last executing test programs: 1.342262453s ago: executing program 4 (id=4454): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0) write$binfmt_aout(r0, &(0x7f0000000380)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040041e1d113c812e5d601adda05c7b5d27c9"}) r1 = syz_open_pts(r0, 0x0) dup3(r1, r0, 0x0) ioctl$TIOCGSERIAL(r0, 0x541e, 0x0) 1.232626646s ago: executing program 1 (id=4457): r0 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r2 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r2, &(0x7f0000000000), 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [], {0x14, 0x10}}, 0x28}}, 0x0) sendmsg$can_bcm(r2, &(0x7f00000005c0)={&(0x7f0000000180)={0x1d, r1}, 0x10, &(0x7f00000001c0)={&(0x7f0000000cc0)={0x1, 0x0, 0x0, {0x0, 0xea60}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "c6e83912ce2150c0"}}, 0x38}, 0x2}, 0x0) 1.219289698s ago: executing program 1 (id=4460): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) writev(r1, &(0x7f0000000180)=[{&(0x7f00000001c0)="3f43c5dd65", 0x5}, {&(0x7f00000005c0)="15", 0x1}], 0x2) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 1.068633175s ago: executing program 1 (id=4465): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000030000000700000009"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000004e8100000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000080), &(0x7f0000000200)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000040)=@filename='\x00', 0x0, &(0x7f0000000340)='./file2\x00') 1.068264615s ago: executing program 0 (id=4466): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000040)=0x3, 0x4) sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x40010}, 0x804) r1 = dup(r0) bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e) getsockname$packet(r1, 0x0, &(0x7f0000000680)) 1.023695301s ago: executing program 0 (id=4467): r0 = socket$rxrpc(0x21, 0x2, 0xa) r1 = syz_io_uring_setup(0x6d0c, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040)=0x0, &(0x7f0000000100)) syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r1, 0x184c, 0x0, 0x0, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000240), 0x4) 994.252144ms ago: executing program 1 (id=4469): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000680), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==") sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) ioprio_set$pid(0x2, 0x0, 0x0) r0 = open(&(0x7f0000000240)='./file0\x00', 0x145142, 0x0) sendfile(r0, r0, 0x0, 0x800000009) 927.669181ms ago: executing program 0 (id=4471): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$rds(0x15, 0x5, 0x0) bind$rds(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r2, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@mask_fadd={0x58, 0x114, 0x8, {{0x1, 0x3}, &(0x7f00000002c0)=0x100000000, 0x0, 0x9, 0x100000000, 0x39c, 0xffff, 0x3c, 0x4}}], 0x58}, 0x0) 781.749678ms ago: executing program 0 (id=4473): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', 0x0}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0) 716.298626ms ago: executing program 3 (id=4475): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081064e81f782db44b9040a1d08040e00000000000aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5a074edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) 618.965858ms ago: executing program 2 (id=4477): r0 = socket(0x840000000002, 0x3, 0xff) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10) sendmmsg$inet(r0, &(0x7f0000000440)=[{{&(0x7f0000000080)={0x2, 0x4e24, @empty=0x2000000}, 0x10, &(0x7f0000000200)=[{&(0x7f00000002c0)="b1de1188329b778fd736bbbd2316692b25c29b0580", 0x15}], 0x1}}], 0x1, 0x4000040) 548.757816ms ago: executing program 3 (id=4478): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = socket(0x2c, 0x3, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r2, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r1}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r0, &(0x7f0000000140), &(0x7f0000000080)=@udp=r1}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={r0, &(0x7f0000000540)}, 0x20) 548.321206ms ago: executing program 1 (id=4479): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_MOVE(0x1e, r2, 0xfffffffffffffffe, r2, 0x0) 548.055176ms ago: executing program 2 (id=4480): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000044700000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x600, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{}, {0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x200000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x200}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x200}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x800000}, {}, {0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {0x10000000}, {}, {}, {}, {}, {}, {}, {0x1ff}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x10000}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) 547.811826ms ago: executing program 0 (id=4481): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = socket$can_bcm(0x1d, 0x2, 0x2) recvmmsg(r0, &(0x7f0000007ec0)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000001a80)=""/18, 0x12}], 0x1}}], 0x1, 0x0, 0x0) connect$can_bcm(r0, &(0x7f00000000c0), 0x10) sendmsg$can_bcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="05000000270000000200000000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0) 530.835448ms ago: executing program 3 (id=4482): r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x77, 0x101b01) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe79, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200a006100007006000000002000020d3"]) 528.956788ms ago: executing program 2 (id=4492): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00') writev(r2, &(0x7f0000000000)=[{&(0x7f0000000140)="9f", 0x1}], 0x1) 447.875858ms ago: executing program 4 (id=4483): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_GET(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000500000018"], 0x2c}}, 0x0) 447.483448ms ago: executing program 2 (id=4484): openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) r1 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'macvlan0\x00'}, 0x18) setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f00000002c0)={0x2, 'rose0\x00'}, 0x18) 447.184138ms ago: executing program 1 (id=4485): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x12, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffa84, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e00010077"], 0x40}}, 0x0) 446.801248ms ago: executing program 3 (id=4486): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x2, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000c86c73b33970fc0d2a1d4c6726b29961f542f32c9c9a4af967d2e84b8e60c8c201be26b12467a2df24e4ba5916ea4b4c9fd420570a520a399213d932e49404ef5c75f0cef0e946a2266f23797f9aa6d2d8a8b990178a0817c7b333c78462c6e39b0d3a9c338079b786f6ecd8964afdc734e24e33f35a580e833e2f71b6e5b59b6dc14688c0932c58dc99da0ff406fc0754369451fca5215fa5c307633ed18a8732d3a31d18a0143f7259cf2bef38f6c4756cce31ee02ab0d292d93"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE(r1, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120) write$UHID_DESTROY(r1, &(0x7f0000000080), 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) 364.715568ms ago: executing program 4 (id=4487): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10) sendto$inet6(r0, 0x0, 0x60, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x8, @mcast1}, 0x1c) 364.276358ms ago: executing program 2 (id=4488): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000008c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x9}}, {@mblk_io_submit}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O") chown(&(0x7f0000000340)='./file0\x00', 0xee01, 0x0) listxattr(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) 237.266062ms ago: executing program 4 (id=4489): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c0000003b00090000110000cd00000001000000180004"], 0x2c}}, 0x0) 138.796234ms ago: executing program 4 (id=4490): perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x1ff}, 0x0, 0xf5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="080000000100000008"], 0xffa1) 40.445025ms ago: executing program 2 (id=4491): r0 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) write$selinux_validatetrans(r0, 0x0, 0x6f) 39.966066ms ago: executing program 3 (id=4493): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) socket$inet6_sctp(0xa, 0x1, 0x84) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x34, 0x35, 0x1, 0x0, 0x0, {0x2}, [@typed={0x4}, @nested={0x4, 0x1}, @nested={0x15, 0x9, 0x0, 0x1, [@generic="af0d5d6bf5e59620e09ccb0367e179e261"]}]}, 0x34}}, 0x0) 39.787796ms ago: executing program 4 (id=4494): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000e6ffff04000000fcffffff070000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000000)={0x3}, 0x10) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="340000001a000100000000000000000002000000000000000000000008001000000000000600150000000000080011"], 0x34}}, 0x0) 7.171329ms ago: executing program 3 (id=4495): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'dummy0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0) 0s ago: executing program 0 (id=4496): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) preadv(r0, &(0x7f00000015c0)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0xf0, 0x67) kernel console output (not intermixed with test programs): on: batadv_slave_0 [ 156.667772][T13910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.677616][T13910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.688221][T13910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.698096][T13910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.708563][T13910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.719434][T13910] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 156.747224][T13910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.757999][T13910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.767898][T13910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.778532][T13910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.788417][T13910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.798868][T13910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.808713][T13910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.819220][T13910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.829080][T13910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.839567][T13910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.849586][T13910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.860031][T13910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.870922][T13910] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 156.879583][T13910] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.888378][T13910] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.897176][T13910] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.905891][T13910] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.404261][T14544] netlink: 268 bytes leftover after parsing attributes in process `syz.2.3265'. [ 157.454700][T14556] netlink: 3 bytes leftover after parsing attributes in process `syz.0.3270'. [ 157.471746][T14556] 0ªX¹¦À: renamed from caif0 [ 157.483554][T14560] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 157.498362][T14556] 0ªX¹¦À: entered allmulticast mode [ 157.501173][T14560] vhci_hcd: invalid port number 23 [ 157.503860][T14556] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 157.555531][T14570] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 157.752420][T14602] loop4: detected capacity change from 0 to 512 [ 157.838405][T14616] loop1: detected capacity change from 0 to 128 [ 157.848136][T14616] EXT4-fs: Ignoring removed i_version option [ 157.856757][T14616] EXT4-fs: Ignoring removed orlov option [ 157.869453][T14616] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 157.883036][T14616] ext4 filesystem being mounted at /278/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 157.953334][ T8399] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 158.346907][T14631] netlink: 3 bytes leftover after parsing attributes in process `syz.2.3292'. [ 158.367001][T14637] loop3: detected capacity change from 0 to 2048 [ 158.372849][T14631] 1ªX¹¦À: renamed from 60ªX¹¦À [ 158.386413][T14631] A link change request failed with some changes committed already. Interface 61ªX¹¦À may have been left with an inconsistent configuration, please check. [ 158.408656][T14637] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 158.498437][T13910] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.512294][T14668] syz.4.3299[14668] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 158.512439][T14668] syz.4.3299[14668] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 158.534407][T14668] syz.4.3299[14668] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 158.562113][T14668] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3299'. [ 158.723484][T14700] netlink: 3 bytes leftover after parsing attributes in process `syz.3.3309'. [ 158.740639][T14700] 0ªX¹¦À: renamed from caif0 [ 158.750246][T14700] 0ªX¹¦À: entered allmulticast mode [ 158.755624][T14700] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 159.310952][T14720] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 159.420634][T14726] loop0: detected capacity change from 0 to 2048 [ 159.449137][T14726] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.489598][T12932] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 159.568389][T12932] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.697911][T14751] loop1: detected capacity change from 0 to 128 [ 159.708547][T14751] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 159.724027][T14751] ext4 filesystem being mounted at /285/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 159.814784][T14761] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14761 comm=syz.0.3336 [ 159.950872][T14770] loop0: detected capacity change from 0 to 128 [ 159.977403][ T8399] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 160.137613][T14792] Cannot find set identified by id 0 to match [ 160.154584][T14790] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 160.174170][T14790] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 160.319437][T14801] loop4: detected capacity change from 0 to 128 [ 160.347664][T14801] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 160.409320][T14801] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 160.509811][T10993] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 161.425724][ T29] kauditd_printk_skb: 299 callbacks suppressed [ 161.425798][ T29] audit: type=1400 audit(1729806889.271:4365): avc: denied { create } for pid=14827 comm="syz.2.3375" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 161.473560][T14834] loop3: detected capacity change from 0 to 2048 [ 161.480090][ T29] audit: type=1400 audit(1729806889.271:4366): avc: denied { setopt } for pid=14827 comm="syz.2.3375" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 161.522553][ T29] audit: type=1400 audit(1729806889.331:4367): avc: denied { read write } for pid=14837 comm="syz.4.3365" name="raw-gadget" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 161.546314][ T29] audit: type=1400 audit(1729806889.331:4368): avc: denied { open } for pid=14837 comm="syz.4.3365" path="/dev/raw-gadget" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 161.569888][ T29] audit: type=1400 audit(1729806889.331:4369): avc: denied { ioctl } for pid=14837 comm="syz.4.3365" path="/dev/raw-gadget" dev="devtmpfs" ino=118 ioctlcmd=0x5505 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 161.594967][ T29] audit: type=1326 audit(1729806889.351:4370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14840 comm="syz.2.3380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5dcfdff9 code=0x7ffc0000 [ 161.618551][ T29] audit: type=1326 audit(1729806889.351:4371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14840 comm="syz.2.3380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d5dcfdff9 code=0x7ffc0000 [ 161.642104][ T29] audit: type=1326 audit(1729806889.351:4372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14840 comm="syz.2.3380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5dcfdff9 code=0x7ffc0000 [ 161.665754][ T29] audit: type=1326 audit(1729806889.351:4373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14840 comm="syz.2.3380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5dcfdff9 code=0x7ffc0000 [ 161.689343][ T29] audit: type=1326 audit(1729806889.351:4374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14840 comm="syz.2.3380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d5dcfdff9 code=0x7ffc0000 [ 161.727757][T14834] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.834052][T13910] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 161.880438][T13910] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.131130][T14900] loop4: detected capacity change from 0 to 128 [ 162.218741][T14926] sg_write: data in/out 231/14 bytes for SCSI command 0x0-- guessing data in; [ 162.218741][T14926] program syz.4.3392 not setting count and/or reply_len properly [ 162.962604][T15022] netlink: 268 bytes leftover after parsing attributes in process `syz.4.3423'. [ 163.006000][T15035] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 163.017180][T15035] vhci_hcd: invalid port number 23 [ 163.047822][T15041] netlink: 268 bytes leftover after parsing attributes in process `syz.3.3437'. [ 163.230647][T15060] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 163.473005][T15106] loop0: detected capacity change from 0 to 512 [ 163.621473][T15120] loop0: detected capacity change from 0 to 2048 [ 163.666022][T15120] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 163.699398][T12932] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.819265][T15164] hsr0: entered promiscuous mode [ 163.860461][T15164] hsr_slave_0: left promiscuous mode [ 163.872158][T15164] hsr_slave_1: left promiscuous mode [ 163.882267][T15164] hsr0 (unregistering): left promiscuous mode [ 164.035378][T15190] syz.3.3461[15190] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 164.035551][T15190] syz.3.3461[15190] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 164.048783][T15190] syz.3.3461[15190] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 164.097456][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.116543][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.123966][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.138922][T15190] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3461'. [ 164.164684][T15196] loop0: detected capacity change from 0 to 512 [ 164.173899][T15196] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 164.196998][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.204495][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.211895][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.219323][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.226757][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.234273][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.241689][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.249267][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.256728][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.264516][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.271967][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.279537][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.287062][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.294566][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.302119][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.310927][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.318561][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.326533][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.333958][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.341469][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.349016][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.356472][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.363953][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.371402][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.378874][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.385218][T15196] EXT4-fs error (device loop0): ext4_orphan_get:1388: inode #17: comm syz.0.3462: iget: bad i_size value: -6917529027641081756 [ 164.386417][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.403670][T15196] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.3462: couldn't read orphan inode 17 (err -117) [ 164.406861][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.426286][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.432241][T15196] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 164.433794][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.433823][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.461072][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.468574][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.476061][ T35] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 164.484637][ T35] hid-generic 0000:0004:0000.0007: hidraw0: HID v0.c8 Device [syz0] on syz0 [ 164.578232][T15216] loop1: detected capacity change from 0 to 2048 [ 164.578785][T15215] loop3: detected capacity change from 0 to 2048 [ 164.591675][T12932] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.618954][T15216] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 164.635698][T15215] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 164.703315][T15215] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3477: bg 0: block 274: padding at end of block bitmap is not set [ 164.715234][ T8399] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.730313][T15215] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 117 [ 164.742901][T15215] EXT4-fs (loop3): This should not happen!! Data will be lost [ 164.742901][T15215] [ 164.807022][T13910] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.823843][T15238] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 164.925287][T15258] hub 2-0:1.0: USB hub found [ 164.936475][T15258] hub 2-0:1.0: 8 ports detected [ 165.056857][T15308] loop1: detected capacity change from 0 to 512 [ 165.073930][T15308] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 165.096842][T15305] siw: device registration error -23 [ 165.126154][T15308] EXT4-fs error (device loop1): ext4_orphan_get:1388: inode #17: comm syz.1.3479: iget: bad i_size value: -6917529027641081756 [ 165.184745][T15308] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.3479: couldn't read orphan inode 17 (err -117) [ 165.245638][T15344] loop4: detected capacity change from 0 to 2048 [ 165.264305][T15308] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 165.278042][T15344] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 165.351768][ T8399] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.372366][T15344] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3484: bg 0: block 274: padding at end of block bitmap is not set [ 165.395947][T15344] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 117 [ 165.408473][T15344] EXT4-fs (loop4): This should not happen!! Data will be lost [ 165.408473][T15344] [ 165.453635][T10993] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.507540][T15362] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 165.523234][T15369] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3491'. [ 165.599456][T15386] siw: device registration error -23 [ 165.614927][T15393] sg_write: data in/out 231/14 bytes for SCSI command 0x0-- guessing data in; [ 165.614927][T15393] program syz.1.3493 not setting count and/or reply_len properly [ 165.766049][T15418] siw: device registration error -23 [ 165.818035][T15438] loop4: detected capacity change from 0 to 512 [ 165.833214][T15438] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 165.846865][T15438] EXT4-fs error (device loop4): ext4_orphan_get:1388: inode #17: comm syz.4.3503: iget: bad i_size value: -6917529027641081756 [ 165.864091][T15438] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.3503: couldn't read orphan inode 17 (err -117) [ 165.923545][T15438] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 165.948343][T15444] loop1: detected capacity change from 0 to 2048 [ 165.958576][T15448] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3505'. [ 165.989962][T15444] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 166.021510][T10993] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.098932][T15444] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3504: bg 0: block 274: padding at end of block bitmap is not set [ 166.121178][T15444] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 117 [ 166.133737][T15444] EXT4-fs (loop1): This should not happen!! Data will be lost [ 166.133737][T15444] [ 166.169905][T15477] sg_write: data in/out 231/14 bytes for SCSI command 0x0-- guessing data in; [ 166.169905][T15477] program syz.0.3508 not setting count and/or reply_len properly [ 166.342210][ T8399] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.447753][T15510] loop0: detected capacity change from 0 to 2048 [ 166.498026][T15510] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 166.570629][ T29] kauditd_printk_skb: 192 callbacks suppressed [ 166.570644][ T29] audit: type=1326 audit(1729806894.411:4567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15539 comm="syz.3.3517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 166.626158][T15510] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3525: bg 0: block 274: padding at end of block bitmap is not set [ 166.663780][ T29] audit: type=1326 audit(1729806894.441:4568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15539 comm="syz.3.3517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 166.668309][T15510] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 117 [ 166.687325][ T29] audit: type=1326 audit(1729806894.441:4569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15539 comm="syz.3.3517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 166.723480][T15510] EXT4-fs (loop0): This should not happen!! Data will be lost [ 166.723480][T15510] [ 166.775423][T12932] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.786112][ T29] audit: type=1400 audit(1729806894.631:4570): avc: denied { read write } for pid=15566 comm="syz.2.3534" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 166.820810][ T29] audit: type=1400 audit(1729806894.631:4571): avc: denied { open } for pid=15566 comm="syz.2.3534" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 166.893160][ T29] audit: type=1400 audit(1729806894.731:4572): avc: denied { write } for pid=15580 comm="syz.3.3538" path="socket:[41546]" dev="sockfs" ino=41546 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 166.984896][T15604] loop3: detected capacity change from 0 to 512 [ 166.991280][ T29] audit: type=1400 audit(1729806894.821:4573): avc: denied { relabelto } for pid=15601 comm="syz.4.3529" name="memory.events" dev="tmpfs" ino=1029 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="u:r:untrusted_app:s0:c512,c768" [ 167.018511][ T29] audit: type=1400 audit(1729806894.821:4574): avc: denied { associate } for pid=15601 comm="syz.4.3529" name="memory.events" dev="tmpfs" ino=1029 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="u:r:untrusted_app:s0:c512,c768" [ 167.056727][T15604] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 167.086822][T15604] EXT4-fs error (device loop3): ext4_orphan_get:1388: inode #17: comm syz.3.3524: iget: bad i_size value: -6917529027641081756 [ 167.103132][T15604] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.3524: couldn't read orphan inode 17 (err -117) [ 167.136017][T15604] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.164091][ T29] audit: type=1326 audit(1729806895.001:4575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15618 comm="syz.2.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5dcfdff9 code=0x7ffc0000 [ 167.187691][ T29] audit: type=1326 audit(1729806895.001:4576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15618 comm="syz.2.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5dcfdff9 code=0x7ffc0000 [ 167.283755][T15629] loop0: detected capacity change from 0 to 128 [ 167.350036][T13910] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.500950][T15654] loop0: detected capacity change from 0 to 2048 [ 167.554500][T15666] loop3: detected capacity change from 0 to 512 [ 167.571345][T15666] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 167.581306][T15654] Alternate GPT is invalid, using primary GPT. [ 167.587757][T15654] loop0: p2 p3 p7 [ 167.624118][T15666] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.651098][T15666] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #2: comm syz.3.3554: corrupted inode contents [ 167.663613][T15666] EXT4-fs error (device loop3): ext4_dirty_inode:5984: inode #2: comm syz.3.3554: mark_inode_dirty error [ 167.675563][T15666] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #2: comm syz.3.3554: corrupted inode contents [ 167.716572][T13910] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.956936][T15701] hub 2-0:1.0: USB hub found [ 167.965537][T15701] hub 2-0:1.0: 8 ports detected [ 168.857789][T15740] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3581'. [ 168.877895][T15745] siw: device registration error -23 [ 168.878384][T15741] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 168.884155][T15740] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3581'. [ 169.074820][T15774] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 169.255311][T15807] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 169.305065][T15810] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 169.320518][T15814] loop1: detected capacity change from 0 to 512 [ 169.339161][T15811] loop0: detected capacity change from 0 to 512 [ 169.350136][T15814] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.3613: corrupted in-inode xattr: invalid ea_ino [ 169.364647][T15811] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 169.374215][T15814] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.3613: couldn't read orphan inode 15 (err -117) [ 169.389433][T15814] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.411520][T15823] loop3: detected capacity change from 0 to 256 [ 169.492185][T15811] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.526121][T15811] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #2: comm syz.0.3604: corrupted inode contents [ 169.546047][T15811] EXT4-fs error (device loop0): ext4_dirty_inode:5984: inode #2: comm syz.0.3604: mark_inode_dirty error [ 169.557858][T15811] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #2: comm syz.0.3604: corrupted inode contents [ 169.628934][T12932] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.640395][ T8399] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.737420][T15868] siw: device registration error -23 [ 169.904989][T15878] netlink: 576 bytes leftover after parsing attributes in process `syz.0.3628'. [ 169.962796][T15888] syz.4.3623[15888] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 169.967375][T15888] syz.4.3623[15888] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 169.980881][T15888] syz.4.3623[15888] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 170.013281][T15893] loop0: detected capacity change from 0 to 256 [ 170.052880][T15897] netlink: 576 bytes leftover after parsing attributes in process `syz.3.3638'. [ 170.112235][T15904] loop4: detected capacity change from 0 to 512 [ 170.123573][T15907] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3629'. [ 170.127016][T15909] loop0: detected capacity change from 0 to 512 [ 170.139915][T15904] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 170.175748][T15909] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.3627: corrupted in-inode xattr: invalid ea_ino [ 170.189659][T15909] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.3627: couldn't read orphan inode 15 (err -117) [ 170.205663][T15909] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.296995][T15920] loop1: detected capacity change from 0 to 1024 [ 170.318432][T15920] EXT4-fs: Ignoring removed oldalloc option [ 170.330604][T15904] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.356864][T15904] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #2: comm syz.4.3626: corrupted inode contents [ 170.377650][T15904] EXT4-fs error (device loop4): ext4_dirty_inode:5984: inode #2: comm syz.4.3626: mark_inode_dirty error [ 170.392566][T12932] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.402768][T15920] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 170.428750][T15904] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #2: comm syz.4.3626: corrupted inode contents [ 170.458518][T15935] netlink: 'syz.0.3633': attribute type 2 has an invalid length. [ 170.466560][T15935] netlink: 'syz.0.3633': attribute type 3 has an invalid length. [ 170.474491][T15935] netlink: 11346 bytes leftover after parsing attributes in process `syz.0.3633'. [ 170.525652][T10993] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.528138][ T8399] EXT4-fs error (device loop1): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /332/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 170.563492][ T8399] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 170.585007][ T8399] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 170.604402][T15938] IPv6: Can't replace route, no match found [ 170.612374][ T8399] EXT4-fs error (device loop1): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /332/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 170.684214][ T8399] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 170.707208][ T8399] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 170.739791][ T8399] EXT4-fs error (device loop1): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /332/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 170.768460][ T8399] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 170.813267][ T8399] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 170.837109][ T8399] EXT4-fs error (device loop1): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /332/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 170.861533][ T8399] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 170.883127][ T8399] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 170.897170][ T8399] EXT4-fs error (device loop1): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /332/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 170.921032][ T8399] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 170.941870][ T8399] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 170.955838][ T8399] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 170.967796][ T8399] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 170.981227][ T8399] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 170.993192][ T8399] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 171.007404][ T8399] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 171.315148][ T8399] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.352799][T15967] loop4: detected capacity change from 0 to 1024 [ 171.361697][T15967] EXT4-fs: Ignoring removed oldalloc option [ 171.389093][T15967] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 171.417125][T15973] IPv6: Can't replace route, no match found [ 171.442531][T10993] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /214/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 171.468143][T10993] EXT4-fs error (device loop4): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 171.499253][T10993] EXT4-fs warning (device loop4): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 171.510851][T10993] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /214/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 171.540426][T10993] EXT4-fs error (device loop4): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 171.563042][T10993] EXT4-fs warning (device loop4): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 171.576150][T15983] netlink: 576 bytes leftover after parsing attributes in process `syz.2.3656'. [ 171.591441][ T29] kauditd_printk_skb: 92 callbacks suppressed [ 171.591455][ T29] audit: type=1326 audit(1729806899.441:4669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15980 comm="syz.3.3657" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x0 [ 171.622807][T10993] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /214/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 171.674837][T10993] EXT4-fs error (device loop4): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 171.745929][T10993] EXT4-fs warning (device loop4): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 171.757536][T10993] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /214/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 171.784649][T10993] EXT4-fs error (device loop4): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 171.821110][T10993] EXT4-fs warning (device loop4): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 171.844754][T10993] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /214/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 171.897202][T15974] chnl_net:caif_netlink_parms(): no params data found [ 171.922588][T10993] EXT4-fs error (device loop4): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 171.953117][T16101] syz.2.3661[16101] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 171.953188][T16101] syz.2.3661[16101] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 171.971405][T16101] syz.2.3661[16101] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 171.985961][T10993] EXT4-fs warning (device loop4): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 172.040847][ T29] audit: type=1400 audit(1729806899.861:4670): avc: denied { read } for pid=16121 comm="syz.0.3662" path="socket:[42452]" dev="sockfs" ino=42452 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 172.065452][ T29] audit: type=1326 audit(1729806899.881:4671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16123 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa68d2ddff9 code=0x7ffc0000 [ 172.089024][ T29] audit: type=1326 audit(1729806899.881:4672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16123 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa68d2ddff9 code=0x7ffc0000 [ 172.112568][ T29] audit: type=1326 audit(1729806899.881:4673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16123 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa68d2ddff9 code=0x7ffc0000 [ 172.136218][ T29] audit: type=1326 audit(1729806899.881:4674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16123 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa68d2ddff9 code=0x7ffc0000 [ 172.159711][ T29] audit: type=1326 audit(1729806899.881:4675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16123 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa68d2ddff9 code=0x7ffc0000 [ 172.183225][ T29] audit: type=1326 audit(1729806899.881:4676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16123 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa68d2ddff9 code=0x7ffc0000 [ 172.210073][T16101] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 6 [ 172.233195][ T29] audit: type=1326 audit(1729806900.061:4677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16123 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa68d2ddff9 code=0x7ffc0000 [ 172.256765][ T29] audit: type=1326 audit(1729806900.061:4678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16123 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fa68d2ddff9 code=0x7ffc0000 [ 172.282423][T10993] EXT4-fs warning (device loop4): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 172.304855][T10993] EXT4-fs warning (device loop4): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 172.321426][T10993] EXT4-fs warning (device loop4): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 172.352282][T10993] EXT4-fs warning (device loop4): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 172.366439][T10993] EXT4-fs warning (device loop4): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 172.435561][T13308] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.554513][T13308] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.687260][T10993] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.739357][T13308] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.813067][T15974] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.820346][T15974] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.881283][T15974] bridge_slave_0: entered allmulticast mode [ 172.914154][T15974] bridge_slave_0: entered promiscuous mode [ 172.946909][T13308] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.048699][T16182] bridge_slave_0: left allmulticast mode [ 173.054444][T16182] bridge_slave_0: left promiscuous mode [ 173.060089][T16182] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.141080][T16182] bridge_slave_1: left allmulticast mode [ 173.146838][T16182] bridge_slave_1: left promiscuous mode [ 173.152518][T16182] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.190865][T16195] loop3: detected capacity change from 0 to 2048 [ 173.209810][T16182] bond0: (slave bond_slave_0): Releasing backup interface [ 173.227458][T16182] bond0: (slave bond_slave_1): Releasing backup interface [ 173.239951][T16195] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 173.267059][T16182] team0: Port device team_slave_0 removed [ 173.273272][T16195] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 173.288073][T16182] team0: Port device team_slave_1 removed [ 173.301309][T16200] hub 2-0:1.0: USB hub found [ 173.307506][T16182] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 173.315078][T16182] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 173.324456][T16200] hub 2-0:1.0: 8 ports detected [ 173.329911][T16195] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.365919][T16182] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 173.373432][T16182] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 173.441471][T16186] netlink: 'syz.0.3674': attribute type 10 has an invalid length. [ 173.476682][T16186] 8021q: adding VLAN 0 to HW filter on device team0 [ 173.486915][T16186] bond0: (slave team0): Enslaving as an active interface with an up link [ 173.495831][T15974] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.502897][T15974] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.516938][T15974] bridge_slave_1: entered allmulticast mode [ 173.529104][T15974] bridge_slave_1: entered promiscuous mode [ 173.701835][T13308] bridge_slave_1: left allmulticast mode [ 173.707618][T13308] bridge_slave_1: left promiscuous mode [ 173.713261][T13308] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.760717][T13308] bridge_slave_0: left allmulticast mode [ 173.766450][T13308] bridge_slave_0: left promiscuous mode [ 173.772119][T13308] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.947341][T13308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 173.960480][T13308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 173.971296][T13308] bond0 (unregistering): Released all slaves [ 173.982885][T15974] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 174.053507][T15974] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.136167][T15974] team0: Port device team_slave_0 added [ 174.159561][T15974] team0: Port device team_slave_1 added [ 174.215453][T13308] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 174.222977][T13308] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 174.236170][T13308] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 174.243627][T13308] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 174.255685][T13308] veth1_macvtap: left promiscuous mode [ 174.261191][T13308] veth0_macvtap: left promiscuous mode [ 174.266793][T13308] veth1_vlan: left promiscuous mode [ 174.269540][T16285] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 174.272052][T13308] veth0_vlan: left promiscuous mode [ 174.286066][T16285] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 174.388760][T13308] team0 (unregistering): Port device team_slave_1 removed [ 174.399519][T13308] team0 (unregistering): Port device team_slave_0 removed [ 174.463241][T16332] bridge_slave_0: left allmulticast mode [ 174.469062][T16332] bridge_slave_0: left promiscuous mode [ 174.475080][T16332] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.502922][T16332] bridge_slave_1: left allmulticast mode [ 174.508658][T16332] bridge_slave_1: left promiscuous mode [ 174.514453][T16332] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.538496][T16332] bond0: (slave bond_slave_0): Releasing backup interface [ 174.573379][T16332] bond0: (slave bond_slave_1): Releasing backup interface [ 174.605115][T16332] team0: Port device team_slave_0 removed [ 174.633451][T16332] team0: Port device team_slave_1 removed [ 174.644917][T16332] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 174.652476][T16332] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 174.661107][T16332] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 174.668589][T16332] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 174.690070][T15974] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.697071][T15974] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.723052][T15974] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 174.737047][T16346] netlink: 'syz.2.3695': attribute type 10 has an invalid length. [ 174.785702][T16346] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.794261][T16346] bond0: (slave team0): Enslaving as an active interface with an up link [ 174.824984][T15974] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 174.832016][T15974] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.858145][T15974] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 174.937947][T15974] hsr_slave_0: entered promiscuous mode [ 174.945226][T15974] hsr_slave_1: entered promiscuous mode [ 174.951380][T15974] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 174.962547][T15974] Cannot create hsr debugfs directory [ 175.176344][T16189] chnl_net:caif_netlink_parms(): no params data found [ 175.248519][T16548] bridge_slave_0: left allmulticast mode [ 175.254334][T16548] bridge_slave_0: left promiscuous mode [ 175.260176][T16548] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.272536][T16548] bridge_slave_1: left allmulticast mode [ 175.278380][T16548] bridge_slave_1: left promiscuous mode [ 175.284064][T16548] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.326149][T16548] bond0: (slave bond_slave_0): Releasing backup interface [ 175.339992][T16548] bond0: (slave bond_slave_1): Releasing backup interface [ 175.370676][T16548] team0: Port device team_slave_0 removed [ 175.388981][T16548] team0: Port device team_slave_1 removed [ 175.396956][T16548] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 175.404459][T16548] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 175.415865][T16548] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 175.423373][T16548] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 175.482181][T16561] netlink: 'syz.3.3707': attribute type 10 has an invalid length. [ 175.503122][T16561] 8021q: adding VLAN 0 to HW filter on device team0 [ 175.512525][T16561] bond0: (slave team0): Enslaving as an active interface with an up link [ 175.556428][T16189] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.563576][T16189] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.572840][T16189] bridge_slave_0: entered allmulticast mode [ 175.579999][T16189] bridge_slave_0: entered promiscuous mode [ 175.602233][T16189] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.609365][T16189] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.619096][T16189] bridge_slave_1: entered allmulticast mode [ 175.625876][T16189] bridge_slave_1: entered promiscuous mode [ 175.653214][T13308] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.668109][T16189] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 175.680361][T16189] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 175.708243][T16189] team0: Port device team_slave_0 added [ 175.717972][T16189] team0: Port device team_slave_1 added [ 175.747697][T13308] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.759691][T16593] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 175.768769][T16189] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 175.775788][T16189] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.801772][T16189] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 175.813569][T16189] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 175.814002][T16593] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 175.820572][T16189] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.854372][T16189] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 175.908412][T13308] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.921957][T16189] hsr_slave_0: entered promiscuous mode [ 175.928756][T16189] hsr_slave_1: entered promiscuous mode [ 175.936232][T16189] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 175.945083][T16189] Cannot create hsr debugfs directory [ 175.982091][T13308] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.053139][T15974] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 176.085728][T15974] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 176.099695][T15974] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 176.111196][T13308] bridge_slave_1: left allmulticast mode [ 176.116898][T13308] bridge_slave_1: left promiscuous mode [ 176.122615][T13308] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.130575][T13308] bridge_slave_0: left allmulticast mode [ 176.136311][T13308] bridge_slave_0: left promiscuous mode [ 176.141941][T13308] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.227218][T13308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 176.240207][T13308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 176.250992][T13308] bond0 (unregistering): Released all slaves [ 176.260631][T15974] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 176.304166][T15974] 8021q: adding VLAN 0 to HW filter on device bond0 [ 176.315760][T15974] 8021q: adding VLAN 0 to HW filter on device team0 [ 176.336041][T15974] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 176.346539][T15974] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 176.359458][T13304] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.366558][T13304] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.375388][T13304] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.382452][T13304] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.472742][T13308] hsr_slave_0: left promiscuous mode [ 176.494087][T13308] hsr_slave_1: left promiscuous mode [ 176.506624][T13308] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 176.514125][T13308] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 176.521935][T13308] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 176.529561][T13308] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 176.547315][T13308] veth1_macvtap: left promiscuous mode [ 176.552974][T13308] veth0_macvtap: left promiscuous mode [ 176.558674][T13308] veth1_vlan: left promiscuous mode [ 176.563998][T13308] veth0_vlan: left promiscuous mode [ 176.619158][T13308] infiniband syz1: set down [ 176.626140][T16843] netlink: 19 bytes leftover after parsing attributes in process `syz.2.3722'. [ 176.697819][T13308] team0 (unregistering): Port device team_slave_1 removed [ 176.711542][T13308] team0 (unregistering): Port device team_slave_0 removed [ 176.719963][T13304] smc: removing ib device syz1 [ 176.859430][T15974] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 176.876503][T16189] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 176.890560][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 176.890577][ T29] audit: type=1400 audit(1729806904.731:4700): avc: denied { create } for pid=16880 comm="syz.0.3728" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 176.919004][T16189] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 176.942840][ T29] audit: type=1400 audit(1729806904.781:4701): avc: denied { getopt } for pid=16880 comm="syz.0.3728" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 176.969109][T16189] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 176.996342][T16189] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 177.017632][T16885] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 177.023751][ T29] audit: type=1400 audit(1729806904.851:4702): avc: denied { write } for pid=16888 comm="syz.2.3731" name="igmp" dev="proc" ino=4026533075 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 177.114248][ T29] audit: type=1326 audit(1729806904.921:4703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16891 comm="syz.2.3732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5dcfdff9 code=0x7ffc0000 [ 177.137856][ T29] audit: type=1326 audit(1729806904.921:4704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16891 comm="syz.2.3732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5dcfdff9 code=0x7ffc0000 [ 177.161558][ T29] audit: type=1326 audit(1729806904.921:4705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16891 comm="syz.2.3732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=172 compat=0 ip=0x7f2d5dcfdff9 code=0x7ffc0000 [ 177.185182][ T29] audit: type=1326 audit(1729806904.921:4706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16891 comm="syz.2.3732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5dcfdff9 code=0x7ffc0000 [ 177.191982][T16189] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.314992][T16189] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.332237][T16903] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=16903 comm=syz.3.3736 [ 177.360215][T13306] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.367392][T13306] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.417700][T15974] veth0_vlan: entered promiscuous mode [ 177.436526][T12587] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.443608][T12587] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.493773][T15974] veth1_vlan: entered promiscuous mode [ 177.513089][ T29] audit: type=1326 audit(1729806905.351:4707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16917 comm="syz.3.3742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 177.562462][T13308] IPVS: stop unused estimator thread 0... [ 177.563338][T16189] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 177.590723][ T29] audit: type=1326 audit(1729806905.351:4708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16917 comm="syz.3.3742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 177.614312][ T29] audit: type=1326 audit(1729806905.381:4709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16917 comm="syz.3.3742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=172 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 177.676323][T15974] veth0_macvtap: entered promiscuous mode [ 177.686413][T15974] veth1_macvtap: entered promiscuous mode [ 177.696553][T15974] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 177.707111][T15974] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.717152][T15974] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 177.727688][T15974] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.738805][T15974] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 177.746997][T15974] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 177.757500][T15974] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.767425][T15974] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 177.777876][T15974] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.788556][T15974] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 177.796912][T15974] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.805655][T15974] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.813753][T16934] loop0: detected capacity change from 0 to 512 [ 177.814367][T15974] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.829339][T15974] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.871329][T16934] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 177.889720][T16934] ext4 filesystem being mounted at /163/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 177.955829][T16189] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 178.005819][T16955] sch_tbf: burst 1 is lower than device lo mtu (65550) ! [ 178.038768][T16959] Cannot find set identified by id 0 to match [ 178.061494][T12932] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 178.105922][T16967] netlink: 19 bytes leftover after parsing attributes in process `syz.0.3752'. [ 178.191282][T16980] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3757'. [ 178.207673][T16976] bridge_slave_0: left allmulticast mode [ 178.213358][T16976] bridge_slave_0: left promiscuous mode [ 178.219169][T16976] bridge0: port 1(bridge_slave_0) entered disabled state [ 178.245599][T16976] bridge_slave_1: left allmulticast mode [ 178.251416][T16976] bridge_slave_1: left promiscuous mode [ 178.257195][T16976] bridge0: port 2(bridge_slave_1) entered disabled state [ 178.315286][T16976] bond0: (slave bond_slave_0): Releasing backup interface [ 178.335878][T16976] bond0: (slave bond_slave_1): Releasing backup interface [ 178.367886][T16976] team0: Port device team_slave_0 removed [ 178.395340][T16976] team0: Port device team_slave_1 removed [ 178.410566][T16976] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 178.418145][T16976] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 178.447627][T16976] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 178.455122][T16976] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 178.519936][T16984] netlink: 'syz.1.3749': attribute type 10 has an invalid length. [ 178.554503][T16984] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.562475][T16984] bond0: (slave team0): Enslaving as an active interface with an up link [ 178.590965][T17010] netlink: 'syz.2.3770': attribute type 3 has an invalid length. [ 178.611492][T16189] veth0_vlan: entered promiscuous mode [ 178.630566][T16189] veth1_vlan: entered promiscuous mode [ 178.656953][T16189] veth0_macvtap: entered promiscuous mode [ 178.675564][T16189] veth1_macvtap: entered promiscuous mode [ 178.691733][T17004] loop3: detected capacity change from 0 to 8192 [ 178.701074][T16189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.711705][T16189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.721618][T16189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.732121][T16189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.748936][T16189] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 178.759576][T16189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.767675][T17016] loop1: detected capacity change from 0 to 1024 [ 178.770067][T16189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.770155][T16189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.796777][T16189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.821404][T17016] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 178.840370][T16189] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 178.852176][T17026] sch_tbf: burst 1 is lower than device lo mtu (65550) ! [ 178.881655][T16189] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.890483][T16189] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.899299][T16189] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.908072][T16189] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.918414][T17016] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 179.006350][T15974] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.031402][T17041] loop4: detected capacity change from 0 to 128 [ 179.055089][T17041] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 179.062006][T17043] loop3: detected capacity change from 0 to 1024 [ 179.078888][T17043] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 179.080408][T17041] ext4 filesystem being mounted at /0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 179.127771][T17043] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 179.175090][T17055] loop0: detected capacity change from 0 to 512 [ 179.182712][T16189] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 179.204685][T13910] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.236440][T17055] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.3795: invalid block [ 179.265078][T17055] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.3795: invalid indirect mapped block 4294967295 (level 1) [ 179.284495][T17066] netlink: 'syz.3.3785': attribute type 3 has an invalid length. [ 179.299479][T17055] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.3795: invalid indirect mapped block 4294967295 (level 1) [ 179.331187][T17055] EXT4-fs (loop0): 2 truncates cleaned up [ 179.343614][T17055] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 179.394009][T12932] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.424435][T17070] netlink: 3 bytes leftover after parsing attributes in process `+}[@'. [ 179.432886][T17070] 1ªX¹¦À: renamed from 60ªX¹¦À [ 179.445304][T17070] A link change request failed with some changes committed already. Interface 61ªX¹¦À may have been left with an inconsistent configuration, please check. [ 179.462452][T17062] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 179.480770][T17062] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 179.506250][T17074] loop0: detected capacity change from 0 to 8192 [ 179.530540][T17078] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3790'. [ 179.636125][T17094] loop1: detected capacity change from 0 to 512 [ 179.662954][T17094] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 179.742217][T17094] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 179.916289][T17124] sch_tbf: burst 1 is lower than device lo mtu (65550) ! [ 179.942546][T15974] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 180.007646][T17139] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3815'. [ 180.046938][T17147] loop3: detected capacity change from 0 to 128 [ 180.071219][T17147] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 180.095390][T17147] ext4 filesystem being mounted at /132/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 180.278930][T13910] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 180.370405][T17182] syz.2.3831[17182] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 180.370489][T17182] syz.2.3831[17182] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 180.383186][T17179] netlink: 3 bytes leftover after parsing attributes in process `+}[@'. [ 180.409831][T17179] 1ªX¹¦À: renamed from 60ªX¹¦À [ 180.414986][T17182] syz.2.3831[17182] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 180.446144][T17179] A link change request failed with some changes committed already. Interface 61ªX¹¦À may have been left with an inconsistent configuration, please check. [ 180.467015][T17182] hsr0: entered promiscuous mode [ 180.582961][T17204] loop0: detected capacity change from 0 to 128 [ 180.593117][T17204] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 180.621729][T17204] ext4 filesystem being mounted at /186/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 180.728517][T12932] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 180.759541][T17218] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3841'. [ 180.828081][T17227] loop4: detected capacity change from 0 to 512 [ 180.855338][T17227] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 180.879346][T17227] ext4 filesystem being mounted at /10/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 180.954055][T17237] syz.3.3849[17237] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 180.954132][T17237] syz.3.3849[17237] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 180.965693][T17237] syz.3.3849[17237] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 180.983275][T17237] hsr0: entered promiscuous mode [ 181.036716][T16189] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 181.185710][T17261] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3857'. [ 181.247479][T17267] IPv6: Can't replace route, no match found [ 181.392381][T17295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3874'. [ 181.497439][T17307] IPv6: Can't replace route, no match found [ 181.682651][T17329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3889'. [ 181.829008][T17355] loop3: detected capacity change from 0 to 512 [ 181.846845][T17355] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 181.861077][T17355] ext4 filesystem being mounted at /148/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 181.982813][T13910] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 182.193959][ T29] kauditd_printk_skb: 109 callbacks suppressed [ 182.193978][ T29] audit: type=1326 audit(1729806910.041:4819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17381 comm="syz.3.3909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 182.316400][ T29] audit: type=1326 audit(1729806910.081:4820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17381 comm="syz.3.3909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 182.339965][ T29] audit: type=1326 audit(1729806910.081:4821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17381 comm="syz.3.3909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 182.363519][ T29] audit: type=1326 audit(1729806910.081:4822): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17381 comm="syz.3.3909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 182.387496][ T29] audit: type=1326 audit(1729806910.081:4823): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17381 comm="syz.3.3909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 182.634071][ T29] audit: type=1400 audit(1729806910.481:4824): avc: denied { read write } for pid=17391 comm="syz.3.3912" name="ppp" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 182.657590][ T29] audit: type=1400 audit(1729806910.481:4825): avc: denied { open } for pid=17391 comm="syz.3.3912" path="/dev/ppp" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 182.845762][T17428] loop1: detected capacity change from 0 to 512 [ 182.882356][T17428] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 182.980454][T17428] EXT4-fs (loop1): 1 truncate cleaned up [ 183.017250][T17428] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.045519][ T29] audit: type=1326 audit(1729806910.881:4826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17463 comm="syz.4.3931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66996edff9 code=0x7ffc0000 [ 183.069349][ T29] audit: type=1326 audit(1729806910.881:4827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17463 comm="syz.4.3931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66996edff9 code=0x7ffc0000 [ 183.093069][ T29] audit: type=1326 audit(1729806910.891:4828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17463 comm="syz.4.3931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f66996edff9 code=0x7ffc0000 [ 183.163305][T17475] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3933'. [ 183.184693][T17471] usb usb8: usbfs: process 17471 (syz.3.3935) did not claim interface 0 before use [ 183.215712][T15974] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.271105][T17481] loop4: detected capacity change from 0 to 512 [ 183.296017][T17497] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 6 [ 183.307027][T17481] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 183.327639][T17481] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.376800][T17481] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 183.462924][T16189] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.538234][T17523] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3949'. [ 183.555263][T17521] usb usb8: usbfs: process 17521 (syz.2.3952) did not claim interface 0 before use [ 183.560921][T17523] ip6gre1: entered allmulticast mode [ 183.716378][T17550] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 6 [ 183.773979][T17548] usb usb8: usbfs: process 17548 (syz.1.3966) did not claim interface 0 before use [ 183.894694][T17571] loop0: detected capacity change from 0 to 512 [ 183.902278][T17571] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 183.912051][T17571] EXT4-fs (loop0): ea_inode feature is not supported for Hurd [ 184.171011][T17577] loop1: detected capacity change from 0 to 512 [ 184.203256][T17577] EXT4-fs: inline encryption not supported [ 184.237854][T17577] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 184.333314][T17577] EXT4-fs error (device loop1): ext4_orphan_get:1414: comm syz.1.3970: bad orphan inode 2 [ 184.395023][T17577] EXT4-fs (loop1): Remounting filesystem read-only [ 184.402058][T17577] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 184.453065][T17577] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 184.460092][T17577] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.487930][T17587] loop0: detected capacity change from 0 to 8192 [ 184.509211][T17594] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 6 [ 184.527855][T17592] loop3: detected capacity change from 0 to 512 [ 184.543075][T17592] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 184.552277][T17592] EXT4-fs (loop3): ea_inode feature is not supported for Hurd [ 184.926822][T17639] smc: net device bond0 applied user defined pnetid SYZ0 [ 184.950256][T17639] smc: net device bond0 erased user defined pnetid SYZ0 [ 185.195180][T17645] loop4: detected capacity change from 0 to 512 [ 185.217724][T17645] EXT4-fs: inline encryption not supported [ 185.234193][T17645] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 185.283778][T17645] EXT4-fs error (device loop4): ext4_orphan_get:1414: comm syz.4.3990: bad orphan inode 2 [ 185.294852][T17645] EXT4-fs (loop4): Remounting filesystem read-only [ 185.301798][T17645] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 185.376807][T17656] loop3: detected capacity change from 0 to 512 [ 185.390561][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.398036][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.405571][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.412987][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.420497][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.427992][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.435463][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.442914][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.446565][T17658] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 185.450332][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.460889][T17656] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 185.466139][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.483409][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.490865][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.497048][T17665] loop0: detected capacity change from 0 to 512 [ 185.498359][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.512045][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.516911][T17665] EXT4-fs: inline encryption not supported [ 185.519486][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.532697][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.537109][T17665] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 185.540119][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.557381][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.564857][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.572290][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.576591][T17656] EXT4-fs (loop3): 1 truncate cleaned up [ 185.579704][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.589758][T17665] EXT4-fs error (device loop0): ext4_orphan_get:1414: comm syz.0.4010: bad orphan inode 2 [ 185.592800][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.610110][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.617534][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.625022][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.627046][T17665] EXT4-fs (loop0): Remounting filesystem read-only [ 185.632428][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.646359][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.653785][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.656390][T17665] SELinux: (dev loop0, type ext4) getxattr errno 5 [ 185.661270][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.675171][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.682677][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.690121][ T8606] hid-generic 0000:04AD:0000.0008: unknown main item tag 0x0 [ 185.698451][ T8606] hid-generic 0000:04AD:0000.0008: hidraw0: HID v0.00 Device [syz0] on syz0 [ 185.708294][T17658] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 185.760425][T17682] loop3: detected capacity change from 0 to 128 [ 185.807269][T17682] ext4 filesystem being mounted at /174/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 185.873849][T17691] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4004'. [ 185.888353][T17693] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4006'. [ 185.939067][T17693] ip6gre1: entered allmulticast mode [ 186.114097][T17714] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4021'. [ 186.129799][T17714] ip6gre1: entered allmulticast mode [ 186.737084][T17724] loop3: detected capacity change from 0 to 512 [ 186.756508][T17734] loop4: detected capacity change from 0 to 128 [ 186.765357][T17724] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 186.787172][T17737] loop0: detected capacity change from 0 to 512 [ 186.796833][T17734] ext4 filesystem being mounted at /45/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 186.854062][T17737] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 186.865873][T17724] ext4 filesystem being mounted at /177/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 186.887642][T17737] EXT4-fs (loop0): 1 truncate cleaned up [ 186.895673][T17764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4020'. [ 186.923013][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 187.048869][T17784] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4029'. [ 187.060759][T17784] ip6gre1: entered allmulticast mode [ 187.074634][T17786] loop0: detected capacity change from 0 to 512 [ 187.081910][T17786] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 187.123328][T17805] loop4: detected capacity change from 0 to 512 [ 187.141024][T17786] ext4 filesystem being mounted at /229/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 187.162810][T17805] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 187.220162][T17805] EXT4-fs (loop4): 1 truncate cleaned up [ 187.243254][T17825] Cannot find add_set index 0 as target [ 187.349679][T17831] smc: net device bond0 applied user defined pnetid SYZ0 [ 187.363230][T17831] smc: net device bond0 erased user defined pnetid SYZ0 [ 187.392717][T17839] loop1: detected capacity change from 0 to 128 [ 187.408993][T17839] ext4 filesystem being mounted at /45/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 187.878240][T17862] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4043'. [ 187.905533][T17862] ip6gre1: entered allmulticast mode [ 187.929611][T17865] loop1: detected capacity change from 0 to 512 [ 187.959657][T17865] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 187.972597][T17872] smc: net device bond0 applied user defined pnetid SYZ0 [ 188.000353][T17872] smc: net device bond0 erased user defined pnetid SYZ0 [ 188.001427][T17865] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 188.213129][ T29] kauditd_printk_skb: 111 callbacks suppressed [ 188.213163][ T29] audit: type=1326 audit(1729806916.051:4940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17896 comm="syz.1.4056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f858694dff9 code=0x7ffc0000 [ 188.221272][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.245339][ T29] audit: type=1326 audit(1729806916.051:4941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17896 comm="syz.1.4056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7f858694dff9 code=0x7ffc0000 [ 188.250440][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.273880][ T29] audit: type=1326 audit(1729806916.051:4942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17896 comm="syz.1.4056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f858694dff9 code=0x7ffc0000 [ 188.281197][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.312178][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.319750][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.327258][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.333108][ T29] audit: type=1326 audit(1729806916.171:4943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17896 comm="syz.1.4056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f858694dff9 code=0x7ffc0000 [ 188.334767][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.334795][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.373117][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.376676][ T29] audit: type=1400 audit(1729806916.211:4944): avc: denied { read } for pid=17889 comm="syz.3.4055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 188.380558][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.401049][T17900] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 188.407452][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.423286][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.430759][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.438285][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.445814][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.451288][T17907] loop1: detected capacity change from 0 to 2048 [ 188.453246][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.467123][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.474571][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.482046][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.489621][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.497069][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.504520][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.511974][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.519450][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.526885][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.534331][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.541806][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.549193][ T29] audit: type=1400 audit(1729806916.391:4945): avc: denied { connect } for pid=17889 comm="syz.3.4055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 188.552835][ T29] audit: type=1400 audit(1729806916.391:4946): avc: denied { write } for pid=17889 comm="syz.3.4055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 188.568801][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.568831][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.568856][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.568877][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.568936][ T8606] hid-generic 0000:04AD:0000.0009: unknown main item tag 0x0 [ 188.625604][T17900] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 188.685859][ T29] audit: type=1326 audit(1729806916.521:4947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17910 comm="syz.4.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66996edff9 code=0x7ffc0000 [ 188.700193][ T8606] hid-generic 0000:04AD:0000.0009: hidraw0: HID v0.00 Device [syz0] on syz0 [ 188.709517][ T29] audit: type=1326 audit(1729806916.521:4948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17910 comm="syz.4.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66996edff9 code=0x7ffc0000 [ 188.742639][ T29] audit: type=1326 audit(1729806916.521:4949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17910 comm="syz.4.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f66996edff9 code=0x7ffc0000 [ 188.785119][T17920] smc: net device bond0 applied user defined pnetid SYZ0 [ 188.805058][T17920] smc: net device bond0 erased user defined pnetid SYZ0 [ 188.832665][T17907] Alternate GPT is invalid, using primary GPT. [ 188.839263][T17907] loop1: p2 p3 p7 [ 188.842054][T17922] loop3: detected capacity change from 0 to 8192 [ 188.908727][T17939] syz.4.4077[17939] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 188.908916][T17939] syz.4.4077[17939] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 188.928295][T17939] syz.4.4077[17939] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 188.960322][T17941] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4066'. [ 188.987630][T17945] loop3: detected capacity change from 0 to 1024 [ 188.991795][T17941] ip6gre2: entered allmulticast mode [ 189.042270][T13304] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 189.072423][T17956] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4070'. [ 189.101329][T13304] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 189.113622][T13304] EXT4-fs (loop3): This should not happen!! Data will be lost [ 189.113622][T13304] [ 189.123393][T13304] EXT4-fs (loop3): Total free blocks count 0 [ 189.129432][T13304] EXT4-fs (loop3): Free/Dirty block details [ 189.135361][T13304] EXT4-fs (loop3): free_blocks=68451041280 [ 189.141217][T13304] EXT4-fs (loop3): dirty_blocks=16 [ 189.146420][T13304] EXT4-fs (loop3): Block reservation details [ 189.152480][T13304] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 189.240029][T17972] loop4: detected capacity change from 0 to 512 [ 189.248710][T17972] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 189.283338][T17994] loop3: detected capacity change from 0 to 512 [ 189.293223][T17972] EXT4-fs (loop4): 1 truncate cleaned up [ 189.337242][T17994] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 189.354824][T17994] EXT4-fs (loop3): 1 truncate cleaned up [ 189.532144][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.539645][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.547103][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.554581][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.562108][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.569607][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.577208][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.584699][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.592163][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.599660][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.607155][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.614590][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.622233][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.625035][T18036] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 189.629672][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.645467][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.652891][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.660396][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.667831][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.675249][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.682646][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.690161][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.697882][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.705334][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.712748][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.720385][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.727914][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.727945][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.727972][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.727997][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.728018][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.728040][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.728068][ T9] hid-generic 0000:04AD:0000.000A: unknown main item tag 0x0 [ 189.731147][ T9] hid-generic 0000:04AD:0000.000A: hidraw0: HID v0.00 Device [syz0] on syz0 [ 189.736191][T18036] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 189.867020][T18055] loop1: detected capacity change from 0 to 512 [ 189.874229][T18055] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 189.887875][T18055] EXT4-fs (loop1): 1 truncate cleaned up [ 190.163492][T18085] loop7: detected capacity change from 0 to 16384 [ 190.179612][T18085] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 190.323684][T18099] loop0: detected capacity change from 0 to 512 [ 190.335695][T18099] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 190.353982][T18099] EXT4-fs (loop0): 1 truncate cleaned up [ 190.441840][T18107] netlink: 17 bytes leftover after parsing attributes in process `syz.0.4113'. [ 190.458952][T18109] vlan2: entered promiscuous mode [ 190.464093][T18109] vlan2: entered allmulticast mode [ 190.488989][T18109] bridge0: port 1(vlan2) entered blocking state [ 190.495431][T18109] bridge0: port 1(vlan2) entered disabled state [ 190.550094][T18119] loop0: detected capacity change from 0 to 512 [ 190.574324][T18119] EXT4-fs: Ignoring removed mblk_io_submit option [ 190.591062][T18119] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 190.629299][T18119] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002] [ 190.638718][T18119] System zones: 1-12 [ 190.642735][T18121] No such timeout policy "syz0" [ 190.648016][T18119] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.4117: corrupted in-inode xattr: e_value size too large [ 190.688034][T18119] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.4117: couldn't read orphan inode 15 (err -117) [ 190.733674][T18119] EXT4-fs warning (device loop0): dx_probe:833: inode #2: comm syz.0.4117: Unrecognised inode hash code 4 [ 190.745240][T18119] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.4117: Corrupt directory, running e2fsck is recommended [ 190.768999][T18119] EXT4-fs warning (device loop0): dx_probe:833: inode #2: comm syz.0.4117: Unrecognised inode hash code 4 [ 190.780402][T18119] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.4117: Corrupt directory, running e2fsck is recommended [ 190.795418][T18127] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 190.814868][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.822431][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.829906][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.837386][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.844797][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.852200][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.854209][T18119] EXT4-fs warning (device loop0): dx_probe:833: inode #2: comm syz.0.4117: Unrecognised inode hash code 4 [ 190.859633][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.871031][T18119] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.4117: Corrupt directory, running e2fsck is recommended [ 190.878378][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.898668][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.906097][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.913587][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.921057][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.928961][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.936402][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.943833][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.951254][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.958713][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.966195][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.973673][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.981477][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.989015][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 190.996480][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 191.003929][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 191.011336][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 191.018813][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 191.026307][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 191.033793][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 191.034921][T18127] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 191.041179][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 191.056354][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 191.063779][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 191.071254][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 191.078726][ T35] hid-generic 0000:04AD:0000.000B: unknown main item tag 0x0 [ 191.087690][ T35] hid-generic 0000:04AD:0000.000B: hidraw0: HID v0.00 Device [syz0] on syz0 [ 191.114334][T18140] syz.0.4122[18140] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 191.114423][T18140] syz.0.4122[18140] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 191.127221][T18140] syz.0.4122[18140] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 191.308125][T18150] loop0: detected capacity change from 0 to 512 [ 191.392323][T18150] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 191.415325][T18150] EXT4-fs (loop0): 1 truncate cleaned up [ 191.775683][T18179] bond1: entered promiscuous mode [ 191.780762][T18179] bond1: entered allmulticast mode [ 191.815195][T18179] 8021q: adding VLAN 0 to HW filter on device bond1 [ 191.866046][T18179] bond1 (unregistering): Released all slaves [ 191.924721][T18218] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 192.030670][T18262] IPv6: Can't replace route, no match found [ 192.186415][T18279] loop4: detected capacity change from 0 to 2048 [ 192.215867][T18279] EXT4-fs mount: 36 callbacks suppressed [ 192.215885][T18279] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 192.381261][T16189] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.962683][T18308] loop3: detected capacity change from 0 to 2048 [ 192.992747][T18308] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 193.076855][T18308] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 193.099466][T18308] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28 [ 193.111970][T18308] EXT4-fs (loop3): This should not happen!! Data will be lost [ 193.111970][T18308] [ 193.121793][T18308] EXT4-fs (loop3): Total free blocks count 0 [ 193.127837][T18308] EXT4-fs (loop3): Free/Dirty block details [ 193.133843][T18308] EXT4-fs (loop3): free_blocks=2415919104 [ 193.139571][T18308] EXT4-fs (loop3): dirty_blocks=64 [ 193.144806][T18308] EXT4-fs (loop3): Block reservation details [ 193.150804][T18308] EXT4-fs (loop3): i_reserved_data_blocks=4 [ 193.177332][T13308] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 193.255458][ T29] kauditd_printk_skb: 168 callbacks suppressed [ 193.255476][ T29] audit: type=1400 audit(1729806921.101:5118): avc: denied { watch watch_reads } for pid=18327 comm="syz.2.4170" path="/552" dev="tmpfs" ino=2868 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 193.306054][ T29] audit: type=1400 audit(1729806921.101:5119): avc: denied { execute } for pid=18327 comm="syz.2.4170" name="file0" dev="tmpfs" ino=2873 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 193.328594][ T29] audit: type=1400 audit(1729806921.101:5120): avc: denied { execute_no_trans } for pid=18327 comm="syz.2.4170" path="/552/file0" dev="tmpfs" ino=2873 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 193.352301][ T29] audit: type=1326 audit(1729806921.131:5121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18328 comm="syz.3.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 193.375825][ T29] audit: type=1326 audit(1729806921.131:5122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18328 comm="syz.3.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 193.399374][ T29] audit: type=1326 audit(1729806921.131:5123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18328 comm="syz.3.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 193.422951][ T29] audit: type=1326 audit(1729806921.131:5124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18328 comm="syz.3.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 193.446631][ T29] audit: type=1326 audit(1729806921.131:5125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18328 comm="syz.3.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 193.470207][ T29] audit: type=1326 audit(1729806921.131:5126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18328 comm="syz.3.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 193.493893][ T29] audit: type=1326 audit(1729806921.131:5127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18328 comm="syz.3.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 194.114795][T18353] netlink: 324 bytes leftover after parsing attributes in process `syz.0.4190'. [ 197.144334][T18402] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 197.205087][T18417] Invalid ELF header magic: != ELF [ 197.334466][T18434] loop0: detected capacity change from 0 to 512 [ 197.375359][T18434] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 197.445365][T18434] ext4 filesystem being mounted at /270/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 197.464382][T18449] pim6reg1: entered promiscuous mode [ 197.469780][T18449] pim6reg1: entered allmulticast mode [ 197.517349][T18434] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #18: comm syz.0.4215: corrupted inode contents [ 197.545291][T18434] EXT4-fs error (device loop0): ext4_dirty_inode:5984: inode #18: comm syz.0.4215: mark_inode_dirty error [ 197.578682][T18434] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #18: comm syz.0.4215: corrupted inode contents [ 197.606011][T18434] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3006: inode #18: comm syz.0.4215: mark_inode_dirty error [ 197.626095][T18434] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3009: inode #18: comm syz.0.4215: mark inode dirty (error -117) [ 197.626478][T18464] syzkaller1: entered promiscuous mode [ 197.644194][T18464] syzkaller1: entered allmulticast mode [ 197.644989][T18434] EXT4-fs warning (device loop0): ext4_evict_inode:276: xattr delete (err -117) [ 197.688118][T12932] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.809727][T18492] devtmpfs: Unknown parameter 'di¤ËÊ' [ 197.844967][T18496] IPv6: NLM_F_CREATE should be specified when creating new route [ 197.936007][T18506] xt_hashlimit: max too large, truncated to 1048576 [ 197.942821][T18508] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4241'. [ 198.299537][T18541] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4258'. [ 198.316584][ T29] kauditd_printk_skb: 86 callbacks suppressed [ 198.316601][ T29] audit: type=1400 audit(1729806926.161:5214): avc: denied { connect } for pid=18542 comm="syz.0.4256" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 198.345080][T18545] loop3: detected capacity change from 0 to 512 [ 198.351509][T18541] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4258'. [ 198.387003][T18545] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 198.390929][ T29] audit: type=1400 audit(1729806926.231:5215): avc: denied { mount } for pid=18550 comm="syz.4.4260" name="/" dev="autofs" ino=48514 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 198.408643][T18553] loop0: detected capacity change from 0 to 256 [ 198.422232][T18545] ext4 filesystem being mounted at /231/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 198.452185][T13910] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.491799][T18553] FAT-fs (loop0): Directory bread(block 64) failed [ 198.500902][T18553] FAT-fs (loop0): Directory bread(block 65) failed [ 198.518846][T18553] FAT-fs (loop0): Directory bread(block 66) failed [ 198.528121][T18553] FAT-fs (loop0): Directory bread(block 67) failed [ 198.534845][T18553] FAT-fs (loop0): Directory bread(block 68) failed [ 198.541947][T18553] FAT-fs (loop0): Directory bread(block 69) failed [ 198.548754][T18553] FAT-fs (loop0): Directory bread(block 70) failed [ 198.555421][T18553] FAT-fs (loop0): Directory bread(block 71) failed [ 198.561975][T18553] FAT-fs (loop0): Directory bread(block 72) failed [ 198.568633][ T29] audit: type=1326 audit(1729806926.411:5216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.3.4265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 198.592348][ T29] audit: type=1326 audit(1729806926.411:5217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.3.4265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 198.605341][T18553] FAT-fs (loop0): Directory bread(block 73) failed [ 198.615900][ T29] audit: type=1326 audit(1729806926.411:5218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.3.4265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 198.615935][ T29] audit: type=1326 audit(1729806926.411:5219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.3.4265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 198.669804][ T29] audit: type=1326 audit(1729806926.411:5220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.3.4265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f646d2fdff9 code=0x7ffc0000 [ 198.700035][ T29] audit: type=1400 audit(1729806926.501:5221): avc: denied { mount } for pid=18552 comm="syz.0.4259" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 198.728971][T18553] syz.0.4259: attempt to access beyond end of device [ 198.728971][T18553] loop0: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 198.750392][T18553] syz.0.4259: attempt to access beyond end of device [ 198.750392][T18553] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 198.782767][ T29] audit: type=1400 audit(1729806926.621:5222): avc: denied { unmount } for pid=12932 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 198.858622][ T29] audit: type=1400 audit(1729806926.691:5223): avc: denied { shutdown } for pid=18582 comm="syz.0.4269" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 198.904958][T18577] netlink: '+}[@': attribute type 3 has an invalid length. [ 199.065349][T18616] atomic_op ffff888135808128 conn xmit_atomic 0000000000000000 [ 199.221692][T18638] netlink: 256 bytes leftover after parsing attributes in process `syz.4.4294'. [ 199.372231][T18663] loop3: detected capacity change from 0 to 512 [ 199.379612][T18663] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 199.388722][T18663] EXT4-fs (loop3): Couldn't mount because of unsupported optional features (fffc1829) [ 199.398596][T18663] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities [ 199.542374][T18686] loop1: detected capacity change from 0 to 512 [ 199.578832][T18686] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 199.599471][T18686] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 199.627456][T18686] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #2: comm syz.1.4314: corrupted inode contents [ 199.670581][T18686] EXT4-fs error (device loop1): ext4_dirty_inode:5984: inode #2: comm syz.1.4314: mark_inode_dirty error [ 199.700857][T18686] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #2: comm syz.1.4314: corrupted inode contents [ 199.729934][T18686] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #2: comm syz.1.4314: mark_inode_dirty error [ 199.794497][T15974] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.846136][T18722] loop3: detected capacity change from 0 to 512 [ 199.862544][T18720] bond1: entered promiscuous mode [ 199.867804][T18720] bond1: entered allmulticast mode [ 199.894267][T18720] 8021q: adding VLAN 0 to HW filter on device bond1 [ 199.914807][T18720] bond1 (unregistering): Released all slaves [ 199.939943][T18722] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 199.988434][T18722] ext4 filesystem being mounted at /247/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 200.070190][T13910] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.087136][T18804] loop1: detected capacity change from 0 to 1024 [ 200.119409][T18804] EXT4-fs: Ignoring removed orlov option [ 200.136982][T18804] EXT4-fs: Ignoring removed nomblk_io_submit option [ 200.158311][T18804] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842e018, mo2=0002] [ 200.180942][T18804] System zones: 0-1, 3-12 [ 200.203460][T18804] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 200.374663][T15974] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.426538][T18842] loop0: detected capacity change from 0 to 128 [ 200.430990][T18841] loop1: detected capacity change from 0 to 512 [ 200.454540][T18842] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 200.458189][T18841] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 200.473351][T18842] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 200.513647][T18841] EXT4-fs (loop1): 1 truncate cleaned up [ 200.537317][T18841] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 200.559577][T18854] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 200.666276][T18871] loop4: detected capacity change from 0 to 512 [ 200.684184][T18869] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4359'. [ 200.693176][T18869] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4359'. [ 200.706181][T18871] EXT4-fs (loop4): bad geometry: block count 3825205504 exceeds size of device (256 blocks) [ 200.755521][T15974] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.889893][T18906] loop1: detected capacity change from 0 to 512 [ 200.950497][T18906] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 201.063803][T18906] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 201.167368][T18920] loop3: detected capacity change from 0 to 256 [ 201.270663][T18920] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 201.287954][T15974] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.552251][T18946] loop3: detected capacity change from 0 to 512 [ 201.620022][T18946] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 201.683854][T18946] ext4 filesystem being mounted at /259/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 201.763758][T18946] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4389'. [ 201.848953][T13910] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.885562][T18966] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 201.966995][T18980] loop4: detected capacity change from 0 to 512 [ 201.986855][T18980] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.4402: corrupted in-inode xattr: invalid ea_ino [ 202.030186][T18980] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.4402: couldn't read orphan inode 15 (err -117) [ 202.066150][T18980] EXT4-fs (loop4): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 202.152849][T16189] EXT4-fs (loop4): unmounting filesystem 00000007-0000-0000-0000-000000000000. [ 202.192720][T19005] loop4: detected capacity change from 0 to 256 [ 202.268665][T19018] loop3: detected capacity change from 0 to 512 [ 202.283154][T19018] EXT4-fs: Ignoring removed i_version option [ 202.303032][T19018] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002] [ 202.314350][T19018] System zones: 1-12 [ 202.322968][T19018] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4411: bg 0: block 131: padding at end of block bitmap is not set [ 202.338936][T19018] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 202.355616][T19018] EXT4-fs (loop3): 1 truncate cleaned up [ 202.378377][T19018] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 202.429402][T19018] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 202.486628][T19035] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4420'. [ 202.499259][T13910] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.622519][T19067] loop1: detected capacity change from 0 to 512 [ 202.631684][T19067] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 202.640775][T19067] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 202.682088][T19067] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended [ 202.733950][T19067] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 202.758613][T19067] System zones: 0-2, 18-18, 34-34 [ 202.778542][T19067] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1138: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 202.846858][T19067] EXT4-fs (loop1): 1 truncate cleaned up [ 202.857475][ T3408] kernel write not supported for file /sg0 (pid: 3408 comm: kworker/0:6) [ 202.877853][T19067] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 202.945440][T15974] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.316505][T19160] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 203.327844][ T29] kauditd_printk_skb: 193 callbacks suppressed [ 203.327901][ T29] audit: type=1326 audit(1729806931.171:5417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19151 comm="syz.0.4458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa68d2ddff9 code=0x7ffc0000 [ 203.431013][ T29] audit: type=1400 audit(1729806931.271:5418): avc: denied { node_bind } for pid=19168 comm="syz.0.4466" saddr=::8001:20:0:0 src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 203.480233][ T29] audit: type=1400 audit(1729806931.321:5419): avc: denied { create } for pid=19172 comm="syz.0.4467" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 203.501567][ T24] IPVS: starting estimator thread 0... [ 203.516943][ T29] audit: type=1400 audit(1729806931.321:5420): avc: denied { map } for pid=19172 comm="syz.0.4467" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=50218 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 203.541413][ T29] audit: type=1400 audit(1729806931.321:5421): avc: denied { read write } for pid=19172 comm="syz.0.4467" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=50218 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 203.566685][ T29] audit: type=1400 audit(1729806931.321:5422): avc: denied { read } for pid=19172 comm="syz.0.4467" path="socket:[50214]" dev="sockfs" ino=50214 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 203.590156][ T29] audit: type=1400 audit(1729806931.321:5423): avc: denied { setopt } for pid=19172 comm="syz.0.4467" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 203.610010][ T29] audit: type=1400 audit(1729806931.351:5424): avc: denied { create } for pid=19170 comm="syz.2.4468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 203.614096][T19175] IPVS: using max 2064 ests per chain, 103200 per kthread [ 203.629676][ T29] audit: type=1400 audit(1729806931.351:5425): avc: denied { setopt } for pid=19170 comm="syz.2.4468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 203.638586][T19176] loop1: detected capacity change from 0 to 128 [ 203.664209][T19180] atomic_op ffff888127ad4528 conn xmit_atomic 0000000000000000 [ 203.712027][T19176] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 203.733765][ T29] audit: type=1326 audit(1729806931.361:5426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19178 comm="syz.2.4470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5dcfdff9 code=0x7ffc0000 [ 203.757923][T19176] ext4 filesystem being mounted at /102/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 203.795428][T19188] loop2: detected capacity change from 0 to 164 [ 203.803950][T19186] vlan2: entered allmulticast mode [ 203.809186][T19186] bridge_slave_0: entered allmulticast mode [ 203.816050][T19188] Unable to read rock-ridge attributes [ 203.822921][T19188] Unable to read rock-ridge attributes [ 203.833374][T19186] bridge_slave_0: left allmulticast mode [ 203.864825][T19190] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4475'. [ 203.941413][T15974] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 203.995964][T19210] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 204.034159][T19216] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4483'. [ 204.050850][T19219] IPVS: stopping backup sync thread 19221 ... [ 204.050851][T19221] IPVS: sync thread started: state = BACKUP, mcast_ifn = macvlan0, syncid = 0, id = 0 [ 204.092248][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x7 [ 204.099758][ T3408] hid-generic 0000:0000:0000.000C: ignoring exceeding usage max [ 204.111887][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.121100][T19226] loop2: detected capacity change from 0 to 512 [ 204.135605][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.143069][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.143521][T19226] EXT4-fs: Ignoring removed mblk_io_submit option [ 204.150616][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.164518][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.171942][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.173338][T19223] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4485'. [ 204.179376][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.188236][T19223] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4485'. [ 204.195641][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.211957][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.219510][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.227119][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.234575][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.242009][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.249454][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.257025][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.264600][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.272009][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.279458][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.286898][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.294382][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.301821][ T3408] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 204.310263][T19226] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.4488: corrupted in-inode xattr: invalid ea_ino [ 204.338717][ T3408] hid-generic 0000:0000:0000.000C: hidraw0: HID v0.00 Device [syz0] on syz0 [ 204.358928][T19226] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.4488: couldn't read orphan inode 15 (err -117) [ 204.372230][T19226] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.412981][ T8437] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.458333][T19246] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 204.466703][T19246] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 204.499958][ T8437] ================================================================== [ 204.508111][ T8437] BUG: KCSAN: data-race in pcpu_alloc_noprof / pcpu_block_update_hint_alloc [ 204.516839][ T8437] [ 204.519173][ T8437] read-write to 0xffffffff88bdf3ac of 4 bytes by task 19248 on cpu 1: [ 204.527331][ T8437] pcpu_block_update_hint_alloc+0x5db/0x6a0 [ 204.533255][ T8437] pcpu_alloc_area+0x488/0x4b0 [ 204.538047][ T8437] pcpu_alloc_noprof+0x4bb/0x10a0 [ 204.543098][ T8437] bpf_map_alloc_percpu+0xad/0x210 [ 204.548239][ T8437] array_map_alloc+0x2aa/0x390 [ 204.553023][ T8437] map_create+0x850/0xb70 [ 204.557366][ T8437] __sys_bpf+0x667/0x7a0 [ 204.561634][ T8437] __x64_sys_bpf+0x43/0x50 [ 204.566080][ T8437] x64_sys_call+0x2625/0x2d60 [ 204.570781][ T8437] do_syscall_64+0xc9/0x1c0 [ 204.575302][ T8437] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.581312][ T8437] [ 204.583651][ T8437] read to 0xffffffff88bdf3ac of 4 bytes by task 8437 on cpu 0: [ 204.591213][ T8437] pcpu_alloc_noprof+0x9b6/0x10a0 [ 204.596273][ T8437] xt_percpu_counter_alloc+0x79/0x110 [ 204.601663][ T8437] translate_table+0x921/0xf70 [ 204.606449][ T8437] do_ipt_set_ctl+0x7bd/0x8b0 [ 204.611156][ T8437] nf_setsockopt+0x195/0x1b0 [ 204.615783][ T8437] ip_setsockopt+0xea/0x100 [ 204.620307][ T8437] tcp_setsockopt+0x93/0xb0 [ 204.624835][ T8437] sock_common_setsockopt+0x64/0x80 [ 204.630065][ T8437] __sys_setsockopt+0x1cc/0x240 [ 204.634952][ T8437] __x64_sys_setsockopt+0x66/0x80 [ 204.640017][ T8437] x64_sys_call+0x278d/0x2d60 [ 204.644724][ T8437] do_syscall_64+0xc9/0x1c0 [ 204.649253][ T8437] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.655189][ T8437] [ 204.657526][ T8437] value changed: 0x0000002e -> 0x0000002d [ 204.663256][ T8437] [ 204.665591][ T8437] Reported by Kernel Concurrency Sanitizer on: [ 204.671754][ T8437] CPU: 0 UID: 0 PID: 8437 Comm: syz-executor Tainted: G W 6.12.0-rc4-syzkaller-00085-g4e46774408d9 #0 [ 204.684123][ T8437] Tainted: [W]=WARN [ 204.687935][ T8437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 204.698011][ T8437] ==================================================================