last executing test programs: 1m8.704556182s ago: executing program 1 (id=895): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd']) 1m8.628488304s ago: executing program 1 (id=899): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0xffffffffffffffff}, 0x18) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0180000000000000000001000000000000000b00000000030014"], 0x28}}, 0x40000) 1m8.568878285s ago: executing program 1 (id=904): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r3, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}]}]}, 0x2c}}, 0x40000) 1m8.511928686s ago: executing program 1 (id=908): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) chroot(&(0x7f0000000140)='./file0/../file0\x00') pivot_root(&(0x7f0000007b00)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00') 1m8.483032896s ago: executing program 1 (id=910): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6(0xa, 0x2, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x6, @mcast1, 0x9}, 0x1c) sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4080) 1m8.27795836s ago: executing program 1 (id=920): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000080), &(0x7f00000006c0)='%-010d \x00'}, 0x20) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bind$inet(0xffffffffffffffff, 0x0, 0x0) 1m8.232640071s ago: executing program 32 (id=920): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000080), &(0x7f00000006c0)='%-010d \x00'}, 0x20) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bind$inet(0xffffffffffffffff, 0x0, 0x0) 1m3.960044445s ago: executing program 4 (id=1112): socket$inet6_tcp(0xa, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) timer_create(0x3, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={0xffffffffffffffff, 0x0, 0x30, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x40) 1m3.933987706s ago: executing program 4 (id=1114): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1, 0x0, 0x5}, 0x18) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/wakeup_count', 0x141000, 0x20) finit_module(r2, 0x0, 0x3) 1m3.899406166s ago: executing program 4 (id=1115): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10) socket$key(0xf, 0x3, 0x2) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x10, 0x7, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3e}}, @in=@multicast2, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, {0x0, 0x0, 0x2, 0x0, 0x10000000, 0xfffffffffffffffe, 0x0, 0x9}, {0x0, 0x200000, 0x7}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0) 1m3.846713007s ago: executing program 4 (id=1116): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) chroot(&(0x7f0000000140)='./file0/../file0\x00') pivot_root(&(0x7f0000007b00)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00') 1m3.846158667s ago: executing program 4 (id=1117): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040016000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0) 1m3.597603742s ago: executing program 4 (id=1122): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) ustat(0x801, 0x0) 1m3.597245142s ago: executing program 33 (id=1122): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) ustat(0x801, 0x0) 1.182374097s ago: executing program 6 (id=3670): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x303}, '\x00', "5193bb672965593497c186a80e00", '\x00\x00=*', "1202000000040030"}, 0x38) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e24, 0x9, @mcast2, 0xfffff001}}, 0x0, 0x0, 0x2f, 0x0, "228eb9a4e24f9043614b396862ef6e06815d605bee7df74e1ab78ee69410376af5fe931201339fbe75e83e0e392f19006e823417873ee81c4995a5cea1c39d5434fc2c04d55920a074c85d468254ffdf"}, 0xd8) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback, 0xffff}, 0x1c) 1.172723797s ago: executing program 6 (id=3671): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x1800) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x260) 1.138187078s ago: executing program 6 (id=3672): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000b00), 0x1, 0x55f, &(0x7f0000000580)="$eJzs3d9rU+cbAPDnpK2/v18riGxjjIIXczhT2+6Hg124y7HJhO3ehfZYpKmRJhXbCdOLebObIYMxJozdb/e7lP0D+yuETZAhZbvYTcZJT2q0SRNrtNF8PnDkfXNO+p4n73le35M3IQEMrYnsn0LEyxHxTRJxMCKSfN9o5Dsn1o9bu391NtuSqNc//StpHJfVm3+r+bz9eeWliPjtq4jjhc3tVldWF0rlcrqU1ydri5cmqyurJy4slubT+fTi9MzMqbdnpt97952+xfrG2X++/+T2h6e+Prr23S93D91M4nQcyPe1xvEErrVWJmIif03G4vQjB071obFBkuz0CbAtI3mej0U2BhyMkTzrgRfflxFRB4ZUIv9hSDXnAc17+z7dBz837n2wfgO0Of7R9fdGYk/j3mjfWvLQnVF2vzveh/azNn7989bNbIv+vQ8B0NW16xFxcnR08/iX5OPf9p3s4ZhH2zD+wbNzO5v/vNlu/lPYmP9Em/nP/ja5ux3d879wtw/NdJTN/95vO//dWLQaH8lr/2vM+caS8xfKaTa2/T8ijsXY7qy+1XrOqbU79U77Wud/2Za135wL5udxd3T3w8+ZK9VKTxJzq3vXI15pO/9NNvo/adP/2etxtsc2jqS3Xuu0r3v8T1f9p4jX2/b/gxWtZOv1ycnG9TDZvCo2+/vGkd87tb/T8Wf9v2/r+MeT1vXa6uO38eOef9NO+x6KP3q//nclnzXKu/LHrpRqtaWpiF3Jx5sfn37w3Ga9eXwW/7GjW49/7a7/vRHxeY/x3zj886s9xd+t/5/CImsW/9xj9f/jF+589MUP248/6/+3GqVj+SO9jH+9nuCTvHYAAAAAAAAwaAoRcSCSQnGjXCgUi+uf7zgc+wrlSrV2/Hxl+eJcNL4rOx5jheZK98GWz0NM5Z+HbdanH6nPRMShiPh2ZG+jXpytlOd2OngAAAAAAAAAAAAAAAAAAAAYEPs7fP8/88fITp8d8NT5yW8YXl3zvx+/9AQMJP//w/CS/zC85D8ML/kPw0v+w/CS/zC85D8ML/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAAfXX2zJlsq6/dvzqb1ecurywvVC6fmEurC8XF5dnibGXpUnG+Upkvp8XZymK3v1euVC5NTcfylclaWq1NVldWzy1Wli/Wzl1YLM2n59KxZxIVAAAAAAAAAAAAAAAAAAAAPF+qK6sLpXI5XVJQ2FZhdDBOY3UhYiBO40Up7PTIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/BcAAP//8NI25Q==") lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f0000000240)=ANY=[], 0x361, 0x0) lsetxattr$security_ima(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000200)=ANY=[], 0x9, 0x1) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x2048c5, &(0x7f0000000480)={[{@utf8no}, {@shortname_winnt}, {@shortname_winnt}, {@fat=@tz_utc}, {@uni_xlate}, {@fat=@check_normal}, {@shortname_mixed}, {@fat=@usefree}, {@fat=@discard}, {@shortname_mixed}, {@fat=@quiet}, {@utf8no}]}, 0x0, 0x29f, &(0x7f0000000580)="$eJzs3UFrE1sYxvGnSdukKW2yKBfuhct9uW50M7TxEwRpQQwotRF1IUztREPGpGRiJCK2O7d+juLSlYL6Bbpx517cFEFw04UYaZKxaRswra1Tzf8HYU7OOe/MmZyZ8M5AJlvXn94rFwOn6NYVS5pi0rq2pcxOqWuku4y1y+Pqta5zk5/f/Xv1xs1LuXx+ftFsIbd0Pmtm0/+9evDo2f9v6pPXnk+/TGgzc2vrU/b95l+bf299XQrXXpVcW65W6+6y79lKKSg7Zld8zw08K1UCr1a3nvaiX11dbZpbWZlKrda8IDC30rSy17R61eq1prl33FLFHMexqZSGTfzQEYWNxUU3dyKDQRQm+lXWajk33rexsPErBgUAAE6XqPL/u6XASoFVqnvy+4P5f0yHyP+loc7/D4/8fxjs5P+p7vm7F/k/AAAAAAAAAAAAAAAAAAAAAAC/g+1WK91qtdLhMnwlJCUlhe+jHidOBvM/3Hp+uJeU/CeNQqPQWXbac0WV5MvT7Jj0pX08dHXKCxfz87PWltFrf60bv9YoxJUI40OZ/vFznXjrjV/TmFK9288qrZn+8dk+8Y3CuM6eaSW6W/bkKK23t1WVr5X2cb0b/3jO7MLl/L74iXY/AAAAAAD+BI59d+D6vd3uWPjYkH3tncrd+wNK/+D+wL7r61H9MxrdfgMAAAAAMEyC5sOy6/tebQgK4f8fHMsKo//okoN2HpXUrXlxWuZikEJM0lHD4z83yx8l7amZiXy6j6Pw4X7nDBikc5TfSgAAAABOQpj0j0Q9EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhtigDw8L+x/l2WM9m4tHs5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA6fAtAAD//2kbF4o=") lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)='system.posix_acl_access\x00', &(0x7f0000000140)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000480)=ANY=[], 0xfe37, 0x0) 872.873563ms ago: executing program 6 (id=3682): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) creat(&(0x7f00000001c0)='./file1\x00', 0x2) acct(&(0x7f0000000080)='./file1\x00') acct(0x0) 802.313125ms ago: executing program 5 (id=3686): perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) clock_settime(0x0, &(0x7f00000001c0)={0x7f, 0x2f000000}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r0, &(0x7f0000001240)=""/102400, 0x200000, 0x0) 787.899905ms ago: executing program 6 (id=3689): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10) socket$key(0xf, 0x3, 0x2) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x14010, &(0x7f0000001280)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES32], 0x1, 0x11ee, &(0x7f0000003680)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU") r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0) pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0) 728.776246ms ago: executing program 5 (id=3695): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10, 0x4}, 0xf6) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) fcntl$lock(r2, 0x24, &(0x7f00000000c0)={0x2, 0x2, 0x9, 0x8}) 678.642047ms ago: executing program 5 (id=3698): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000580)={{r0}, &(0x7f0000000240), &(0x7f00000005c0)='%pS \x00'}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18) lsetxattr$security_selinux(&(0x7f0000000900)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000940), &(0x7f0000000980)='system_u:object_r:netutils_exec_t:s0\x00', 0x25, 0x3) 629.339188ms ago: executing program 5 (id=3700): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='rpc_pipefs\x00', 0x10, 0x0) chroot(&(0x7f0000000180)='./file0\x00') umount2(&(0x7f00000001c0)='./file0\x00', 0x0) 544.52211ms ago: executing program 5 (id=3716): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = gettid() sendmsg$unix(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000007c0)='>', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="e5ffff6e18"], 0xa0}, 0x4004881) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r3}, 0x18) recvmsg(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x160) 486.801431ms ago: executing program 5 (id=3707): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x1) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1) 376.750453ms ago: executing program 3 (id=3714): syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./bus\x00', 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES64=0x0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC], 0x1, 0x2b8, &(0x7f0000000800)="$eJzs3NFLU38Yx/Hn5/y5OdEtiKCgeqibuhm6/oAaoRANCnNSXQTHPKux0ybnDGMRuZvotr9DuuwuqP4Bb6Kb7ruTIOjGi+gbnrPpmU6durml7xfIeXae74fzdZvybLCt3n/7rJj3UnmrIgMxlQGRmqyJJNeruv/qxwG/HpKwmlwd+fXt/L0HD29nstnJadWpzMy1tKqOXfz4/OW7S58rI7Pvxz5EZSX5aPVn+vvK0MrZ1T8zTwueFjwtlStq6Vy5XLHmHFvnC14xpXrXsS3P1kLJs92mft4pLyxU1SrNj8YXXNvz1CpVtWhXtVLWiltV64lVKGkqldLRuJxsg22syS1PT1uZHdsm0tEdoeuGW5103UytdTO3fAR7AgAAfWb3+T+Y9Xee/7OzwXE/8/+Zved/Eeb/Lqk13dpj/sex4LoZK17/+23G/A8AAAAAAAAAAAAAAAAAAAAAwL9gzZiEMSaxfqyf8m9HRSQmIqbe7/E20SXhx9+EfvZ4/K/3aLvosNAH92IizpvF3GIuOAb9TF4K4ogt45KQ3/7zoS6op25lJ8fVl5RPzlI9v7SYi0i0kW9ItspfODUR5LU5/7/Ew9dPS0JOt75+umV+SK5cDuVTkpAvj6Usjsz7z+vN/KsJ1Zt3slvyw/46AAAAAACOg5Ru2Pb63e/7C2KyvR/kQ+8PGGOWdnt/YMvr60E5185XVAIAAAAAgEPzqi+KluPY7gGKqIgcIt75whiR3m8jIv1xbzQXN0SkD7ZxVEVMRIIzepD4j414WynTxppBEen53bKPotf/mQAAAAB02ubQv4/Q19dd3BEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdPu98H1li/rdVo7BIPXS5y5L8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Ef+BgAA//+4IRyf") mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', r1, &(0x7f00000004c0)='./file0\x00', 0x2) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', r0, &(0x7f00000004c0)='./file0\x00', 0x2) 329.067614ms ago: executing program 6 (id=3718): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12) write(r1, &(0x7f0000000a00)="c788", 0x2) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7ffff000) 275.753335ms ago: executing program 3 (id=3721): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) r3 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00000000000000001c001a800800028004000500080000003e"], 0x44}}, 0x0) 238.348396ms ago: executing program 2 (id=3722): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) 232.566656ms ago: executing program 0 (id=3732): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f0000000040)) 232.034456ms ago: executing program 3 (id=3723): r0 = socket$igmp(0x2, 0x3, 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) setsockopt$MRT_ADD_MFC(r0, 0x0, 0x5, &(0x7f0000000240)={@private=0xa010100, @empty, 0xfffb, "66c5aff8a7eb3af1f6cec2e7420000008c84aea31700", 0x96bf, 0x2, 0x7e, 0x6b}, 0x3c) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000080)=0x300, 0x4) 188.268517ms ago: executing program 3 (id=3724): r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000340)={0x0, 0x1007}, 0x4) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x200}, 0x4) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8) 187.722167ms ago: executing program 0 (id=3735): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000300)={0xa, 0x3, 0x8, @loopback, 0xfffffffe}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_256={{0x303}, "41328ac34a4ad2ba", "e8582491a0c4050000000000f6542a9b6800000000000000003967d2daa45b4e", "61241765", "89b06aff130000fd"}, 0x38) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000040)=0xa603, 0x4) 187.221357ms ago: executing program 2 (id=3725): bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe15, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffff4b, 0x0}}, 0x10) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, 0x0, 0x0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000040), &(0x7f00000002c0)}, 0x20) 155.495167ms ago: executing program 2 (id=3726): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r1}, 0x18) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="500000000008050000000000000000000300000505000300060000000600024091000000040004801c00048008000840000001ff08000740000000070800034000000002090001"], 0x50}, 0x1, 0x0, 0x0, 0x20000001}, 0x8044) 155.294607ms ago: executing program 3 (id=3727): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd22, 0x2, {0x0, 0x0, 0x0, r2, {0x5, 0x2400}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_FD={0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8068801}, 0x0) 129.277798ms ago: executing program 0 (id=3728): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000002c0)='rxrpc_peer\x00', r1}, 0x18) r2 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0) 107.613778ms ago: executing program 2 (id=3729): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000ffffffff00000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000007d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0) ioctl$AUTOFS_IOC_FAIL(r1, 0x4c80, 0x7000000) 83.496419ms ago: executing program 0 (id=3730): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1008}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x4f, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2, 0x0, 0x4}, 0x18) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20) 75.844189ms ago: executing program 2 (id=3731): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="24010000", @ANYRES16=r2, @ANYBLOB="a183000000000000000005000000080003"], 0x124}}, 0x0) 64.164839ms ago: executing program 3 (id=3733): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="680000001000030500f0e66f1500000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e00300002800800010010000000100005800a000400aaaaaaaaaabb000008000300030000000a000400aaaaaaaab1aa000008000500", @ANYRES32=r1], 0x68}, 0x1, 0x0, 0x0, 0x4010}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000c840}, 0x440b0) 24.56259ms ago: executing program 2 (id=3734): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xa, 0xfe, 0x7fff, 0xcc}, 0x50) 23.05124ms ago: executing program 0 (id=3736): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0xe) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000300ac1414aa0800060001"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x4c080) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010028bd7000fcdbdf2504"], 0x14}}, 0x0) 0s ago: executing program 0 (id=3737): r0 = socket(0x18, 0x800, 0x0) connect$pppoe(r0, &(0x7f0000000100)={0x18, 0x0, {0x2, @multicast, 'vcan0\x00'}}, 0x1e) sendfile(r0, 0xffffffffffffffff, 0x0, 0x8) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x49}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) sendto$packet(r0, 0x0, 0x0, 0x4044891, 0x0, 0x0) kernel console output (not intermixed with test programs): ted capacity change from 0 to 512 [ 68.041862][ T6829] EXT4-fs (loop6): orphan cleanup on readonly fs [ 68.048622][ T6829] EXT4-fs error (device loop6): ext4_orphan_get:1418: comm syz.6.1382: bad orphan inode 13 [ 68.060595][ T6829] ext4_test_bit(bit=12, block=18) = 1 [ 68.066108][ T6829] is_bad_inode(inode)=0 [ 68.070276][ T6829] NEXT_ORPHAN(inode)=2130706432 [ 68.075202][ T6829] max_ino=32 [ 68.078424][ T6829] i_nlink=1 [ 68.097846][ T6829] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 68.141379][ T6191] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.358725][ T6850] loop3: detected capacity change from 0 to 512 [ 68.386771][ T6850] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.448223][ T6850] ext4 filesystem being mounted at /288/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 68.482413][ T6861] loop2: detected capacity change from 0 to 512 [ 68.537874][ T6861] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 68.578320][ T6861] EXT4-fs (loop2): 1 orphan inode deleted [ 68.584206][ T6861] EXT4-fs (loop2): 1 truncate cleaned up [ 68.595705][ T6861] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.606560][ T29] kauditd_printk_skb: 189 callbacks suppressed [ 68.606577][ T29] audit: type=1400 audit(2000000015.050:2131): avc: denied { read } for pid=6866 comm="syz.5.1397" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 68.637537][ T29] audit: type=1400 audit(2000000015.050:2132): avc: denied { open } for pid=6866 comm="syz.5.1397" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 68.638399][ T6861] EXT4-fs error (device loop2): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.2.1395: path /282/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0 [ 68.684661][ T6861] EXT4-fs (loop2): Remounting filesystem read-only [ 68.741956][ T6877] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1403'. [ 68.749103][ T6880] capability: warning: `syz.2.1404' uses deprecated v2 capabilities in a way that may be insecure [ 68.783118][ T29] audit: type=1326 audit(2000000015.220:2133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6883 comm="syz.3.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 68.806644][ T29] audit: type=1326 audit(2000000015.220:2134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6883 comm="syz.3.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 68.832705][ T29] audit: type=1326 audit(2000000015.230:2135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6883 comm="syz.3.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 68.856142][ T29] audit: type=1326 audit(2000000015.230:2136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6883 comm="syz.3.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 68.879591][ T29] audit: type=1326 audit(2000000015.230:2137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6883 comm="syz.3.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 68.903059][ T29] audit: type=1326 audit(2000000015.230:2138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6883 comm="syz.3.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 68.926442][ T29] audit: type=1326 audit(2000000015.230:2139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6883 comm="syz.3.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 68.949852][ T29] audit: type=1326 audit(2000000015.230:2140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6883 comm="syz.3.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 69.125120][ T6906] loop6: detected capacity change from 0 to 512 [ 69.193933][ T6906] EXT4-fs mount: 2 callbacks suppressed [ 69.193950][ T6906] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.224543][ T6906] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.277164][ T6921] loop2: detected capacity change from 0 to 512 [ 69.294551][ T6921] EXT4-fs warning (device loop2): ext4_xattr_inode_get:542: inode #11: comm syz.2.1424: ea_inode file size=0 entry size=6 [ 69.324194][ T6921] ------------[ cut here ]------------ [ 69.329903][ T6921] EA inode 11 i_nlink=2 [ 69.330173][ T6921] WARNING: CPU: 1 PID: 6921 at fs/ext4/xattr.c:1053 ext4_xattr_inode_update_ref+0x3d4/0x3f0 [ 69.344594][ T6921] Modules linked in: [ 69.348584][ T6921] CPU: 1 UID: 0 PID: 6921 Comm: syz.2.1424 Not tainted syzkaller #0 PREEMPT(voluntary) [ 69.358383][ T6921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 69.368491][ T6921] RIP: 0010:ext4_xattr_inode_update_ref+0x3d4/0x3f0 [ 69.375243][ T6921] Code: 90 49 8d 7e 40 e8 9c f7 b7 ff 4d 8b 6e 40 4c 89 e7 e8 b0 f2 b7 ff 41 8b 56 48 48 c7 c7 6b 9c 54 86 4c 89 ee e8 5d de 66 ff 90 <0f> 0b 90 90 e9 58 fe ff ff e8 8e 5c ad 03 66 66 66 66 66 2e 0f 1f [ 69.394995][ T6921] RSP: 0018:ffffc9001c71f7c8 EFLAGS: 00010246 [ 69.401074][ T6921] RAX: 96636ad837d31100 RBX: ffff88810ba28600 RCX: 0000000000080000 [ 69.409071][ T6921] RDX: ffffc900025be000 RSI: 00000000000044d8 RDI: 00000000000044d9 [ 69.417099][ T6921] RBP: 0000000000000002 R08: 0001c9001c71f63f R09: 0000000000000000 [ 69.425091][ T6921] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88810ba285b0 [ 69.433164][ T6921] R13: 000000000000000b R14: ffff88810ba28568 R15: 0000000000000001 [ 69.441207][ T6921] FS: 00007f872aaaf6c0(0000) GS:ffff8882aef43000(0000) knlGS:0000000000000000 [ 69.450175][ T6921] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.456795][ T6921] CR2: 00007ffc25ab7c98 CR3: 0000000103c42000 CR4: 00000000003506f0 [ 69.464835][ T6921] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 69.472844][ T6921] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 69.480829][ T6921] Call Trace: [ 69.484151][ T6921] [ 69.487156][ T6921] ext4_xattr_inode_dec_ref_all+0x579/0x830 [ 69.493218][ T6921] ? errseq_check+0x2c/0x50 [ 69.497810][ T6921] ext4_xattr_delete_inode+0x6b7/0x790 [ 69.503324][ T6921] ? ext4_truncate+0x92e/0xae0 [ 69.508142][ T6921] ext4_evict_inode+0xa6a/0xd90 [ 69.513017][ T6921] ? __pfx_ext4_evict_inode+0x10/0x10 [ 69.518430][ T6921] evict+0x2e3/0x550 [ 69.522336][ T6921] ? __dquot_initialize+0x146/0x7c0 [ 69.527572][ T6921] iput+0x447/0x5b0 [ 69.531449][ T6921] ext4_process_orphan+0x1a9/0x1c0 [ 69.536696][ T6921] ext4_orphan_cleanup+0x6a8/0xa00 [ 69.541993][ T6921] ext4_fill_super+0x3260/0x35d0 [ 69.547023][ T6921] ? set_blocksize+0x1a8/0x310 [ 69.551855][ T6921] ? sb_set_blocksize+0xe3/0x100 [ 69.556854][ T6921] ? setup_bdev_super+0x30e/0x370 [ 69.561926][ T6921] ? __pfx_ext4_fill_super+0x10/0x10 [ 69.567314][ T6921] get_tree_bdev_flags+0x28e/0x300 [ 69.572459][ T6921] ? __pfx_ext4_fill_super+0x10/0x10 [ 69.577862][ T6921] get_tree_bdev+0x1f/0x30 [ 69.582271][ T6921] ext4_get_tree+0x1c/0x30 [ 69.586768][ T6921] vfs_get_tree+0x57/0x1d0 [ 69.591200][ T6921] do_new_mount+0x207/0x5e0 [ 69.595743][ T6921] ? security_capable+0x83/0x90 [ 69.600641][ T6921] path_mount+0x4a4/0xb20 [ 69.605057][ T6921] ? user_path_at+0x109/0x130 [ 69.609837][ T6921] __se_sys_mount+0x28f/0x2e0 [ 69.614532][ T6921] ? do_mkdirat+0x3ac/0x3f0 [ 69.619039][ T6921] __x64_sys_mount+0x67/0x80 [ 69.623675][ T6921] x64_sys_call+0x2b4d/0x2ff0 [ 69.628384][ T6921] do_syscall_64+0xd2/0x200 [ 69.632905][ T6921] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 69.638973][ T6921] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 69.644774][ T6921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.650682][ T6921] RIP: 0033:0x7f872c05066a [ 69.655121][ T6921] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.674823][ T6921] RSP: 002b:00007f872aaaee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 69.683287][ T6921] RAX: ffffffffffffffda RBX: 00007f872aaaeef0 RCX: 00007f872c05066a [ 69.691277][ T6921] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f872aaaeeb0 [ 69.699263][ T6921] RBP: 0000200000000180 R08: 00007f872aaaeef0 R09: 0000000000800700 [ 69.707266][ T6921] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 69.715312][ T6921] R13: 00007f872aaaeeb0 R14: 0000000000000473 R15: 0000200000000680 [ 69.723364][ T6921] [ 69.726379][ T6921] ---[ end trace 0000000000000000 ]--- [ 69.732021][ T6921] EXT4-fs (loop2): 1 orphan inode deleted [ 69.737306][ T6191] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.739949][ T6921] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 69.801435][ T6936] sctp: [Deprecated]: syz.0.1430 (pid 6936) Use of struct sctp_assoc_value in delayed_ack socket option. [ 69.801435][ T6936] Use struct sctp_sack_info instead [ 69.821826][ T3299] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.853075][ T23] kernel write not supported for file task/635/attr/fscreate (pid: 23 comm: kworker/1:0) [ 69.867209][ T6946] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 69.885061][ T6946] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 69.893633][ T6950] program syz.0.1437 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 69.907116][ T6952] netlink: 'syz.3.1438': attribute type 10 has an invalid length. [ 69.920253][ T6952] team0: Device hsr_slave_0 failed to register rx_handler [ 69.991066][ T6964] veth0: entered promiscuous mode [ 70.003892][ T6964] veth0: left promiscuous mode [ 70.118477][ T6982] loop3: detected capacity change from 0 to 512 [ 70.134023][ T6982] EXT4-fs warning (device loop3): ext4_xattr_inode_get:556: inode #11: comm syz.3.1453: EA inode hash validation failed [ 70.146820][ T6982] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.1453: corrupted inode contents [ 70.161152][ T6982] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #15: comm syz.3.1453: mark_inode_dirty error [ 70.174349][ T6982] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.1453: corrupted inode contents [ 70.195210][ T6982] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #15: comm syz.3.1453: mark_inode_dirty error [ 70.207673][ T6982] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #15: comm syz.3.1453: mark inode dirty (error -117) [ 70.227436][ T6982] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 70.236601][ T6982] EXT4-fs (loop3): 1 orphan inode deleted [ 70.243226][ T6982] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.277972][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.432049][ T7024] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1473'. [ 70.478912][ T7034] loop3: detected capacity change from 0 to 512 [ 70.497554][ T7034] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.511046][ T7034] ext4 filesystem being mounted at /312/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 70.547724][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.607873][ T7051] loop3: detected capacity change from 0 to 512 [ 70.615331][ T7051] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 70.627313][ T7048] vhci_hcd: invalid port number 96 [ 70.632455][ T7048] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 70.647358][ T7055] sctp: [Deprecated]: syz.2.1487 (pid 7055) Use of struct sctp_assoc_value in delayed_ack socket option. [ 70.647358][ T7055] Use struct sctp_sack_info instead [ 70.673343][ T7052] SELinux: failed to load policy [ 70.678696][ T7051] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1486: bg 0: block 104: invalid block bitmap [ 70.694043][ T7051] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 70.703013][ T7051] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1486: invalid indirect mapped block 1 (level 1) [ 70.717714][ T7051] EXT4-fs (loop3): 1 truncate cleaned up [ 70.723915][ T7051] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.778868][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.825925][ T7071] netlink: 'syz.3.1493': attribute type 10 has an invalid length. [ 70.833855][ T7071] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1493'. [ 70.895983][ T7071] dummy0: entered promiscuous mode [ 70.914567][ T7071] bridge0: port 2(dummy0) entered blocking state [ 70.920940][ T7071] bridge0: port 2(dummy0) entered disabled state [ 70.939625][ T7071] dummy0: entered allmulticast mode [ 70.988208][ T7080] loop5: detected capacity change from 0 to 8192 [ 71.175447][ T7111] netlink: 'syz.5.1512': attribute type 1 has an invalid length. [ 71.256189][ T7118] loop5: detected capacity change from 0 to 512 [ 71.256925][ T7120] vhci_hcd: invalid port number 96 [ 71.267872][ T7120] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 71.279731][ T7118] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 71.315504][ T7118] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.1515: Failed to acquire dquot type 1 [ 71.332432][ T7118] EXT4-fs (loop5): 1 truncate cleaned up [ 71.347223][ T7118] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.378885][ T5697] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.484065][ T7131] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 71.595454][ T7143] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1527'. [ 71.604593][ T7143] tipc: Started in network mode [ 71.609469][ T7143] tipc: Node identity 0000000000005f120000000000000001, cluster identity 4711 [ 71.618350][ T7143] tipc: Enabling of bearer rejected, failed to enable media [ 71.738385][ T7159] loop5: detected capacity change from 0 to 512 [ 71.757013][ T7159] EXT4-fs warning (device loop5): ext4_xattr_inode_get:556: inode #11: comm syz.5.1533: EA inode hash validation failed [ 71.778273][ T7159] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.1533: corrupted inode contents [ 71.790802][ T7159] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #15: comm syz.5.1533: mark_inode_dirty error [ 71.805679][ T7159] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.1533: corrupted inode contents [ 71.817927][ T7159] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #15: comm syz.5.1533: mark_inode_dirty error [ 71.831316][ T7159] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #15: comm syz.5.1533: mark inode dirty (error -117) [ 71.844215][ T7159] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117) [ 71.853468][ T7159] EXT4-fs (loop5): 1 orphan inode deleted [ 71.860248][ T7159] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.895701][ T7171] netlink: 332 bytes leftover after parsing attributes in process `syz.0.1540'. [ 71.922176][ T5697] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.932962][ T7175] ALSA: seq fatal error: cannot create timer (-22) [ 71.958116][ T7179] netlink: 'syz.6.1544': attribute type 10 has an invalid length. [ 71.969326][ T7179] team0: Device hsr_slave_0 failed to register rx_handler [ 72.121993][ T7206] ALSA: seq fatal error: cannot create timer (-22) [ 72.157891][ T7214] loop5: detected capacity change from 0 to 512 [ 72.172942][ T7214] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 72.190534][ T7214] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm syz.5.1559: bg 0: block 104: invalid block bitmap [ 72.204629][ T7214] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 72.213843][ T7214] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.1559: invalid indirect mapped block 1 (level 1) [ 72.228812][ T7214] EXT4-fs (loop5): 1 truncate cleaned up [ 72.234972][ T7214] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.293978][ T7218] netdevsim netdevsim3: Direct firmware load for ./file0/file1 failed with error -2 [ 72.348968][ T5697] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.391830][ T7210] loop6: detected capacity change from 0 to 128 [ 72.533278][ T7244] xt_HMARK: proto mask must be zero with L3 mode [ 72.705424][ T7271] loop6: detected capacity change from 0 to 128 [ 72.711837][ T7263] loop3: detected capacity change from 0 to 8192 [ 72.712032][ T7271] EXT4-fs: Ignoring removed nobh option [ 72.728735][ T7271] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 72.744517][ T7271] ext4 filesystem being mounted at /80/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 72.776593][ T6191] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 72.834465][ T7285] netlink: 128 bytes leftover after parsing attributes in process `syz.5.1591'. [ 72.850940][ T23] hid-generic 0000:0000:10001.0002: unknown main item tag 0x0 [ 72.858595][ T23] hid-generic 0000:0000:10001.0002: unknown main item tag 0x0 [ 72.866087][ T23] hid-generic 0000:0000:10001.0002: unknown main item tag 0x0 [ 72.873705][ T23] hid-generic 0000:0000:10001.0002: unknown main item tag 0x0 [ 72.881200][ T23] hid-generic 0000:0000:10001.0002: unknown main item tag 0x0 [ 72.888718][ T23] hid-generic 0000:0000:10001.0002: unknown main item tag 0x0 [ 72.896273][ T23] hid-generic 0000:0000:10001.0002: unknown main item tag 0x0 [ 72.903960][ T23] hid-generic 0000:0000:10001.0002: unknown main item tag 0x0 [ 72.911474][ T23] hid-generic 0000:0000:10001.0002: unknown main item tag 0x0 [ 72.919080][ T23] hid-generic 0000:0000:10001.0002: unknown main item tag 0x0 [ 72.942955][ T23] hid-generic 0000:0000:10001.0002: hidraw0: HID v0.00 Device [syz0] on syz1 [ 72.960169][ T7299] openvswitch: netlink: Message has 6 unknown bytes. [ 73.122003][ T7319] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1606'. [ 73.179446][ T7327] rdma_op ffff88811ed35180 conn xmit_rdma 0000000000000000 [ 73.184346][ T7331] pimreg: entered allmulticast mode [ 73.218972][ T7331] pimreg: left allmulticast mode [ 73.256986][ T7344] loop3: detected capacity change from 0 to 512 [ 73.294757][ T7344] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.314029][ T7344] ext4 filesystem being mounted at /344/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 73.356404][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.375718][ T7359] sch_tbf: peakrate 7 is lower than or equals to rate 19 ! [ 73.688169][ T7395] loop6: detected capacity change from 0 to 512 [ 73.695808][ T29] kauditd_printk_skb: 276 callbacks suppressed [ 73.695820][ T29] audit: type=1326 audit(2000000020.150:2414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7392 comm="syz.3.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 73.725435][ T29] audit: type=1326 audit(2000000020.150:2415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7392 comm="syz.3.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 73.748858][ T29] audit: type=1400 audit(2000000020.150:2416): avc: denied { execute } for pid=7390 comm="syz.5.1640" path=2F6D656D66643A0B656DDA9952406DFCFE9B232AFF202864656C6574656429 dev="tmpfs" ino=1091 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 73.825002][ T29] audit: type=1326 audit(2000000020.150:2417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7392 comm="syz.3.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 73.848430][ T29] audit: type=1326 audit(2000000020.150:2418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7392 comm="syz.3.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 73.871884][ T29] audit: type=1326 audit(2000000020.150:2419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7392 comm="syz.3.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 74.033961][ T7395] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.073681][ T29] audit: type=1326 audit(2000000020.470:2420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7392 comm="syz.3.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 74.097244][ T29] audit: type=1326 audit(2000000020.470:2421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7392 comm="syz.3.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 74.120661][ T29] audit: type=1326 audit(2000000020.470:2422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7392 comm="syz.3.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672495eec9 code=0x7ffc0000 [ 74.144158][ T29] audit: type=1400 audit(2000000020.500:2423): avc: denied { add_name } for pid=7394 comm="syz.6.1642" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 74.166823][ T6191] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.277482][ T7414] netdevsim netdevsim6: Direct firmware load for .. failed with error -2 [ 74.614742][ T7428] loop2: detected capacity change from 0 to 512 [ 74.637105][ T7428] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 74.764472][ T7428] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.1652: Failed to acquire dquot type 1 [ 74.787262][ T7428] EXT4-fs (loop2): 1 truncate cleaned up [ 74.793466][ T7428] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.813261][ T7428] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.252611][ T7465] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1668'. [ 75.278272][ T7465] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1668'. [ 75.360872][ T7475] loop3: detected capacity change from 0 to 1024 [ 75.419631][ T7475] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 75.430610][ T7475] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 75.460137][ T7475] JBD2: no valid journal superblock found [ 75.466047][ T7475] EXT4-fs (loop3): Could not load journal inode [ 75.523571][ T7492] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 75.559495][ T7500] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1682'. [ 75.572857][ T7500] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1682'. [ 76.122971][ T7576] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 76.186468][ T7587] capability: warning: `syz.0.1723' uses 32-bit capabilities (legacy support in use) [ 76.350522][ T7612] netlink: 'syz.5.1736': attribute type 1 has an invalid length. [ 76.383285][ T7614] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1737'. [ 76.463135][ T7624] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1741'. [ 76.525264][ T7632] loop6: detected capacity change from 0 to 1024 [ 76.538021][ T7632] EXT4-fs: Ignoring removed orlov option [ 76.554516][ T7632] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.591584][ T6191] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.739933][ T7661] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7661 comm=syz.5.1759 [ 76.851561][ T7679] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1766'. [ 76.936671][ T7684] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7684 comm=syz.0.1768 [ 76.998962][ T7688] loop3: detected capacity change from 0 to 1024 [ 77.012781][ T7688] EXT4-fs: Ignoring removed orlov option [ 77.035909][ T7688] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.056087][ T7693] SELinux: security_context_str_to_sid (unt-ro,) failed with errno=-22 [ 77.088579][ T7700] SELinux: failed to load policy [ 77.142995][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.160945][ T7710] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1780'. [ 77.194133][ T7716] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 77.220393][ T7716] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 77.231216][ T7724] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1786'. [ 77.243557][ T7716] ip6tnl0: Caught tx_queue_len zero misconfig [ 77.249637][ T7716] sch_fq: defrate 4294967295 ignored. [ 77.371537][ T3408] hid-generic 0000:0000:0000.0003: hidraw0: HID v80008.00 Device [syz0] on syz0 [ 77.391744][ T7749] 8021q: adding VLAN 0 to HW filter on device bond3 [ 77.525847][ T7773] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1809'. [ 77.764164][ T7820] rdma_op ffff88811e5cb980 conn xmit_rdma 0000000000000000 [ 77.808778][ T7832] /dev/md0: Can't lookup blockdev [ 77.948023][ T7857] loop5: detected capacity change from 0 to 512 [ 77.954864][ T7857] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 78.030186][ T7871] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 78.081251][ T7881] loop3: detected capacity change from 0 to 512 [ 78.087931][ T7881] EXT4-fs: Ignoring removed bh option [ 78.094740][ T7881] EXT4-fs: Ignoring removed mblk_io_submit option [ 78.096117][ T7883] netlink: 2 bytes leftover after parsing attributes in process `syz.6.1860'. [ 78.110377][ T7881] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 78.121148][ T7881] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 78.129699][ T7881] EXT4-fs (loop3): orphan cleanup on readonly fs [ 78.136508][ T7881] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1858: Failed to acquire dquot type 1 [ 78.149839][ T7881] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.1858: Invalid block bitmap block 0 in block_group 0 [ 78.166002][ T7881] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.1858: Invalid block bitmap block 0 in block_group 0 [ 78.179626][ T7881] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.1858: Invalid block bitmap block 0 in block_group 0 [ 78.195155][ T7881] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1858: Failed to acquire dquot type 1 [ 78.206725][ T7881] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1858: Failed to acquire dquot type 1 [ 78.219567][ T7881] EXT4-fs (loop3): 1 orphan inode deleted [ 78.225960][ T7881] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 78.243212][ T7881] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 78.261422][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.395592][ T7890] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1862'. [ 78.731901][ T7907] ALSA: seq fatal error: cannot create timer (-19) [ 78.781938][ T7910] netlink: 61967 bytes leftover after parsing attributes in process `syz.2.1871'. [ 78.804760][ T7912] loop3: detected capacity change from 0 to 2048 [ 78.838586][ T7912] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.872277][ T29] kauditd_printk_skb: 176 callbacks suppressed [ 78.872291][ T29] audit: type=1400 audit(2000000025.310:2592): avc: denied { write } for pid=7911 comm="syz.3.1872" path="/399/file1/bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 78.908686][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.146652][ T7945] hub 9-0:1.0: USB hub found [ 79.151442][ T7945] hub 9-0:1.0: 8 ports detected [ 79.520448][ T29] audit: type=1400 audit(2000000025.960:2593): avc: denied { append } for pid=7979 comm="syz.3.1895" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 79.546382][ T7980] program syz.3.1895 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 79.591604][ T29] audit: type=1400 audit(2000000026.030:2594): avc: denied { setopt } for pid=7984 comm="syz.3.1897" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 79.620274][ T7985] IPVS: stopping backup sync thread 7987 ... [ 79.744480][ T29] audit: type=1400 audit(2000000026.170:2595): avc: denied { create } for pid=7992 comm="syz.3.1901" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 79.764281][ T29] audit: type=1400 audit(2000000026.170:2596): avc: denied { read write } for pid=3300 comm="syz-executor" name="loop0" dev="devtmpfs" ino=739 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 79.787588][ T29] audit: type=1400 audit(2000000026.170:2597): avc: denied { open } for pid=3300 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=739 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 79.810753][ T29] audit: type=1400 audit(2000000026.180:2598): avc: denied { sys_admin } for pid=7992 comm="syz.3.1901" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 79.845768][ T29] audit: type=1400 audit(2000000026.190:2599): avc: denied { ioctl } for pid=3300 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=739 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 79.870449][ T29] audit: type=1400 audit(2000000026.210:2600): avc: denied { block_suspend } for pid=7998 comm="syz.6.1905" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 79.959214][ T29] audit: type=1400 audit(2000000026.400:2601): avc: denied { mount } for pid=8015 comm="syz.2.1921" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 80.209848][ T8053] atomic_op ffff88811ae50528 conn xmit_atomic 0000000000000000 [ 80.255058][ T8057] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1918'. [ 80.266728][ T8050] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1918'. [ 80.279321][ T8061] loop6: detected capacity change from 0 to 128 [ 80.287422][ T8061] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 80.324970][ T8064] loop2: detected capacity change from 0 to 1024 [ 80.332135][ T8064] EXT4-fs: Ignoring removed orlov option [ 80.340402][ T8061] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 80.359840][ T8064] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.399716][ T3787] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 80.417129][ T8078] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2621 [ 80.450757][ T8085] netlink: 'syz.5.1939': attribute type 12 has an invalid length. [ 80.458777][ T8085] netlink: 'syz.5.1939': attribute type 29 has an invalid length. [ 80.466631][ T8085] netlink: 'syz.5.1939': attribute type 1 has an invalid length. [ 80.474414][ T8085] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1939'. [ 80.483514][ T8085] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.493137][ T3299] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.562114][ T8099] loop2: detected capacity change from 0 to 2048 [ 80.575235][ T8099] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.594645][ T8105] loop6: detected capacity change from 0 to 256 [ 80.607155][ T8105] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000001) [ 80.607861][ T3299] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.642854][ T8107] hub 9-0:1.0: USB hub found [ 80.647702][ T8107] hub 9-0:1.0: 8 ports detected [ 80.764163][ T8124] netlink: 'syz.0.1956': attribute type 4 has an invalid length. [ 80.774868][ T8122] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125 [ 80.777892][ T8124] netlink: 'syz.0.1956': attribute type 4 has an invalid length. [ 80.979729][ T8160] netlink: 'syz.3.1972': attribute type 1 has an invalid length. [ 81.041343][ T8166] loop3: detected capacity change from 0 to 512 [ 81.084705][ T8166] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.106074][ T8166] ext4 filesystem being mounted at /414/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 81.132621][ T8173] netlink: 'syz.2.1978': attribute type 13 has an invalid length. [ 81.140438][ T8173] netlink: 'syz.2.1978': attribute type 17 has an invalid length. [ 81.153076][ T8166] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1974: corrupted inode contents [ 81.187028][ T8166] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.1974: mark_inode_dirty error [ 81.198806][ T8166] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1974: corrupted inode contents [ 81.211360][ T8176] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1974: corrupted inode contents [ 81.223304][ T8176] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.1974: mark_inode_dirty error [ 81.235892][ T8176] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1974: corrupted inode contents [ 81.247858][ T8176] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.1974: mark_inode_dirty error [ 81.260536][ T8176] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1974: corrupted inode contents [ 81.272497][ T8176] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.1974: mark_inode_dirty error [ 81.284906][ T8173] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 81.328007][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.447622][ T8197] ipvlan0: entered promiscuous mode [ 81.457060][ T8197] bridge0: port 2(ipvlan0) entered blocking state [ 81.463557][ T8197] bridge0: port 2(ipvlan0) entered disabled state [ 81.478368][ T8197] ipvlan0: entered allmulticast mode [ 81.483764][ T8197] bridge0: entered allmulticast mode [ 81.494008][ T8197] ipvlan0: left allmulticast mode [ 81.499156][ T8197] bridge0: left allmulticast mode [ 81.609062][ T8213] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125 [ 81.703753][ T8226] loop0: detected capacity change from 0 to 2048 [ 81.734359][ T8226] Alternate GPT is invalid, using primary GPT. [ 81.740839][ T8226] loop0: p1 p2 p3 [ 81.744672][ T8226] loop0: partition table partially beyond EOD, truncated [ 82.178779][ T8251] loop0: detected capacity change from 0 to 512 [ 82.221551][ T8251] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.222905][ T8256] __nla_validate_parse: 4 callbacks suppressed [ 82.222984][ T8256] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2017'. [ 82.241974][ T8251] ext4 filesystem being mounted at /386/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 82.260130][ T8256] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 82.277258][ T8256] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 82.313158][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.431942][ T8268] syzkaller1: tun_chr_ioctl cmd 1074025678 [ 82.437877][ T8268] syzkaller1: group set to 0 [ 82.801738][ T8301] loop5: detected capacity change from 0 to 2048 [ 82.828367][ T8221] syz.3.2001 (8221) used greatest stack depth: 6392 bytes left [ 82.855173][ T8310] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2039'. [ 82.889483][ T8310] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2039'. [ 82.912476][ T8310] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2039'. [ 82.930771][ T8316] smc: net device bond0 applied user defined pnetid SYZ0 [ 82.930879][ T8310] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2039'. [ 82.949014][ T8310] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2039'. [ 82.962815][ T8301] loop5: p2 p3 p7 [ 82.971312][ T8316] smc: net device bond0 erased user defined pnetid SYZ0 [ 83.022760][ T8324] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2047'. [ 83.120524][ T8337] loop0: detected capacity change from 0 to 512 [ 83.142131][ T8337] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 83.151002][ T8337] EXT4-fs (loop0): orphan cleanup on readonly fs [ 83.161846][ T8344] netlink: 'syz.5.2056': attribute type 3 has an invalid length. [ 83.185903][ T8337] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2054: corrupted inode contents [ 83.200621][ T8337] EXT4-fs (loop0): Remounting filesystem read-only [ 83.212580][ T8337] EXT4-fs (loop0): 1 truncate cleaned up [ 83.218430][ T3837] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 83.229044][ T3837] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 83.248060][ T3837] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started [ 83.263010][ T8337] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 83.331915][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.333381][ T8364] vcan0: tx drop: invalid sa for name 0xffffffffffffffff [ 83.377319][ T8371] syz_tun: refused to change device tx_queue_len [ 83.405953][ T8374] loop0: detected capacity change from 0 to 1024 [ 83.426747][ T8374] EXT4-fs: Ignoring removed orlov option [ 83.432621][ T8374] EXT4-fs: Ignoring removed nomblk_io_submit option [ 83.485326][ T8374] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.559232][ T8374] EXT4-fs (loop0): shut down requested (0) [ 83.594080][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.608037][ T8397] loop2: detected capacity change from 0 to 128 [ 83.651763][ T8397] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 83.680119][ T8397] System zones: 1-3, 19-19, 35-36 [ 83.688142][ T8397] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 83.715677][ T8397] ext4 filesystem being mounted at /434/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 83.716893][ T8417] netlink: 'syz.3.2088': attribute type 21 has an invalid length. [ 83.759191][ T8417] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2088'. [ 83.776262][ T8416] IPv6: NLM_F_CREATE should be specified when creating new route [ 83.825459][ T3299] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 83.853520][ T8431] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8431 comm=syz.6.2095 [ 83.866233][ T8431] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=8431 comm=syz.6.2095 [ 83.902128][ T29] kauditd_printk_skb: 286 callbacks suppressed [ 83.902145][ T29] audit: type=1400 audit(2000000030.340:2882): avc: denied { write } for pid=8435 comm="syz.3.2096" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 83.928741][ T8436] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2096'. [ 83.940890][ T29] audit: type=1400 audit(2000000030.370:2883): avc: denied { nlmsg_read } for pid=8435 comm="syz.3.2096" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 83.961502][ T29] audit: type=1400 audit(2000000030.380:2884): avc: denied { nlmsg_write } for pid=8435 comm="syz.3.2096" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 83.982303][ T29] audit: type=1400 audit(2000000030.380:2885): avc: denied { read } for pid=8435 comm="syz.3.2096" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 84.094702][ T29] audit: type=1400 audit(2000000030.400:2886): avc: denied { create } for pid=8437 comm="syz.2.2098" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 84.114403][ T29] audit: type=1400 audit(2000000030.410:2887): avc: denied { connect } for pid=8437 comm="syz.2.2098" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 84.134078][ T29] audit: type=1400 audit(2000000030.470:2888): avc: denied { bind } for pid=8440 comm="syz.2.2099" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 84.153655][ T29] audit: type=1400 audit(2000000030.510:2889): avc: denied { create } for pid=8443 comm="syz.6.2101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 84.173218][ T29] audit: type=1400 audit(2000000030.510:2890): avc: denied { setopt } for pid=8443 comm="syz.6.2101" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 84.193732][ T29] audit: type=1400 audit(2000000030.510:2891): avc: denied { create } for pid=8444 comm="syz.2.2102" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 84.247837][ T8456] loop5: detected capacity change from 0 to 512 [ 84.528484][ T8479] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2116'. [ 84.667352][ T8491] rdma_op ffff88811ed35d80 conn xmit_rdma 0000000000000000 [ 84.708997][ T3374] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=3374 comm=kworker/0:3 [ 84.722010][ T8498] 9pnet: p9_errstr2errno: server reported unknown error 18446 [ 84.783307][ T8506] loop5: detected capacity change from 0 to 512 [ 84.805451][ T8506] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.824496][ T8506] ext4 filesystem being mounted at /221/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.845308][ T8506] SELinux: Context @ is not valid (left unmapped). [ 84.888106][ T5697] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.059270][ T8553] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.096465][ T8553] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.146490][ T8553] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.205727][ T8553] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.260058][ T3787] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.271625][ T3787] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.283920][ T3804] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.295379][ T3787] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.618656][ T8584] netlink: 'syz.2.2163': attribute type 1 has an invalid length. [ 85.640638][ T8584] 8021q: adding VLAN 0 to HW filter on device bond4 [ 85.677555][ T8584] bond4: (slave geneve2): making interface the new active one [ 85.690633][ T8584] bond4: (slave geneve2): Enslaving as an active interface with an up link [ 85.817545][ T8602] loop6: detected capacity change from 0 to 128 [ 85.933023][ T8616] IPv6: Can't replace route, no match found [ 85.940587][ T8620] loop2: detected capacity change from 0 to 1024 [ 85.947594][ T8620] EXT4-fs: Ignoring removed orlov option [ 85.988016][ T8620] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 86.000633][ T8626] loop3: detected capacity change from 0 to 1024 [ 86.009211][ T8620] ext4 filesystem being mounted at /455/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.038338][ T8626] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.099192][ T8620] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 86.146672][ T3299] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 86.159416][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.261877][ T8661] netlink: 'syz.6.2194': attribute type 153 has an invalid length. [ 86.316049][ T8672] IPVS: stopping backup sync thread 8676 ... [ 86.316049][ T8676] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0 [ 86.361252][ T8680] loop0: detected capacity change from 0 to 512 [ 86.397658][ T8680] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.2202: Failed to acquire dquot type 1 [ 86.422783][ T8680] EXT4-fs (loop0): 1 truncate cleaned up [ 86.430148][ T8680] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.443069][ T8680] ext4 filesystem being mounted at /421/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.505041][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.614690][ T8724] loop0: detected capacity change from 0 to 2048 [ 86.625309][ T8724] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.639170][ T8720] SELinux: failed to load policy [ 86.898072][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.972054][ T8750] loop3: detected capacity change from 0 to 512 [ 86.985420][ T8750] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002] [ 86.993695][ T8750] System zones: 0-2, 18-18, 34-35 [ 86.999706][ T8750] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.012830][ T8750] ext4 filesystem being mounted at /461/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 87.036903][ T8750] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #18: comm syz.3.2234: corrupted inode contents [ 87.052188][ T8750] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #18: comm syz.3.2234: mark_inode_dirty error [ 87.076837][ T8750] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #18: comm syz.3.2234: corrupted inode contents [ 87.093716][ T8750] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm syz.3.2234: mark_inode_dirty error [ 87.120852][ T8750] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm syz.3.2234: mark inode dirty (error -117) [ 87.136569][ T8750] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 87.164851][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.231372][ T8777] loop2: detected capacity change from 0 to 512 [ 87.240198][ T8777] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.2245: bg 0: block 5: invalid block bitmap [ 87.254283][ T8777] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 87.263147][ T8777] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.2245: invalid indirect mapped block 3 (level 2) [ 87.276935][ T8777] EXT4-fs (loop2): 2 truncates cleaned up [ 87.283049][ T8777] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.353071][ T8782] loop3: detected capacity change from 0 to 1024 [ 87.359899][ T8782] EXT4-fs: Ignoring removed bh option [ 87.366858][ T8782] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 87.399243][ T3299] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.410956][ T8782] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.443001][ T8782] EXT4-fs error (device loop3): ext4_check_all_de:659: inode #12: block 7: comm syz.3.2247: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 87.507224][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.660222][ T8824] __nla_validate_parse: 3 callbacks suppressed [ 87.660237][ T8824] netlink: 4380 bytes leftover after parsing attributes in process `syz.0.2265'. [ 87.678347][ T8824] netlink: 4380 bytes leftover after parsing attributes in process `syz.0.2265'. [ 87.703541][ T8802] loop5: detected capacity change from 0 to 128 [ 87.715645][ T8827] loop2: detected capacity change from 0 to 1024 [ 87.736330][ T8827] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.803842][ T3787] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe [ 87.817018][ T3299] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.960412][ T8867] program syz.0.2281 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 87.970517][ T8867] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 87.983742][ T8868] loop5: detected capacity change from 0 to 1024 [ 88.033213][ T8877] SELinux: ebitmap: truncated map [ 88.040946][ T8877] SELinux: failed to load policy [ 88.147365][ T8896] atomic_op ffff88811af53d28 conn xmit_atomic 0000000000000000 [ 88.163582][ T8899] loop2: detected capacity change from 0 to 128 [ 88.300837][ T8912] loop6: detected capacity change from 0 to 1024 [ 88.319220][ T3804] kworker/u8:26: attempt to access beyond end of device [ 88.319220][ T3804] loop2: rw=1, sector=145, nr_sectors = 16 limit=128 [ 88.332983][ T3804] kworker/u8:26: attempt to access beyond end of device [ 88.332983][ T3804] loop2: rw=1, sector=169, nr_sectors = 8 limit=128 [ 88.346543][ T3804] kworker/u8:26: attempt to access beyond end of device [ 88.346543][ T3804] loop2: rw=1, sector=185, nr_sectors = 8 limit=128 [ 88.360674][ T3804] kworker/u8:26: attempt to access beyond end of device [ 88.360674][ T3804] loop2: rw=1, sector=201, nr_sectors = 8 limit=128 [ 88.374666][ T3804] kworker/u8:26: attempt to access beyond end of device [ 88.374666][ T3804] loop2: rw=1, sector=217, nr_sectors = 8 limit=128 [ 88.388411][ T3804] kworker/u8:26: attempt to access beyond end of device [ 88.388411][ T3804] loop2: rw=1, sector=233, nr_sectors = 8 limit=128 [ 88.403597][ T3804] kworker/u8:26: attempt to access beyond end of device [ 88.403597][ T3804] loop2: rw=1, sector=249, nr_sectors = 8 limit=128 [ 88.417220][ T3804] kworker/u8:26: attempt to access beyond end of device [ 88.417220][ T3804] loop2: rw=1, sector=265, nr_sectors = 8 limit=128 [ 88.430876][ T3804] kworker/u8:26: attempt to access beyond end of device [ 88.430876][ T3804] loop2: rw=1, sector=281, nr_sectors = 8 limit=128 [ 88.444515][ T3804] kworker/u8:26: attempt to access beyond end of device [ 88.444515][ T3804] loop2: rw=1, sector=297, nr_sectors = 8 limit=128 [ 88.491552][ T8925] loop5: detected capacity change from 0 to 2048 [ 88.784282][ T1047] Process accounting resumed [ 88.815152][ T8965] loop2: detected capacity change from 0 to 512 [ 88.872358][ T8965] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002] [ 88.890712][ T8973] netlink: 208192 bytes leftover after parsing attributes in process `syz.5.2326'. [ 88.901877][ T8965] System zones: 0-2, 18-18, 34-35 [ 88.909065][ T8973] netlink: del zone limit has 4 unknown bytes [ 88.918055][ T8965] ext4 filesystem being mounted at /487/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 88.953019][ T8965] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #18: comm syz.2.2324: corrupted inode contents [ 88.982884][ T8965] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #18: comm syz.2.2324: mark_inode_dirty error [ 89.006673][ T8965] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #18: comm syz.2.2324: corrupted inode contents [ 89.018891][ T8965] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #18: comm syz.2.2324: mark_inode_dirty error [ 89.030992][ T8965] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #18: comm syz.2.2324: mark inode dirty (error -117) [ 89.045177][ T8965] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117) [ 89.118586][ T8990] netlink: 'syz.2.2334': attribute type 21 has an invalid length. [ 89.184504][ T8998] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2337'. [ 89.188424][ T8992] loop6: detected capacity change from 0 to 8192 [ 89.193425][ T8998] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2337'. [ 89.226015][ T9000] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125 [ 89.232069][ T8998] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2337'. [ 89.242534][ T8998] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2337'. [ 89.278449][ T29] kauditd_printk_skb: 276 callbacks suppressed [ 89.278463][ T29] audit: type=1326 audit(2000000002.080:3166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9003 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f872c04eec9 code=0x7ffc0000 [ 89.318167][ T9004] loop2: detected capacity change from 0 to 512 [ 89.405307][ T9006] loop5: detected capacity change from 0 to 4096 [ 89.424579][ T9006] EXT4-fs: Ignoring removed nomblk_io_submit option [ 89.441622][ T29] audit: type=1326 audit(2000000002.120:3167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9003 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f872c04eec9 code=0x7ffc0000 [ 89.465173][ T29] audit: type=1326 audit(2000000002.120:3168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9003 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f872c04eec9 code=0x7ffc0000 [ 89.488578][ T29] audit: type=1326 audit(2000000002.120:3169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9003 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f872c04ef03 code=0x7ffc0000 [ 89.511910][ T29] audit: type=1326 audit(2000000002.120:3170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9003 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f872c04d97f code=0x7ffc0000 [ 89.535253][ T29] audit: type=1326 audit(2000000002.120:3171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9003 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f872c04ef57 code=0x7ffc0000 [ 89.558833][ T29] audit: type=1326 audit(2000000002.120:3172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9003 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f872c04d710 code=0x7ffc0000 [ 89.582378][ T29] audit: type=1326 audit(2000000002.120:3173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9003 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f872c04eacb code=0x7ffc0000 [ 89.605907][ T29] audit: type=1326 audit(2000000002.230:3174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9003 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f872c04db2a code=0x7ffc0000 [ 89.627420][ T2954] hid_parser_main: 45 callbacks suppressed [ 89.627562][ T2954] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.629156][ T29] audit: type=1326 audit(2000000002.230:3175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9003 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f872c04db2a code=0x7ffc0000 [ 89.634965][ T2954] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.672960][ T2954] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.680402][ T2954] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.687836][ T2954] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.695262][ T2954] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.702865][ T2954] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.710341][ T2954] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.717824][ T2954] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.725261][ T2954] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.754579][ T9021] SELinux: Context system_u:object_r:ptchown_exec_t:s0 is not valid (left unmapped). [ 89.793355][ T9025] tmpfs: Too small a size for current use [ 89.815375][ T2954] hid-generic 0000:0000:0000.0004: hidraw0: HID v8.00 Device [syz0] on syz0 [ 89.823917][ T9032] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 89.836763][ T9032] SELinux: failed to load policy [ 90.067639][ T9066] loop5: detected capacity change from 0 to 1024 [ 90.090914][ T9066] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.2366: Allocating blocks 385-513 which overlap fs metadata [ 90.122150][ T9066] EXT4-fs (loop5): pa ffff888105b9d460: logic 16, phys. 129, len 24 [ 90.130205][ T9066] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 90.319872][ T9107] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 90.323923][ T9109] netlink: 196 bytes leftover after parsing attributes in process `syz.0.2385'. [ 90.328656][ T9107] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 91.349217][ T9179] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2418'. [ 91.366661][ T9181] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9181 comm=syz.0.2419 [ 91.490673][ T9192] netlink: 'syz.0.2424': attribute type 1 has an invalid length. [ 91.498561][ T9192] netlink: 'syz.0.2424': attribute type 2 has an invalid length. [ 91.956243][ T9231] loop3: detected capacity change from 0 to 8192 [ 92.085576][ T9247] loop6: detected capacity change from 0 to 128 [ 92.274889][ T9255] loop6: detected capacity change from 0 to 512 [ 92.290188][ T9257] random: crng reseeded on system resumption [ 92.334606][ T9261] tmpfs: Too small a size for current use [ 92.454605][ T9267] loop3: detected capacity change from 0 to 2048 [ 92.917815][ T3784] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 93.093932][ T9320] vhci_hcd: invalid port number 96 [ 93.099111][ T9320] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 93.118393][ T9322] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2478'. [ 93.138710][ T9322] netem: change failed [ 93.153962][ T9326] loop3: detected capacity change from 0 to 128 [ 93.350751][ T9339] bridge0: entered promiscuous mode [ 93.362609][ T9339] macsec1: entered promiscuous mode [ 93.368856][ T9339] bridge0: port 3(macsec1) entered blocking state [ 93.375494][ T9339] bridge0: port 3(macsec1) entered disabled state [ 93.384217][ T9339] macsec1: entered allmulticast mode [ 93.389535][ T9339] bridge0: entered allmulticast mode [ 93.396403][ T9339] macsec1: left allmulticast mode [ 93.401448][ T9339] bridge0: left allmulticast mode [ 93.409640][ T9339] bridge0: left promiscuous mode [ 94.153855][ T9373] loop2: detected capacity change from 0 to 8192 [ 94.310126][ T29] kauditd_printk_skb: 137 callbacks suppressed [ 94.310146][ T29] audit: type=1400 audit(2000000007.080:3313): avc: denied { append } for pid=9390 comm="syz.2.2507" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 94.406539][ T9402] loop3: detected capacity change from 0 to 512 [ 94.424013][ T9409] ref_ctr_offset mismatch. inode: 0xa58 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 94.436183][ T9402] EXT4-fs (loop3): orphan cleanup on readonly fs [ 94.443458][ T9402] EXT4-fs warning (device loop3): ext4_xattr_inode_get:556: inode #11: comm syz.3.2512: EA inode hash validation failed [ 94.456311][ T9402] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 94.469662][ T9402] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.2512: corrupted inode contents [ 94.482331][ T9402] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #15: comm syz.3.2512: mark_inode_dirty error [ 94.495061][ T9402] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.2512: corrupted inode contents [ 94.508057][ T9402] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #15: comm syz.3.2512: mark_inode_dirty error [ 94.521004][ T9402] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #15: comm syz.3.2512: mark inode dirty (error -117) [ 94.543254][ T9402] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 94.554730][ T9402] EXT4-fs (loop3): 1 orphan inode deleted [ 94.675434][ T9433] loop6: detected capacity change from 0 to 512 [ 94.692590][ T9433] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 94.730783][ T9433] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 94.747936][ T9433] EXT4-fs (loop6): 1 truncate cleaned up [ 94.753754][ T29] audit: type=1400 audit(2000000007.550:3314): avc: denied { setopt } for pid=9439 comm="syz.3.2528" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 94.795704][ T9446] netlink: 'syz.0.2529': attribute type 1 has an invalid length. [ 94.803464][ T9446] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2529'. [ 94.814091][ T29] audit: type=1400 audit(2000000007.600:3315): avc: denied { remove_name } for pid=9428 comm="syz.6.2524" name="file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 94.836802][ T29] audit: type=1400 audit(2000000007.600:3316): avc: denied { unlink } for pid=9428 comm="syz.6.2524" name="file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 94.890285][ T9449] loop6: detected capacity change from 0 to 1024 [ 94.965578][ T9455] loop3: detected capacity change from 0 to 512 [ 94.977361][ T9449] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.2531: Allocating blocks 385-513 which overlap fs metadata [ 95.012147][ T9455] loop3: detected capacity change from 0 to 512 [ 95.034899][ T9462] EXT4-fs (loop6): pa ffff88810728da10: logic 16, phys. 129, len 24 [ 95.043061][ T9462] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 95.058902][ T9455] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.2532: error while reading EA inode 32 err=-116 [ 95.081541][ T9455] EXT4-fs (loop3): Remounting filesystem read-only [ 95.088243][ T9455] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 95.129019][ T9455] EXT4-fs (loop3): 1 orphan inode deleted [ 95.192554][ T29] audit: type=1400 audit(2000000007.990:3317): avc: denied { create } for pid=9470 comm="syz.6.2539" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 95.211538][ T9476] loop3: detected capacity change from 0 to 512 [ 95.240240][ T29] audit: type=1400 audit(2000000008.020:3318): avc: denied { write } for pid=9470 comm="syz.6.2539" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 95.241230][ T9476] EXT4-fs warning (device loop3): ext4_xattr_inode_get:542: inode #11: comm syz.3.2541: ea_inode file size=4 entry size=6 [ 95.322708][ T9476] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.2541: corrupted inode contents [ 95.336800][ T9476] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #15: comm syz.3.2541: mark_inode_dirty error [ 95.392270][ T9476] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.2541: corrupted inode contents [ 95.442746][ T9476] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #15: comm syz.3.2541: mark_inode_dirty error [ 95.470100][ T9476] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #15: comm syz.3.2541: mark inode dirty (error -117) [ 95.499268][ T9476] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 95.514133][ T9497] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 95.524992][ T9476] EXT4-fs (loop3): 1 orphan inode deleted [ 95.660491][ T9513] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2558'. [ 95.798650][ T9521] loop6: detected capacity change from 0 to 512 [ 95.835266][ T9521] EXT4-fs (loop6): orphan cleanup on readonly fs [ 95.854466][ T9521] EXT4-fs warning (device loop6): ext4_xattr_inode_get:556: inode #11: comm syz.6.2563: EA inode hash validation failed [ 95.885858][ T9521] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 95.899528][ T9521] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #15: comm syz.6.2563: corrupted inode contents [ 95.912313][ T9521] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #15: comm syz.6.2563: mark_inode_dirty error [ 95.932943][ T9521] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #15: comm syz.6.2563: corrupted inode contents [ 95.956527][ T9521] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2991: inode #15: comm syz.6.2563: mark_inode_dirty error [ 95.972553][ T9521] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2994: inode #15: comm syz.6.2563: mark inode dirty (error -117) [ 95.993441][ T9521] EXT4-fs warning (device loop6): ext4_evict_inode:274: xattr delete (err -117) [ 96.003701][ T9521] EXT4-fs (loop6): 1 orphan inode deleted [ 96.014033][ T29] audit: type=1326 audit(2000000008.810:3319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9529 comm="syz.0.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 96.037623][ T29] audit: type=1326 audit(2000000008.820:3320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9529 comm="syz.0.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 96.061136][ T29] audit: type=1326 audit(2000000008.820:3321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9529 comm="syz.0.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 96.084627][ T29] audit: type=1326 audit(2000000008.820:3322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9529 comm="syz.0.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 96.174239][ T9532] netlink: 'syz.3.2567': attribute type 21 has an invalid length. [ 96.176151][ T9539] loop2: detected capacity change from 0 to 512 [ 96.182188][ T9532] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2567'. [ 96.197506][ T9532] netlink: 'syz.3.2567': attribute type 1 has an invalid length. [ 96.205523][ T9539] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 96.223832][ T9539] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 96.240920][ T9539] EXT4-fs (loop2): 1 truncate cleaned up [ 96.287368][ T9553] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 649 [ 96.491502][ T9575] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2586'. [ 96.675306][ T9599] loop3: detected capacity change from 0 to 512 [ 96.686969][ T9599] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 96.713476][ T9599] EXT4-fs (loop3): 1 truncate cleaned up [ 96.881885][ T9618] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2606'. [ 97.026161][ T9646] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2619'. [ 97.036761][ T9647] ref_ctr_offset mismatch. inode: 0xab5 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 97.037130][ T9646] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2619'. [ 97.167990][ T9655] SELinux: failed to load policy [ 97.697850][ T9687] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2637'. [ 97.864942][ T9704] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2645'. [ 97.933830][ T9710] bond0: Caught tx_queue_len zero misconfig [ 98.164397][ T9732] option changes via remount are deprecated (pid=9731 comm=syz.2.2657) [ 98.575127][ T9765] netlink: 'syz.2.2672': attribute type 83 has an invalid length. [ 98.665644][ T9783] loop3: detected capacity change from 0 to 512 [ 98.687771][ T9783] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 98.695754][ T9783] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 98.697924][ T9791] __nla_validate_parse: 1 callbacks suppressed [ 98.697941][ T9791] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2684'. [ 98.717177][ T9783] System zones: 0-1, 15-15, 18-18, 34-34 [ 98.752125][ T9783] EXT4-fs (loop3): orphan cleanup on readonly fs [ 98.758548][ T9783] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 98.773219][ T9783] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 98.798886][ T9783] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2681: bg 0: block 40: padding at end of block bitmap is not set [ 98.836807][ T9783] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 98.859444][ T9783] EXT4-fs (loop3): 1 truncate cleaned up [ 98.920758][ T9810] No source specified [ 98.947202][ T9814] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2695'. [ 98.973865][ T9814] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2695'. [ 98.987537][ T9818] loop3: detected capacity change from 0 to 1024 [ 99.016694][ T9818] EXT4-fs: Ignoring removed nomblk_io_submit option [ 99.045996][ T9818] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=6042c018, mo2=0102] [ 99.082694][ T9818] System zones: 0-1, 3-12 [ 99.325866][ T3301] EXT4-fs unmount: 33 callbacks suppressed [ 99.325884][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.420827][ T29] kauditd_printk_skb: 444 callbacks suppressed [ 99.420923][ T29] audit: type=1400 audit(2000000268.218:3766): avc: denied { read write } for pid=6191 comm="syz-executor" name="loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 99.451361][ T29] audit: type=1400 audit(2000000268.218:3767): avc: denied { open } for pid=6191 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 99.595662][ T29] audit: type=1400 audit(2000000268.248:3768): avc: denied { ioctl } for pid=6191 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 99.621361][ T29] audit: type=1400 audit(2000000268.288:3769): avc: denied { prog_load } for pid=9858 comm="syz.3.2714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 99.640473][ T29] audit: type=1400 audit(2000000268.288:3770): avc: denied { bpf } for pid=9858 comm="syz.3.2714" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 99.661103][ T29] audit: type=1400 audit(2000000268.288:3771): avc: denied { perfmon } for pid=9858 comm="syz.3.2714" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 99.682045][ T29] audit: type=1400 audit(2000000268.288:3772): avc: denied { name_bind } for pid=9858 comm="syz.3.2714" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 99.703751][ T29] audit: type=1400 audit(2000000268.288:3773): avc: denied { node_bind } for pid=9858 comm="syz.3.2714" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 99.724502][ T29] audit: type=1400 audit(2000000268.298:3774): avc: denied { map_create } for pid=9860 comm="syz.2.2715" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 99.743720][ T29] audit: type=1400 audit(2000000268.298:3775): avc: denied { map_read map_write } for pid=9860 comm="syz.2.2715" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 100.308025][ T9925] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2745'. [ 100.618444][ T9991] SELinux: failed to load policy [ 100.649668][ T9998] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2779'. [ 100.664650][ T9998] IPVS: Error joining to the multicast group [ 100.892172][T10038] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2798'. [ 100.907607][T10040] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2799'. [ 100.945973][T10044] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2801'. [ 101.412827][T10092] netlink: 3 bytes leftover after parsing attributes in process `syz.2.2823'. [ 101.430934][T10092] batadv0: entered promiscuous mode [ 101.436342][T10092] batadv0: entered allmulticast mode [ 101.458287][T10099] tmpfs: Bad value for 'mpol' [ 101.509871][T10110] loop6: detected capacity change from 0 to 512 [ 101.536214][T10110] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.551391][T10110] ext4 filesystem being mounted at /347/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 101.584954][ T6191] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.598953][T10119] hub 9-0:1.0: USB hub found [ 101.603919][T10119] hub 9-0:1.0: 8 ports detected [ 101.615136][T10123] loop6: detected capacity change from 0 to 512 [ 101.636017][T10123] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 101.653705][T10123] EXT4-fs (loop6): 1 truncate cleaned up [ 101.659734][T10123] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.696764][ T6191] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.748539][T10142] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2846'. [ 101.833544][T10150] vhci_hcd: invalid port number 96 [ 101.838688][T10150] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 101.893859][T10166] netlink: 'syz.0.2857': attribute type 1 has an invalid length. [ 101.907157][T10168] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 101.944229][T10166] bond2: entered promiscuous mode [ 101.960597][T10166] 8021q: adding VLAN 0 to HW filter on device bond2 [ 102.026415][T10172] 8021q: adding VLAN 0 to HW filter on device bond3 [ 102.039198][T10172] bond2: (slave bond3): making interface the new active one [ 102.046533][T10172] bond3: entered promiscuous mode [ 102.054158][T10172] bond2: (slave bond3): Enslaving as an active interface with an up link [ 102.207990][T10195] hub 9-0:1.0: USB hub found [ 102.212863][T10195] hub 9-0:1.0: 8 ports detected [ 102.291823][ T23] hid_parser_main: 19 callbacks suppressed [ 102.291844][ T23] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.324751][ T23] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 102.707765][T10241] netlink: 'syz.2.2889': attribute type 1 has an invalid length. [ 102.725060][T10241] bond5: entered promiscuous mode [ 102.730394][T10241] 8021q: adding VLAN 0 to HW filter on device bond5 [ 102.755922][T10241] 8021q: adding VLAN 0 to HW filter on device bond6 [ 102.766048][T10241] bond5: (slave bond6): making interface the new active one [ 102.773399][T10241] bond6: entered promiscuous mode [ 102.779260][T10241] bond5: (slave bond6): Enslaving as an active interface with an up link [ 103.388150][T10285] batadv1: entered promiscuous mode [ 103.393721][T10285] batadv1: entered allmulticast mode [ 104.037140][T10356] loop3: detected capacity change from 0 to 512 [ 104.047379][T10359] __nla_validate_parse: 8 callbacks suppressed [ 104.047401][T10359] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2942'. [ 104.069311][T10356] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 104.082532][T10359] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 104.089943][T10359] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 104.089953][T10356] ext4 filesystem being mounted at /586/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 104.109609][T10359] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 104.117059][T10359] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 104.186685][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 104.189036][T10364] netlink: 'syz.5.2943': attribute type 13 has an invalid length. [ 104.203572][T10364] netlink: 'syz.5.2943': attribute type 17 has an invalid length. [ 104.217285][T10364] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 104.233886][T10372] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 104.279356][ T2954] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 104.299126][ T2954] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz1] on syz0 [ 104.379427][T10390] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2955'. [ 104.465204][T10396] SELinux: failed to load policy [ 104.477043][ T29] kauditd_printk_skb: 298 callbacks suppressed [ 104.477138][ T29] audit: type=1400 audit(2000000273.278:4074): avc: denied { ioctl } for pid=10377 comm="syz.2.2959" path="/dev/hidraw0" dev="devtmpfs" ino=764 ioctlcmd=0x4806 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 104.512781][T10402] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(7) [ 104.519429][T10402] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 104.526943][T10402] vhci_hcd vhci_hcd.0: Device attached [ 104.562747][T10406] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2960'. [ 104.573376][T10403] vhci_hcd: connection closed [ 104.573545][ T3784] vhci_hcd: stop threads [ 104.582036][T10406] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 104.582568][ T3784] vhci_hcd: release socket [ 104.589863][T10406] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 104.601481][ T3784] vhci_hcd: disconnect device [ 104.819079][ T29] audit: type=1400 audit(2000000273.618:4075): avc: denied { sys_module } for pid=10418 comm="syz.5.2974" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 104.880266][ T29] audit: type=1326 audit(2000000273.658:4076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10424 comm="syz.0.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 104.903896][ T29] audit: type=1326 audit(2000000273.658:4077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10424 comm="syz.0.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 104.927446][ T29] audit: type=1326 audit(2000000273.658:4078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10424 comm="syz.0.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8d8a77d710 code=0x7ffc0000 [ 104.951342][ T29] audit: type=1400 audit(2000000273.658:4079): avc: denied { write } for pid=10424 comm="syz.0.2965" name="anycast6" dev="proc" ino=4026532893 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 104.974479][ T29] audit: type=1326 audit(2000000273.658:4080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10424 comm="syz.0.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8d8a77d710 code=0x7ffc0000 [ 104.997980][ T29] audit: type=1326 audit(2000000273.658:4081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10424 comm="syz.0.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 105.021656][ T29] audit: type=1326 audit(2000000273.658:4082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10424 comm="syz.0.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 105.045355][ T29] audit: type=1326 audit(2000000273.658:4083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10424 comm="syz.0.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 105.187466][T10449] loop6: detected capacity change from 0 to 1024 [ 105.204123][T10453] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2979'. [ 105.214525][T10449] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 105.232354][T10449] ext4 filesystem being mounted at /361/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 105.250116][T10449] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 105.279955][ T6191] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 105.427665][T10470] loop2: detected capacity change from 0 to 8192 [ 105.700144][T10496] loop6: detected capacity change from 0 to 512 [ 105.714545][T10496] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 105.722461][T10496] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 105.730943][T10496] System zones: 0-1, 15-15, 18-18, 34-34 [ 105.737035][T10496] EXT4-fs (loop6): orphan cleanup on readonly fs [ 105.744290][T10496] EXT4-fs warning (device loop6): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 105.758823][T10496] EXT4-fs (loop6): Cannot turn on quotas: error -22 [ 105.766394][T10496] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2997: bg 0: block 40: padding at end of block bitmap is not set [ 105.780949][T10496] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 105.790013][T10496] EXT4-fs (loop6): 1 truncate cleaned up [ 105.796331][T10496] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 105.824877][ T6191] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.891451][T10513] syz_tun: refused to change device tx_queue_len [ 106.227920][T10542] No source specified [ 106.252110][T10544] loop6: detected capacity change from 0 to 512 [ 106.264584][T10544] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 106.272763][T10544] EXT4-fs (loop6): orphan cleanup on readonly fs [ 106.280354][T10544] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.3017: corrupted inode contents [ 106.298613][T10544] EXT4-fs (loop6): Remounting filesystem read-only [ 106.305800][T10544] EXT4-fs (loop6): 1 truncate cleaned up [ 106.311557][ T3784] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 106.322158][ T3784] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 106.333571][ T3784] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started [ 106.346640][T10544] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 106.374705][ T6191] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.438140][T10551] netlink: 'syz.6.3019': attribute type 4 has an invalid length. [ 106.477533][T10557] netlink: 'syz.5.3021': attribute type 3 has an invalid length. [ 106.509201][T10555] loop6: detected capacity change from 0 to 8192 [ 106.523489][T10555] FAT-fs (loop6): error, invalid access to FAT (entry 0x0000e1b1) [ 106.531338][T10555] FAT-fs (loop6): Filesystem has been set read-only [ 106.595541][T10570] loop2: detected capacity change from 0 to 512 [ 106.604063][T10572] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3024'. [ 106.615118][T10572] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 106.619714][T10576] netlink: 9286 bytes leftover after parsing attributes in process `syz.5.3030'. [ 106.622550][T10572] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 106.626078][T10570] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 106.650926][T10572] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 106.652994][T10570] ext4 filesystem being mounted at /613/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 106.658730][T10572] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 106.795555][ T3299] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 106.810545][T10585] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3034'. [ 106.831712][T10589] loop2: detected capacity change from 0 to 512 [ 106.858743][T10589] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 106.866794][T10589] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 106.880685][T10589] System zones: 0-1, 15-15, 18-18, 34-34 [ 106.886940][T10589] EXT4-fs (loop2): orphan cleanup on readonly fs [ 106.902304][T10594] loop6: detected capacity change from 0 to 2048 [ 106.909078][T10589] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 106.923747][T10589] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 106.932508][T10589] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3033: bg 0: block 40: padding at end of block bitmap is not set [ 106.948203][T10589] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 106.957325][T10589] EXT4-fs (loop2): 1 truncate cleaned up [ 106.962452][T10598] loop3: detected capacity change from 0 to 2048 [ 106.964341][T10589] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 106.973279][T10594] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.001290][T10594] ext4 filesystem being mounted at /376/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 107.023999][T10598] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.054100][ T3299] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.099295][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.124153][T10608] loop2: detected capacity change from 0 to 1024 [ 107.130554][T10606] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3037: bg 0: block 345: padding at end of block bitmap is not set [ 107.145655][T10608] EXT4-fs: Ignoring removed nomblk_io_submit option [ 107.157706][T10606] EXT4-fs (loop6): Remounting filesystem read-only [ 107.178995][ T3784] EXT4-fs warning (device loop6): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 107.208824][T10608] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=6042c018, mo2=0102] [ 107.217074][T10608] System zones: 0-1, 3-12 [ 107.228913][T10608] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.244197][ T6191] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.366321][ T3299] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.640425][T10644] loop2: detected capacity change from 0 to 2048 [ 107.654354][T10644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.666711][T10644] ext4 filesystem being mounted at /618/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 107.864717][T10650] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3056: bg 0: block 345: padding at end of block bitmap is not set [ 107.886174][T10650] EXT4-fs (loop2): Remounting filesystem read-only [ 107.906122][ T3837] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 108.097505][ T3299] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.456758][T10663] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3060'. [ 108.640622][T10680] bridge0: port 3(batadv0) entered blocking state [ 108.647401][T10680] bridge0: port 3(batadv0) entered disabled state [ 108.656020][T10680] batadv0: entered allmulticast mode [ 108.663020][T10680] batadv0: entered promiscuous mode [ 108.737811][T10689] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3071'. [ 108.815719][T10691] loop2: detected capacity change from 0 to 164 [ 108.983444][T10709] sd 0:0:1:0: device reset [ 109.153590][ T3798] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 109.162945][ T3798] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 109.198803][T10742] loop2: detected capacity change from 0 to 128 [ 109.285908][T10742] bio_check_eod: 212 callbacks suppressed [ 109.285921][T10742] syz.2.3098: attempt to access beyond end of device [ 109.285921][T10742] loop2: rw=1, sector=145, nr_sectors = 16 limit=128 [ 109.305219][T10742] syz.2.3098: attempt to access beyond end of device [ 109.305219][T10742] loop2: rw=1, sector=169, nr_sectors = 8 limit=128 [ 109.318418][T10742] syz.2.3098: attempt to access beyond end of device [ 109.318418][T10742] loop2: rw=1, sector=185, nr_sectors = 8 limit=128 [ 109.331785][T10742] syz.2.3098: attempt to access beyond end of device [ 109.331785][T10742] loop2: rw=1, sector=201, nr_sectors = 8 limit=128 [ 109.348894][T10742] syz.2.3098: attempt to access beyond end of device [ 109.348894][T10742] loop2: rw=1, sector=217, nr_sectors = 8 limit=128 [ 109.363462][T10742] syz.2.3098: attempt to access beyond end of device [ 109.363462][T10742] loop2: rw=1, sector=233, nr_sectors = 8 limit=128 [ 109.373970][T10755] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3103'. [ 109.376916][T10742] syz.2.3098: attempt to access beyond end of device [ 109.376916][T10742] loop2: rw=1, sector=249, nr_sectors = 8 limit=128 [ 109.398806][T10742] syz.2.3098: attempt to access beyond end of device [ 109.398806][T10742] loop2: rw=1, sector=265, nr_sectors = 8 limit=128 [ 109.428305][T10742] syz.2.3098: attempt to access beyond end of device [ 109.428305][T10742] loop2: rw=1, sector=281, nr_sectors = 8 limit=128 [ 109.437886][T10755] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3103'. [ 109.441624][T10742] syz.2.3098: attempt to access beyond end of device [ 109.441624][T10742] loop2: rw=1, sector=297, nr_sectors = 8 limit=128 [ 109.545234][T10771] loop3: detected capacity change from 0 to 512 [ 109.552345][T10771] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 109.582518][T10771] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 109.877539][T10804] block device autoloading is deprecated and will be removed. [ 109.897662][ T29] kauditd_printk_skb: 403 callbacks suppressed [ 109.897676][ T29] audit: type=1400 audit(2000000278.698:4479): avc: denied { read write } for pid=3300 comm="syz-executor" name="loop0" dev="devtmpfs" ino=765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 109.930360][T10806] netlink: 'syz.0.3127': attribute type 1 has an invalid length. [ 109.965983][ T29] audit: type=1400 audit(2000000278.698:4480): avc: denied { open } for pid=3300 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 109.989265][ T29] audit: type=1400 audit(2000000278.698:4481): avc: denied { ioctl } for pid=3300 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=765 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 109.993896][T10810] loop0: detected capacity change from 0 to 128 [ 110.064116][ T29] audit: type=1400 audit(2000000278.828:4482): avc: denied { ioctl } for pid=10811 comm="syz.3.3130" path="socket:[28065]" dev="sockfs" ino=28065 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 110.088993][ T29] audit: type=1400 audit(2000000278.828:4483): avc: denied { bind } for pid=10811 comm="syz.3.3130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 110.108318][ T29] audit: type=1400 audit(2000000278.828:4484): avc: denied { connect } for pid=10811 comm="syz.3.3130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 110.128080][ T29] audit: type=1400 audit(2000000278.828:4485): avc: denied { write } for pid=10811 comm="syz.3.3130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 110.183956][T10823] loop6: detected capacity change from 0 to 512 [ 110.204680][T10823] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.3133: iget: bad i_size value: 38620345925642 [ 110.234320][T10823] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.3133: couldn't read orphan inode 15 (err -117) [ 110.254174][T10823] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.303306][ T29] audit: type=1400 audit(2000000279.098:4486): avc: denied { create } for pid=10822 comm="syz.6.3133" name="control" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 110.362044][ T6191] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.380345][ T29] audit: type=1400 audit(2000000279.138:4487): avc: denied { add_name } for pid=10822 comm="syz.6.3133" name="control" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 110.401046][ T29] audit: type=1400 audit(2000000279.138:4488): avc: denied { remove_name } for pid=10822 comm="syz.6.3133" name="control" dev="loop6" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 110.579893][T10845] netlink: 272 bytes leftover after parsing attributes in process `syz.6.3143'. [ 110.652023][T10850] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3145'. [ 110.663391][T10846] usb usb8: usbfs: process 10846 (syz.2.3142) did not claim interface 0 before use [ 110.703136][T10850] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3145'. [ 111.026116][T10875] ip6gre0: Caught tx_queue_len zero misconfig [ 111.036362][T10875] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 111.063089][T10879] usb usb8: usbfs: process 10879 (syz.0.3159) did not claim interface 0 before use [ 111.148129][T10895] loop2: detected capacity change from 0 to 128 [ 111.186320][T10899] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3169'. [ 111.218943][T10905] loop3: detected capacity change from 0 to 512 [ 111.244311][T10905] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 111.272672][T10905] EXT4-fs (loop3): 1 truncate cleaned up [ 111.280050][T10905] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.408983][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.772379][T10959] loop3: detected capacity change from 0 to 164 [ 111.781959][T10959] Unable to read rock-ridge attributes [ 111.810335][T10959] Unable to read rock-ridge attributes [ 111.916892][T10967] SELinux: failed to load policy [ 112.111067][T10992] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3211'. [ 112.123077][T10992] netem: change failed [ 112.129351][T10995] netlink: 'syz.5.3213': attribute type 1 has an invalid length. [ 112.137217][T10995] netlink: 199820 bytes leftover after parsing attributes in process `syz.5.3213'. [ 112.785287][T11017] hsr0: entered allmulticast mode [ 112.790448][T11017] hsr_slave_0: entered allmulticast mode [ 112.796254][T11017] hsr_slave_1: entered allmulticast mode [ 112.798584][T11018] loop2: detected capacity change from 0 to 128 [ 112.829596][T11017] hsr_slave_0: left promiscuous mode [ 112.836343][T11018] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 112.852238][T11017] hsr_slave_1: left promiscuous mode [ 112.880279][T11017] hsr0 (unregistering): left allmulticast mode [ 112.886052][T11018] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 112.922448][ T3856] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 113.042004][T11044] random: crng reseeded on system resumption [ 113.126457][T11056] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3242'. [ 113.135999][T11056] unsupported nlmsg_type 40 [ 113.249714][T11073] netlink: 'syz.0.3249': attribute type 1 has an invalid length. [ 113.257518][T11073] netlink: 199820 bytes leftover after parsing attributes in process `syz.0.3249'. [ 113.344918][T11085] loop0: detected capacity change from 0 to 512 [ 113.367194][T11085] EXT4-fs: Ignoring removed nobh option [ 113.392380][T11085] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.3257: corrupted inode contents [ 113.429348][T11085] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.3257: mark_inode_dirty error [ 113.445565][T11085] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.3257: corrupted inode contents [ 113.474795][T11085] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.3257: mark_inode_dirty error [ 113.486827][T11085] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.3257: Failed to acquire dquot type 0 [ 113.499510][T11085] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.3257: corrupted inode contents [ 113.512536][T11085] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.3257: mark_inode_dirty error [ 113.539286][T11085] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.3257: corrupted inode contents [ 113.553523][T11085] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.3257: mark_inode_dirty error [ 113.566403][T11085] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.3257: corrupted inode contents [ 113.597866][T11085] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 113.606648][T11085] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.3257: corrupted inode contents [ 113.619284][T11085] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.3257: mark_inode_dirty error [ 113.630740][T11085] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 113.641289][T11085] EXT4-fs (loop0): 1 truncate cleaned up [ 113.647635][T11085] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.661068][T11085] ext4 filesystem being mounted at /622/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 113.673380][T11085] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.741238][T11118] random: crng reseeded on system resumption [ 113.914050][T11144] netem: change failed [ 114.607816][T11213] rdma_op ffff888103f4dd80 conn xmit_rdma 0000000000000000 [ 114.639225][T11219] hsr0: entered allmulticast mode [ 114.644332][T11219] hsr_slave_0: entered allmulticast mode [ 114.650054][T11219] hsr_slave_1: entered allmulticast mode [ 114.658080][T11219] hsr_slave_0: left promiscuous mode [ 114.667328][T11219] hsr_slave_1: left promiscuous mode [ 114.689662][T11219] hsr0 (unregistering): left allmulticast mode [ 114.730089][T11223] loop0: detected capacity change from 0 to 8192 [ 114.751036][T11225] loop6: detected capacity change from 0 to 2048 [ 114.793522][T11225] Alternate GPT is invalid, using primary GPT. [ 114.799917][T11225] loop6: p1 p2 p3 [ 114.891377][T11230] loop3: detected capacity change from 0 to 512 [ 114.921139][T11234] loop2: detected capacity change from 0 to 128 [ 114.948197][T11230] __quota_error: 70 callbacks suppressed [ 114.948212][T11230] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6). [ 114.982967][T11230] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 115.001106][T11230] EXT4-fs (loop3): mount failed [ 115.098544][T11250] netdevsim netdevsim0: Direct firmware load for failed with error -2 [ 115.125645][ T1047] Process accounting resumed [ 115.174624][T11256] hsr0: entered allmulticast mode [ 115.179775][T11256] hsr_slave_0: entered allmulticast mode [ 115.185538][T11256] hsr_slave_1: entered allmulticast mode [ 115.205170][T11256] hsr_slave_0: left promiscuous mode [ 115.217182][T11256] hsr_slave_1: left promiscuous mode [ 115.246563][T11256] hsr0 (unregistering): left allmulticast mode [ 115.277088][ T29] audit: type=1326 audit(2000000284.078:4557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11257 comm="syz.5.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff460e8eec9 code=0x7ffc0000 [ 115.316532][ T29] audit: type=1326 audit(2000000284.078:4558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11257 comm="syz.5.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7ff460e8eec9 code=0x7ffc0000 [ 115.340410][ T29] audit: type=1326 audit(2000000284.078:4559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11257 comm="syz.5.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff460e8eec9 code=0x7ffc0000 [ 115.364031][ T29] audit: type=1326 audit(2000000284.078:4560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11257 comm="syz.5.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7ff460e8eec9 code=0x7ffc0000 [ 115.387754][ T29] audit: type=1326 audit(2000000284.078:4561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11257 comm="syz.5.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff460e8eec9 code=0x7ffc0000 [ 115.411583][ T29] audit: type=1326 audit(2000000284.078:4562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11257 comm="syz.5.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff460e8eec9 code=0x7ffc0000 [ 115.436121][ T29] audit: type=1400 audit(2000000284.188:4563): avc: denied { bind } for pid=11261 comm="syz.6.3338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 115.502084][ T29] audit: type=1400 audit(2000000284.298:4564): avc: denied { read write } for pid=11270 comm="syz.6.3340" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 115.526942][ T29] audit: type=1400 audit(2000000284.298:4565): avc: denied { open } for pid=11270 comm="syz.6.3340" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 115.788934][T11305] loop0: detected capacity change from 0 to 128 [ 115.804206][T11306] SELinux: Context system_u:object_r:netutils_exec_t:s0 is not valid (left unmapped). [ 115.812857][T11305] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 115.828021][T11305] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 115.883128][ T3804] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 115.973584][T11319] loop3: detected capacity change from 0 to 8192 [ 116.013222][T11319] loop3: p1 p2 p4 < > [ 116.017333][T11319] loop3: partition table partially beyond EOD, truncated [ 116.031453][T11319] loop3: p1 start 16777216 is beyond EOD, truncated [ 116.038200][T11319] loop3: p2 size 515840 extends beyond EOD, truncated [ 116.048752][T11319] loop3: p4 start 16777216 is beyond EOD, truncated [ 116.109381][T11354] loop3: detected capacity change from 0 to 128 [ 116.116655][T11354] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 116.128836][T11354] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 116.143247][ T3804] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 117.129502][T11387] loop6: detected capacity change from 0 to 128 [ 117.136087][T11387] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 117.148188][T11387] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 117.163220][ T3784] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 117.183884][T11392] veth0_to_team: entered promiscuous mode [ 117.201688][T11394] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 117.201688][T11394] program syz.0.3404 not setting count and/or reply_len properly [ 117.299483][T11409] macvtap0: refused to change device tx_queue_len [ 117.513258][T11440] 9pnet_fd: Insufficient options for proto=fd [ 117.628408][T11457] loop3: detected capacity change from 0 to 256 [ 117.647925][T11455] loop0: detected capacity change from 0 to 1024 [ 117.657521][T11455] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 117.668639][T11455] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 117.697497][T11455] JBD2: no valid journal superblock found [ 117.703274][T11455] EXT4-fs (loop0): Could not load journal inode [ 117.747614][T11455] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 117.782804][T11463] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 117.865808][T11463] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 117.886720][T11479] openvswitch: netlink: Message has 6 unknown bytes. [ 117.922151][T11486] loop3: detected capacity change from 0 to 512 [ 117.934718][T11486] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 117.948002][T11486] ext4 filesystem being mounted at /672/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 117.973705][T11463] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.024160][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.062569][T11463] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.083547][T11501] __nla_validate_parse: 10 callbacks suppressed [ 118.083561][T11501] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3439'. [ 118.136947][ T3856] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.148441][ T3856] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.159689][ T3856] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.191131][ T3856] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.518207][T11548] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3459'. [ 118.527888][T11548] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3459'. [ 118.734864][T11561] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3464'. [ 118.818654][T11566] loop3: detected capacity change from 0 to 512 [ 118.825455][T11566] EXT4-fs: Ignoring removed bh option [ 118.831058][T11566] EXT4-fs: Ignoring removed mblk_io_submit option [ 118.838608][T11566] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 118.849422][T11566] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 118.857648][T11566] EXT4-fs (loop3): orphan cleanup on readonly fs [ 118.864369][T11566] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.3467: Failed to acquire dquot type 1 [ 118.875951][T11566] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.3467: Invalid block bitmap block 0 in block_group 0 [ 118.889886][T11566] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.3467: Invalid block bitmap block 0 in block_group 0 [ 118.903726][T11566] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.3467: Invalid block bitmap block 0 in block_group 0 [ 118.917323][T11566] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.3467: Failed to acquire dquot type 1 [ 118.929033][T11566] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.3467: Failed to acquire dquot type 1 [ 118.940522][T11566] EXT4-fs (loop3): 1 orphan inode deleted [ 118.947126][T11566] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 118.983178][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.019631][T11575] netlink: 'syz.0.3471': attribute type 3 has an invalid length. [ 119.372693][T11600] netlink: 100 bytes leftover after parsing attributes in process `syz.2.3481'. [ 119.460894][T11614] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3488'. [ 120.007631][ T29] kauditd_printk_skb: 738 callbacks suppressed [ 120.007661][ T29] audit: type=1326 audit(2000000288.808:5298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11639 comm="syz.0.3501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 120.007709][ T29] audit: type=1326 audit(2000000288.808:5299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11639 comm="syz.0.3501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 120.009165][T11642] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3500'. [ 120.014181][ T29] audit: type=1326 audit(2000000288.808:5300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11639 comm="syz.0.3501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 120.075026][T11642] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 120.094123][ T29] audit: type=1326 audit(2000000288.808:5301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11639 comm="syz.0.3501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 120.094154][ T29] audit: type=1326 audit(2000000288.808:5302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11639 comm="syz.0.3501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 120.108102][ T29] audit: type=1326 audit(2000000288.848:5303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11639 comm="syz.0.3501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 120.171760][ T29] audit: type=1326 audit(2000000288.868:5304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11639 comm="syz.0.3501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 120.171839][ T29] audit: type=1326 audit(2000000288.868:5305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11639 comm="syz.0.3501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 120.220999][ T29] audit: type=1326 audit(2000000288.928:5306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11639 comm="syz.0.3501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 120.221042][ T29] audit: type=1326 audit(2000000288.928:5307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11639 comm="syz.0.3501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d8a77eec9 code=0x7ffc0000 [ 120.402836][T11659] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3509'. [ 120.474323][T11669] netem: change failed [ 120.602465][T11686] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3521'. [ 120.616735][T11687] loop3: detected capacity change from 0 to 512 [ 120.631803][T11687] EXT4-fs: Ignoring removed mblk_io_submit option [ 120.654904][T11687] EXT4-fs: Ignoring removed nomblk_io_submit option [ 120.665578][T11687] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 120.674080][T11687] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 120.699386][T11687] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.3520: Allocating blocks 41-42 which overlap fs metadata [ 120.722308][T11687] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.3520: Allocating blocks 41-42 which overlap fs metadata [ 120.737434][T11687] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.3520: Failed to acquire dquot type 1 [ 120.749992][T11687] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 120.772699][T11687] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.3520: corrupted inode contents [ 120.836424][T11687] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #12: comm syz.3.3520: mark_inode_dirty error [ 120.856886][T11687] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.3520: corrupted inode contents [ 120.871760][T11705] loop0: detected capacity change from 0 to 512 [ 120.896453][T11705] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002] [ 120.903131][T11713] sctp: [Deprecated]: syz.6.3533 (pid 11713) Use of int in max_burst socket option. [ 120.903131][T11713] Use struct sctp_assoc_value instead [ 120.910072][T11687] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.3520: mark_inode_dirty error [ 120.930550][T11705] System zones: 0-2, 18-18, 34-35 [ 120.937649][T11705] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.950272][T11687] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.3520: corrupted inode contents [ 120.963290][T11687] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 120.972040][T11705] ext4 filesystem being mounted at /689/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 120.981877][T11687] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.3520: corrupted inode contents [ 120.995832][T11687] EXT4-fs error (device loop3): ext4_truncate:4666: inode #12: comm syz.3.3520: mark_inode_dirty error [ 121.012627][T11687] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 121.023929][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.041654][T11687] EXT4-fs (loop3): 1 truncate cleaned up [ 121.053264][T11687] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 121.099143][T11687] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 121.186822][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.220748][T11744] loop6: detected capacity change from 0 to 512 [ 121.248781][T11742] bond1: (slave vxcan3): Releasing backup interface [ 121.256557][T11742] vxcan3: left promiscuous mode [ 121.268068][T11749] netlink: 'syz.2.3546': attribute type 10 has an invalid length. [ 121.276131][T11749] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3546'. [ 121.286459][T11744] EXT4-fs error (device loop6): ext4_xattr_inode_iget:442: comm syz.6.3547: error while reading EA inode 32 err=-116 [ 121.288415][T11742] bond2: left allmulticast mode [ 121.303910][T11742] bond2: left promiscuous mode [ 121.308838][T11742] bridge0: port 1(bond2) entered disabled state [ 121.310519][T11744] EXT4-fs (loop6): Remounting filesystem read-only [ 121.321764][T11744] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 121.332229][T11744] EXT4-fs (loop6): 1 orphan inode deleted [ 121.338562][T11744] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.351182][T11742] bond4: (slave geneve2): Releasing active interface [ 121.351958][T11744] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.380393][T11742] bond5: (slave bond6): Releasing backup interface [ 121.387075][T11742] bond6: left promiscuous mode [ 121.526011][T11769] loop0: detected capacity change from 0 to 128 [ 121.908363][T11828] netlink: 'syz.2.3586': attribute type 1 has an invalid length. [ 121.950599][T11837] loop2: detected capacity change from 0 to 512 [ 122.157703][T11863] netlink: 'syz.0.3603': attribute type 21 has an invalid length. [ 122.166479][T11863] netlink: 'syz.0.3603': attribute type 1 has an invalid length. [ 122.368643][T11876] loop2: detected capacity change from 0 to 7 [ 122.410337][T11880] loop6: detected capacity change from 0 to 164 [ 122.516934][T11898] pim6reg: entered allmulticast mode [ 122.529077][T11898] pim6reg: left allmulticast mode [ 122.836267][T11931] pim6reg: entered allmulticast mode [ 122.845590][T11931] pim6reg: left allmulticast mode [ 122.921491][T11937] netlink: 'syz.3.3636': attribute type 21 has an invalid length. [ 122.929481][T11937] netlink: 'syz.3.3636': attribute type 1 has an invalid length. [ 122.995660][T11939] loop3: detected capacity change from 0 to 8192 [ 123.150304][T11967] netlink: 'syz.0.3650': attribute type 1 has an invalid length. [ 123.181504][T11967] 8021q: adding VLAN 0 to HW filter on device bond4 [ 123.199398][T11973] __nla_validate_parse: 4 callbacks suppressed [ 123.199416][T11973] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3653'. [ 123.233481][T11967] bond4: (slave geneve2): making interface the new active one [ 123.254511][T11967] bond4: (slave geneve2): Enslaving as an active interface with an up link [ 123.265398][T11978] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3656'. [ 123.281120][T11978] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3656'. [ 123.512044][T12012] geneve1: Caught tx_queue_len zero misconfig [ 123.519195][T12010] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12010 comm=syz.2.3666 [ 123.632415][T12026] netlink: 'syz.5.3683': attribute type 1 has an invalid length. [ 123.641954][T12027] loop6: detected capacity change from 0 to 1024 [ 123.662548][T12026] 8021q: adding VLAN 0 to HW filter on device bond2 [ 123.717330][T12027] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 123.732279][T12026] bond2: (slave geneve2): making interface the new active one [ 123.743022][T12026] bond2: (slave geneve2): Enslaving as an active interface with an up link [ 123.796551][T12027] EXT4-fs error (device loop6): ext4_xattr_inode_iget:437: comm syz.6.3672: inode #1030059105: comm syz.6.3672: iget: illegal inode # [ 123.815413][T12027] EXT4-fs error (device loop6): ext4_xattr_inode_iget:442: comm syz.6.3672: error while reading EA inode 1030059105 err=-117 [ 123.881925][ T6191] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.893647][T12045] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12045 comm=syz.3.3680 [ 123.922275][ T3408] Process accounting resumed [ 124.080822][T12061] loop6: detected capacity change from 0 to 8192 [ 124.110320][T12075] loop2: detected capacity change from 0 to 8192 [ 124.214381][T12097] loop3: detected capacity change from 0 to 128 [ 124.229797][T12097] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 124.304911][ T3301] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 124.317153][T12107] netlink: 264 bytes leftover after parsing attributes in process `syz.0.3711'. [ 124.377331][T12115] loop3: detected capacity change from 0 to 128 [ 124.393884][T12115] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 124.407932][T12115] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 124.444002][T12123] loop6: detected capacity change from 0 to 128 [ 124.450550][ T3856] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 124.694171][T12154] netlink: 264 bytes leftover after parsing attributes in process `syz.2.3731'. [ 125.100335][T12132] ================================================================== [ 125.108543][T12132] BUG: KCSAN: data-race in filemap_splice_read / filemap_splice_read [ 125.116616][T12132] [ 125.118944][T12132] write to 0xffff8881046c66a8 of 8 bytes by task 12123 on cpu 1: [ 125.126675][T12132] filemap_splice_read+0x4f4/0x740 [ 125.131824][T12132] splice_direct_to_actor+0x26c/0x680 [ 125.137236][T12132] do_splice_direct+0xda/0x150 [ 125.142031][T12132] do_sendfile+0x380/0x650 [ 125.146492][T12132] __x64_sys_sendfile64+0x105/0x150 [ 125.151769][T12132] x64_sys_call+0x2bb0/0x2ff0 [ 125.156481][T12132] do_syscall_64+0xd2/0x200 [ 125.161006][T12132] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.166933][T12132] [ 125.169262][T12132] write to 0xffff8881046c66a8 of 8 bytes by task 12132 on cpu 0: [ 125.176985][T12132] filemap_splice_read+0x4f4/0x740 [ 125.182123][T12132] splice_direct_to_actor+0x26c/0x680 [ 125.187521][T12132] do_splice_direct+0xda/0x150 [ 125.192299][T12132] do_sendfile+0x380/0x650 [ 125.196751][T12132] __x64_sys_sendfile64+0x105/0x150 [ 125.201986][T12132] x64_sys_call+0x2bb0/0x2ff0 [ 125.206858][T12132] do_syscall_64+0xd2/0x200 [ 125.211475][T12132] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.217399][T12132] [ 125.219721][T12132] value changed: 0x00000000000011fa -> 0x00000000000011fc [ 125.226822][T12132] [ 125.229181][T12132] Reported by Kernel Concurrency Sanitizer on: [ 125.235346][T12132] CPU: 0 UID: 0 PID: 12132 Comm: syz.6.3718 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 125.246830][T12132] Tainted: [W]=WARN [ 125.250639][T12132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 125.260715][T12132] ==================================================================