last executing test programs: 4m29.834289553s ago: executing program 3 (id=1567): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000100)={0x1, 0x80000001}, 0x8) close(r0) 4m29.775298364s ago: executing program 3 (id=1571): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000100000000000000040000850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4e, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r1, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10) 4m28.908913326s ago: executing program 3 (id=1613): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x2}, 0x18) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x401, 0x0) 4m28.65019813s ago: executing program 3 (id=1622): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000a00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x818f0c, &(0x7f0000000200), 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O") syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000380)='./file0\x00', 0x10e, &(0x7f0000000140)={[{@inlinecrypt}, {@nodelalloc}, {@jqfmt_vfsold}, {@bh}, {@block_validity}, {@debug}]}, 0xb, 0x46e, &(0x7f0000000680)="$eJzs28tvG8UfAPDvbpL2lz5+CaU8+gACBRHxSJq0QA8cAIHEASQkLuUYkrQqTRvUBIlWFRSEyhFV4o44IvEXcIILAk5IXOGOKlWoFwoCyWjt3dre2m7dOnFTfz7StjPesWe+nh3v7E42gIE1kf2TRGyLiF8jYqyWbS4wUfvvyuWz839dPjufRKXy5h9Jtdyfl8/OF0WL923NM5NpRPpJEnta1Lty+szxuaWlxVN5fnr1xLvTK6fPPH3sxNzRxaOLJ2cPHTp4YOa5Z2efucFI/q102ntX1tbdHyzv3fXqWxdenz984e0fv06K+Etx9MhEp52PVTo2d8PZ3pBOhvvYELoyFBFZd41Ux/9YDEW988bilY/72jhgTVVybXafqwB3sCT63QKgP4oTfXb9W2zrN/vov0sv1i6Asriv5Fttz3CkUbswGild3/bSREQcPvf3F9kWa3MfAgCgybfZ/OepVvO/NO5tKPf/fG1oPF9L2RERd0fEzoi4J6Ja9r6IuL/L+suLJNfOf9KLNxXYDcrmf8/na1vN87+0KDI+lOe2VzMjyZFjS4v78+9kMkY2Z/mZDnV89/Ivn7Xb1zj/y7as/mIumLfj4vDm5vcszK3O3UrMjS59FLF7uFX8ydWVgCQidkXE7pus49gTX+1tt68U/2jz4mPZC83ZHqwzVb6MeLzW/+eiFH8h6bw+Of2/WFrcP10cFdf66efzb7Sr//r9v7ay/t/S8vi/Gv940rheu9J9Hed/+7TtNc1U18f/pmiVe39udfXUTMSm5LVaoxtfn62XL/JF+Sz+yX2tx/+OqH8TeyIiO4gfiIgHI+KhvO8ejohHImJfObC0nvzhpUffqeeaD/Dbof8XSv0/3lyk1P/1xKYov9I6MXT8+2+aP7GevLHfv4PV1GT+Svb7d73V88ZWJB0aeGvfHgAAAGwMaURsiySduppO06mp2t/w74wt6dLyyuqTR5bfO7lQe0ZgPEbS4k5X7X5w7X7oTH5ZX+RnS/kD+X3jz4dGq/mp+eWlhX4HDwNua5vxn/l9qN+tA9bW5p6sowEbVHfj/5/2jwsBG47zPwwu4x8GV4vxP9qPdgDrr9X5/8N6sjK2no0B1lVp/Fv2gwHi+h8Gl/EPg6tx/Hd8/h64k6yMRueH9wcgkd4ezdhgiUj7VnuanaV6+snJGo+Cbf3vr24T/f5lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I3/AgAA//+eRecf") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x1304c24, &(0x7f0000000140)='usrjquota=') 4m28.466658612s ago: executing program 3 (id=1629): ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000340)=0x6, 0x4) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001a0001000000ff7f0000000080"], 0x24}}, 0x8040) 4m27.989483079s ago: executing program 3 (id=1646): r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0xa4, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x2}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x70, 0x4, 0x4000000}]}]}]}}]}, 0xa4}}, 0x0) 4m27.957213849s ago: executing program 32 (id=1646): r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0xa4, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x2}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x70, 0x4, 0x4000000}]}]}]}}]}, 0xa4}}, 0x0) 3m48.508510729s ago: executing program 0 (id=2903): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) getrusage(0x1, 0x0) 3m48.448025209s ago: executing program 0 (id=2905): r0 = semget$private(0x0, 0x4000000009, 0x0) semop(r0, &(0x7f00000002c0)=[{0x0, 0xec7b, 0x1000}], 0x1) semop(r0, &(0x7f0000000140)=[{0x0, 0xffff}], 0x1) semctl$GETNCNT(r0, 0x0, 0xe, 0x0) 3m47.496545272s ago: executing program 0 (id=2937): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0xac, 0x24, 0xf0b, 0x0, 0x1000000, {0x0, 0x0, 0x12, r1, {0x0, 0x300}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x1}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x6], [0x0, 0x0, 0x0, 0x3, 0xd645, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0xffff]}}, @TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME_EXTENSION={0xc, 0x9, 0x9}, @TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME={0xc, 0x8, 0xd}]}}]}, 0xac}, 0x1, 0x7a00}, 0x0) 3m47.400757604s ago: executing program 0 (id=2941): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, 0x0) mq_notify(r0, &(0x7f0000000180)={0x0, 0x27, 0x0, @thr={0x0, 0x0}}) mq_notify(r0, &(0x7f00000003c0)={0x0, 0x20, 0x1}) 3m47.336529025s ago: executing program 0 (id=2945): syz_mount_image$ext4(&(0x7f0000000b00)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x1408e, &(0x7f0000000780)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@resgid}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}]}, 0x1, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=") r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) statx(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x6000, &(0x7f0000000240)) 3m47.256067006s ago: executing program 0 (id=2948): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) 3m32.193429976s ago: executing program 33 (id=2948): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) 2.425909427s ago: executing program 1 (id=11020): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000200), &(0x7f00000003c0)=r1}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r0, &(0x7f0000000140), &(0x7f0000000240)=""/154}, 0x20) 2.267364609s ago: executing program 1 (id=11022): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x1008002, &(0x7f0000000000)={[{@errors_remount}, {@sysvgroups}, {@resuid}, {@jqfmt_vfsold}, {@nomblk_io_submit}, {@resuid={'resuid', 0x3d, 0xee00}}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x0, 0x5e0, &(0x7f00000011c0)="$eJzs3c1vVFUbAPDnTj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQKNLRGiyaUBDcmxo0xJq5ciP+FEtmy0pULN64MCVHD0sQxd3pv6bR3+kU7t3J/v2TouefM5Zzb6dNz5vScOwFU1mD6Ty1if0RMJxH9yfxiWWdkhYMLz3vw50dn00cS9fprvyeRZHn585Psa192ck9E/PhDEvs6VtY7M3ft4vjU1OTV7Hh49tL08MzctcMXLo2fnzw/eXn0hdETx48dPzFyZFPXdb0g7/TNd9/v/2TszW+++isZ+faXsSROxsvZE5dex1YZjMHG9yRZWdR3YqsrK0lH9nOy9CVOOoue2dW+RrFu+euXvjpPRH90xMMXrz8+fqXUxgHbqp5E1IGKSsQ/VFQ+Dsjf2y9/H1wrZVQCtMP9UwsTACvjv3NhbjB6GnMDux8ksXRaJ4mIzc3MNdsTEXfvjN08d2fsZmzTPBxQbP5GRDxZFP9JI/4HoicGGvFfa4r/dFxwJvua5r+6yfqXTxWLf2ifhfjvWTX+o0X8v7Uk/t/eZP2DD5Pv9DbFf+9mLwkAAAAAAAAq6/apiHi+6O//tcX1P1Gw/qcvIk5uQf2Dy45X/v2/dm8LqgEK3D8V8VLh+t9avvp3oCNL/aexHqArOXdhavJIRPw3Ig5F1670eGSVOg5/uu/LVmWD2fq//JHWfzdbC5i1417nruZzJsZnxx/1uoGI+zcinipc/5ss9v9JQf+f/j6YXmcd+569daZV2drxD2yX+tcRBwv7/4d3rUhWvz/HcGM8MJyPClZ6+sPPvmtV/2bjv/AWE8CGpP3/7tXjfyBZer+emY3XcXSus96qbLPj/+7k9cYtZ7qzvA/GZ2evjkR0J6c70tym/NGNtxkeR3k85PGSxv+hZ1af/ysa//dGxPyy/zv5o3lPce7/f/f92qo9xv9QnjT+JzbU/288MXpr4PtW9a+v/z/W6OsPZTnm/2DBF3mYdjfnF4RjZ1FRu9sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+DWkTsiaQ2tJiu1YaGIvoi4n+xuzZ1ZWb2uXNX3rs8kZY1Pv+/ln/Sb//CcZJ//v/AkuPRZcdHI2JvRHze0ds4Hjp7ZWqi7IsHAAAAAAAAAAAAAAAAAACAHaKvxf7/1G8dZbcO2HadZTcAKE1B/P9URjuA9tP/Q3WJf6gu8Q/VJf6husQ/VJf4h+oS/1Bd4h8AAAAAAB4rew/c/jmJiPkXexuPVHdW1lVqy4DtViu7AUBp3OIHqsvSH6gu7/GBZI3ynpYnrXXmaqbPPsLJAAAAAAAAAAAAAFA5B/fb/w9VZf8/VJf9/1Bd+f7/AyW3A2g/7/GBWGMnf+H+/zXPAgAAAAAAAAAAAAC20szctYvjU1OTVyXe2BnNaGeiXq9fT38Kdkp7/uWJfCn8TmnPskS+1299Z5X3OwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGj2TwAAAP//+Ekkyg==") lsetxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000340)={{}, {}, [], {0x4, 0x1}, [], {0x10, 0x7}, {0x20, 0x2}}, 0x24, 0x3) lchown(0x0, 0xee00, 0xee01) 1.983205203s ago: executing program 1 (id=11026): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200), 0x3, 0x43e, &(0x7f0000000fc0)="$eJzs2z1sG1UcAPD/nZOUfsaU8tEPSqAgIj6SNi3QgQUEEgNISDCUMSRpVeo2qAkSrSooCJURVWJHjEiMTEywIGBCYoUdVapQlxYmo7PvEtvYaWw5ccG/n3Tue75nvf+/d89+dy8XwNCayF6SiB0R8VtEjNerzQ0m6v/cunFp7q8bl+aSqFbf+DOptbt549Jc0bT43Pa8MplGpJ8ksb9Nv0sXLp6ZrVQWzuf16eWz704vXbj49Omzs6cWTi2cmzl+/NjRI889O/NMX/LMYrq574PFA3tfeevqa3Mnrr7909dJkX9LHn0ysdbOx6rVPnc3WDsbysnIAAOhK6WIyA7XaG38j0cpVg/eeLz88UCDAzZUtVqtbu+8+3IV+B9LYtARAINR/NBn17/FtklTjzvC9RfqF0BZ3rfyrb5nJNK8zWjL9W0/TUTEict/f5FtsTH3IQAAmnyXzX+eajf/S+O+hna78rWhckTcHRG7I+KeiNgTEfdG1NreHxEPdNl/6yLJv+c/6bWeElunbP73fL621Tz/K2Z/US7ltZ21/EeTkwd31XZkr5MxuuXk6crCkTX6+P6lXz/rtK9x/pdtWf/FXDCP49rIlubPzM8uz/aecbPrH0XsG2mXf7KyEpBExN6I2NdjH6ef+OpAp323z7/ZWGOlD+tM1S8jHq8f/8vRkn8hWXt9cvquqCwcns7OgsNt+/j5lyuvd+q/2/z7LTv+29qe/yv5l5PG9dql7vu48vunHa9pej3/x5I3a+XifHh/dnn5/JGIseTVetCN78+sfraoF+2z/CcPtR//u2P1f2J/RGQn8YMRcTAiHspjfzgiHomIQ2vk/+OLj77Te/4bK8t/vqvjv1oYi9Z32hdKZ374tqnTcjf5Z8f/WK00mb+znu+/9cTV29kMAAAA/z1pROyIJJ1aKafp1FT97+X3xLa0sri0/OTJxffOzdefESjHaFrc6Rov7ofm9z/LDfWZlvrR/L7x56WttfrU3GJlftDJw5Db3mH8Z/4oDTo6YMN5XguGl/EPw8v4h+Fl/MPwajP+tw4iDmDztfv9/3AAcQCbr2X8W/aDIeL6H4aX8Q/Dy/iHobS0NW7/kLzCsBS+ObzuxpHeITErbEhh0N9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/fFPAAAA//+HbOWj") setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000180)=ANY=[], 0x841, 0x0) sync() lgetxattr(&(0x7f0000000240)='./file1\x00', &(0x7f00000000c0)=@known='trusted.overlay.upper\x00', 0x0, 0xfe8e) 1.656091237s ago: executing program 2 (id=11041): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) inotify_rm_watch(0xffffffffffffffff, 0x0) 1.652836688s ago: executing program 1 (id=11042): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0) preadv2(r1, 0x0, 0x0, 0x0, 0x4, 0x1) 1.598311938s ago: executing program 2 (id=11045): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0) setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000000), 0x4) recvfrom(r1, 0x0, 0x0, 0x2000, 0x0, 0x0) 1.528057309s ago: executing program 2 (id=11049): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000240), 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r1}, 0x18) ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0xc0f85403, 0x0) 1.482658059s ago: executing program 2 (id=11050): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) rt_sigqueueinfo(0xffffffffffffffff, 0xd, 0x0) 1.44289035s ago: executing program 1 (id=11053): write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22041800f3fe8000000000000000000000000000aafe8000000000000227bfa7b09303960e2f80ae"], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1.142078945s ago: executing program 2 (id=11064): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000100b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x4b) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x50) 965.937717ms ago: executing program 2 (id=11071): perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x7, 0xfffffffffffffffc}, 0x103200, 0x1, 0x840000, 0x5, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f0000000a80)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba0", @ANYRES16], 0x1, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eexBHTNR2l3hYdDewfD6X/OD3vuQ9BgbeMG/23/jq40Gvynr5NNbOnIm1cUR6kCLFWvzt83j19R9/euHWnbs32p3O9s2Urrdvt15LKW28+P17n37z0g/Ti+9+u/Hd+djbfH//161f9i7vXdn//fZH/Sr1qzQcTVOe7o1G0/xeWaSdfjXIUnqnLPKqSP1hVUwO9HvlaDyepXy4s94YT4qqSvlwlgbFLE1HaTqZpfzDvD9MWZal9UbwX3S/flDXdURdPx7noq7r+oloxMV4MtZjI5qxGU/F0/FMXIpn43I8F8/HlfmoVc8bAAAAAAAAAAAAAAAAAAAAThfn/wEAAAAAAAAAAAAAAAAAAGD1bt25e6Pd6WzfTOlCRPnlbne3u/hd9Nu96EcZRVyLZvwW89P/C4v6+lud7WtpbjO+KO//lb+/233sYL41/5zA0nxrkU8H8+ej8Wh+K5pxaXl+a2n+Qrzy8iP5LJrx8wcxijJ24s/sw/xnrZTefLtzKH91Pg4AAABOgyz9Y+n+Pcv+rb/IH+H5wKH99dm4ena1ayeimn0yyMuymBxbcS6O/S8UCsX/XKz6zsRJeHjRVz0TAAAAAAAAAAAAjuIkXidc9RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2IFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA//8xgdSv") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a) 487.487554ms ago: executing program 1 (id=11083): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1) r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_mreqsrc(r0, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f00000000c0)=0x28) 465.554434ms ago: executing program 6 (id=11085): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000014c80020850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) openat$cgroup_subtree(r0, 0x0, 0x2, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 409.358275ms ago: executing program 6 (id=11087): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$restrict_keyring(0xa, r1, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd') 344.809656ms ago: executing program 4 (id=11090): r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4, 0x4000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00a9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x9}, 0x1205, 0x0, 0x4, 0x3, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x3) 330.123226ms ago: executing program 6 (id=11091): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) r1 = io_uring_setup(0x280d, &(0x7f0000001280)={0x0, 0x160, 0x800, 0xfffffffc}) io_uring_register$IORING_REGISTER_BUFFERS2(r1, 0xf, &(0x7f0000001580)={0x3, 0x0, 0x0, &(0x7f00000014c0)=[{0x0}, {0x0}, {&(0x7f0000000280)=""/4094, 0xffe}], &(0x7f0000001540)=[0x0, 0x0, 0x4]}, 0x20) 321.830576ms ago: executing program 5 (id=11092): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='kmem_cache_free\x00', r0}, 0x18) r1 = socket$unix(0x1, 0x1, 0x0) connect$unix(r1, &(0x7f00000008c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e) 288.508136ms ago: executing program 4 (id=11093): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f00000000c0)=0x2, 0x4) connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e) 282.219566ms ago: executing program 5 (id=11094): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f0000001280)=""/4107, &(0x7f00000000c0)=0x100b) 256.382097ms ago: executing program 6 (id=11095): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e24, @private=0xa010101}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000080), &(0x7f0000000100)=0x4) 230.777577ms ago: executing program 4 (id=11096): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0xd, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x4f9a, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r2, &(0x7f00000001c0), 0x0}, 0x20) 215.428158ms ago: executing program 5 (id=11097): r0 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0) setrlimit(0x8, &(0x7f0000000080)) mlockall(0x7) 180.871588ms ago: executing program 6 (id=11098): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TCXONC(r0, 0x540a, 0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) 178.246008ms ago: executing program 4 (id=11099): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x21, 0x0, 0x0, 0x100000, 0x400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2000000, 0x0, 0x200000000000000, @void, @value, @void, @value}, 0x50) 116.359779ms ago: executing program 5 (id=11100): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x12, r0, 0x9a832000) mprotect(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x0) 111.921649ms ago: executing program 4 (id=11101): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_RESET_TIMEOUT={0x8, 0x4, 0xffffff40}]}}]}, 0x38}}, 0x0) 76.509319ms ago: executing program 6 (id=11102): syz_mount_image$iso9660(&(0x7f0000000200), &(0x7f0000000280)='./file0\x00', 0x14, &(0x7f0000000580)=ANY=[@ANYRES8=0x0], 0xfc, 0x57b, &(0x7f0000000f80)="$eJzs3WFv09oZwPHHpV2rTELbmCpUFTiUTWqlEpwUgiLezHNOUkNiR7aD2leoghRVpDBRJq19sY03TJO2D8G7aZ/g3jf3C12h+xFy5WOnDW3StJQ2qPf/i8An9rHPc6LgByc5xwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMRyK7ZdsKTu+a01NZxbCYPGwdNs7yMrZElkJl2MaFfESv7IzIxcT1dd//3B5tnkrwWZT5/Nm2PKjOz9evY3j65NTvT2PybgC7Gzu/dqo9Npvx13IOfoxvTg9RNKqZr2vSjwGk5NKy8KVLlUsu+tViNV9eo6Wo9i3VBuqJ04CNWiu6QK5fKK0vn1oOXXKk5d91Y+vFu07ZJ6nG9qJ4wC/97jfOSuevW659dMnWRzUudh8kZ84sUq1k5Dqc2tTntlVAeSSoWTVCp+tuZ/T+Tw+6toF4uFQrFYKD0oP3ho25NHVtiHSF+NbvfwPxr8En3FszdwNhNZ/pe6eOJLS9ZEDXy4UpFQAmkM2Z7JEv/SH+/pY9vtz/+9LH/9YPOcmPx/M312c1j+HxLLxT12ZFf25JVsSEc60pa3Y4/oYh810eKLJ5EE4klDHLNGZWuUlKUkJbHlmaxKVSJRUhVP6qIlknWJJBZt3lGuhKLFkVgCCUXJoriyJEoKUpayrIgSLXlZl0Ba4ktNKuKYo2zKlnndV0RZw2Lcr1QY2o1c733XluIxvT1b/k9r9P7TeiVrcdzZCBftq527gbPq9vI/AAAAAAC4tCzz6Xty/T8lN0yp6tW1Pe6wAAAAAADAV2S++Z9PFlNJ6YZYXP8DAAAAAHDZWGaMnSUiObmVljbFMsOl+BAAAAAAAIBLwnz/fzNZmDlQbom1P10K1/8AAAAAAFwSf/8uKwydYz9qTls//CRhOGW9b679wdp2knrOdjaB6ZXDR4yrc9bV7CBmUUoXk5Ounrdm0kr7k2B+yhabo+b6twYF8M/TBHBtUv4jt9M6t1+kyxe9LWkruapX13k3qD8qiONcnYj1WvzX11t/E9P9f/uNq5ZsbnXa+edvOi9MLO+To7zfziZQPDKP4jGxvDPzLZgxFwN7PGUGYmTt5tJ27f7+T6S7T5yizQ+ykNZZyGa8zX3e/5mkzUJ+WO+zKApn7PkHuZPWubN4J10MiKI4KopifxRf9FqcIIqVUVGsnDEKABiXzRFZyDqa+L/gLLcp81Y20vAU2V1Omd0/yGJaZ3HOnFgn5wac0e1RZ3T7jNnt//v3QOhVHpZjk3b/eyirfkx2+Di03ahetJKX8Mq77b/I7M7u3t2t7Y2X7Zft18XiSsm+b9sPijJlupEt+iOdJvcAAFKj77EzsoZ1f8RV9e/2f1KQl+fyZva33z+VZTPawPziYOBRc30/Q1gecdWaM2kyvcNLdzrr2ICrul+ZUQ694xZlecQVYK7v9jIAAFwmCyYP/zg0D58k/y8Pv+7e/5DgIJcff3Wc67tbGwAAOB86/GTl4n9ZYeg1nxXK5YITr2oVBu4TFXqVmlaeH+vQXXX8mlbNMIgDN6gnhadeRUcqajWbQRirahCqZhB5a+bO7yq79XukG44fe27UrGsn0soN/NhxY1XxIlc1W3+ue9GqDs3OUVO7XtVzndgLfBUFrdDVeaUirfsqehXtx17VS4q+aoZewwnX1dOg3mpoVdGRG3rNOEgP2GvL86tB2DCHzY/7xQYA4Buxs7v3aqPTab89x8K4+wgAAD7Xn6Vnxh0MAAAAAAAAAAAAAAAAAAAAAAAY6ALG/3W73e55DzGkMM5Cb5Yns+ZPMvZ4vtlC7tsI40SFkaeOf5z7yQnAufo5AAD//5QuUr4=") mount$nfs(&(0x7f0000000100)='\xd2\xa6.', 0x0, 0x0, 0x44, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) 75.77105ms ago: executing program 5 (id=11103): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10) r1 = openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$selinux_create(r1, &(0x7f0000000380)=@access={'system_u:object_r:audisp_remote_exec_t:s0', 0x20, '/usr/sbin/cups-browsed', 0x20, 0x4ea0}, 0x56) 41.1705ms ago: executing program 4 (id=11104): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0) 0s ago: executing program 5 (id=11105): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000180)={0x0, &(0x7f0000000040)=""/24, &(0x7f00000005c0), &(0x7f00000006c0), 0x3, r0}, 0x38) kernel console output (not intermixed with test programs): { ioctl } for pid=7093 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 285.235899][ T29] audit: type=1400 audit(2000000056.310:49010): avc: denied { read write } for pid=19306 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 285.266788][T23584] tun1: tun_chr_ioctl cmd 2147767517 [ 285.318455][T23588] loop5: detected capacity change from 0 to 1024 [ 285.344773][T23588] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 285.381254][ T7093] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.638667][T23622] SELinux: security_context_str_to_sid () failed with errno=-22 [ 285.815097][T23645] loop2: detected capacity change from 0 to 128 [ 285.867021][T23645] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 285.889629][T23645] ext4 filesystem being mounted at /418/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 285.945369][T19306] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 285.986642][T23655] __nla_validate_parse: 5 callbacks suppressed [ 285.986657][T23655] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8929'. [ 286.002036][T23655] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8929'. [ 286.105612][T23661] loop2: detected capacity change from 0 to 764 [ 286.121328][T23661] rock: directory entry would overflow storage [ 286.127647][T23661] rock: sig=0x4654, size=5, remaining=4 [ 286.162885][T23665] binfmt_misc: register: failed to install interpreter file ./file2 [ 286.192684][T23667] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 286.199295][T23667] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 286.207617][T23667] vhci_hcd vhci_hcd.0: Device attached [ 286.223797][T23668] vhci_hcd: connection closed [ 286.224011][ T388] vhci_hcd: stop threads [ 286.233835][ T388] vhci_hcd: release socket [ 286.238259][ T388] vhci_hcd: disconnect device [ 286.470312][T23678] netlink: 56 bytes leftover after parsing attributes in process `syz.6.8939'. [ 286.596913][T23682] loop6: detected capacity change from 0 to 512 [ 286.614928][T23682] EXT4-fs: Ignoring removed orlov option [ 286.621365][T23682] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 286.635740][T23684] loop5: detected capacity change from 0 to 764 [ 286.654825][T23684] Symlink component flag not implemented [ 286.655664][T23682] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 286.660788][T23684] Symlink component flag not implemented (7) [ 286.674194][T23682] ext4 filesystem being mounted at /992/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 286.772848][T11346] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.877025][T23699] netlink: 16 bytes leftover after parsing attributes in process `syz.6.8945'. [ 286.944527][T23707] loop5: detected capacity change from 0 to 512 [ 286.970887][T23707] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 287.004484][T23707] ext4 filesystem being mounted at /1541/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 287.106204][ T7093] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.263235][T23739] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 287.351507][T23746] netlink: 'syz.1.8968': attribute type 4 has an invalid length. [ 287.359327][T23746] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.8968'. [ 287.474463][T23757] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in; [ 287.474463][T23757] program syz.2.8973 not setting count and/or reply_len properly [ 287.591842][T23762] loop6: detected capacity change from 0 to 1024 [ 287.695029][T23762] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.732934][T23762] EXT4-fs error (device loop6): mb_free_blocks:1948: group 0, inode 15: block 369:freeing already freed block (bit 23); block bitmap corrupt. [ 287.825108][T11346] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.871630][T23788] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8986'. [ 287.919363][T23788] macsec0: entered promiscuous mode [ 287.994231][T23796] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 288.008606][T23802] loop4: detected capacity change from 0 to 512 [ 288.018654][T23802] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 288.027888][T23802] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 288.055865][T23802] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended [ 288.075544][T23802] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 288.099455][T23802] System zones: 0-2, 18-18, 34-34 [ 288.110303][T23802] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 288.142469][T23802] EXT4-fs (loop4): 1 truncate cleaned up [ 288.160624][T23802] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 288.230727][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.235999][T23812] loop2: detected capacity change from 0 to 512 [ 288.281161][T23812] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 288.295779][T23816] 9pnet_fd: Insufficient options for proto=fd [ 288.296502][T23812] ext4 filesystem being mounted at /439/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 288.315171][T23812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.372835][T23820] SELinux: syz.4.9000 (23820) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 288.463498][T23827] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9003'. [ 288.493177][T23829] netlink: 65039 bytes leftover after parsing attributes in process `syz.5.9005'. [ 288.850844][T23865] sd 0:0:1:0: device reset [ 288.948996][T23873] 9pnet: Could not find request transport: 0xffffffffffffffff [ 289.098338][T23888] loop5: detected capacity change from 0 to 736 [ 289.189063][ T7093] rock: directory entry would overflow storage [ 289.195457][ T7093] rock: sig=0x5850, size=36, remaining=14 [ 289.265343][T23899] loop5: detected capacity change from 0 to 2048 [ 289.309699][T23899] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 289.313381][T23905] loop2: detected capacity change from 0 to 512 [ 289.331301][T23905] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 289.343283][T23905] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.9039: invalid block [ 289.357146][T23905] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.9039: invalid indirect mapped block 4294967295 (level 1) [ 289.373397][T23905] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.9039: invalid indirect mapped block 4294967295 (level 1) [ 289.389977][T23905] EXT4-fs (loop2): 2 truncates cleaned up [ 289.397215][T23905] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.420261][T23905] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.9039: bg 0: block 5: invalid block bitmap [ 289.445606][ T7093] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.456615][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.531510][T23917] netlink: 'syz.2.9043': attribute type 7 has an invalid length. [ 289.639447][T23933] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 289.697520][T23937] netlink: 44 bytes leftover after parsing attributes in process `syz.5.9054'. [ 289.936298][T23961] loop2: detected capacity change from 0 to 512 [ 289.969137][T23961] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 289.992611][ T29] kauditd_printk_skb: 1367 callbacks suppressed [ 289.992626][ T29] audit: type=1400 audit(2000000061.150:50378): avc: denied { map_create } for pid=23964 comm="syz.4.9067" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 290.031651][T23961] EXT4-fs (loop2): 1 truncate cleaned up [ 290.037810][T23961] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 290.061710][ T29] audit: type=1400 audit(2000000061.150:50379): avc: denied { perfmon } for pid=23964 comm="syz.4.9067" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 290.083561][ T29] audit: type=1400 audit(2000000061.150:50380): avc: denied { map_read map_write } for pid=23964 comm="syz.4.9067" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 290.103662][ T29] audit: type=1400 audit(2000000061.150:50381): avc: denied { prog_load } for pid=23964 comm="syz.4.9067" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 290.123567][ T29] audit: type=1400 audit(2000000061.150:50382): avc: denied { bpf } for pid=23964 comm="syz.4.9067" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 290.144547][ T29] audit: type=1400 audit(2000000061.150:50383): avc: denied { prog_run } for pid=23964 comm="syz.4.9067" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 290.164503][ T29] audit: type=1400 audit(2000000061.200:50384): avc: denied { prog_load } for pid=23966 comm="syz.6.9069" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 290.183802][ T29] audit: type=1400 audit(2000000061.210:50385): avc: denied { bpf } for pid=23966 comm="syz.6.9069" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 290.205253][ T29] audit: type=1400 audit(2000000061.210:50386): avc: denied { perfmon } for pid=23966 comm="syz.6.9069" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 290.226460][ T29] audit: type=1400 audit(2000000061.210:50387): avc: denied { read write } for pid=3306 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 290.272490][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.315103][T23984] netlink: 'syz.4.9076': attribute type 9 has an invalid length. [ 290.606506][T24020] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9093'. [ 291.020586][T24056] __nla_validate_parse: 4 callbacks suppressed [ 291.020609][T24056] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9111'. [ 291.045330][T24056] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9111'. [ 291.164185][T24085] loop5: detected capacity change from 0 to 512 [ 291.181536][T24085] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 291.204229][T24085] EXT4-fs (loop5): 1 truncate cleaned up [ 291.210506][T24085] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 291.230743][T24083] atomic_op ffff88811b753928 conn xmit_atomic 0000000000000000 [ 291.300926][ T7093] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.361827][T24097] loop6: detected capacity change from 0 to 512 [ 291.390794][T24097] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 291.401867][T24102] sctp: [Deprecated]: syz.5.9127 (pid 24102) Use of struct sctp_assoc_value in delayed_ack socket option. [ 291.401867][T24102] Use struct sctp_sack_info instead [ 291.424014][T24097] EXT4-fs (loop6): 1 truncate cleaned up [ 291.439412][T24097] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 291.521419][T11346] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.755361][T24134] loop2: detected capacity change from 0 to 512 [ 291.769753][T24134] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 291.785365][T24134] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 291.802932][T24134] ext4 filesystem being mounted at /474/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 291.839706][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.915200][T24146] loop1: detected capacity change from 0 to 512 [ 291.944371][T24146] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 291.957315][T24146] ext4 filesystem being mounted at /1771/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 292.005607][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 292.094677][T24158] loop1: detected capacity change from 0 to 4096 [ 292.110584][T24158] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 292.210084][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.255811][T24174] netlink: 172 bytes leftover after parsing attributes in process `syz.4.9161'. [ 292.265011][T24174] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9161'. [ 292.661009][T24214] SELinux: syz.2.9180 (24214) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 292.809549][T24230] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9189'. [ 292.818601][T24230] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9189'. [ 292.830951][T24234] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9190'. [ 292.866843][T24236] SELinux: Context system_u:object_r:public_content_rw_t:s0 is not valid (left unmapped). [ 293.001852][T24246] netlink: 44 bytes leftover after parsing attributes in process `syz.1.9196'. [ 293.118732][T24261] loop6: detected capacity change from 0 to 512 [ 293.150326][T24265] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9205'. [ 293.159387][T24265] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9205'. [ 293.300615][T24274] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 293.326891][T24261] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 293.328863][T24274] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 293.348832][T24261] ext4 filesystem being mounted at /1025/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 293.369449][T24261] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.9201: corrupted xattr block 19: overlapping e_value [ 293.386127][T24261] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop6 ino=15 [ 293.396413][T24261] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.9201: corrupted xattr block 19: overlapping e_value [ 293.413257][T24261] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop6 ino=15 [ 293.473389][T24261] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.9201: corrupted xattr block 19: overlapping e_value [ 293.491147][T24261] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop6 ino=15 [ 293.505109][T24283] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.9201: corrupted xattr block 19: overlapping e_value [ 293.539496][T24283] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop6 ino=15 [ 293.554475][T24283] EXT4-fs error (device loop6): ext4_xattr_block_find:1869: inode #15: comm syz.6.9201: corrupted xattr block 19: overlapping e_value [ 293.668944][T11346] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 293.917792][T24336] loop1: detected capacity change from 0 to 2048 [ 293.957062][T24336] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 293.990249][T24336] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 294.005320][T24336] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 129 with error 28 [ 294.017828][T24336] EXT4-fs (loop1): This should not happen!! Data will be lost [ 294.017828][T24336] [ 294.027683][T24336] EXT4-fs (loop1): Total free blocks count 0 [ 294.033857][T24336] EXT4-fs (loop1): Free/Dirty block details [ 294.039811][T24336] EXT4-fs (loop1): free_blocks=2415919504 [ 294.045617][T24336] EXT4-fs (loop1): dirty_blocks=144 [ 294.050854][T24336] EXT4-fs (loop1): Block reservation details [ 294.056939][T24336] EXT4-fs (loop1): i_reserved_data_blocks=9 [ 294.094196][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.162617][T24357] 9pnet: Could not find request transport: f [ 294.246864][T24366] loop5: detected capacity change from 0 to 2048 [ 294.299218][T24366] Alternate GPT is invalid, using primary GPT. [ 294.305698][T24366] loop5: p1 p2 p3 [ 294.756287][T24423] loop6: detected capacity change from 0 to 512 [ 294.777783][T24423] EXT4-fs (loop6): too many log groups per flexible block group [ 294.785658][T24423] EXT4-fs (loop6): failed to initialize mballoc (-12) [ 294.826826][T24423] EXT4-fs (loop6): mount failed [ 294.896050][T24439] loop5: detected capacity change from 0 to 527 [ 294.907176][T24439] EXT4-fs (loop5): failed to parse options in superblock:  [ 294.920137][T24439] EXT4-fs (loop5): Unsupported encryption level 4 [ 295.001927][ T29] kauditd_printk_skb: 1738 callbacks suppressed [ 295.001944][ T29] audit: type=1326 audit(2000000066.160:52126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24443 comm="syz.4.9286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36df0e969 code=0x7ffc0000 [ 295.031911][ T29] audit: type=1326 audit(2000000066.160:52127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24443 comm="syz.4.9286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36df0e969 code=0x7ffc0000 [ 295.058452][T24448] loop6: detected capacity change from 0 to 512 [ 295.067816][T24448] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 295.076550][ T29] audit: type=1326 audit(2000000066.210:52128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24443 comm="syz.4.9286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7fe36df0e969 code=0x7ffc0000 [ 295.100893][ T29] audit: type=1326 audit(2000000066.210:52129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24443 comm="syz.4.9286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36df0e969 code=0x7ffc0000 [ 295.125172][ T29] audit: type=1400 audit(2000000066.210:52130): avc: denied { read write } for pid=24447 comm="syz.6.9287" name="loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 295.149454][ T29] audit: type=1400 audit(2000000066.210:52131): avc: denied { read write open } for pid=24447 comm="syz.6.9287" path="/dev/loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 295.154010][T24448] EXT4-fs (loop6): orphan cleanup on readonly fs [ 295.175313][ T29] audit: type=1400 audit(2000000066.210:52132): avc: denied { ioctl } for pid=24447 comm="syz.6.9287" path="/dev/loop6" dev="devtmpfs" ino=106 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 295.182698][T24448] Quota error (device loop6): do_check_range: Getting block 196613 out of range 1-5 [ 295.207344][ T29] audit: type=1400 audit(2000000066.220:52133): avc: denied { mounton } for pid=24447 comm="syz.6.9287" path="/1030/bus" dev="tmpfs" ino=5291 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 295.215992][T24448] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0 [ 295.248311][T24448] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.9287: Failed to acquire dquot type 1 [ 295.266172][T24448] EXT4-fs (loop6): 1 truncate cleaned up [ 295.272548][T24448] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 295.286696][T24448] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.379048][T24461] 9pnet: Could not find request transport: 0xffffffffffffffff [ 295.519067][T24479] loop4: detected capacity change from 0 to 8192 [ 295.678884][T24491] loop4: detected capacity change from 0 to 1024 [ 295.716090][T24491] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 295.760732][T24499] loop2: detected capacity change from 0 to 512 [ 295.777747][T24499] EXT4-fs: Ignoring removed orlov option [ 295.796503][T24499] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.9307: corrupted in-inode xattr: invalid ea_ino [ 295.814757][T24499] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.9307: couldn't read orphan inode 15 (err -117) [ 295.832673][T24499] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.954289][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.066879][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.103465][T24518] openvswitch: netlink: Message has 6 unknown bytes. [ 296.130009][T24519] Invalid ELF header magic: != ELF [ 296.139527][T24521] __nla_validate_parse: 4 callbacks suppressed [ 296.139542][T24521] netlink: 32 bytes leftover after parsing attributes in process `syz.2.9316'. [ 296.188498][T24527] loop1: detected capacity change from 0 to 512 [ 296.228031][T24527] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 296.254813][T24535] netlink: 76 bytes leftover after parsing attributes in process `syz.4.9323'. [ 296.303217][T24539] loop4: detected capacity change from 0 to 128 [ 296.310803][T24527] ext4 filesystem being mounted at /1805/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 296.333932][T24527] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.9318: corrupted xattr block 19: overlapping e_value [ 296.349307][T24539] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 296.365910][T24527] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop1 ino=15 [ 296.375551][T24539] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 296.376300][T24527] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.9318: corrupted xattr block 19: overlapping e_value [ 296.400681][T24544] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.9318: corrupted xattr block 19: overlapping e_value [ 296.417860][T24543] loop2: detected capacity change from 0 to 512 [ 296.430518][ T295] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 296.433138][T24527] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop1 ino=15 [ 296.451951][T24544] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop1 ino=15 [ 296.472747][T24543] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.9326: bg 0: block 248: padding at end of block bitmap is not set [ 296.475130][T24527] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.9318: corrupted xattr block 19: overlapping e_value [ 296.507019][T24527] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop1 ino=15 [ 296.519755][T24543] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.9326: Failed to acquire dquot type 1 [ 296.549663][T24544] EXT4-fs error (device loop1): ext4_xattr_block_find:1869: inode #15: comm syz.1.9318: corrupted xattr block 19: overlapping e_value [ 296.564742][T24552] loop6: detected capacity change from 0 to 2048 [ 296.581662][T24543] EXT4-fs (loop2): 1 truncate cleaned up [ 296.588741][T24543] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 296.602026][T24543] ext4 filesystem being mounted at /527/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 296.614052][T24552] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 296.641929][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.668348][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.684086][ T295] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1 [ 296.786623][T24574] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9340'. [ 296.807270][T11346] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.817181][T24574] netlink: 24 bytes leftover after parsing attributes in process `syz.5.9340'. [ 296.911095][T24586] Cannot find add_set index 0 as target [ 297.290491][T24631] loop1: detected capacity change from 0 to 512 [ 297.326954][T24631] EXT4-fs (loop1): 1 orphan inode deleted [ 297.333240][T24631] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 297.350814][ T388] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1 [ 297.351111][T24631] ext4 filesystem being mounted at /1809/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 297.409457][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.594236][T24663] netlink: 'syz.2.9382': attribute type 9 has an invalid length. [ 297.602086][T24663] netlink: 61951 bytes leftover after parsing attributes in process `syz.2.9382'. [ 297.686764][T24672] program syz.2.9387 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 297.735668][T24677] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9388'. [ 297.864793][T24692] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 297.948244][T24700] netlink: 60 bytes leftover after parsing attributes in process `syz.4.9401'. [ 298.105468][T24718] block device autoloading is deprecated and will be removed. [ 298.113693][T24718] syz.4.9408: attempt to access beyond end of device [ 298.113693][T24718] md33: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 298.232670][T24731] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9414'. [ 298.242448][T24731] netlink: 11 bytes leftover after parsing attributes in process `syz.2.9414'. [ 298.276168][T24732] 9pnet_fd: Insufficient options for proto=fd [ 298.409269][T24746] SELinux: syz.4.9422 (24746) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 298.632407][T24758] loop4: detected capacity change from 0 to 512 [ 298.681815][T24758] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 298.697625][T24758] ext4 filesystem being mounted at /1964/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 298.709140][T24758] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.735754][T24773] loop6: detected capacity change from 0 to 512 [ 298.758976][T24772] netlink: 84 bytes leftover after parsing attributes in process `syz.1.9432'. [ 298.759117][T24777] tap0: tun_chr_ioctl cmd 1074025677 [ 298.775973][T24777] tap0: linktype set to 825 [ 298.792441][T24773] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.9429: bg 0: block 248: padding at end of block bitmap is not set [ 298.812698][T24773] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.9429: Failed to acquire dquot type 1 [ 298.887465][T24773] EXT4-fs (loop6): 1 truncate cleaned up [ 298.908456][T24791] loop2: detected capacity change from 0 to 512 [ 298.922094][T24773] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 298.966283][T24773] ext4 filesystem being mounted at /1043/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 298.978163][T24791] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 299.021563][T24791] ext4 filesystem being mounted at /556/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 299.048307][T24806] loop5: detected capacity change from 0 to 2048 [ 299.102479][T11346] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.112717][ T9912] EXT4-fs error (device loop6): ext4_release_dquot:6971: comm kworker/u8:8: Failed to release dquot type 1 [ 299.125317][T24806] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 299.168477][ T7093] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.181195][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 299.282566][T24820] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 299.290985][T24820] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 299.484314][T24851] tun1: tun_chr_ioctl cmd 1074025677 [ 299.494940][T24851] tun1: linktype set to 5 [ 299.617120][T24862] 9pnet: Could not find request transport: 0xffffffffffffffff [ 299.648806][T24867] loop6: detected capacity change from 0 to 512 [ 299.688219][T24867] EXT4-fs: Ignoring removed nobh option [ 299.715315][T24867] EXT4-fs error (device loop6): ext4_do_update_inode:5211: inode #16: comm syz.6.9474: corrupted inode contents [ 299.787377][T24867] EXT4-fs (loop6): Remounting filesystem read-only [ 299.794129][T24867] EXT4-fs (loop6): 1 truncate cleaned up [ 299.800947][T24867] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 299.814625][T24867] ext4 filesystem being mounted at /1047/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 299.825428][ T295] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 299.836889][ T295] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 299.890983][ T295] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started [ 299.949104][T11346] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.954921][T24896] SELinux: ebitmap: truncated map [ 299.965278][T24896] SELinux: failed to load policy [ 300.014270][ T29] kauditd_printk_skb: 1573 callbacks suppressed [ 300.014320][ T29] audit: type=1400 audit(2000000071.170:53694): avc: denied { read write } for pid=11346 comm="syz-executor" name="loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 300.055181][ T29] audit: type=1400 audit(2000000071.170:53695): avc: denied { read write } for pid=3306 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 300.079709][ T29] audit: type=1400 audit(2000000071.170:53696): avc: denied { open } for pid=3306 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 300.104163][ T29] audit: type=1400 audit(2000000071.170:53697): avc: denied { ioctl } for pid=3306 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 300.130126][ T29] audit: type=1400 audit(2000000071.200:53698): avc: denied { read write open } for pid=11346 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 300.155455][ T29] audit: type=1400 audit(2000000071.200:53699): avc: denied { ioctl } for pid=11346 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 300.188343][ T29] audit: type=1400 audit(2000000071.220:53700): avc: denied { prog_load } for pid=24904 comm="syz.1.9493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 300.207750][ T29] audit: type=1400 audit(2000000071.220:53701): avc: denied { bpf } for pid=24904 comm="syz.1.9493" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 300.228938][ T29] audit: type=1400 audit(2000000071.220:53702): avc: denied { perfmon } for pid=24904 comm="syz.1.9493" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 300.250133][ T29] audit: type=1400 audit(2000000071.230:53703): avc: denied { create } for pid=24904 comm="syz.1.9493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 300.318509][T24919] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=15975 sclass=netlink_audit_socket pid=24919 comm=syz.2.9499 [ 300.421076][T24930] loop5: detected capacity change from 0 to 256 [ 300.446160][T11678] kernel write not supported for file /vcsu (pid: 11678 comm: kworker/0:16) [ 300.663425][T24953] bond0: option fail_over_mac: unable to set because the bond device has slaves [ 300.774433][T24961] loop4: detected capacity change from 0 to 128 [ 300.792298][T24961] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 300.800191][T24961] FAT-fs (loop4): Filesystem has been set read-only [ 300.809060][T24961] syz.4.9518: attempt to access beyond end of device [ 300.809060][T24961] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 300.823015][T24961] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 300.830889][T24961] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 300.839520][T24961] syz.4.9518: attempt to access beyond end of device [ 300.839520][T24961] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 300.853008][T24961] syz.4.9518: attempt to access beyond end of device [ 300.853008][T24961] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 300.868139][T24961] syz.4.9518: attempt to access beyond end of device [ 300.868139][T24961] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 300.881702][T24961] syz.4.9518: attempt to access beyond end of device [ 300.881702][T24961] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 300.945490][T24963] SELinux: syz.4.9519 (24963) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 301.059987][T24971] 9pnet: Could not find request transport: r [ 301.124276][T24983] loop4: detected capacity change from 0 to 128 [ 301.142778][T24983] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 301.156765][T24983] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 301.203183][T24991] netlink: 'syz.5.9532': attribute type 2 has an invalid length. [ 301.211007][T24991] __nla_validate_parse: 5 callbacks suppressed [ 301.211025][T24991] netlink: 132 bytes leftover after parsing attributes in process `syz.5.9532'. [ 301.291112][T24995] ieee802154 phy0 wpan0: encryption failed: -22 [ 301.687768][T25040] IPVS: Scheduler module ip_vs_ not found [ 301.689096][T25042] IPv6: NLM_F_CREATE should be specified when creating new route [ 301.710927][T25043] loop1: detected capacity change from 0 to 2048 [ 301.740143][T25048] netlink: 132 bytes leftover after parsing attributes in process `syz.6.9560'. [ 301.997308][T25075] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.058097][T25075] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.116102][T25075] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.139536][T25084] loop5: detected capacity change from 0 to 8192 [ 302.172159][T25084] loop5: p1 p2 < > p3 p4 < p5 > [ 302.177163][T25084] loop5: partition table partially beyond EOD, truncated [ 302.188143][T25084] loop5: p1 size 100663296 extends beyond EOD, truncated [ 302.190863][T25075] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.214119][T25084] loop5: p2 start 591104 is beyond EOD, truncated [ 302.214141][T25084] loop5: p3 start 33572980 is beyond EOD, truncated [ 302.214801][T25084] loop5: p5 size 100663296 extends beyond EOD, truncated [ 302.273953][T25075] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.300925][T25075] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.330156][T25075] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.356390][T25075] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.406451][T25109] netlink: 32 bytes leftover after parsing attributes in process `syz.5.9585'. [ 302.566228][T25112] loop1: detected capacity change from 0 to 8192 [ 302.986680][T25174] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9613'. [ 303.057664][T25183] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9620'. [ 303.120229][T25184] netlink: 'syz.6.9619': attribute type 16 has an invalid length. [ 303.128168][T25184] netlink: 'syz.6.9619': attribute type 17 has an invalid length. [ 303.259838][T25184] 8021q: adding VLAN 0 to HW filter on device bond0 [ 303.269677][T25184] 8021q: adding VLAN 0 to HW filter on device team0 [ 303.292377][T25184] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 303.549654][T25231] program syz.5.9643 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 303.612837][T25234] netlink: 61211 bytes leftover after parsing attributes in process `syz.5.9644'. [ 304.300667][T25315] netlink: 'syz.4.9682': attribute type 8 has an invalid length. [ 304.317837][T25315] bridge0: entered allmulticast mode [ 304.362698][T25311] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(6) [ 304.369271][T25311] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 304.376998][T25311] vhci_hcd vhci_hcd.0: Device attached [ 304.410218][T25321] loop4: detected capacity change from 0 to 512 [ 304.439406][T25318] vhci_hcd: connection closed [ 304.439622][ T388] vhci_hcd: stop threads [ 304.448705][ T388] vhci_hcd: release socket [ 304.453268][ T388] vhci_hcd: disconnect device [ 304.471107][T25321] EXT4-fs (loop4): too many log groups per flexible block group [ 304.478935][T25321] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 304.486775][T25321] EXT4-fs (loop4): mount failed [ 304.564407][T25341] netlink: 'syz.4.9694': attribute type 16 has an invalid length. [ 304.572363][T25341] netlink: 'syz.4.9694': attribute type 17 has an invalid length. [ 304.623447][T25341] bridge0: entered promiscuous mode [ 304.630807][T25341] 8021q: adding VLAN 0 to HW filter on device bond0 [ 304.653291][T25341] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 304.877157][T25367] xt_hashlimit: max too large, truncated to 1048576 [ 304.904788][T25372] loop5: detected capacity change from 0 to 1024 [ 304.959022][T25372] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 304.982950][T25372] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #14: comm syz.5.9709: attempt to clear invalid blocks 1886221359 len 1 [ 305.023770][ T29] kauditd_printk_skb: 1587 callbacks suppressed [ 305.023789][ T29] audit: type=1400 audit(2000000076.180:55291): avc: denied { prog_load } for pid=25387 comm="syz.2.9715" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 305.049997][ T29] audit: type=1400 audit(2000000076.180:55292): avc: denied { bpf } for pid=25387 comm="syz.2.9715" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 305.070814][ T29] audit: type=1400 audit(2000000076.180:55293): avc: denied { perfmon } for pid=25387 comm="syz.2.9715" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 305.117568][ T29] audit: type=1400 audit(2000000076.180:55294): avc: denied { create } for pid=25389 comm="syz.4.9716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 305.138111][ T29] audit: type=1400 audit(2000000076.180:55295): avc: denied { connect } for pid=25389 comm="syz.4.9716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 305.157956][ T29] audit: type=1400 audit(2000000076.180:55296): avc: denied { name_connect } for pid=25389 comm="syz.4.9716" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 305.179056][ T29] audit: type=1400 audit(2000000076.180:55297): avc: denied { shutdown } for pid=25389 comm="syz.4.9716" lport=56227 faddr=fc01::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 305.201297][ T29] audit: type=1400 audit(2000000076.180:55298): avc: denied { getopt } for pid=25389 comm="syz.4.9716" lport=56227 faddr=fc01::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 305.224022][ T29] audit: type=1400 audit(2000000076.200:55299): avc: denied { read write } for pid=3306 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 305.248516][ T29] audit: type=1400 audit(2000000076.200:55300): avc: denied { open } for pid=3306 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 305.452834][T25418] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9729'. [ 305.571229][T25430] netlink: 92 bytes leftover after parsing attributes in process `syz.5.9734'. [ 305.586230][T25430] netlink: 24 bytes leftover after parsing attributes in process `syz.5.9734'. [ 305.595297][T25430] netlink: 'syz.5.9734': attribute type 1 has an invalid length. [ 305.612441][T25433] program syz.2.9737 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 306.028681][T25485] Cannot find add_set index 0 as target [ 306.286296][T25515] IPv6: NLM_F_CREATE should be specified when creating new route [ 306.325104][T25518] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9778'. [ 306.346006][T25516] loop1: detected capacity change from 0 to 512 [ 306.356214][T25516] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 306.372640][T25516] EXT4-fs (loop1): 1 truncate cleaned up [ 306.451114][T25529] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9783'. [ 306.549263][T25539] loop6: detected capacity change from 0 to 512 [ 306.561412][T25541] SELinux: syz.2.9790 (25541) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 306.580230][T25539] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 306.607275][T25539] EXT4-fs (loop6): warning: maximal mount count reached, running e2fsck is recommended [ 306.626012][T25539] EXT4-fs error (device loop6): ext4_orphan_get:1391: comm syz.6.9788: inode #15: comm syz.6.9788: iget: illegal inode # [ 306.686374][T25552] netlink: 44 bytes leftover after parsing attributes in process `syz.1.9795'. [ 306.695588][T25552] netlink: 44 bytes leftover after parsing attributes in process `syz.1.9795'. [ 306.751483][T25539] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.9788: couldn't read orphan inode 15 (err -117) [ 306.949802][T25581] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9808'. [ 307.046569][T25590] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9812'. [ 307.061413][T25591] SELinux: syz.5.9813 (25591) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 307.103062][T25595] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9815'. [ 307.438487][T25631] netlink: 144 bytes leftover after parsing attributes in process `syz.4.9832'. [ 307.495050][T25638] loop2: detected capacity change from 0 to 256 [ 307.773677][T25662] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9845'. [ 308.089956][T25698] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9862'. [ 308.408076][T25728] SELinux: ebitmap: truncated map [ 308.432861][T25728] SELinux: failed to load policy [ 308.488641][T25734] wireguard1: entered promiscuous mode [ 308.568565][T25741] loop1: detected capacity change from 0 to 512 [ 308.580895][T25741] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.9883: iget: bad extended attribute block 1 [ 308.581021][T25741] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.9883: couldn't read orphan inode 15 (err -117) [ 308.615082][T25741] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 308.748730][T25755] x_tables: duplicate underflow at hook 3 [ 308.910860][T25769] tap0: tun_chr_ioctl cmd 1074025677 [ 308.927650][T25769] tap0: linktype set to 780 [ 308.969885][T25775] loop5: detected capacity change from 0 to 2048 [ 309.015159][T25781] netlink: 'syz.4.9901': attribute type 1 has an invalid length. [ 309.149449][T25796] loop4: detected capacity change from 0 to 512 [ 309.231778][T25796] EXT4-fs (loop4): 1 orphan inode deleted [ 309.251577][ T388] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1 [ 309.273625][T25796] ext4 filesystem being mounted at /2076/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 309.289728][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.297207][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.305614][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.313145][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.320608][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.328058][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.336222][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.343760][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.351325][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.358779][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.366905][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.392999][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.400532][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.407997][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.415461][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.423600][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.431090][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.438550][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.446022][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.454148][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.461741][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.469170][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.476627][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.484844][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.492371][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.499788][T11678] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.509284][T11678] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz0] on syz1 [ 309.559894][T25821] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 309.658302][T25824] loop6: detected capacity change from 0 to 2048 [ 309.717292][T25824] Alternate GPT is invalid, using primary GPT. [ 309.723922][T25824] loop6: p2 p3 p7 [ 309.961300][T25846] loop6: detected capacity change from 0 to 512 [ 309.983204][T25846] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 310.016416][T25846] EXT4-fs (loop6): 1 truncate cleaned up [ 310.032452][ T29] kauditd_printk_skb: 1537 callbacks suppressed [ 310.032468][ T29] audit: type=1400 audit(2000000081.190:56837): avc: denied { mount } for pid=25844 comm="syz.6.9931" name="/" dev="loop6" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 310.068028][ T29] audit: type=1400 audit(2000000081.210:56838): avc: denied { prog_load } for pid=25850 comm="syz.2.9934" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 310.087368][ T29] audit: type=1400 audit(2000000081.210:56839): avc: denied { bpf } for pid=25850 comm="syz.2.9934" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 310.108152][ T29] audit: type=1400 audit(2000000081.210:56840): avc: denied { perfmon } for pid=25850 comm="syz.2.9934" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 310.129525][ T29] audit: type=1400 audit(2000000081.210:56841): avc: denied { prog_run } for pid=25850 comm="syz.2.9934" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 310.148724][ T29] audit: type=1400 audit(2000000081.220:56842): avc: denied { create } for pid=25850 comm="syz.2.9934" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 310.169584][ T29] audit: type=1400 audit(2000000081.220:56843): avc: denied { write } for pid=25850 comm="syz.2.9934" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 310.190412][ T29] audit: type=1400 audit(2000000081.220:56844): avc: denied { read write } for pid=25844 comm="syz.6.9931" name="loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 310.214706][ T29] audit: type=1400 audit(2000000081.220:56845): avc: denied { open } for pid=25844 comm="syz.6.9931" path="/dev/loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 310.240017][T25846] loop6: detected capacity change from 0 to 512 [ 310.252610][T25846] EXT4-fs: Ignoring removed orlov option [ 310.281517][T25846] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 310.293731][T25846] EXT4-fs (loop6): orphan cleanup on readonly fs [ 310.300753][ T29] audit: type=1400 audit(2000000081.220:56846): avc: denied { ioctl } for pid=25844 comm="syz.6.9931" path="/dev/loop6" dev="devtmpfs" ino=106 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 310.359111][T25846] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.9931: bg 0: block 248: padding at end of block bitmap is not set [ 310.379873][T25861] loop2: detected capacity change from 0 to 164 [ 310.396078][T25861] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 310.404777][T25846] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.9931: Failed to acquire dquot type 1 [ 310.424377][T25846] EXT4-fs (loop6): 1 truncate cleaned up [ 310.584104][T25881] loop2: detected capacity change from 0 to 128 [ 310.691006][T25891] loop6: detected capacity change from 0 to 512 [ 310.701309][T25891] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #15: comm syz.6.9952: casefold flag without casefold feature [ 310.714984][T25891] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.9952: couldn't read orphan inode 15 (err -117) [ 310.806976][T25895] bridge0: port 2(bridge_slave_1) entered disabled state [ 310.885876][T25903] loop6: detected capacity change from 0 to 512 [ 310.933041][T25907] loop1: detected capacity change from 0 to 2048 [ 311.072873][T25924] SELinux: syz.1.9968 (25924) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 311.182707][T25930] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 311.201769][T25934] loop5: detected capacity change from 0 to 512 [ 311.276946][T25934] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=884ec01c, mo2=0002] [ 311.288008][T25934] EXT4-fs (loop5): orphan cleanup on readonly fs [ 311.294932][T25934] EXT4-fs warning (device loop5): ext4_enable_quotas:7170: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 311.342842][T25934] EXT4-fs (loop5): Cannot turn on quotas: error -22 [ 311.370689][T25934] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #13: comm syz.5.9973: iget: bogus i_mode (177755) [ 311.418147][T25934] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.9973: couldn't read orphan inode 13 (err -117) [ 311.623187][T25968] openvswitch: netlink: Message has 6 unknown bytes. [ 311.704053][T25978] loop5: detected capacity change from 0 to 512 [ 311.723525][T25978] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 311.744607][T25978] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.9992: invalid block [ 311.759988][T25978] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.9992: invalid indirect mapped block 4294967295 (level 1) [ 311.785801][T25978] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.9992: invalid indirect mapped block 4294967295 (level 1) [ 311.800300][T25978] EXT4-fs (loop5): 2 truncates cleaned up [ 312.075475][T26002] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 312.112733][T26002] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 312.400416][T26017] bond2: entered promiscuous mode [ 312.405629][T26017] bond2: entered allmulticast mode [ 312.412459][T26017] 8021q: adding VLAN 0 to HW filter on device bond2 [ 312.526625][T26024] loop4: detected capacity change from 0 to 1024 [ 312.544989][T26024] EXT4-fs: Ignoring removed orlov option [ 312.550758][T26024] EXT4-fs: Ignoring removed nobh option [ 312.556384][T26024] EXT4-fs: Ignoring removed bh option [ 312.625731][T26034] __nla_validate_parse: 6 callbacks suppressed [ 312.625749][T26034] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10017'. [ 312.656632][T26036] IPv6: NLM_F_CREATE should be specified when creating new route [ 312.957639][T26070] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5) [ 312.964210][T26070] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 312.972486][T26070] vhci_hcd vhci_hcd.0: Device attached [ 312.985426][T26075] vhci_hcd: connection closed [ 312.985557][ T12] vhci_hcd: stop threads [ 312.994823][ T12] vhci_hcd: release socket [ 312.999308][ T12] vhci_hcd: disconnect device [ 313.274931][T26109] loop6: detected capacity change from 0 to 512 [ 313.284515][T26109] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 313.319889][T26109] ext4 filesystem being mounted at /1126/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 313.329302][T26116] loop2: detected capacity change from 0 to 128 [ 313.344633][T26116] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8) [ 313.352848][T26116] FAT-fs (loop2): Filesystem has been set read-only [ 313.360989][T26116] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522) [ 313.624366][T26146] netlink: 596 bytes leftover after parsing attributes in process `syz.2.10070'. [ 313.700038][T26152] loop2: detected capacity change from 0 to 2048 [ 313.707751][T26152] EXT4-fs: Ignoring removed nomblk_io_submit option [ 313.715317][T26152] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 313.836112][T26166] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10078'. [ 314.095748][T26194] netlink: 76 bytes leftover after parsing attributes in process `syz.6.10092'. [ 314.105037][T26194] netlink: 12 bytes leftover after parsing attributes in process `syz.6.10092'. [ 314.114168][T26194] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10092'. [ 314.146792][T26194] netlink: 76 bytes leftover after parsing attributes in process `syz.6.10092'. [ 314.164305][T26194] netlink: 12 bytes leftover after parsing attributes in process `syz.6.10092'. [ 314.173551][T26194] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10092'. [ 314.244323][T26210] loop6: detected capacity change from 0 to 512 [ 314.263799][T26210] EXT4-fs mount: 27 callbacks suppressed [ 314.263827][T26210] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 314.291971][T26210] ext4 filesystem being mounted at /1134/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 314.319364][T26210] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.10099: corrupted xattr block 33: invalid ea_ino [ 314.334073][T26210] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop6 ino=15 [ 314.346173][T26210] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.10099: corrupted xattr block 33: invalid ea_ino [ 314.360494][T26210] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop6 ino=15 [ 314.369827][T26210] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.10099: corrupted xattr block 33: invalid ea_ino [ 314.384569][T26210] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop6 ino=15 [ 314.421787][T26210] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.10099: corrupted xattr block 33: invalid ea_ino [ 314.436433][T26210] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop6 ino=15 [ 314.445641][T26210] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.10099: corrupted xattr block 33: invalid ea_ino [ 314.475413][T11346] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.811179][T26246] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10114'. [ 314.855487][T26248] loop4: detected capacity change from 0 to 512 [ 314.863857][T26248] EXT4-fs: Ignoring removed nobh option [ 314.882177][T26248] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.10115: invalid indirect mapped block 256 (level 2) [ 314.896755][T26248] EXT4-fs (loop4): 2 truncates cleaned up [ 314.903169][T26248] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 314.931841][T26248] EXT4-fs (loop4): shut down requested (1) [ 314.962683][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.997090][T26253] loop4: detected capacity change from 0 to 512 [ 315.025287][T26253] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.10117: bg 0: block 248: padding at end of block bitmap is not set [ 315.040185][T26253] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.10117: Failed to acquire dquot type 1 [ 315.061844][T26253] EXT4-fs (loop4): 1 truncate cleaned up [ 315.068100][T26253] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 315.082621][ T29] kauditd_printk_skb: 1498 callbacks suppressed [ 315.082637][ T29] audit: type=1400 audit(2000000086.240:58341): avc: denied { mount } for pid=26252 comm="syz.4.10117" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 315.082644][T26253] ext4 filesystem being mounted at /2139/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 315.142423][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 315.153436][ T388] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-5 [ 315.162547][ T388] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1 [ 315.174301][ T29] audit: type=1400 audit(2000000086.240:58342): avc: denied { read write } for pid=26252 comm="syz.4.10117" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 315.198873][ T29] audit: type=1400 audit(2000000086.240:58343): avc: denied { open } for pid=26252 comm="syz.4.10117" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 315.223861][ T29] audit: type=1400 audit(2000000086.240:58344): avc: denied { mac_admin } for pid=26252 comm="syz.4.10117" capability=33 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 315.245291][ T29] audit: type=1400 audit(2000000086.240:58345): avc: denied { relabelto } for pid=26252 comm="syz.4.10117" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 315.272280][ T29] audit: type=1400 audit(2000000086.290:58346): avc: denied { unmount } for pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 315.292296][ T29] audit: type=1400 audit(2000000086.330:58347): avc: denied { read write } for pid=19306 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 315.317488][ T29] audit: type=1400 audit(2000000086.330:58348): avc: denied { open } for pid=19306 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 315.342565][ T29] audit: type=1400 audit(2000000086.330:58349): avc: denied { ioctl } for pid=19306 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 315.552595][T26276] bond1: entered promiscuous mode [ 315.557762][T26276] bond1: entered allmulticast mode [ 315.563292][T26276] 8021q: adding VLAN 0 to HW filter on device bond1 [ 315.575922][T26276] bond1 (unregistering): Released all slaves [ 315.606297][T26283] ref_ctr_offset mismatch. inode: 0x2b02 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x4 [ 315.677005][T26290] netlink: 'syz.5.10132': attribute type 30 has an invalid length. [ 315.716921][T26292] loop1: detected capacity change from 0 to 512 [ 315.787100][T26292] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 315.799246][T26292] EXT4-fs (loop1): warning: maximal mount count reached, running e2fsck is recommended [ 315.925345][T26292] EXT4-fs error (device loop1): ext4_orphan_get:1391: comm syz.1.10133: inode #15: comm syz.1.10133: iget: illegal inode # [ 316.047112][T26292] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.10133: couldn't read orphan inode 15 (err -117) [ 316.093855][T26318] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=26318 comm=syz.4.10144 [ 316.125376][T26292] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 316.237433][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.485421][T26293] syz.2.10134 invoked oom-killer: gfp_mask=0x402d02(GFP_NOIO|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 316.500137][T26293] CPU: 0 UID: 0 PID: 26293 Comm: syz.2.10134 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) [ 316.500169][T26293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 316.500181][T26293] Call Trace: [ 316.500188][T26293] [ 316.500197][T26293] __dump_stack+0x1d/0x30 [ 316.500231][T26293] dump_stack_lvl+0xe8/0x140 [ 316.500276][T26293] dump_stack+0x15/0x1b [ 316.500296][T26293] dump_header+0x81/0x220 [ 316.500332][T26293] oom_kill_process+0x334/0x3f0 [ 316.500368][T26293] out_of_memory+0x979/0xb80 [ 316.500432][T26293] ? css_next_descendant_pre+0x138/0x160 [ 316.500478][T26293] mem_cgroup_out_of_memory+0x13d/0x190 [ 316.500512][T26293] try_charge_memcg+0x5e2/0x870 [ 316.500621][T26293] obj_cgroup_charge_pages+0xb7/0x1a0 [ 316.500651][T26293] __memcg_kmem_charge_page+0x9f/0x170 [ 316.500679][T26293] __alloc_frozen_pages_noprof+0x188/0x360 [ 316.500715][T26293] alloc_pages_mpol+0xb3/0x250 [ 316.500807][T26293] alloc_pages_noprof+0x90/0x130 [ 316.500829][T26293] __vmalloc_node_range_noprof+0x6a4/0xdf0 [ 316.500863][T26293] __kvmalloc_node_noprof+0x2f3/0x4d0 [ 316.500889][T26293] ? ip_set_alloc+0x1f/0x30 [ 316.500963][T26293] ? ip_set_alloc+0x1f/0x30 [ 316.501058][T26293] ip_set_alloc+0x1f/0x30 [ 316.501090][T26293] hash_netiface_create+0x282/0x740 [ 316.501126][T26293] ? __pfx_hash_netiface_create+0x10/0x10 [ 316.501159][T26293] ip_set_create+0x3c9/0x960 [ 316.501228][T26293] ? __nla_parse+0x40/0x60 [ 316.501248][T26293] nfnetlink_rcv_msg+0x4c3/0x590 [ 316.501273][T26293] ? kmem_cache_alloc_noprof+0x186/0x310 [ 316.501403][T26293] netlink_rcv_skb+0x120/0x220 [ 316.501447][T26293] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 316.501482][T26293] nfnetlink_rcv+0x16b/0x1690 [ 316.501529][T26293] ? __kfree_skb+0x109/0x150 [ 316.501563][T26293] ? nlmon_xmit+0x4f/0x60 [ 316.501633][T26293] ? consume_skb+0x49/0x150 [ 316.501742][T26293] ? nlmon_xmit+0x4f/0x60 [ 316.501764][T26293] ? dev_hard_start_xmit+0x39e/0x3d0 [ 316.501808][T26293] ? __dev_queue_xmit+0x11c0/0x1fb0 [ 316.501828][T26293] ? __dev_queue_xmit+0x182/0x1fb0 [ 316.501878][T26293] ? ref_tracker_free+0x37d/0x3e0 [ 316.501920][T26293] ? __netlink_deliver_tap+0x4dc/0x500 [ 316.501963][T26293] netlink_unicast+0x59e/0x670 [ 316.502038][T26293] netlink_sendmsg+0x58b/0x6b0 [ 316.502078][T26293] ? __pfx_netlink_sendmsg+0x10/0x10 [ 316.502116][T26293] __sock_sendmsg+0x142/0x180 [ 316.502176][T26293] ____sys_sendmsg+0x31e/0x4e0 [ 316.502201][T26293] ___sys_sendmsg+0x17b/0x1d0 [ 316.502237][T26293] __x64_sys_sendmsg+0xd4/0x160 [ 316.502314][T26293] x64_sys_call+0x2999/0x2fb0 [ 316.502339][T26293] do_syscall_64+0xd0/0x1a0 [ 316.502372][T26293] ? clear_bhb_loop+0x25/0x80 [ 316.502439][T26293] ? clear_bhb_loop+0x25/0x80 [ 316.502465][T26293] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.502490][T26293] RIP: 0033:0x7f578ab8e969 [ 316.502530][T26293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 316.502550][T26293] RSP: 002b:00007f57891f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 316.502572][T26293] RAX: ffffffffffffffda RBX: 00007f578adb5fa0 RCX: 00007f578ab8e969 [ 316.502587][T26293] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003 [ 316.502601][T26293] RBP: 00007f578ac10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 316.502620][T26293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 316.502633][T26293] R13: 0000000000000000 R14: 00007f578adb5fa0 R15: 00007fffa4465448 [ 316.502654][T26293] [ 316.514718][T11662] IPVS: starting estimator thread 0... [ 316.516067][T26293] memory: usage 307200kB, limit 307200kB, failcnt 71 [ 316.614994][T26350] program syz.5.10160 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 316.619262][T26293] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0 [ 316.623964][T26346] IPVS: using max 2064 ests per chain, 103200 per kthread [ 316.628145][T26293] kmem: usage 239216kB, limit 9007199254740988kB, failcnt 0 [ 316.628164][T26293] Memory cgroup stats for /syz2: [ 316.905075][T26293] cache 69107712 [ 316.913729][T26293] rss 159744 [ 316.916941][T26293] shmem 69009408 [ 316.920507][T26293] mapped_file 98304 [ 316.924456][T26293] dirty 98304 [ 316.927774][T26293] writeback 8192 [ 316.931358][T26293] workingset_refault_anon 1558 [ 316.936997][T26293] workingset_refault_file 71 [ 316.941668][T26293] swap 57344 [ 316.944932][T26293] swapcached 262144 [ 316.948749][T26293] pgpgin 296042 [ 316.952334][T26293] pgpgout 279060 [ 316.955899][T26293] pgfault 400913 [ 316.959659][T26293] pgmajfault 207 [ 316.964037][T26293] inactive_anon 36847616 [ 316.968375][T26293] active_anon 32321536 [ 316.972531][T26293] inactive_file 0 [ 316.976175][T26293] active_file 126976 [ 316.980158][T26293] unevictable 0 [ 316.983664][T26293] hierarchical_memory_limit 314572800 [ 316.989051][T26293] hierarchical_memsw_limit 9223372036854771712 [ 316.995917][T26293] total_cache 69107712 [ 317.000005][T26293] total_rss 159744 [ 317.003857][T26293] total_shmem 69009408 [ 317.008026][T26293] total_mapped_file 98304 [ 317.012420][T26293] total_dirty 98304 [ 317.016340][T26293] total_writeback 8192 [ 317.020442][T26293] total_workingset_refault_anon 1558 [ 317.026525][T26293] total_workingset_refault_file 71 [ 317.031684][T26293] total_swap 57344 [ 317.035498][T26293] total_swapcached 262144 [ 317.039842][T26293] total_pgpgin 296042 [ 317.043878][T26293] total_pgpgout 279060 [ 317.047955][T26293] total_pgfault 400913 [ 317.052747][T26293] total_pgmajfault 207 [ 317.056950][T26293] total_inactive_anon 36847616 [ 317.061830][T26293] total_active_anon 32321536 [ 317.066439][T26293] total_inactive_file 0 [ 317.070673][T26293] total_active_file 126976 [ 317.075131][T26293] total_unevictable 0 [ 317.079214][T26293] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.10134,pid=26291,uid=0 [ 317.094939][T26293] Memory cgroup out of memory: Killed process 26293 (syz.2.10134) total-vm:95796kB, anon-rss:936kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 317.525111][T26388] loop2: detected capacity change from 0 to 512 [ 317.579040][T26388] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.10173: Failed to acquire dquot type 1 [ 317.593910][T26388] EXT4-fs (loop2): 1 truncate cleaned up [ 317.601611][T26388] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 317.642506][T26388] ext4 filesystem being mounted at /726/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 317.685222][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.728734][T26410] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10185'. [ 317.994542][T26442] loop9: detected capacity change from 0 to 7 [ 318.001005][T26442] Buffer I/O error on dev loop9, logical block 0, async page read [ 318.016383][T26442] Buffer I/O error on dev loop9, logical block 0, async page read [ 318.025023][T26442] loop9: unable to read partition table [ 318.032099][T26442] loop_reread_partitions: partition scan of loop9 (被xڬdƤݡ [ 318.032099][T26442] U) failed (rc=-5) [ 318.068036][T26446] netlink: 'syz.2.10200': attribute type 1 has an invalid length. [ 318.096387][T26450] IPv6: Can't replace route, no match found [ 318.404431][T26484] loop2: detected capacity change from 0 to 1024 [ 318.422357][T26484] EXT4-fs: Ignoring removed nobh option [ 318.428048][T26484] EXT4-fs: Ignoring removed bh option [ 318.465907][T26484] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 318.549164][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 318.601470][ T51] unregister_netdevice: waiting for batadv_slave_0 to become free. Usage count = 2 [ 318.611160][ T51] ref_tracker: batadv_slave_0@ffff8881170c4550 has 1/1 users at [ 318.611160][ T51] batadv_hard_if_event+0x688/0xef0 [ 318.611160][ T51] raw_notifier_call_chain+0x6c/0x1b0 [ 318.611160][ T51] call_netdevice_notifiers_info+0xae/0x100 [ 318.611160][ T51] register_netdevice+0xd48/0xf10 [ 318.611160][ T51] veth_newlink+0x49b/0x770 [ 318.611160][ T51] rtnl_newlink_create+0x1bf/0x630 [ 318.611160][ T51] rtnl_newlink+0xf29/0x12d0 [ 318.611160][ T51] rtnetlink_rcv_msg+0x5fb/0x6d0 [ 318.611160][ T51] netlink_rcv_skb+0x120/0x220 [ 318.611160][ T51] rtnetlink_rcv+0x1c/0x30 [ 318.611160][ T51] netlink_unicast+0x59e/0x670 [ 318.611160][ T51] netlink_sendmsg+0x58b/0x6b0 [ 318.611160][ T51] __sock_sendmsg+0x142/0x180 [ 318.611160][ T51] __sys_sendto+0x268/0x330 [ 318.611160][ T51] __x64_sys_sendto+0x76/0x90 [ 318.611160][ T51] x64_sys_call+0x2eb6/0x2fb0 [ 318.611160][ T51] [ 318.983106][T26537] loop6: detected capacity change from 0 to 512 [ 318.998562][T26537] EXT4-fs: Ignoring removed mblk_io_submit option [ 319.007639][T26537] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 319.038888][T26537] EXT4-fs (loop6): 1 truncate cleaned up [ 319.056432][T26537] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 319.094546][T26537] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.144284][T26555] netlink: 1040 bytes leftover after parsing attributes in process `syz.2.10250'. [ 319.153760][T26555] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 319.344327][T26574] loop4: detected capacity change from 0 to 2048 [ 319.480238][T26582] openvswitch: netlink: Message has 6 unknown bytes. [ 319.566880][T26589] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10265'. [ 319.575974][T26589] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10265'. [ 319.645661][T26594] smc: net device bond0 applied user defined pnetid SYZ0 [ 319.653279][T26599] smc: net device bond0 erased user defined pnetid SYZ0 [ 319.665911][T26589] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10265'. [ 319.742756][T26605] loop4: detected capacity change from 0 to 1024 [ 319.768830][T26605] EXT4-fs: Ignoring removed nobh option [ 319.774517][T26605] EXT4-fs: Ignoring removed bh option [ 319.816301][T26605] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 319.884968][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.911854][T26624] loop5: detected capacity change from 0 to 512 [ 319.925763][T26624] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 319.957828][T26629] IPv6: NLM_F_CREATE should be specified when creating new route [ 319.990220][T26624] EXT4-fs (loop5): 1 truncate cleaned up [ 319.996543][T26624] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 320.015910][T26636] loop2: detected capacity change from 0 to 512 [ 320.035713][T26636] EXT4-fs error (device loop2): ext4_orphan_get:1391: comm syz.2.10286: inode #15: comm syz.2.10286: iget: illegal inode # [ 320.066913][T26636] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.10286: couldn't read orphan inode 15 (err -117) [ 320.088901][ T7093] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.099318][ T29] kauditd_printk_skb: 1256 callbacks suppressed [ 320.099382][ T29] audit: type=1400 audit(2000000091.248:59604): avc: denied { map_read map_write } for pid=26640 comm="syz.4.10290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 320.104293][T26636] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 320.106159][ T29] audit: type=1400 audit(2000000091.258:59605): avc: denied { write } for pid=26641 comm="syz.1.10288" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 320.161383][ T29] audit: type=1400 audit(2000000091.288:59606): avc: denied { write } for pid=26638 comm="syz.6.10289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 320.199259][ T29] audit: type=1400 audit(2000000091.318:59607): avc: denied { prog_load } for pid=26640 comm="syz.4.10290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 320.201939][T26636] EXT4-fs (loop2): shut down requested (1) [ 320.218727][ T29] audit: type=1400 audit(2000000091.318:59608): avc: denied { bpf } for pid=26640 comm="syz.4.10290" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 320.218841][ T29] audit: type=1400 audit(2000000091.318:59609): avc: denied { perfmon } for pid=26640 comm="syz.4.10290" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 320.218922][ T29] audit: type=1400 audit(2000000091.318:59610): avc: denied { mount } for pid=26633 comm="syz.2.10286" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 320.218953][ T29] audit: type=1400 audit(2000000091.318:59611): avc: denied { read write } for pid=26633 comm="syz.2.10286" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 320.218983][ T29] audit: type=1400 audit(2000000091.318:59612): avc: denied { open } for pid=26633 comm="syz.2.10286" path="/dev/loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 320.219064][ T29] audit: type=1400 audit(2000000091.328:59613): avc: denied { ioctl } for pid=11346 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 320.340077][T26647] EXT4-fs error (device loop2): ext4_lookup:1789: comm syz.2.10286: inode #15: comm syz.2.10286: iget: illegal inode # [ 320.475300][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.629493][T26671] dummy0: entered allmulticast mode [ 320.753967][T26663] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 320.765166][T26663] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 320.833275][T26683] loop2: detected capacity change from 0 to 8192 [ 320.989379][T26705] netlink: 164 bytes leftover after parsing attributes in process `syz.2.10318'. [ 321.078077][T26712] loop1: detected capacity change from 0 to 1024 [ 321.085850][T26712] EXT4-fs: Ignoring removed oldalloc option [ 321.094847][T26712] EXT4-fs (loop1): stripe (1023) is not aligned with cluster size (16), stripe is disabled [ 321.121227][T26712] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 321.173042][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.288210][T26731] loop2: detected capacity change from 0 to 256 [ 321.386058][T26742] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 321.399231][T26742] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 321.672960][T26775] team0: entered allmulticast mode [ 321.678204][T26775] team_slave_0: entered allmulticast mode [ 321.684136][T26775] team_slave_1: entered allmulticast mode [ 321.698457][T26777] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 321.818146][T26791] SELinux: failed to load policy [ 321.898233][T26799] SELinux: failed to load policy [ 321.907826][T26797] loop1: detected capacity change from 0 to 1024 [ 321.946058][T26805] loop6: detected capacity change from 0 to 512 [ 321.953245][T26805] EXT4-fs: Ignoring removed mblk_io_submit option [ 321.957861][T26797] EXT4-fs: Ignoring removed bh option [ 321.966128][T26805] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 321.987620][T26807] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10367'. [ 322.002757][T26805] EXT4-fs (loop6): 1 truncate cleaned up [ 322.013186][T26797] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 322.041910][T26805] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 322.096240][T26814] loop5: detected capacity change from 0 to 8192 [ 322.110210][T26797] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 322.125830][T26797] EXT4-fs (loop1): Remounting filesystem read-only [ 322.145242][T26820] netlink: 'syz.2.10373': attribute type 4 has an invalid length. [ 322.160059][T11346] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.181400][T26820] netlink: 'syz.2.10373': attribute type 4 has an invalid length. [ 322.247711][T26827] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10375'. [ 322.273979][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.453138][T26851] 9pnet_fd: Insufficient options for proto=fd [ 322.472141][T26854] xt_connbytes: Forcing CT accounting to be enabled [ 322.498977][T26854] Cannot find add_set index 0 as target [ 322.640720][T26870] loop2: detected capacity change from 0 to 1024 [ 322.692645][T26870] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 322.722767][T26870] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: inode #11: comm syz.2.10397: missing EA_INODE flag [ 322.782032][T26870] EXT4-fs (loop2): Remounting filesystem read-only [ 322.837250][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.891063][T26893] loop2: detected capacity change from 0 to 512 [ 322.951109][T26893] EXT4-fs (loop2): 1 orphan inode deleted [ 322.962389][T26893] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 322.974970][ T295] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1 [ 322.992296][T26893] ext4 filesystem being mounted at /781/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 323.035054][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.080932][T26904] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10412'. [ 323.090125][T26904] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10412'. [ 323.099318][T26904] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10412'. [ 323.108410][T26904] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10412'. [ 323.189680][T26904] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10412'. [ 323.198888][T26904] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10412'. [ 323.208032][T26904] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10412'. [ 323.217953][T26904] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10412'. [ 323.330292][T26932] loop5: detected capacity change from 0 to 1024 [ 323.340363][T26904] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10412'. [ 323.349543][T26904] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10412'. [ 323.389381][T26932] EXT4-fs: Ignoring removed nomblk_io_submit option [ 323.403619][T26938] openvswitch: netlink: Message has 6 unknown bytes. [ 323.406044][T26932] EXT4-fs: Ignoring removed nomblk_io_submit option [ 323.452893][T26932] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 323.541238][ T7093] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.790155][T26971] loop5: detected capacity change from 0 to 128 [ 323.829815][T26971] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 323.852536][T26974] batadv1: entered allmulticast mode [ 323.860152][T26971] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 323.917375][ T12] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 324.122912][T26991] syzkaller1: tun_chr_ioctl cmd 2147767521 [ 324.232437][T27002] loop6: detected capacity change from 0 to 512 [ 324.253916][T27002] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002] [ 324.266813][T27002] System zones: 0-2, 18-18, 34-35 [ 324.302788][T27002] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 324.351815][T27002] ext4 filesystem being mounted at /1205/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 324.414392][T11346] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.452951][T27023] tun1: tun_chr_ioctl cmd 1074025677 [ 324.458504][T27023] tun1: linktype set to 805 [ 324.486874][T27027] loop6: detected capacity change from 0 to 128 [ 324.725076][T27050] netlink: 'syz.6.10478': attribute type 21 has an invalid length. [ 324.733079][T27050] netlink: 'syz.6.10478': attribute type 20 has an invalid length. [ 324.741084][T27050] IPv6: NLM_F_CREATE should be specified when creating new route [ 324.776892][T27056] loop4: detected capacity change from 0 to 512 [ 324.798333][T27056] EXT4-fs (loop4): too many log groups per flexible block group [ 324.806948][T27056] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 324.818900][T27056] EXT4-fs (loop4): mount failed [ 324.842441][T27059] binfmt_misc: register: failed to install interpreter file ./file0 [ 324.933891][T27072] loop4: detected capacity change from 0 to 1024 [ 324.949852][T27072] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.10489: Failed to acquire dquot type 0 [ 324.973116][T27072] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 324.991657][T27072] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #13: comm syz.4.10489: corrupted inode contents [ 325.015931][T27072] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #13: comm syz.4.10489: mark_inode_dirty error [ 325.055556][T27072] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #13: comm syz.4.10489: corrupted inode contents [ 325.077535][T27072] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #13: comm syz.4.10489: mark_inode_dirty error [ 325.108333][ T29] kauditd_printk_skb: 1561 callbacks suppressed [ 325.108350][ T29] audit: type=1400 audit(2000000096.258:61172): avc: denied { read write } for pid=11346 comm="syz-executor" name="loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 325.139488][T27072] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #13: comm syz.4.10489: corrupted inode contents [ 325.160547][ T29] audit: type=1400 audit(2000000096.258:61173): avc: denied { open } for pid=11346 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 325.185612][ T29] audit: type=1400 audit(2000000096.258:61174): avc: denied { ioctl } for pid=11346 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 325.212241][ T29] audit: type=1400 audit(2000000096.278:61175): avc: denied { map_create } for pid=27090 comm="syz.6.10498" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 325.231809][ T29] audit: type=1400 audit(2000000096.278:61176): avc: denied { map_read map_write } for pid=27090 comm="syz.6.10498" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 325.252750][ T29] audit: type=1400 audit(2000000096.278:61177): avc: denied { prog_load } for pid=27090 comm="syz.6.10498" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 325.272189][ T29] audit: type=1400 audit(2000000096.278:61178): avc: denied { bpf } for pid=27090 comm="syz.6.10498" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 325.293048][ T29] audit: type=1400 audit(2000000096.278:61179): avc: denied { perfmon } for pid=27090 comm="syz.6.10498" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 325.294502][T27072] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 325.314899][ T29] audit: type=1400 audit(2000000096.278:61180): avc: denied { prog_run } for pid=27090 comm="syz.6.10498" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 325.325474][T27072] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #13: comm syz.4.10489: corrupted inode contents [ 325.354633][T27072] EXT4-fs error (device loop4): ext4_truncate:4255: inode #13: comm syz.4.10489: mark_inode_dirty error [ 325.367279][T27072] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 325.376906][T27072] EXT4-fs (loop4): 1 truncate cleaned up [ 325.391504][T27072] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 325.413433][ T29] audit: type=1400 audit(2000000096.308:61181): avc: denied { read write } for pid=7093 comm="syz-executor" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 325.699560][T27118] loop6: detected capacity change from 0 to 512 [ 325.745244][T27118] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 325.764577][T27118] ext4 filesystem being mounted at /1217/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 325.975598][T11346] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.018817][T27136] loop5: detected capacity change from 0 to 512 [ 326.038577][T27136] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 326.057773][T27136] EXT4-fs (loop5): orphan cleanup on readonly fs [ 326.078844][T27136] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.10519: invalid indirect mapped block 256 (level 2) [ 326.110905][T27142] loop2: detected capacity change from 0 to 1024 [ 326.118621][T27136] EXT4-fs (loop5): 2 truncates cleaned up [ 326.126287][T27136] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 326.140570][T27072] syz.4.10489 (27072) used greatest stack depth: 5952 bytes left [ 326.144704][T27142] EXT4-fs: Ignoring removed nobh option [ 326.156477][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.179789][T27142] ext2: Unknown parameter 'dont_hash' [ 326.188152][ T7093] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.296014][T27155] SELinux: syz.4.10527 (27155) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 326.405310][T27167] loop5: detected capacity change from 0 to 128 [ 326.468108][T27167] syz.5.10532: attempt to access beyond end of device [ 326.468108][T27167] loop5: rw=1, sector=145, nr_sectors = 77 limit=128 [ 326.729777][T27196] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=27196 comm=syz.4.10546 [ 326.742614][T27196] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=27196 comm=syz.4.10546 [ 326.819782][T27199] usb usb8: usbfs: process 27199 (syz.2.10549) did not claim interface 0 before use [ 327.013625][T27212] loop4: detected capacity change from 0 to 1024 [ 327.053211][T27212] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 327.085084][T27212] ext4 filesystem being mounted at /2228/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 327.152379][T27212] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.10553: bg 0: block 393: padding at end of block bitmap is not set [ 327.227163][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.326774][T27231] tipc: Started in network mode [ 327.326805][T27231] tipc: Node identity 00000000000000000004ffff7f000001, cluster identity 4711 [ 327.326822][T27231] tipc: Enabling of bearer rejected, failed to enable media [ 327.488713][T27244] loop2: detected capacity change from 0 to 512 [ 327.520036][T27245] IPv6: NLM_F_CREATE should be specified when creating new route [ 327.528096][T27244] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 327.537088][T27247] loop1: detected capacity change from 0 to 1024 [ 327.560541][T27244] EXT4-fs (loop2): 1 truncate cleaned up [ 327.570233][T27244] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 327.612560][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.674553][T27247] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.10566: bad orphan inode 196608 [ 327.694751][T27253] loop2: detected capacity change from 0 to 1024 [ 327.709180][T27253] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.10568: Failed to acquire dquot type 0 [ 327.709789][T27253] EXT4-fs (loop2): 1 truncate cleaned up [ 327.710202][T27253] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 327.743294][T27253] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.10568: Failed to acquire dquot type 0 [ 327.763061][T27247] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 327.767851][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.908599][T27268] loop2: detected capacity change from 0 to 512 [ 327.909545][T27268] EXT4-fs: Ignoring removed mblk_io_submit option [ 327.923464][T27268] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 327.945448][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 328.025518][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 328.342002][T27296] loop4: detected capacity change from 0 to 2048 [ 328.349858][T27296] EXT4-fs: Ignoring removed bh option [ 328.381067][T27296] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 328.414425][T27301] loop1: detected capacity change from 0 to 764 [ 328.467525][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 328.483920][T27301] Symlink component flag not implemented [ 328.490214][T27301] Symlink component flag not implemented (7) [ 328.980961][T27337] __nla_validate_parse: 21 callbacks suppressed [ 328.980994][T27337] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10605'. [ 329.177679][T27345] loop4: detected capacity change from 0 to 512 [ 329.218440][T27345] EXT4-fs (loop4): orphan cleanup on readonly fs [ 329.232301][T27345] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.10609: bad orphan inode 13 [ 329.264826][T27345] ext4_test_bit(bit=12, block=18) = 1 [ 329.270281][T27345] is_bad_inode(inode)=0 [ 329.274506][T27345] NEXT_ORPHAN(inode)=2130706432 [ 329.279372][T27345] max_ino=32 [ 329.283426][T27345] i_nlink=1 [ 329.302475][T27345] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 329.335653][T27353] netlink: 36 bytes leftover after parsing attributes in process `syz.2.10613'. [ 329.378822][T27358] netlink: 140 bytes leftover after parsing attributes in process `syz.6.10615'. [ 329.445711][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 329.631908][T27375] macsec2: entered allmulticast mode [ 329.637291][T27375] macvlan0: entered allmulticast mode [ 329.668003][T27375] macvlan0: left allmulticast mode [ 329.677275][T27377] loop1: detected capacity change from 0 to 1024 [ 329.771816][T27377] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 329.838873][T27377] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 329.872194][T27399] loop8: detected capacity change from 0 to 1 [ 329.878761][T27399] Buffer I/O error on dev loop8, logical block 0, async page read [ 329.896720][T27399] Buffer I/O error on dev loop8, logical block 0, async page read [ 329.904635][T27399] loop8: unable to read partition table [ 329.914681][T27399] loop_reread_partitions: partition scan of loop8 () failed (rc=-5) [ 329.923312][T27403] team0: Device gtp1 is of different type [ 330.113323][ T29] kauditd_printk_skb: 1136 callbacks suppressed [ 330.113390][ T29] audit: type=1400 audit(2000000101.268:62314): avc: denied { read write } for pid=3306 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 330.155742][ T29] audit: type=1400 audit(2000000101.298:62315): avc: denied { read write open } for pid=3306 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 330.181090][ T29] audit: type=1400 audit(2000000101.298:62316): avc: denied { ioctl } for pid=3306 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 330.206797][ T29] audit: type=1400 audit(2000000101.308:62317): avc: denied { read write } for pid=7093 comm="syz-executor" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 330.231289][ T29] audit: type=1400 audit(2000000101.308:62318): avc: denied { read write open } for pid=7093 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 330.256533][ T29] audit: type=1400 audit(2000000101.308:62319): avc: denied { ioctl } for pid=7093 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 330.282244][ T29] audit: type=1400 audit(2000000101.308:62320): avc: denied { prog_load } for pid=27431 comm="syz.4.10649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 330.301634][ T29] audit: type=1400 audit(2000000101.308:62321): avc: denied { bpf } for pid=27431 comm="syz.4.10649" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 330.322447][ T29] audit: type=1400 audit(2000000101.308:62322): avc: denied { perfmon } for pid=27431 comm="syz.4.10649" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 330.343669][ T29] audit: type=1400 audit(2000000101.308:62323): avc: denied { prog_run } for pid=27431 comm="syz.4.10649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 330.579194][T27455] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10660'. [ 330.588276][T27455] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10660'. [ 331.076604][T27501] loop2: detected capacity change from 0 to 512 [ 331.085493][T27501] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 331.094655][T27501] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 331.117639][T27501] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 331.128972][T27501] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 331.137379][T27501] System zones: 0-2, 18-18, 34-35 [ 331.144624][T27501] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 331.196136][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.279320][T27522] loop5: detected capacity change from 0 to 128 [ 331.288936][T27522] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 331.291275][T27520] sctp: [Deprecated]: syz.1.10691 (pid 27520) Use of struct sctp_assoc_value in delayed_ack socket option. [ 331.291275][T27520] Use struct sctp_sack_info instead [ 331.318238][T27522] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 331.348664][T27522] EXT4-fs error (device loop5): __ext4_find_entry:1628: inode #2: comm syz.5.10692: checksumming directory block 0 [ 331.363492][T27522] EXT4-fs error (device loop5): __ext4_find_entry:1628: inode #2: comm syz.5.10692: checksumming directory block 0 [ 331.375917][T27522] syz.5.10692: attempt to access beyond end of device [ 331.375917][T27522] md30: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 331.403365][ T7093] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 331.644276][T27549] tmpfs: Bad value for 'mpol' [ 331.687098][T27554] netlink: 'syz.4.10706': attribute type 21 has an invalid length. [ 331.695225][T27554] netlink: 100 bytes leftover after parsing attributes in process `syz.4.10706'. [ 331.746570][T27558] loop4: detected capacity change from 0 to 512 [ 331.757040][T27558] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 331.766661][T27558] EXT4-fs (loop4): 1 truncate cleaned up [ 331.773626][T27558] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 331.808787][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.095339][T27590] syzkaller1: tun_chr_ioctl cmd 2147767506 [ 332.345116][T27614] loop4: detected capacity change from 0 to 8192 [ 332.401240][T27625] SELinux: policydb version 0 does not match my version range 15-34 [ 332.419746][T27625] SELinux: failed to load policy [ 332.619906][T27644] loop5: detected capacity change from 0 to 128 [ 332.647773][T27648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 332.656414][T27648] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 332.827248][T11662] IPVS: starting estimator thread 0... [ 332.837129][T27675] xt_hashlimit: max too large, truncated to 1048576 [ 332.931659][T27674] IPVS: using max 2400 ests per chain, 120000 per kthread [ 333.100822][T27702] loop2: detected capacity change from 0 to 512 [ 333.124487][T27702] EXT4-fs: Ignoring removed nobh option [ 333.147005][T27709] loop6: detected capacity change from 0 to 256 [ 333.158938][T27702] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #16: comm syz.2.10771: corrupted inode contents [ 333.193044][T27709] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 333.204189][T27702] EXT4-fs (loop2): Remounting filesystem read-only [ 333.210827][T27702] EXT4-fs (loop2): 1 truncate cleaned up [ 333.218337][T27702] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 333.231492][T27089] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 333.232086][T27702] ext4 filesystem being mounted at /865/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 333.242828][T27089] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 333.264156][T27089] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 333.311082][T27723] syz.4.10780: attempt to access beyond end of device [ 333.311082][T27723] md30: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 333.312517][T27722] loop5: detected capacity change from 0 to 1024 [ 333.332830][T27722] EXT4-fs: Ignoring removed oldalloc option [ 333.338831][T27722] EXT4-fs: Ignoring removed orlov option [ 333.345740][T27722] EXT4-fs (loop5): stripe (1570) is not aligned with cluster size (16), stripe is disabled [ 333.369690][T19306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.565137][T27738] loop4: detected capacity change from 0 to 256 [ 333.569107][ T81] I/O error, dev loop5, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0 [ 333.657394][T11662] kernel write not supported for file /snd/seq (pid: 11662 comm: kworker/1:6) [ 333.749465][T27753] loop5: detected capacity change from 0 to 1024 [ 333.767641][T27753] EXT4-fs: Ignoring removed orlov option [ 333.773498][T27753] EXT4-fs: Ignoring removed nomblk_io_submit option [ 333.899264][T27772] ip6gretap1: entered allmulticast mode [ 333.899311][T27775] ieee802154 phy0 wpan0: encryption failed: -22 [ 334.095122][T27795] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10813'. [ 334.253712][T27806] loop1: detected capacity change from 0 to 8192 [ 334.264839][T27816] loop4: detected capacity change from 0 to 256 [ 334.276273][T27816] msdos: Bad value for 'gid' [ 334.280960][T27816] msdos: Bad value for 'gid' [ 334.608308][T27835] SELinux: syz.6.10831 (27835) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 334.867613][T27852] netlink: 40 bytes leftover after parsing attributes in process `syz.5.10839'. [ 334.966342][T27858] loop5: detected capacity change from 0 to 1024 [ 334.978597][T27861] @: renamed from bond_slave_0 (while UP) [ 334.996728][T27858] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.10843: Failed to acquire dquot type 0 [ 335.011943][T27858] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 335.027520][T27858] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #13: comm syz.5.10843: corrupted inode contents [ 335.046215][T27858] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #13: comm syz.5.10843: mark_inode_dirty error [ 335.060635][T27858] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #13: comm syz.5.10843: corrupted inode contents [ 335.080743][T27858] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #13: comm syz.5.10843: mark_inode_dirty error [ 335.094917][T27858] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #13: comm syz.5.10843: corrupted inode contents [ 335.107370][T27858] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 335.109107][T27873] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 335.117417][T27858] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #13: comm syz.5.10843: corrupted inode contents [ 335.137167][T27858] EXT4-fs error (device loop5): ext4_truncate:4255: inode #13: comm syz.5.10843: mark_inode_dirty error [ 335.148903][T27871] Falling back ldisc for ttyS3. [ 335.154284][T27858] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 335.155488][ T29] kauditd_printk_skb: 1419 callbacks suppressed [ 335.155504][ T29] audit: type=1400 audit(2000000106.308:63735): avc: denied { read write } for pid=3307 comm="syz-executor" name="loop1" dev="devtmpfs" ino=541 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 335.176772][T27858] EXT4-fs (loop5): 1 truncate cleaned up [ 335.201112][ T29] audit: type=1400 audit(2000000106.318:63736): avc: denied { read write open } for pid=3307 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=541 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 335.225531][ T29] audit: type=1400 audit(2000000106.318:63737): avc: denied { ioctl } for pid=3307 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=541 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 335.252500][ T29] audit: type=1400 audit(2000000106.358:63738): avc: denied { mount } for pid=27857 comm="syz.5.10843" name="/" dev="loop5" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 335.274541][ T29] audit: type=1400 audit(2000000106.378:63739): avc: denied { read write } for pid=27857 comm="syz.5.10843" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 335.299587][ T29] audit: type=1400 audit(2000000106.378:63740): avc: denied { open } for pid=27857 comm="syz.5.10843" path="/dev/loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 335.343309][ T29] audit: type=1400 audit(2000000106.438:63741): avc: denied { read write } for pid=11346 comm="syz-executor" name="loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 335.368496][ T29] audit: type=1400 audit(2000000106.438:63742): avc: denied { open } for pid=11346 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 335.392941][ T29] audit: type=1400 audit(2000000106.438:63743): avc: denied { ioctl } for pid=11346 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 335.419554][ T29] audit: type=1400 audit(2000000106.458:63744): avc: denied { read write } for pid=3306 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 335.446499][T27882] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10853'. [ 335.465462][T27882] bond3: entered promiscuous mode [ 335.470629][T27882] bond3: entered allmulticast mode [ 335.476071][T27882] 8021q: adding VLAN 0 to HW filter on device bond3 [ 335.505670][T27887] loop1: detected capacity change from 0 to 2048 [ 335.508121][T27890] loop5: detected capacity change from 0 to 512 [ 335.523073][T27890] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 335.549392][T27890] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002] [ 335.557670][T27890] System zones: 1-12 [ 335.563058][T27890] EXT4-fs (loop5): 1 truncate cleaned up [ 335.579828][T27890] EXT4-fs warning (device loop5): ext4_block_to_path:107: block 1835430250 > max in inode 18 [ 335.665565][T27901] loop5: detected capacity change from 0 to 8192 [ 335.823789][T27914] IPv6: NLM_F_CREATE should be specified when creating new route [ 335.874873][T27916] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10865'. [ 336.274131][T27961] netlink: 'syz.1.10886': attribute type 10 has an invalid length. [ 336.283029][T27961] netlink: 152 bytes leftover after parsing attributes in process `syz.1.10886'. [ 336.309034][T27965] netlink: 277 bytes leftover after parsing attributes in process `syz.6.10888'. [ 336.530435][T27991] SELinux: failed to load policy [ 336.543435][T27989] loop1: detected capacity change from 0 to 1024 [ 336.550737][T27989] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 336.562737][T27989] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 336.570898][T27989] EXT4-fs (loop1): orphan cleanup on readonly fs [ 336.577939][T27989] EXT4-fs error (device loop1): __ext4_get_inode_loc:4450: comm syz.1.10899: Invalid inode table block 0 in block_group 0 [ 336.594478][T27989] EXT4-fs (loop1): Remounting filesystem read-only [ 336.601203][T27989] EXT4-fs (loop1): 1 truncate cleaned up [ 336.615045][T27989] EXT4-fs (loop1): shut down requested (1) [ 336.939879][T28030] loop1: detected capacity change from 0 to 128 [ 336.954787][T28030] syz.1.10919: attempt to access beyond end of device [ 336.954787][T28030] loop1: rw=0, sector=2065, nr_sectors = 1 limit=128 [ 336.957967][T28032] loop5: detected capacity change from 0 to 512 [ 336.968221][T28030] Buffer I/O error on dev loop1, logical block 2065, async page read [ 336.969412][T28030] syz.1.10919: attempt to access beyond end of device [ 336.969412][T28030] loop1: rw=0, sector=2066, nr_sectors = 1 limit=128 [ 336.977134][T28032] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 336.982938][T28030] Buffer I/O error on dev loop1, logical block 2066, async page read [ 337.015909][T28030] syz.1.10919: attempt to access beyond end of device [ 337.015909][T28030] loop1: rw=0, sector=2067, nr_sectors = 1 limit=128 [ 337.029299][T28030] Buffer I/O error on dev loop1, logical block 2067, async page read [ 337.039603][T28032] EXT4-fs (loop5): 1 truncate cleaned up [ 337.091200][T28030] syz.1.10919: attempt to access beyond end of device [ 337.091200][T28030] loop1: rw=0, sector=2068, nr_sectors = 1 limit=128 [ 337.105467][T28030] Buffer I/O error on dev loop1, logical block 2068, async page read [ 337.116315][T28030] syz.1.10919: attempt to access beyond end of device [ 337.116315][T28030] loop1: rw=0, sector=2069, nr_sectors = 1 limit=128 [ 337.129755][T28030] Buffer I/O error on dev loop1, logical block 2069, async page read [ 337.138734][T28030] syz.1.10919: attempt to access beyond end of device [ 337.138734][T28030] loop1: rw=0, sector=2070, nr_sectors = 1 limit=128 [ 337.152282][T28030] Buffer I/O error on dev loop1, logical block 2070, async page read [ 337.160693][T28030] syz.1.10919: attempt to access beyond end of device [ 337.160693][T28030] loop1: rw=0, sector=2071, nr_sectors = 1 limit=128 [ 337.174781][T28030] Buffer I/O error on dev loop1, logical block 2071, async page read [ 337.203251][T28043] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10925'. [ 337.210972][T28030] syz.1.10919: attempt to access beyond end of device [ 337.210972][T28030] loop1: rw=0, sector=2072, nr_sectors = 1 limit=128 [ 337.225904][T28043] netlink: 20 bytes leftover after parsing attributes in process `syz.5.10925'. [ 337.235059][T28030] Buffer I/O error on dev loop1, logical block 2072, async page read [ 337.243913][T28043] netlink: 40 bytes leftover after parsing attributes in process `syz.5.10925'. [ 337.253723][T28030] syz.1.10919: attempt to access beyond end of device [ 337.253723][T28030] loop1: rw=0, sector=2065, nr_sectors = 1 limit=128 [ 337.267803][T28030] Buffer I/O error on dev loop1, logical block 2065, async page read [ 337.277301][T28043] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10925'. [ 337.307641][T28030] Buffer I/O error on dev loop1, logical block 2066, async page read [ 337.340953][T28052] loop4: detected capacity change from 0 to 512 [ 337.378159][T28052] EXT4-fs (loop4): 1 orphan inode deleted [ 337.391747][ T12] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:0: Failed to release dquot type 1 [ 337.391952][T28052] ext4 filesystem being mounted at /2312/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 337.627797][T28077] macsec2: entered allmulticast mode [ 337.633215][T28077] veth1_macvtap: entered allmulticast mode [ 338.125741][T28110] loop5: detected capacity change from 0 to 1024 [ 338.153027][T28110] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 338.164707][T28110] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 338.193446][T28110] JBD2: no valid journal superblock found [ 338.199431][T28110] EXT4-fs (loop5): Could not load journal inode [ 338.425142][T28127] netlink: 'syz.5.10964': attribute type 9 has an invalid length. [ 338.550969][T28142] loop5: detected capacity change from 0 to 2048 [ 338.602500][T28142] loop5: p1 < > p4 [ 338.610642][T28142] loop5: p4 size 8388608 extends beyond EOD, truncated [ 338.966411][T28185] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 339.353741][T28206] loop4: detected capacity change from 0 to 8192 [ 339.363085][T28206] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 339.847593][T28236] loop5: detected capacity change from 0 to 1024 [ 339.855156][T28240] loop1: detected capacity change from 0 to 512 [ 339.857473][T28236] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 339.863510][T28240] EXT4-fs: Ignoring removed i_version option [ 339.878001][T28240] EXT4-fs: Ignoring removed orlov option [ 339.885152][T28236] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 339.885273][T28240] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 339.893185][T28236] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c854e01c, mo2=0100] [ 339.905221][T28240] EXT4-fs (loop1): 1 truncate cleaned up [ 339.930032][T28236] EXT4-fs (loop5): orphan cleanup on readonly fs [ 339.937785][T28236] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 339.948153][T28236] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #3: comm syz.5.11012: mark_inode_dirty error [ 339.953073][T28240] EXT4-fs (loop1): shut down requested (0) [ 339.959897][T28236] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.11012: Invalid block bitmap block 3 in block_group 0 [ 339.980019][T28236] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.11012: Invalid block bitmap block 3 in block_group 0 [ 339.994737][T28236] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.11012: Invalid block bitmap block 3 in block_group 0 [ 340.011469][T28236] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 340.024883][T28236] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #3: comm syz.5.11012: mark_inode_dirty error [ 340.036520][T28236] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 1: comm syz.5.11012: lblock 6 mapped to illegal pblock 1 (length 1) [ 340.053717][T28236] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 48: comm syz.5.11012: lblock 0 mapped to illegal pblock 48 (length 1) [ 340.073745][T28236] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.11012: Failed to acquire dquot type 0 [ 340.091834][T28236] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 49: comm syz.5.11012: lblock 1 mapped to illegal pblock 49 (length 1) [ 340.107999][T28236] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.11012: Failed to acquire dquot type 0 [ 340.120895][T28236] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 340.130579][T28236] EXT4-fs error (device loop5): ext4_evict_inode:259: inode #15: comm syz.5.11012: mark_inode_dirty error [ 340.143753][T28236] EXT4-fs warning (device loop5): ext4_evict_inode:262: couldn't mark inode dirty (err -117) [ 340.154280][T28236] EXT4-fs (loop5): 1 orphan inode deleted [ 340.162424][ T29] kauditd_printk_skb: 1290 callbacks suppressed [ 340.162442][ T29] audit: type=1400 audit(2000000111.318:65026): avc: denied { read write } for pid=28231 comm="syz.5.11012" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 340.194009][ T29] audit: type=1400 audit(2000000111.318:65027): avc: denied { open } for pid=28231 comm="syz.5.11012" path="/dev/loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 340.220137][ T29] audit: type=1400 audit(2000000111.378:65028): avc: denied { read write } for pid=3307 comm="syz-executor" name="loop1" dev="devtmpfs" ino=541 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 340.245390][ T29] audit: type=1400 audit(2000000111.378:65029): avc: denied { open } for pid=3307 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=541 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 340.268860][ T29] audit: type=1400 audit(2000000111.378:65030): avc: denied { ioctl } for pid=3307 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=541 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 340.302696][T28257] loop1: detected capacity change from 0 to 1024 [ 340.309388][ T29] audit: type=1400 audit(2000000111.458:65031): avc: denied { read write } for pid=28256 comm="syz.1.11022" name="loop1" dev="devtmpfs" ino=541 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 340.313377][T28257] EXT4-fs: Ignoring removed nomblk_io_submit option [ 340.333643][ T29] audit: type=1400 audit(2000000111.458:65032): avc: denied { open } for pid=28256 comm="syz.1.11022" path="/dev/loop1" dev="devtmpfs" ino=541 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 340.340761][T28257] EXT4-fs: Ignoring removed nomblk_io_submit option [ 340.363520][ T29] audit: type=1400 audit(2000000111.458:65033): avc: denied { ioctl } for pid=28256 comm="syz.1.11022" path="/dev/loop1" dev="devtmpfs" ino=541 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 340.371749][T28257] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 340.395174][ T29] audit: type=1400 audit(2000000111.458:65034): avc: denied { unmount } for pid=7093 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 340.423641][ T29] audit: type=1400 audit(2000000111.458:65035): avc: denied { mounton } for pid=28256 comm="syz.1.11022" path="/2091/file0" dev="tmpfs" ino=10721 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 340.526832][T28266] loop1: detected capacity change from 0 to 512 [ 340.535564][T28266] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 340.552349][T28266] EXT4-fs (loop1): 1 truncate cleaned up [ 341.440343][T28355] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 341.507444][T28358] loop5: detected capacity change from 0 to 128 [ 341.561698][T28358] FAT-fs (loop5): error, corrupted file size (i_pos 548, 512) [ 341.569336][T28358] FAT-fs (loop5): Filesystem has been set read-only [ 341.586830][T28363] loop2: detected capacity change from 0 to 8192 [ 341.701615][T28372] __nla_validate_parse: 5 callbacks suppressed [ 341.701633][T28372] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11073'. [ 341.724288][T28369] Falling back ldisc for ttyS3. [ 341.873781][T28382] loop4: detected capacity change from 0 to 1024 [ 341.881572][T28382] EXT4-fs: Ignoring removed oldalloc option [ 341.892034][T28382] EXT4-fs: Ignoring removed orlov option [ 341.900894][T28382] EXT4-fs (loop4): stripe (1570) is not aligned with cluster size (16), stripe is disabled [ 342.042459][T28393] netlink: 16 bytes leftover after parsing attributes in process `syz.5.11084'. [ 342.056004][T28393] netlink: 16 bytes leftover after parsing attributes in process `syz.5.11084'. [ 342.458712][T28432] loop6: detected capacity change from 0 to 164 [ 342.470698][T28432] rock: directory entry would overflow storage [ 342.477076][T28432] rock: sig=0x4543, size=28, remaining=18 [ 342.485380][T28363] ================================================================== [ 342.493500][T28363] BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked [ 342.500901][T28363] [ 342.503235][T28363] read-write to 0xffff88813e40cd98 of 8 bytes by interrupt on cpu 1: [ 342.511329][T28363] __xa_clear_mark+0xf5/0x1e0 [ 342.516043][T28363] __folio_end_writeback+0x177/0x470 [ 342.521350][T28363] folio_end_writeback+0xb6/0x3a0 [ 342.526400][T28363] mpage_write_end_io+0x274/0x390 [ 342.531447][T28363] bio_endio+0x34f/0x3f0 [ 342.535708][T28363] blk_update_request+0x339/0x730 [ 342.540779][T28363] blk_mq_end_request+0x26/0x50 [ 342.545652][T28363] lo_complete_rq+0x98/0x140 [ 342.550278][T28363] blk_done_softirq+0x74/0xb0 [ 342.554988][T28363] handle_softirqs+0xb7/0x290 [ 342.559714][T28363] run_ksoftirqd+0x1c/0x30 [ 342.564148][T28363] smpboot_thread_fn+0x328/0x530 [ 342.569133][T28363] kthread+0x486/0x510 [ 342.573238][T28363] ret_from_fork+0x4b/0x60 [ 342.577705][T28363] ret_from_fork_asm+0x1a/0x30 [ 342.582488][T28363] [ 342.584821][T28363] read to 0xffff88813e40cd98 of 8 bytes by task 28363 on cpu 0: [ 342.592467][T28363] xas_find_marked+0x218/0x620 [ 342.597254][T28363] find_get_entry+0x5d/0x380 [ 342.601885][T28363] filemap_get_folios_tag+0x13b/0x210 [ 342.607292][T28363] file_write_and_wait_range+0x1ea/0x2c0 [ 342.612958][T28363] __generic_file_fsync+0x46/0x140 [ 342.618100][T28363] fat_file_fsync+0x49/0x100 [ 342.622718][T28363] vfs_fsync_range+0x10a/0x130 [ 342.627512][T28363] generic_file_write_iter+0x1b8/0x2f0 [ 342.632999][T28363] vfs_write+0x49d/0x8d0 [ 342.637257][T28363] ksys_write+0xda/0x1a0 [ 342.641519][T28363] __x64_sys_write+0x40/0x50 [ 342.646123][T28363] x64_sys_call+0x2cdd/0x2fb0 [ 342.650813][T28363] do_syscall_64+0xd0/0x1a0 [ 342.655330][T28363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.661279][T28363] [ 342.663603][T28363] value changed: 0x001fffffffffe000 -> 0x001fffffffff8000 [ 342.670732][T28363] [ 342.673057][T28363] Reported by Kernel Concurrency Sanitizer on: [ 342.679206][T28363] CPU: 0 UID: 0 PID: 28363 Comm: syz.2.11071 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) [ 342.691803][T28363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 342.701869][T28363] ==================================================================