fb528 of 8 bytes by task 13279 on cpu 1: [ 169.534191][T13279] filemap_splice_read+0x4f4/0x740 [ 169.539332][T13279] ext4_file_splice_read+0x8f/0xb0 [ 169.544483][T13279] splice_direct_to_actor+0x26c/0x680 [ 169.549878][T13279] do_splice_direct+0xda/0x150 [ 169.554667][T13279] do_sendfile+0x380/0x650 [ 169.559116][T13279] __x64_sys_sendfile64+0x105/0x150 [ 169.564352][T13279] x64_sys_call+0x2bb0/0x2ff0 [ 169.569062][T13279] do_syscall_64+0xd2/0x200 [ 169.573612][T13279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.579524][T13279] [ 169.581864][T13279] value changed: 0x000000000001068b -> 0x00000000000106f4 [ 169.588992][T13279] [ 169.591330][T13279] Reported by Kernel Concurrency Sanitizer on: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 169.597507][T13279] CPU: 1 UID: 0 PID: 13279 Comm: syz.6.4240 Not tainted syzkaller #0 PREEMPT(voluntary) [ 169.607336][T13279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 169.617413][T13279] ================================================================== [ 169.806932][ T4463] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 169.816776][ T4463] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.880826][ T4463] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 169.890772][ T4463] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.976571][ T4463] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 169.986351][ T4463] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.040846][ T4463] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 170.050637][ T4463] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.113647][ T4463] bond1 (unregistering): (slave geneve2): Releasing active interface [ 170.127167][ T4463] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 170.136641][ T4463] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 170.145840][ T4463] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 170.155316][ T4463] bond0 (unregistering): Released all slaves [ 170.163704][ T4463] bond1 (unregistering): Released all slaves [ 170.212971][ T4463] tipc: Disabling bearer [ 170.218208][ T4463] tipc: Left network mode [ 170.225525][ T4463] hsr_slave_0: left promiscuous mode [ 170.231382][ T4463] hsr_slave_1: left promiscuous mode [ 170.236946][ T4463] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 170.244538][ T4463] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 170.252043][ T4463] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 170.259131][ T4463] batman_adv: batadv0: Removing interface: veth1_vlan [ 170.289252][ T4463] team0 (unregistering): Port device team_slave_1 removed [ 170.299130][ T4463] team0 (unregistering): Port device team_slave_0 removed [ 170.898857][ T4514] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.951227][ T4514] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.036399][ T4514] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.090819][ T4514] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.154555][ T4514] bridge_slave_1: left allmulticast mode [ 171.160230][ T4514] bridge_slave_1: left promiscuous mode [ 171.165957][ T4514] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.173807][ T4514] bridge_slave_0: left allmulticast mode [ 171.179574][ T4514] bridge_slave_0: left promiscuous mode [ 171.185328][ T4514] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.251578][ T4514] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 171.261513][ T4514] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 171.271892][ T4514] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 171.281039][ T4514] bond0 (unregistering): Released all slaves [ 171.337156][ T4514] hsr_slave_0: left promiscuous mode [ 171.342757][ T4514] hsr_slave_1: left promiscuous mode [ 171.348489][ T4514] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 171.355931][ T4514] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 171.363596][ T4514] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 171.371092][ T4514] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 171.380201][ T4514] veth1_macvtap: left promiscuous mode [ 171.385675][ T4514] veth0_macvtap: left promiscuous mode [ 171.391229][ T4514] veth1_vlan: left promiscuous mode [ 171.396449][ T4514] veth0_vlan: left promiscuous mode [ 171.458803][ T4514] team0 (unregistering): Port device team_slave_1 removed [ 171.468927][ T4514] team0 (unregistering): Port device team_slave_0 removed