last executing test programs: 37.787086958s ago: executing program 3 (id=271): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x208, 0x1}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) r2 = msgget$private(0x0, 0x0) msgrcv(r2, &(0x7f0000001080)={0x0, ""/1}, 0x2000, 0x2, 0x3000) msgsnd(r2, &(0x7f00000002c0)={0x1}, 0x8, 0x800) 37.673340737s ago: executing program 3 (id=277): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='kmem_cache_free\x00', r0}, 0x18) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f00000005c0)='F', 0x1}], 0x1}, 0x0) recvmsg(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)=""/251, 0x2}], 0x1}, 0x40000100) sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001300)="d3", 0x1}], 0x1}, 0x0) 37.578289195s ago: executing program 3 (id=284): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) 37.550900587s ago: executing program 3 (id=287): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1805406, 0x0) mount$9p_unix(0x0, &(0x7f0000000200)='./file0/file0\x00', 0x0, 0x20000, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x2a05004, 0x0) 37.5218387s ago: executing program 3 (id=290): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="500000001400030500008000ffdbdf25020751ff", @ANYRES32=r3, @ANYBLOB="080002007f00000114000600ff030000ffffffff030000000000000008000400e0"], 0x50}, 0x1, 0x0, 0x0, 0xc090}, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e21, @empty=0x7f000000}}) 37.287727328s ago: executing program 3 (id=299): r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) close(r0) r1 = socket$netlink(0x10, 0x3, 0xf) sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=@gettaction={0x14, 0x32, 0x605, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x850}, 0x24000800) r2 = eventfd(0x0) mount$9p_fd(0x0, &(0x7f00000006c0)='./bus\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) 37.287512429s ago: executing program 32 (id=299): r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) close(r0) r1 = socket$netlink(0x10, 0x3, 0xf) sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=@gettaction={0x14, 0x32, 0x605, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x850}, 0x24000800) r2 = eventfd(0x0) mount$9p_fd(0x0, &(0x7f00000006c0)='./bus\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) 37.284754469s ago: executing program 4 (id=301): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_PAUSE_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f00000007c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100030010651fbe347b2c2b00000c00018008000100", @ANYRES16=r2], 0x20}}, 0x0) 37.159397039s ago: executing program 4 (id=305): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000001c0)=0x6f1b, 0x4) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300) recvmmsg(r0, &(0x7f0000003e00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/27, 0x1b}, 0x7}], 0x1, 0x45833af92e4b39ff, 0x0) 36.939332107s ago: executing program 4 (id=309): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b\x00\x00\x00\b\x00\x00'], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000050000000100000007"], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x20075, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 36.147397071s ago: executing program 4 (id=317): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='tlb_flush\x00', r1}, 0x18) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") write$selinux_context(0xffffffffffffffff, &(0x7f0000000040)='system_u:object_r:cgroup_t:s0\x00', 0x1e) syz_clone(0x2100, 0x0, 0x0, 0x0, 0x0, 0x0) 35.938615088s ago: executing program 4 (id=320): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket(0x10, 0x3, 0x0) connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000000980)=@newtaction={0x18, 0x31, 0x829, 0x20000, 0x0, {}, [{0x4}]}, 0x18}}, 0x0) 34.863098325s ago: executing program 4 (id=350): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = eventfd2(0x0, 0x0) readv(r1, &(0x7f0000000500)=[{&(0x7f0000000000)=""/92, 0x5c}], 0x1) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) 34.854956276s ago: executing program 33 (id=350): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = eventfd2(0x0, 0x0) readv(r1, &(0x7f0000000500)=[{&(0x7f0000000000)=""/92, 0x5c}], 0x1) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) 25.676545699s ago: executing program 0 (id=663): prctl$PR_SET_NAME(0xf, &(0x7f0000000200)='gtp\x00\xe4\xaa\xae\xdf~2\xa6X\x14\x92\xdarV\xf4U\xf7\xa2\xc3l\x1b@\xaf\xf9\xc9\xa9#\xf0S\xd9=q\xd6\x14\xedt\xc8!W\xe9@\xeb\x7f~\tB0EE\x9a:\xb7\xff\xc1\xfc\x9a\x1f\xf2\xfb\x19\xda#x\xc5F\x1c~\x8c\xe1\xdf\xdc\x01k\f\xde0~\x95\r\xa2\x80\b4M\x14\xe7\xd0\t`n!g\x14\xe6\xd1\xc2\xd3\x88\xf8cVtd\xbeY\xa5\xe7\x16sD\x96}7\n\x88e\x00\xf0\xff\xff\xf0\xcb\x94\xb4S\x00\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r1) sendmsg$TIPC_CMD_SHOW_PORTS(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001640)={0x1c, r2, 0x1}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x0) 25.626372543s ago: executing program 0 (id=665): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0xfffffead, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10) ioprio_set$pid(0x1, 0x0, 0x4000) syz_clone3(&(0x7f0000000680)={0x800000, 0x0, 0x0, 0x0, {0x5}, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0x0], 0x1}, 0x58) pipe(0x0) 25.245728334s ago: executing program 0 (id=679): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000100)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x1b, 0x0, "99aed94cb0b35c64fb781b79363b6fb8a279443e8522854bec7fabec4372cd962a8f57216a5d981041890c6fdb1fd901c2a073dbe6dbc04a3f122251b9ca5327885f62686ff3857d13997543ff74265e"}, 0xd8) ioctl$TIOCMBIS(r1, 0x5416, &(0x7f00000000c0)=0x3) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000600)={@in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x35, 0x0, "679f672c00b69e65b0934066fc7c3406caf2c09e33bd50116312e2b00fee650af69b2150ccaa762a3db7ad752fe616e085e991c0436e7e7111238865d27b4e82dcc94700ddd1878b088736009d15f1fa"}, 0xd8) setsockopt$inet_tcp_int(r0, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6) 25.200050268s ago: executing program 0 (id=681): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1805406, 0x0) mount$9p_unix(0x0, &(0x7f0000000200)='./file0/file0\x00', 0x0, 0x20000, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x2a05004, 0x0) 25.17996057s ago: executing program 0 (id=682): r0 = socket$kcm(0x1e, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f00000008c0), 0x43) recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001900)=""/4101, 0x1005}], 0x1}, 0x2192) r1 = socket$kcm(0x1e, 0x4, 0x0) setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f00000008c0), 0x43) write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[], 0xfdef) 24.92670716s ago: executing program 0 (id=691): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, @fallback=0x2c, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c000180090001"], 0x140}}, 0x0) 24.908597952s ago: executing program 34 (id=691): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, @fallback=0x2c, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c000180090001"], 0x140}}, 0x0) 3.935833102s ago: executing program 2 (id=1387): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) 3.83004109s ago: executing program 2 (id=1390): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc080}, 0x800) 3.733100948s ago: executing program 2 (id=1396): bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv_slave_0\x00'}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x1ff, 0x1501) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f00000004c0)={0x2, 0xe, 0x19, 0x4002}, 0x8, 0x800, 0x8, 0x0, 0xfffffffe, 0x4, 0x0}) 3.689865671s ago: executing program 2 (id=1398): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00') pivot_root(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000240)='./file0/../file0\x00') 3.680693062s ago: executing program 2 (id=1400): r0 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7279, 0x0, 0x4, 0x18e}, &(0x7f0000000000)=0x0, &(0x7f0000000280)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) creat(&(0x7f0000000180)='./file0\x00', 0x0) r2 = timerfd_create(0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000680)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 3.388167836s ago: executing program 2 (id=1410): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)={0x24, r2, 0x1, 0x0, 0x0, {0x7}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x10000}]}, 0x24}, 0x1, 0x0, 0x0, 0x40014}, 0x0) 3.356740368s ago: executing program 35 (id=1410): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)={0x24, r2, 0x1, 0x0, 0x0, {0x7}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x10000}]}, 0x24}, 0x1, 0x0, 0x0, 0x40014}, 0x0) 2.873214128s ago: executing program 5 (id=1432): futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000040), &(0x7f0000048000), 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r0, 0x0) exit(0x0) 2.568530512s ago: executing program 6 (id=1439): bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv_slave_0\x00'}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x1ff, 0x1501) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f00000004c0)={0x2, 0xe, 0x19, 0x4002}, 0x8, 0x800, 0x8, 0x0, 0xfffffffe, 0x4, 0x0}) 2.547392504s ago: executing program 6 (id=1440): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xea6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18) connect$unix(r0, &(0x7f0000000240)=@file={0x1, './file0\x00'}, 0x6e) 2.510637447s ago: executing program 6 (id=1441): openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) syz_open_dev$evdev(&(0x7f0000000000), 0x200000000046, 0x121301) r0 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x400, 0x3, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r0, 0x3516, 0x77e, 0x0, 0x0, 0x0) 1.999946578s ago: executing program 5 (id=1445): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000001440), 0x2, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000000140)) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x1, 0x6}, 0x2, 0x7fffffff, 0x2, 0x7, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) readv(r0, &(0x7f0000000300)=[{&(0x7f0000000380)=""/4096, 0x1000}], 0x1) 1.165037516s ago: executing program 7 (id=1467): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x18) ustat(0x9, &(0x7f0000000000)) 1.164079976s ago: executing program 7 (id=1477): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) write(r1, &(0x7f00000009c0)="3bf58d7d45d32cfe1da7c797b82f16713d1cb80b3fa1bda74e3977b40e7af46b4c60b70d7a79ed5d8c48f52a50185980", 0x30) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7fffeffd) 1.158456417s ago: executing program 8 (id=1470): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r0}, &(0x7f0000000480), &(0x7f00000004c0)=r1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002106000d40931000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001006c617374"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0) 1.101594781s ago: executing program 8 (id=1471): bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10) syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) 1.083613992s ago: executing program 5 (id=1472): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x5, 0x4, 0x8, 0xd}, 0x50) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0xff5f) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x4, 0x0, 0x10, "0062ba7d82e7ff00000000000000f7ffffff00"}) r1 = syz_open_pts(r0, 0x20000) ioctl$FIONREAD(r1, 0x541b, &(0x7f00000000c0)) 404.851788ms ago: executing program 6 (id=1474): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r2}, 0x10) r3 = dup(r0) fsetxattr$security_selinux(r3, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0) 392.173379ms ago: executing program 8 (id=1476): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0) writev(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)='\f7', 0x2}, {&(0x7f0000000000)='0', 0x1}], 0x2) 366.773481ms ago: executing program 7 (id=1478): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) r1 = socket$inet6(0xa, 0x3, 0x87) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@remote, @in=@multicast1, 0xfffd, 0x0, 0x4e20, 0x0, 0x2}, {0x0, 0x4, 0x1, 0x0, 0x0, 0x9, 0x0, 0x2}, {0x1ff, 0xffffffffe, 0x4053e5, 0x20}, 0x6, 0x1, 0x1, 0x0, 0x1, 0x1}, {{@in6=@rand_addr=' \x01\x00', 0x1, 0x32}, 0xa, @in6=@private0, 0x3502, 0x1, 0x0, 0x0, 0x6, 0xfffffffd}}, 0xe8) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, 0x9df}, 0x1c) recvmmsg(r0, &(0x7f0000002b80)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2, 0x0) 329.021254ms ago: executing program 6 (id=1479): timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x8, 0x32, 0xffffffffffffffff, 0x0) signalfd4(0xffffffffffffffff, &(0x7f0000000100)={[0x3ffffffe]}, 0x8, 0x80000) 328.714294ms ago: executing program 8 (id=1480): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800) ioctl$SG_GET_VERSION_NUM(r1, 0x2284, &(0x7f0000000080)) 328.457304ms ago: executing program 5 (id=1481): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440)) r1 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0) fallocate(r1, 0x0, 0x400000002000000, 0x2) 314.231755ms ago: executing program 6 (id=1484): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000001440), 0x2, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000000140)) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x1, 0x6}, 0x2, 0x7fffffff, 0x2, 0x7, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) readv(r0, &(0x7f0000000300)=[{&(0x7f0000000380)=""/4096, 0x1000}], 0x1) 265.040319ms ago: executing program 8 (id=1485): syz_mount_image$iso9660(&(0x7f0000000940), &(0x7f00000001c0)='./file0\x00', 0x4c0, &(0x7f00000029c0)=ANY=[@ANYBLOB='session=0x0000000000000043,dmode=0x0000000000000006,map=acorn,mode=0x0000000000000007,sbsector=0x0000000004008001,check=strict,check=relaxed,overriderockperm,sbsector=0x0000000000000000,utf8,sbsector=0x0000000000000000,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c7362736563746f723d3078303030303030303030303030303030332c686964652c6769643d6fcfd9bbb83ea2da0b3bdde67d4afb69235336bd2e00000000000000100e0d7f75a3e03ce54119c4992224af29f853bce4aca191f148f30708d72b47b71648508f7bc62d8797e2498c686370511071e7aa762d4a01bd68d3ba1c195a732d93d5eaa25eabfa180f82f5435a100b5c0fe5dd289873127578f6314c9a2d3013d2cc64affbccde695695aecddd024a02c1eb54483c000000000000000000c5be8f1c72e09630555342a1067eeb8b662684ac7d0a05c92eb256afba056e5e0cfb38ac780d633e67ec1845f23b5e63ce9a80c80e7a5532f2b64c58dbb4884b3086c29f0cd4ff0952f8a145e4e3b66a515bb6b794b84487d64bbe5c3f62cd740fea3161b8291104dd33c09f1e467d24a69d30a4b61cf3257d1bf3fd104ab25639b9fdb5eb08eb4a907b08702a1ea0a197ed2b292a18cffb8c9bfa25de90e8bff4", @ANYRESHEX, @ANYRES64], 0x2, 0x976, &(0x7f0000000980)="$eJzs3U9vG2kZAPBn3LjNZlfdLO1u0+xhrW2DQgWp46ot1V5IYyf1ksQoSaWtuARoFlWNWMSCVFZIBAlxooID4gC3HjlV7GXhgCoh8RE4cOkH4LLi1FvQzDiN2/pPGiVxkv5+0njs8TPv87x+7Rk17vgNDrONjY1s2eHjm3/Zz2I5eK5XHz94eD9dfrUex+NYXE6+iBiMiFLEQESMRBSnq4uN+R4N3Y1YiYhHEUlEnIh8vS0rkfwu3th6/CiSP6d52XsbvNL6/f4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICDKJmulsuTSczVF25+VOosmwK8y/Ob7TUK6W2hEfns4Z3zRiTpEoODm1N9j5zaevrt9Ob9OJM/OpNNSB6D8dnr7wx/cGqgsLl/l4J2JOLlmvz055/d/d7a2upPdruQQ2K2tlBfatTnp2ZrpfpSo3TtypXyxRszS6WZ+lxt6dbScm2+NL1Ym1puLJbGp79Wmrx27VKpNnGrcXNhtjo1V9vcePUblXL5SunDie/UphaXGgsXP5xYmr5Rn5urL8xmMenTaczV9I347fpyabk2NV8qfXxnbfVSryLToMntBFV6BVXKlcrkZKUyeeXytctXy+WBFzaUnxMvROz+m5bDZU+O47ATG83zPwAAAHB0Jdnf2NN//xezv8MnMVOfq5X7XRYAAACwi7Jv/s+kq2JEvNbc6t//AAAAcJT0vsauc8TxZhtfj7P5nbO38/XtZsRfT2RtDM3UN37ZjP3q06v92ucrZv/94EKM5lGjQ/l6qBnVvHJwMI2anPhgMi7Eu3nEu+Pn0tW58ZbINEMaWckjm1felNpEbrZ5KY0EgKPu/R7n427n/2ZEciHG8oix0eya/4HRNmfWsjMrABwUT3/BZg/v9LuPAMCz0rP0P/tdBAAAAAAAAAAAAAAAAAAAAAAAAAAAABwx+/H7/3t0J/LpheKg1HNY7iT5yK8flHp2bY6Jfco1vOcpCrFPL92x6BzT3+MSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCrKok41m57IeJERJQj4uL+V7V31vtdQJ8lT+JJ3IuT/a4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCoaf7+fyHy9ev5phgoRIxFxEpEfLffNe5I21kNIp7sdx0HTMvv/6djHhtJDOTDHklxurrYmE+HP5v7ofD4wcP76bKTPGkDaYZnhqGZofNeb2V7DVVXP737009+XKpez4q8vjwzV52fXfzWVuA7yecRpciXTZv1/mLsH79v0/PP055uL+9Mlvd4RDyX90y7vbvn7ebO2molzbRc+2j5Zz+6c6/lqa/EaMS58YjxZzP9MF06ZBqNYrdsyZfJb5KT8cdYycY/fTWSjSQdojez/r/28Z211YkffLJ2u0NNwzESEbcjBrdf00h2PGkre9cVimnWchaU3pzu0V5XLS1OdujDW3E2Ioa2+vC33n0427kPmR6ve7OiSx0qOhXvvfRIv/dcxvW/3zrftYTIx/8/yY34d/y6Zf6PQjr+Y7GdT2cak0W2vFM69zmPzHpe6dpmx08lO1Po9uRv4/vxzafjX2g5/jfHan+ORy0Z9/Jz0SI7I51+7ozUPPp02qdZ5+k8qkOdb8f5iIHRlzoqnu9xRHlx/+J2+9lZ8mXyp2Q8/hfr5v8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOviTiWLvthYixiBiOiDfTx6WIjd3IVxhK4r8nd6OlDoX3sL47qQ+tYnpzL3ZpBAAAAAAAAADot+vVxw8e3k+XJLKv0s8nX0QM5t/0D0TEcPKH4nR1sTHfo6FixEpEPHqZ5P/Kcmb7xRtbmx+lj0Z20BkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6s/wcAAP//iuup4w==") r0 = socket(0xa, 0x3, 0x87) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ipvlan0\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) 264.267869ms ago: executing program 7 (id=1487): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000013000500000000000000000007000000", @ANYRES32=r3, @ANYBLOB="00000000000000000c001a800800048004000580"], 0x2c}}, 0x0) 263.486419ms ago: executing program 5 (id=1488): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x6, 0x8, 0x8, 0x40}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x27a}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) munlockall() 217.017153ms ago: executing program 5 (id=1490): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) write(r1, &(0x7f00000009c0)="3bf58d7d45d32cfe1da7c797b82f16713d1cb80b3fa1bda74e3977b40e7af46b4c60b70d7a79ed5d8c48f52a50185980", 0x30) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7fffeffd) 216.498463ms ago: executing program 7 (id=1491): socket(0x25, 0x1, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x80882, 0x0) r0 = syz_io_uring_setup(0x9e, &(0x7f0000000000)={0x0, 0xec25, 0x0, 0x2, 0x40000333}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6007, @fd_index=0x4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001800)=""/211, 0xd3}], 0x1}) io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0) 216.003093ms ago: executing program 8 (id=1492): mknodat(0xffffffffffffff9c, &(0x7f0000018300)='./file1\x00', 0x1000, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) r1 = dup(r0) pipe2(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100), 0x88, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}}) splice(r2, 0x0, r1, 0x0, 0x91, 0x5) 167.139177ms ago: executing program 7 (id=1493): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x5, 0x4, 0x8, 0xd}, 0x50) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0xff5f) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x4, 0x0, 0x10, "0062ba7d82e7ff00000000000000f7ffffff00"}) r1 = syz_open_pts(r0, 0x20000) ioctl$FIONREAD(r1, 0x541b, &(0x7f00000000c0)) 166.589777ms ago: executing program 1 (id=1494): syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb77, &(0x7f0000000c40)="$eJzs3c9vFFUcAPDvzG5LKWgX40GMCTUeIDFsW0BB4gE8Gg8mkqAnXPuDNCxgaE0sIbHcTLyowZMnT2qiR6+GGPXkweiJ/8CQEFP4A2pmdnZZ6W5LYcuQ8vkks/vePJb3nSbffW86bzoBPLHGs5c0Ym9EfJ5EjBX704gYzksjEcutf3dn5cp0tiWxuvrOv0kkEXF75cp0+/9Kivdd2Us1/2T89UvEM5W1/S4sXT7XaDZnLxX1icXzH04sLF0+OH++cXb27OyFQ69OHp567cixV44M7FiXjqaf/fnmG99dO/P1Hz8ee+HTJE7E7qKt+zgGZTzGOz+TbtWIeG/QnZWkUhxPr+MEAODxk3bN4fbGWFTyUstY1OdLDQ4AAAAYiE8iYhUAAADY5hLn/wAAALDNtdcB3F65Mt3eyl2RADwqt05GRK2V/+37+1st1VjO30diKCJG7yRddwa17veuDaD/8Yj44auj+7Ittug+fKC35asR8Vyv8T/J87+W/xWPtfmfRsTkAPofv6cu/+HReZj8PzGA/uU/AAAAAAAADM71k60L+Wuv/6Wd9T/R4/pfpce1uwex8fW/9OYAugF6uHUy4vWuZ/vc6cr/Qq1S1J7K1wMMJXPzzdnJiHg6Ig7E0I6sPrVOH9/+dPzvfm3d6/+yLeu/vRawiONmdcf/PzPTWGw8zDEDLbeuRjxf7ZX/SWf8T/qs/337Pvv47fTPc/3aNs5/YKusfhOxv+f4f/eJbsn6z+ebyOcDE+1ZwVqnX/z1+379y38oTzb+j66f/7Wk+3mdC5vvY3L04Nl+bQ86/x9OTuVPFR0u9n3cWFy8NBUxnLy1dv+hzccM21E7H9r5kuX/gZd6n/+vN//Pkuz94lsijYhG8Z7VP7inzx1nfv+iXzzGfyhPlv8zmxr/N1/48t2VU/36v7/x/0g+ph8o9vj9H6zvfhO07DgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgcZJGxO5I0nqnnKb1esSuiHg2RtPmxYXFl+cufnRhJmuLqMVQOjffnJ2MiLFWPcnqU3n5bv3QPfXDEbEnIq6N7czr9emLzZmyDx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICOXRGxO5K0HhFpXk7Ter3V9s9Y2dEBAAAAA1MrOwAAAABgyzn/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAh7dl3/UYSEcvHd+ZbZrhoGyo1MmCrpWUHAJSmUnYAQGmqZQcAlMY5PpBs0D7St8UMAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJsn/v9RtJRCwf35lvmeGibajUyICtlpYdAFCaStkBAKWplh0AUBrn+ECyQftI3xYzCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAnycLS5XONZnP2koKCgkKnUPY3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANvZfwEAAP//vlL7zw==") quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f00000001c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x7, 0x6, 0x7267, 0xb, 0x6, 0x1ffffffffff, 0x6, 0x9, 0x35}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) setreuid(0x0, 0xee01) write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b) 67.137475ms ago: executing program 1 (id=1495): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x103, 0x1}, 0x20) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000600)=ANY=[@ANYBLOB="fc000000190001002dbd70000000008000000000000000000000000000000001010000000400000000000000000000bb00000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000020000000000000000000000000000000000000000a000000000000feffffffff7f40000200000000000008000000000000000001000000000000004400050000000000000000000000000000000000000000003c00000002000000ffffffff0000000000000000000000000600000004"], 0xfc}}, 0x0) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) sendmsg$inet6(r0, &(0x7f0000000140)={&(0x7f0000000080)={0xa, 0x4e26, 0x80000, @mcast2}, 0x1c, 0x0}, 0x810) 11.817519ms ago: executing program 1 (id=1496): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc680000000c0a010100000000000000000a0000070900020073797a31000000000900010073797a31000000003c0003803800008008000340000000022c0007800a0001006c696d69740000001c0002800c00024000000000000000050c00014000000000000000041400000011000100"], 0xcc}, 0x1, 0x0, 0x0, 0x24000850}, 0x40) close(r0) 11.482039ms ago: executing program 1 (id=1497): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r0}, 0x10) setitimer(0x1, 0x0, 0x0) 11.270209ms ago: executing program 1 (id=1498): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) r1 = socket$inet6(0xa, 0x3, 0x87) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@remote, @in=@multicast1, 0xfffd, 0x0, 0x4e20, 0x0, 0x2}, {0x0, 0x4, 0x1, 0x0, 0x0, 0x9, 0x0, 0x2}, {0x1ff, 0xffffffffe, 0x4053e5, 0x20}, 0x6, 0x1, 0x1, 0x0, 0x1, 0x1}, {{@in6=@rand_addr=' \x01\x00', 0x1, 0x32}, 0xa, @in6=@private0, 0x3502, 0x1, 0x0, 0x0, 0x6, 0xfffffffd}}, 0xe8) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, 0x9df}, 0x1c) recvmmsg(r0, &(0x7f0000002b80)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2, 0x0) 0s ago: executing program 1 (id=1499): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x2, 0x0) write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d) kernel console output (not intermixed with test programs): to 8192 [ 44.050972][ T3723] ======================================================= [ 44.050972][ T3723] WARNING: The mand mount option has been deprecated and [ 44.050972][ T3723] and is ignored by this kernel. Remove the mand [ 44.050972][ T3723] option from the mount to silence this warning. [ 44.050972][ T3723] ======================================================= [ 44.086632][ T3698] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.94: Invalid inode table block 1 in block_group 0 [ 44.107178][ T3736] hub 9-0:1.0: USB hub found [ 44.112287][ T3736] hub 9-0:1.0: 8 ports detected [ 44.153886][ T3698] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 44.165919][ T3698] EXT4-fs error (device loop3): ext4_quota_off:7217: inode #3: comm syz.3.94: mark_inode_dirty error [ 44.219675][ T3743] loop2: detected capacity change from 0 to 128 [ 44.244654][ T3743] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8) [ 44.253201][ T3743] FAT-fs (loop2): Filesystem has been set read-only [ 44.271821][ T3743] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522) [ 44.376870][ T3758] loop1: detected capacity change from 0 to 2048 [ 44.435556][ T3758] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 44.677480][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.689218][ T3788] loop2: detected capacity change from 0 to 1024 [ 44.701921][ T3788] EXT4-fs: Ignoring removed oldalloc option [ 44.707999][ T3788] EXT4-fs: Ignoring removed bh option [ 44.733213][ T3788] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.767539][ T3788] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.126: Allocating blocks 497-513 which overlap fs metadata [ 44.786560][ T3788] EXT4-fs (loop2): pa ffff888106e6b070: logic 1, phys. 449, len 4 [ 44.794480][ T3788] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 2, pa_free 3 [ 44.841332][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.997531][ T3818] bond_slave_0: entered promiscuous mode [ 45.003230][ T3818] bond_slave_1: entered promiscuous mode [ 45.010062][ T3818] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 45.018181][ T3818] team0: Port device macvlan2 added [ 45.037740][ T3818] syz.3.139 (3818) used greatest stack depth: 10160 bytes left [ 45.205311][ T3833] netlink: '+}[@': attribute type 1 has an invalid length. [ 45.289105][ T3841] Driver unsupported XDP return value 0 on prog (id 110) dev N/A, expect packet loss! [ 45.407369][ T3851] atomic_op ffff888119656528 conn xmit_atomic 0000000000000000 [ 45.646977][ T3865] netlink: 96 bytes leftover after parsing attributes in process `syz.3.162'. [ 45.667497][ T3867] netlink: 332 bytes leftover after parsing attributes in process `syz.1.163'. [ 45.678502][ T29] kauditd_printk_skb: 250 callbacks suppressed [ 45.678517][ T29] audit: type=1326 audit(1754723209.741:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3868 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe026eebe9 code=0x7ffc0000 [ 45.708213][ T29] audit: type=1326 audit(1754723209.741:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3868 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe026eebe9 code=0x7ffc0000 [ 45.758431][ T29] audit: type=1326 audit(1754723209.781:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3868 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe026eebe9 code=0x7ffc0000 [ 45.781781][ T29] audit: type=1326 audit(1754723209.781:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3868 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe026eebe9 code=0x7ffc0000 [ 45.805388][ T29] audit: type=1326 audit(1754723209.781:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3868 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe026eebe9 code=0x7ffc0000 [ 45.828800][ T29] audit: type=1326 audit(1754723209.781:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3868 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe026eebe9 code=0x7ffc0000 [ 45.852043][ T29] audit: type=1326 audit(1754723209.791:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3868 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe026eebe9 code=0x7ffc0000 [ 45.875386][ T29] audit: type=1326 audit(1754723209.791:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3868 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbe026eebe9 code=0x7ffc0000 [ 45.898844][ T29] audit: type=1326 audit(1754723209.791:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3868 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe026eebe9 code=0x7ffc0000 [ 45.922497][ T29] audit: type=1326 audit(1754723209.791:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3868 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe026eebe9 code=0x7ffc0000 [ 45.956088][ T3879] netlink: 4 bytes leftover after parsing attributes in process `syz.4.169'. [ 45.991677][ T3879] netlink: 4 bytes leftover after parsing attributes in process `syz.4.169'. [ 46.084970][ T3892] netlink: 'syz.0.176': attribute type 1 has an invalid length. [ 46.142746][ T3900] loop1: detected capacity change from 0 to 1024 [ 46.150068][ T3900] EXT4-fs: Ignoring removed bh option [ 46.176969][ T3900] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.219429][ C1] hrtimer: interrupt took 27975 ns [ 46.248990][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.476114][ T3918] loop1: detected capacity change from 0 to 8192 [ 46.487369][ T3918] syz.1.186: attempt to access beyond end of device [ 46.487369][ T3918] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 46.522535][ T3918] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1) [ 46.531834][ T3918] FAT-fs (loop1): Filesystem has been set read-only [ 46.536223][ T3932] loop3: detected capacity change from 0 to 512 [ 46.560275][ T3918] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1) [ 46.569830][ T3932] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.188: casefold flag without casefold feature [ 46.588165][ T3932] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.188: couldn't read orphan inode 15 (err -117) [ 46.589369][ T3918] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1) [ 46.610296][ T3932] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.772378][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.969212][ T3968] veth3: entered promiscuous mode [ 47.274582][ T4011] loop0: detected capacity change from 0 to 128 [ 47.299916][ T4013] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.319848][ T4016] netlink: 'syz.1.227': attribute type 39 has an invalid length. [ 47.358196][ T4013] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.443564][ T4013] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.529204][ T4013] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.591617][ T31] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.603344][ T31] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.618972][ T31] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.633439][ T31] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.636066][ T3377] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 47.674262][ T3377] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 48.022297][ T4080] loop4: detected capacity change from 0 to 8192 [ 48.031978][ T4080] syz.4.255: attempt to access beyond end of device [ 48.031978][ T4080] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 48.046012][ T4080] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 48.054015][ T4080] FAT-fs (loop4): Filesystem has been set read-only [ 48.065677][ T4080] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 48.073752][ T4080] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 48.084095][ T4066] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 48.092563][ T4066] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 48.252538][ T4094] vlan2: entered allmulticast mode [ 48.293202][ T3485] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 48.303631][ T3485] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 48.499955][ T36] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 48.501287][ T4108] loop4: detected capacity change from 0 to 512 [ 48.515851][ T36] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 48.516706][ T4108] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.265: casefold flag without casefold feature [ 48.539707][ T4108] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.265: couldn't read orphan inode 15 (err -117) [ 48.552497][ T4108] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.636448][ T4113] loop2: detected capacity change from 0 to 512 [ 48.671440][ T4113] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.698190][ T4113] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 48.721238][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.749447][ T4120] loop9: detected capacity change from 0 to 7 [ 48.757731][ T4120] Buffer I/O error on dev loop9, logical block 0, async page read [ 48.765652][ T4120] Buffer I/O error on dev loop9, logical block 0, async page read [ 48.773515][ T4120] loop9: unable to read partition table [ 48.779281][ T4120] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ â·û [ 48.779281][ T4120] ) failed (rc=-5) [ 48.806225][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.878175][ T4139] loop1: detected capacity change from 0 to 128 [ 48.890227][ T4139] syz.1.278: attempt to access beyond end of device [ 48.890227][ T4139] loop1: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 48.907646][ T4139] syz.1.278: attempt to access beyond end of device [ 48.907646][ T4139] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 48.921039][ T4139] Buffer I/O error on dev loop1, logical block 69, lost async page write [ 49.061439][ T4170] loop4: detected capacity change from 0 to 512 [ 49.088789][ T4170] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.111912][ T4170] ext4 filesystem being mounted at /58/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 49.251779][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.253646][ T2760] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.326540][ T4186] __nla_validate_parse: 3 callbacks suppressed [ 49.326558][ T4186] netlink: 108 bytes leftover after parsing attributes in process `syz.2.302'. [ 49.342025][ T4186] netlink: 108 bytes leftover after parsing attributes in process `syz.2.302'. [ 49.351073][ T4186] netlink: 108 bytes leftover after parsing attributes in process `syz.2.302'. [ 49.377456][ T2760] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.395560][ T4186] netlink: 108 bytes leftover after parsing attributes in process `syz.2.302'. [ 49.395605][ T4186] netlink: 108 bytes leftover after parsing attributes in process `syz.2.302'. [ 49.395625][ T4186] netlink: 108 bytes leftover after parsing attributes in process `syz.2.302'. [ 49.416911][ T2760] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.440092][ T4186] netlink: 108 bytes leftover after parsing attributes in process `syz.2.302'. [ 49.440115][ T4186] netlink: 108 bytes leftover after parsing attributes in process `syz.2.302'. [ 49.440138][ T4186] netlink: 108 bytes leftover after parsing attributes in process `syz.2.302'. [ 49.487988][ T2760] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.616843][ T2760] bridge_slave_1: left allmulticast mode [ 49.616861][ T2760] bridge_slave_1: left promiscuous mode [ 49.616960][ T2760] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.619464][ T2760] bridge_slave_0: left allmulticast mode [ 49.619497][ T2760] bridge_slave_0: left promiscuous mode [ 49.619627][ T2760] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.633681][ T4216] SELinux: Context Ü is not valid (left unmapped). [ 49.701618][ T2760] bond_slave_0: left promiscuous mode [ 49.701652][ T2760] bond_slave_1: left promiscuous mode [ 49.755847][ T4221] loop2: detected capacity change from 0 to 512 [ 49.788774][ T4221] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.312: casefold flag without casefold feature [ 49.793965][ T4221] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.312: couldn't read orphan inode 15 (err -117) [ 49.796701][ T4221] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.956354][ T2760] team0: Port device macvlan2 removed [ 49.974743][ T2760] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 49.977046][ T2760] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 49.978742][ T2760] bond0 (unregistering): Released all slaves [ 50.032977][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.085037][ T2760] hsr_slave_0: left promiscuous mode [ 50.125235][ T2760] hsr_slave_1: left promiscuous mode [ 50.132474][ T2760] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 50.140009][ T2760] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 50.186607][ T4232] loop2: detected capacity change from 0 to 1024 [ 50.205794][ T2760] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 50.213316][ T2760] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 50.231695][ T4232] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 50.251111][ T2760] veth1_macvtap: left promiscuous mode [ 50.263915][ T2760] veth0_macvtap: left promiscuous mode [ 50.279611][ T2760] veth1_vlan: left promiscuous mode [ 50.285003][ T2760] veth0_vlan: left promiscuous mode [ 50.353987][ T4232] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 50.385513][ T4232] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: block 1: comm syz.2.315: lblock 1 mapped to illegal pblock 1 (length 3) [ 50.419198][ T4238] loop4: detected capacity change from 0 to 1024 [ 50.429868][ T4232] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 117 [ 50.442342][ T4232] EXT4-fs (loop2): This should not happen!! Data will be lost [ 50.442342][ T4232] [ 50.488053][ T4238] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 50.543948][ T2760] team0 (unregistering): Port device team_slave_1 removed [ 50.565618][ T2760] team0 (unregistering): Port device team_slave_0 removed [ 50.575288][ T1594] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 3) [ 50.609033][ T1594] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 117 [ 50.621437][ T1594] EXT4-fs (loop2): This should not happen!! Data will be lost [ 50.621437][ T1594] [ 50.641731][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.661844][ T4188] chnl_net:caif_netlink_parms(): no params data found [ 50.724303][ T4188] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.731523][ T4188] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.743465][ T4188] bridge_slave_0: entered allmulticast mode [ 50.750064][ T4188] bridge_slave_0: entered promiscuous mode [ 50.761567][ T4252] loop2: detected capacity change from 0 to 256 [ 50.768897][ T4188] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.776139][ T4188] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.783282][ T4252] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001) [ 50.783495][ T4188] bridge_slave_1: entered allmulticast mode [ 50.791161][ T4252] FAT-fs (loop2): Filesystem has been set read-only [ 50.797730][ T4188] bridge_slave_1: entered promiscuous mode [ 50.811144][ T29] kauditd_printk_skb: 115 callbacks suppressed [ 50.811159][ T29] audit: type=1326 audit(2000000001.950:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4253 comm="syz.0.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f251423ebe9 code=0x7ffc0000 [ 50.840978][ T29] audit: type=1326 audit(2000000001.950:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4253 comm="syz.0.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f251423ebe9 code=0x7ffc0000 [ 50.864248][ T29] audit: type=1326 audit(2000000001.950:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4253 comm="syz.0.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f251423ebe9 code=0x7ffc0000 [ 50.887481][ T29] audit: type=1326 audit(2000000001.950:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4253 comm="syz.0.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f251423ebe9 code=0x7ffc0000 [ 50.910834][ T29] audit: type=1326 audit(2000000001.950:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4253 comm="syz.0.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f251423ebe9 code=0x7ffc0000 [ 50.934151][ T29] audit: type=1326 audit(2000000001.950:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4253 comm="syz.0.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f251423ebe9 code=0x7ffc0000 [ 50.957613][ T29] audit: type=1326 audit(2000000001.950:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4253 comm="syz.0.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f251423ebe9 code=0x7ffc0000 [ 50.980918][ T29] audit: type=1326 audit(2000000001.950:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4253 comm="syz.0.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7f251423ebe9 code=0x7ffc0000 [ 51.004359][ T29] audit: type=1326 audit(2000000001.950:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4253 comm="syz.0.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f251423ebe9 code=0x7ffc0000 [ 51.027932][ T29] audit: type=1326 audit(2000000001.950:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4253 comm="syz.0.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f251423ebe9 code=0x7ffc0000 [ 51.080781][ T4188] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 51.094914][ T4188] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.131145][ T4188] team0: Port device team_slave_0 added [ 51.138870][ T4188] team0: Port device team_slave_1 added [ 51.170732][ T4188] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 51.175470][ T4270] cgroup2: Unknown parameter 'mode' [ 51.177757][ T4188] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.208878][ T4188] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 51.220540][ T4188] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 51.227594][ T4188] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.253637][ T4188] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.295716][ T4188] hsr_slave_0: entered promiscuous mode [ 51.301839][ T4188] hsr_slave_1: entered promiscuous mode [ 51.309358][ T4188] debugfs: 'hsr0' already exists in 'hsr' [ 51.315231][ T4188] Cannot create hsr debugfs directory [ 51.343968][ T4279] loop2: detected capacity change from 0 to 1024 [ 51.376660][ T4279] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 51.387664][ T4279] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 51.414164][ T4279] JBD2: no valid journal superblock found [ 51.419935][ T4279] EXT4-fs (loop2): Could not load journal inode [ 51.446671][ T4279] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 51.473769][ T4188] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 51.496395][ T4188] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 51.505397][ T4188] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 51.515546][ T4188] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 51.577512][ T4244] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.588944][ T1594] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.637495][ T4188] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.666149][ T1594] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.689449][ T4318] loop1: detected capacity change from 0 to 512 [ 51.699254][ T4188] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.710176][ T4318] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 51.723175][ T4318] EXT4-fs (loop1): orphan cleanup on readonly fs [ 51.731513][ T1594] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.743635][ T4318] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.351: bg 0: block 248: padding at end of block bitmap is not set [ 51.764155][ T3463] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.771220][ T3463] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.780438][ T4318] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.351: Failed to acquire dquot type 1 [ 51.799359][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.806501][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.815789][ T4318] EXT4-fs (loop1): 1 truncate cleaned up [ 51.825321][ T1594] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.835351][ T4318] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 51.882022][ T4318] syz.1.351 (4318) used greatest stack depth: 9552 bytes left [ 51.890165][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.904850][ T4339] Zero length message leads to an empty skb [ 51.929468][ T4337] vhci_hcd: invalid port number 96 [ 51.934740][ T4337] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 51.941925][ T1594] bridge_slave_1: left allmulticast mode [ 51.947741][ T1594] bridge_slave_1: left promiscuous mode [ 51.953407][ T1594] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.007125][ T1594] bridge_slave_0: left promiscuous mode [ 52.007819][ T4352] loop0: detected capacity change from 0 to 128 [ 52.013039][ T1594] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.033632][ T4352] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 52.062237][ T4352] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 52.157116][ T1594] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 52.168971][ T1594] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 52.188812][ T1594] bond0 (unregistering): Released all slaves [ 52.212345][ T4188] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.287152][ T4378] 9pnet_fd: Insufficient options for proto=fd [ 52.307242][ T1594] hsr_slave_0: left promiscuous mode [ 52.308157][ T4382] vxcan0: tx drop: invalid da for name 0x0000020000000000 [ 52.320981][ T1594] hsr_slave_1: left promiscuous mode [ 52.336582][ T1594] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 52.344158][ T1594] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 52.359620][ T1594] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 52.367319][ T1594] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 52.381327][ T1594] veth1_macvtap: left promiscuous mode [ 52.387821][ T1594] veth0_macvtap: left promiscuous mode [ 52.393346][ T1594] veth1_vlan: left promiscuous mode [ 52.399920][ T1594] veth0_vlan: left promiscuous mode [ 52.453664][ T4399] loop0: detected capacity change from 0 to 512 [ 52.463709][ T4399] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 52.477943][ T4399] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 52.488734][ T1594] team0 (unregistering): Port device team_slave_1 removed [ 52.499706][ T1594] team0 (unregistering): Port device team_slave_0 removed [ 52.510866][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.574023][ T4390] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 52.612251][ T4327] chnl_net:caif_netlink_parms(): no params data found [ 52.720050][ T4327] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.727188][ T4327] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.741090][ T4327] bridge_slave_0: entered allmulticast mode [ 52.748292][ T4327] bridge_slave_0: entered promiscuous mode [ 52.756721][ T4327] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.763863][ T4327] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.771660][ T4327] bridge_slave_1: entered allmulticast mode [ 52.778435][ T4327] bridge_slave_1: entered promiscuous mode [ 52.817262][ T4327] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.832320][ T4188] veth0_vlan: entered promiscuous mode [ 52.855359][ T4188] veth1_vlan: entered promiscuous mode [ 52.863468][ T4327] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.884808][ T4188] veth0_macvtap: entered promiscuous mode [ 52.900137][ T4188] veth1_macvtap: entered promiscuous mode [ 52.916795][ T4327] team0: Port device team_slave_0 added [ 52.925400][ T4441] netlink: 100 bytes leftover after parsing attributes in process `syz.2.390'. [ 52.938218][ T4188] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 52.949201][ T4327] team0: Port device team_slave_1 added [ 52.969154][ T4188] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 52.978799][ T4327] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.985792][ T4327] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.011870][ T4327] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.033513][ T1594] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.048348][ T4327] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.055439][ T4327] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.081376][ T4327] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.130088][ T1594] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.168089][ T4327] hsr_slave_0: entered promiscuous mode [ 53.213559][ T4327] hsr_slave_1: entered promiscuous mode [ 53.232371][ T1594] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.277331][ T1594] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.464359][ T4327] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 53.491682][ T4327] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 53.512334][ T4327] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 53.529280][ T4327] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 53.635148][ T4327] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.658673][ T4327] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.681149][ T1594] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.688329][ T1594] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.723418][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.730592][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.805937][ T4475] netlink: 'syz.5.401': attribute type 1 has an invalid length. [ 53.886984][ T4485] loop5: detected capacity change from 0 to 128 [ 53.897527][ T4489] netlink: 'syz.0.405': attribute type 21 has an invalid length. [ 53.964032][ T4327] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.031997][ T1594] kworker/u8:5: attempt to access beyond end of device [ 54.031997][ T1594] loop5: rw=1, sector=153, nr_sectors = 8 limit=128 [ 54.065089][ T1594] kworker/u8:5: attempt to access beyond end of device [ 54.065089][ T1594] loop5: rw=1, sector=169, nr_sectors = 8 limit=128 [ 54.089484][ T1594] kworker/u8:5: attempt to access beyond end of device [ 54.089484][ T1594] loop5: rw=1, sector=185, nr_sectors = 8 limit=128 [ 54.112730][ T4498] loop2: detected capacity change from 0 to 1024 [ 54.119531][ T1594] kworker/u8:5: attempt to access beyond end of device [ 54.119531][ T1594] loop5: rw=1, sector=201, nr_sectors = 8 limit=128 [ 54.125835][ T4498] EXT4-fs: inline encryption not supported [ 54.157993][ T1594] kworker/u8:5: attempt to access beyond end of device [ 54.157993][ T1594] loop5: rw=1, sector=217, nr_sectors = 8 limit=128 [ 54.174016][ T4498] EXT4-fs (loop2): can't mount with commit=, fs mounted w/o journal [ 54.194236][ T1594] kworker/u8:5: attempt to access beyond end of device [ 54.194236][ T1594] loop5: rw=1, sector=233, nr_sectors = 8 limit=128 [ 54.233854][ T1594] kworker/u8:5: attempt to access beyond end of device [ 54.233854][ T1594] loop5: rw=1, sector=249, nr_sectors = 8 limit=128 [ 54.263897][ T1594] kworker/u8:5: attempt to access beyond end of device [ 54.263897][ T1594] loop5: rw=1, sector=265, nr_sectors = 8 limit=128 [ 54.277301][ T1594] kworker/u8:5: attempt to access beyond end of device [ 54.277301][ T1594] loop5: rw=1, sector=281, nr_sectors = 8 limit=128 [ 54.305937][ T1594] kworker/u8:5: attempt to access beyond end of device [ 54.305937][ T1594] loop5: rw=1, sector=297, nr_sectors = 8 limit=128 [ 54.383044][ T4327] veth0_vlan: entered promiscuous mode [ 54.408631][ T4327] veth1_vlan: entered promiscuous mode [ 54.415469][ T4530] loop2: detected capacity change from 0 to 512 [ 54.439194][ T4530] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 54.458503][ T4530] ext4 filesystem being mounted at /83/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 54.458949][ T4327] veth0_macvtap: entered promiscuous mode [ 54.510327][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.529836][ T4327] veth1_macvtap: entered promiscuous mode [ 54.580164][ T4327] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.605638][ T4327] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.624494][ T3463] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.657196][ T3463] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.679554][ T3463] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.699704][ T3463] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.777935][ T4564] __nla_validate_parse: 2 callbacks suppressed [ 54.777953][ T4564] netlink: 28 bytes leftover after parsing attributes in process `syz.0.432'. [ 54.811821][ T4571] netlink: 8 bytes leftover after parsing attributes in process `syz.6.435'. [ 54.823301][ T4571] netlink: 8 bytes leftover after parsing attributes in process `syz.6.435'. [ 54.835450][ T4571] netlink: 8 bytes leftover after parsing attributes in process `syz.6.435'. [ 54.863717][ T4571] netlink: 8 bytes leftover after parsing attributes in process `syz.6.435'. [ 54.994071][ T4577] bond1: entered promiscuous mode [ 54.999249][ T4577] bond1: entered allmulticast mode [ 55.041439][ T4577] 8021q: adding VLAN 0 to HW filter on device bond1 [ 55.089558][ T4577] bond1 (unregistering): Released all slaves [ 55.105838][ T4586] netlink: 4 bytes leftover after parsing attributes in process `syz.2.443'. [ 55.390284][ T4605] loop0: detected capacity change from 0 to 1024 [ 55.416269][ T4605] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 55.459663][ T4615] loop5: detected capacity change from 0 to 256 [ 55.472959][ T4617] netlink: 500 bytes leftover after parsing attributes in process `wÞ£ÿ'. [ 55.517981][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.649163][ T4634] random: crng reseeded on system resumption [ 55.670307][ T4636] netlink: 'syz.5.465': attribute type 10 has an invalid length. [ 55.691989][ T4636] team0: Port device dummy0 added [ 55.701199][ T4636] netlink: 'syz.5.465': attribute type 10 has an invalid length. [ 55.747562][ T4646] TCP: tcp_parse_options: Illegal window scaling value 236 > 14 received [ 55.773003][ T4636] team0: Port device dummy0 removed [ 55.786195][ T4636] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 55.818631][ T29] kauditd_printk_skb: 219 callbacks suppressed [ 55.818648][ T29] audit: type=1400 audit(2000000006.950:690): avc: denied { ioctl } for pid=4651 comm="syz.0.473" path="socket:[9670]" dev="sockfs" ino=9670 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 55.872894][ T29] audit: type=1400 audit(2000000007.000:691): avc: denied { write } for pid=4655 comm="syz.0.475" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 55.873300][ T4654] loop6: detected capacity change from 0 to 512 [ 55.905876][ T4656] vhci_hcd: invalid port number 96 [ 55.911039][ T4656] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 55.922770][ T29] audit: type=1400 audit(2000000007.040:692): avc: denied { map } for pid=4655 comm="syz.0.475" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 55.994911][ T29] audit: type=1400 audit(2000000007.130:693): avc: denied { bind } for pid=4661 comm="syz.6.478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 56.014225][ T29] audit: type=1400 audit(2000000007.130:694): avc: denied { name_bind } for pid=4661 comm="syz.6.478" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 56.035966][ T29] audit: type=1400 audit(2000000007.130:695): avc: denied { node_bind } for pid=4661 comm="syz.6.478" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 [ 56.100689][ T29] audit: type=1400 audit(2000000007.230:696): avc: denied { read } for pid=4663 comm="syz.1.479" path="socket:[9020]" dev="sockfs" ino=9020 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 56.181184][ T29] audit: type=1400 audit(2000000007.310:697): avc: denied { shutdown } for pid=4661 comm="syz.6.478" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 56.279128][ T29] audit: type=1400 audit(2000000007.410:698): avc: denied { setopt } for pid=4679 comm="syz.0.485" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 56.302990][ T4680] dvmrp0: entered allmulticast mode [ 56.347911][ T4683] loop0: detected capacity change from 0 to 1024 [ 56.357448][ T4683] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 56.368931][ T29] audit: type=1400 audit(2000000007.490:699): avc: denied { read } for pid=4684 comm="syz.2.487" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 56.392033][ T4683] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 56.401782][ T4683] EXT4-fs (loop0): orphan cleanup on readonly fs [ 56.410146][ T4683] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.486: Failed to acquire dquot type 0 [ 56.421593][ T4683] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.486: Failed to acquire dquot type 0 [ 56.434550][ T4683] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.486: Freeing blocks not in datazone - block = 0, count = 4096 [ 56.448260][ T4683] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.486: Failed to acquire dquot type 0 [ 56.459625][ T4683] EXT4-fs (loop0): 1 orphan inode deleted [ 56.468175][ T4683] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 56.493516][ T4693] netlink: 8 bytes leftover after parsing attributes in process `syz.2.489'. [ 56.503230][ T4683] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 16: comm syz.0.486: path /108/file1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 56.513386][ T4693] netlink: 8 bytes leftover after parsing attributes in process `syz.2.489'. [ 56.541483][ T4693] netlink: 8 bytes leftover after parsing attributes in process `syz.2.489'. [ 56.560008][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.628535][ T4701] TCP: tcp_parse_options: Illegal window scaling value 236 > 14 received [ 56.822235][ T4745] hub 9-0:1.0: USB hub found [ 56.846575][ T4745] hub 9-0:1.0: 8 ports detected [ 56.847502][ T4749] loop1: detected capacity change from 0 to 1024 [ 56.893319][ T4749] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 57.026440][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.409926][ T4787] random: crng reseeded on system resumption [ 57.461230][ T4789] hub 9-0:1.0: USB hub found [ 57.470107][ T4789] hub 9-0:1.0: 8 ports detected [ 57.570686][ T4802] loop6: detected capacity change from 0 to 1024 [ 57.585316][ T4806] loop1: detected capacity change from 0 to 512 [ 57.599465][ T4802] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 57.770767][ T4327] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.853557][ T4829] hub 9-0:1.0: USB hub found [ 57.864057][ T4829] hub 9-0:1.0: 8 ports detected [ 57.903279][ T4825] loop6: detected capacity change from 0 to 8192 [ 57.984413][ T4838] loop5: detected capacity change from 0 to 512 [ 58.126826][ T4857] random: crng reseeded on system resumption [ 58.222633][ T4867] hub 9-0:1.0: USB hub found [ 58.235305][ T4867] hub 9-0:1.0: 8 ports detected [ 58.300229][ T4866] loop1: detected capacity change from 0 to 8192 [ 58.944340][ T4908] loop5: detected capacity change from 0 to 8192 [ 59.039888][ T4929] dvmrp0: entered allmulticast mode [ 59.101295][ T4932] loop2: detected capacity change from 0 to 128 [ 59.301958][ T3463] bio_check_eod: 102 callbacks suppressed [ 59.301976][ T3463] kworker/u8:7: attempt to access beyond end of device [ 59.301976][ T3463] loop2: rw=1, sector=153, nr_sectors = 8 limit=128 [ 59.327881][ T3463] kworker/u8:7: attempt to access beyond end of device [ 59.327881][ T3463] loop2: rw=1, sector=169, nr_sectors = 8 limit=128 [ 59.342958][ T3463] kworker/u8:7: attempt to access beyond end of device [ 59.342958][ T3463] loop2: rw=1, sector=185, nr_sectors = 8 limit=128 [ 59.358100][ T3463] kworker/u8:7: attempt to access beyond end of device [ 59.358100][ T3463] loop2: rw=1, sector=201, nr_sectors = 8 limit=128 [ 59.371746][ T3463] kworker/u8:7: attempt to access beyond end of device [ 59.371746][ T3463] loop2: rw=1, sector=217, nr_sectors = 8 limit=128 [ 59.385498][ T3463] kworker/u8:7: attempt to access beyond end of device [ 59.385498][ T3463] loop2: rw=1, sector=233, nr_sectors = 8 limit=128 [ 59.429966][ T3463] kworker/u8:7: attempt to access beyond end of device [ 59.429966][ T3463] loop2: rw=1, sector=249, nr_sectors = 8 limit=128 [ 59.443603][ T3463] kworker/u8:7: attempt to access beyond end of device [ 59.443603][ T3463] loop2: rw=1, sector=265, nr_sectors = 8 limit=128 [ 59.479568][ T3463] kworker/u8:7: attempt to access beyond end of device [ 59.479568][ T3463] loop2: rw=1, sector=281, nr_sectors = 8 limit=128 [ 59.499937][ T3463] kworker/u8:7: attempt to access beyond end of device [ 59.499937][ T3463] loop2: rw=1, sector=297, nr_sectors = 8 limit=128 [ 59.530999][ T4959] dvmrp0: entered allmulticast mode [ 59.635151][ T4971] vhci_hcd: default hub control req: 0310 v0006 i0003 l0 [ 59.662353][ T4976] loop5: detected capacity change from 0 to 1024 [ 59.693448][ T4981] syz_tun: entered allmulticast mode [ 59.700881][ T4979] loop1: detected capacity change from 0 to 1024 [ 59.703091][ T4980] syz_tun: left allmulticast mode [ 59.717094][ T4976] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 59.733309][ T4979] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 59.740760][ T4987] loop2: detected capacity change from 0 to 1024 [ 59.744321][ T4979] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 59.762293][ T4987] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 59.787192][ T4987] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 59.810246][ T4979] JBD2: no valid journal superblock found [ 59.816182][ T4979] EXT4-fs (loop1): Could not load journal inode [ 59.835865][ T4987] EXT4-fs (loop2): orphan cleanup on readonly fs [ 59.837785][ T4188] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.879225][ T4979] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 59.889550][ T4987] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.613: Failed to acquire dquot type 0 [ 59.927485][ T4987] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.613: Failed to acquire dquot type 0 [ 59.939652][ T4987] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.613: Freeing blocks not in datazone - block = 0, count = 4096 [ 59.953603][ T4987] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.613: Failed to acquire dquot type 0 [ 59.957658][ T5000] __nla_validate_parse: 6 callbacks suppressed [ 59.957674][ T5000] netlink: 96 bytes leftover after parsing attributes in process `syz.5.619'. [ 59.974070][ T4987] EXT4-fs (loop2): 1 orphan inode deleted [ 59.986611][ T4987] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 60.049046][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.115915][ T5018] loop1: detected capacity change from 0 to 128 [ 60.226253][ T5031] syz_tun: entered allmulticast mode [ 60.235827][ T5030] syz_tun: left allmulticast mode [ 60.292354][ T5036] loop6: detected capacity change from 0 to 1024 [ 60.328257][ T5036] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 60.345563][ T5036] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 60.355061][ T5036] EXT4-fs (loop6): orphan cleanup on readonly fs [ 60.362289][ T5036] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.636: Failed to acquire dquot type 0 [ 60.387471][ T5036] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.636: Failed to acquire dquot type 0 [ 60.402657][ T5036] EXT4-fs error (device loop6): ext4_free_blocks:6696: comm syz.6.636: Freeing blocks not in datazone - block = 0, count = 4096 [ 60.416513][ T5036] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.636: Failed to acquire dquot type 0 [ 60.428067][ T5036] EXT4-fs (loop6): 1 orphan inode deleted [ 60.434323][ T5043] netdevsim netdevsim2: Direct firmware load for ./file0/file1 failed with error -2 [ 60.454239][ T5036] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 60.480225][ T5036] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 16: comm syz.6.636: path /43/file1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 60.528042][ T4327] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.611330][ T5064] vhci_hcd: default hub control req: 0310 v0006 i0003 l0 [ 60.777107][ T5086] loop1: detected capacity change from 0 to 1024 [ 60.794522][ T5086] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 60.810300][ T5093] netlink: 'syz.2.660': attribute type 1 has an invalid length. [ 60.820094][ T5086] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 60.839320][ T5086] EXT4-fs (loop1): orphan cleanup on readonly fs [ 60.854603][ T5086] __quota_error: 253 callbacks suppressed [ 60.854619][ T5086] Quota error (device loop1): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 60.875353][ T5086] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 60.894566][ T5086] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.657: Failed to acquire dquot type 0 [ 60.906602][ T5086] Quota error (device loop1): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 60.916639][ T5086] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 60.926932][ T5086] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.657: Failed to acquire dquot type 0 [ 60.938453][ T5086] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.657: Freeing blocks not in datazone - block = 0, count = 4096 [ 60.952961][ T5086] Quota error (device loop1): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 60.963051][ T5086] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 60.973145][ T5086] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.657: Failed to acquire dquot type 0 [ 60.984672][ T5086] EXT4-fs (loop1): 1 orphan inode deleted [ 60.992795][ T29] audit: type=1400 audit(2000000012.130:935): avc: denied { execute } for pid=5105 comm="syz.2.676" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=10683 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 61.037832][ T5086] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 61.060916][ T5086] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 16: comm syz.1.657: path /132/file1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 61.089242][ T5116] netlink: 20 bytes leftover after parsing attributes in process `syz.5.671'. [ 61.129136][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.141189][ T29] audit: type=1400 audit(2000000000.060:936): avc: denied { create } for pid=5121 comm="syz.2.674" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 61.182897][ T5124] loop6: detected capacity change from 0 to 128 [ 61.196626][ T29] audit: type=1326 audit(2000000000.090:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5123 comm="syz.6.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34938eebe9 code=0x7ffc0000 [ 61.220228][ T29] audit: type=1326 audit(2000000000.090:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5123 comm="syz.6.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34938eebe9 code=0x7ffc0000 [ 61.220511][ T5124] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 61.275064][ T5124] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 61.307151][ T5130] loop2: detected capacity change from 0 to 512 [ 61.330837][ T5130] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 61.390259][ T5130] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 61.409288][ T5130] ext4 filesystem being mounted at /131/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.490758][ T5130] EXT4-fs (loop2): shut down requested (0) [ 61.508289][ T5130] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop2 ino=12 [ 61.521177][ T5130] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop2 ino=12 [ 61.548015][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.598988][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.648554][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.733623][ T5179] netlink: 'syz.2.699': attribute type 16 has an invalid length. [ 61.741565][ T5179] netlink: 'syz.2.699': attribute type 3 has an invalid length. [ 61.749284][ T5179] netlink: 64066 bytes leftover after parsing attributes in process `syz.2.699'. [ 61.761516][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.829367][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.890357][ T5195] loop5: detected capacity change from 0 to 512 [ 61.910858][ T5195] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 61.945972][ T5195] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 61.959990][ T5195] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.989055][ T5195] EXT4-fs (loop5): shut down requested (0) [ 61.996641][ T12] bridge_slave_1: left allmulticast mode [ 62.002326][ T12] bridge_slave_1: left promiscuous mode [ 62.008051][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.036462][ T5195] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop5 ino=12 [ 62.050048][ T5195] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop5 ino=12 [ 62.068169][ T12] bridge_slave_0: left allmulticast mode [ 62.073986][ T12] bridge_slave_0: left promiscuous mode [ 62.079761][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.118447][ T4188] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.213367][ T12] dvmrp0 (unregistering): left allmulticast mode [ 62.296859][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 62.323646][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 62.367581][ T12] bond0 (unregistering): Released all slaves [ 62.379191][ T5172] chnl_net:caif_netlink_parms(): no params data found [ 62.419506][ T5215] netlink: 40 bytes leftover after parsing attributes in process `syz.5.709'. [ 62.438709][ T5172] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.445909][ T5172] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.453762][ T5172] bridge_slave_0: entered allmulticast mode [ 62.472767][ T5172] bridge_slave_0: entered promiscuous mode [ 62.485045][ T5172] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.492222][ T5172] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.522586][ T5172] bridge_slave_1: entered allmulticast mode [ 62.536380][ T5172] bridge_slave_1: entered promiscuous mode [ 62.557190][ T12] hsr_slave_0: left promiscuous mode [ 62.565182][ T12] hsr_slave_1: left promiscuous mode [ 62.584346][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 62.591798][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 62.612933][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 62.620443][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 62.644981][ T12] veth1_macvtap: left promiscuous mode [ 62.664206][ T12] veth0_macvtap: left promiscuous mode [ 62.669820][ T12] veth1_vlan: left promiscuous mode [ 62.703964][ T12] veth0_vlan: left promiscuous mode [ 62.729030][ T5225] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5225 comm=syz.1.715 [ 62.741583][ T5225] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5225 comm=syz.1.715 [ 62.830072][ T5235] loop6: detected capacity change from 0 to 1024 [ 62.872947][ T12] team0 (unregistering): Port device team_slave_1 removed [ 62.883066][ T12] team0 (unregistering): Port device team_slave_0 removed [ 62.890941][ T5235] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.965056][ T4327] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.981509][ T5172] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.006710][ T5172] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.029632][ T5172] team0: Port device team_slave_0 added [ 63.036885][ T5172] team0: Port device team_slave_1 added [ 63.066939][ T5172] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.074024][ T5172] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.100000][ T5172] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.117316][ T5172] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.124416][ T5172] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.150473][ T5172] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.193289][ T5172] hsr_slave_0: entered promiscuous mode [ 63.200000][ T5172] hsr_slave_1: entered promiscuous mode [ 63.206210][ T5172] debugfs: 'hsr0' already exists in 'hsr' [ 63.211957][ T5172] Cannot create hsr debugfs directory [ 63.258126][ T5276] loop5: detected capacity change from 0 to 512 [ 63.294714][ T5276] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.317148][ T5276] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.410920][ T5297] loop1: detected capacity change from 0 to 256 [ 63.431914][ T5297] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) [ 63.439924][ T5297] FAT-fs (loop1): Filesystem has been set read-only [ 63.474327][ T5172] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 63.486203][ T5172] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 63.505417][ T5172] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 63.521422][ T5172] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 63.561258][ T5172] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.592215][ T5172] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.601114][ T4188] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.615361][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.622563][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.636677][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.643892][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.696383][ T5322] netlink: 100 bytes leftover after parsing attributes in process `syz.6.752'. [ 63.735893][ T5332] loop6: detected capacity change from 0 to 512 [ 63.743510][ T5172] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.757215][ T5332] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.771401][ T5332] ext4 filesystem being mounted at /78/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 63.862501][ T5350] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5350 comm=syz.5.756 [ 63.875090][ T5350] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5350 comm=syz.5.756 [ 63.949242][ T5172] veth0_vlan: entered promiscuous mode [ 63.969558][ T5359] loop1: detected capacity change from 0 to 512 [ 63.976928][ T5172] veth1_vlan: entered promiscuous mode [ 63.998745][ T4327] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.011874][ T5359] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.024283][ T5172] veth0_macvtap: entered promiscuous mode [ 64.032125][ T5172] veth1_macvtap: entered promiscuous mode [ 64.043919][ T5359] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 64.060183][ T5172] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.071730][ T5172] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.082986][ T2760] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.116397][ T2760] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.128388][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.130063][ T2760] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.146408][ T2760] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.291387][ T5379] loop7: detected capacity change from 0 to 512 [ 64.298411][ T5379] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 64.352361][ T5379] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.388232][ T5379] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 64.414911][ T5386] SELinux: failed to load policy [ 64.440260][ T5379] EXT4-fs (loop7): shut down requested (0) [ 64.476053][ T5379] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop7 ino=12 [ 64.488239][ T5379] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop7 ino=12 [ 64.507882][ T5172] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.572116][ T5396] vhci_hcd: invalid port number 96 [ 64.577353][ T5396] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 64.585522][ T5399] loop1: detected capacity change from 0 to 1024 [ 64.592299][ T5399] EXT4-fs: inline encryption not supported [ 64.635382][ T5399] EXT4-fs (loop1): can't mount with commit=, fs mounted w/o journal [ 64.653691][ T5405] loop7: detected capacity change from 0 to 512 [ 64.675314][ T5405] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.690172][ T5405] ext4 filesystem being mounted at /4/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 64.778121][ T5416] ALSA: seq fatal error: cannot create timer (-19) [ 64.833477][ T5172] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.864008][ T5425] loop2: detected capacity change from 0 to 1024 [ 64.876373][ T5427] vhci_hcd: invalid port number 96 [ 64.881600][ T5427] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 64.893434][ T5425] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.900067][ T5433] netlink: 'syz.1.789': attribute type 1 has an invalid length. [ 64.913632][ T5433] netlink: 224 bytes leftover after parsing attributes in process `syz.1.789'. [ 65.010778][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.076756][ T5454] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 65.104082][ T5453] loop1: detected capacity change from 0 to 512 [ 65.176986][ T5453] ext4 filesystem being mounted at /164/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 65.204409][ T5460] ALSA: seq fatal error: cannot create timer (-19) [ 65.237711][ T5469] netlink: 40 bytes leftover after parsing attributes in process `syz.7.801'. [ 65.259319][ T5467] bond1: entered promiscuous mode [ 65.264522][ T5467] bond1: entered allmulticast mode [ 65.280255][ T5467] 8021q: adding VLAN 0 to HW filter on device bond1 [ 65.299509][ T5467] bond1 (unregistering): Released all slaves [ 65.338517][ T5478] loop7: detected capacity change from 0 to 128 [ 65.358734][ T5478] FAT-fs (loop7): Directory bread(block 32) failed [ 65.365447][ T5478] FAT-fs (loop7): Directory bread(block 33) failed [ 65.373158][ T5479] syz.1.804 uses obsolete (PF_INET,SOCK_PACKET) [ 65.375527][ T5478] FAT-fs (loop7): Directory bread(block 34) failed [ 65.407155][ T5478] FAT-fs (loop7): Directory bread(block 35) failed [ 65.415408][ T5478] FAT-fs (loop7): Directory bread(block 36) failed [ 65.422776][ T5478] FAT-fs (loop7): Directory bread(block 37) failed [ 65.429578][ T5478] FAT-fs (loop7): Directory bread(block 38) failed [ 65.438533][ T5478] FAT-fs (loop7): Directory bread(block 39) failed [ 65.445876][ T5478] FAT-fs (loop7): Directory bread(block 40) failed [ 65.452650][ T5478] FAT-fs (loop7): Directory bread(block 41) failed [ 65.571402][ T5492] netlink: 60 bytes leftover after parsing attributes in process `syz.1.823'. [ 65.580455][ T5492] netlink: 60 bytes leftover after parsing attributes in process `syz.1.823'. [ 65.616583][ T5492] netlink: 60 bytes leftover after parsing attributes in process `syz.1.823'. [ 65.625664][ T5492] netlink: 60 bytes leftover after parsing attributes in process `syz.1.823'. [ 65.658836][ T5492] netlink: 60 bytes leftover after parsing attributes in process `syz.1.823'. [ 65.668012][ T5492] netlink: 60 bytes leftover after parsing attributes in process `syz.1.823'. [ 65.782026][ T5500] netlink: 40 bytes leftover after parsing attributes in process `syz.2.817'. [ 65.809072][ T5507] loop6: detected capacity change from 0 to 512 [ 65.821524][ T5502] ALSA: seq fatal error: cannot create timer (-19) [ 65.832821][ T5507] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 65.848782][ T5513] loop7: detected capacity change from 0 to 1024 [ 65.872987][ T29] kauditd_printk_skb: 127 callbacks suppressed [ 65.873001][ T29] audit: type=1400 audit(2000000004.790:1066): avc: denied { create } for pid=5515 comm="syz.1.821" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 65.886829][ T5516] loop1: detected capacity change from 0 to 512 [ 65.927549][ T5516] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 65.937733][ T5516] EXT4-fs (loop1): invalid journal inode [ 65.943418][ T5516] EXT4-fs (loop1): can't get journal size [ 65.946346][ T29] audit: type=1326 audit(2000000004.860:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5519 comm="syz.6.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34938eebe9 code=0x7ffc0000 [ 65.950574][ T5516] EXT4-fs (loop1): 1 truncate cleaned up [ 65.986267][ T29] audit: type=1326 audit(2000000004.900:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5519 comm="syz.6.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7f34938eebe9 code=0x7ffc0000 [ 65.988745][ T5516] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.821: bg 0: block 255: padding at end of block bitmap is not set [ 66.009788][ T29] audit: type=1326 audit(2000000004.900:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5519 comm="syz.6.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34938eebe9 code=0x7ffc0000 [ 66.053005][ T29] audit: type=1400 audit(2000000004.970:1070): avc: denied { ioctl } for pid=5515 comm="syz.1.821" path="socket:[11994]" dev="sockfs" ino=11994 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 66.080912][ T5516] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 66.295714][ T5550] ALSA: seq fatal error: cannot create timer (-19) [ 66.302770][ T37] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 66.426176][ T5561] netlink: 16 bytes leftover after parsing attributes in process `syz.7.837'. [ 66.581863][ T5571] loop5: detected capacity change from 0 to 1024 [ 66.622039][ T5578] syzkaller0: entered allmulticast mode [ 66.630533][ T5578] syzkaller0 (unregistering): left allmulticast mode [ 66.772738][ T5584] $Hÿ: renamed from bond0 (while UP) [ 66.780150][ T5584] $Hÿ: entered promiscuous mode [ 66.785241][ T5584] bond_slave_0: entered promiscuous mode [ 66.790973][ T5584] bond_slave_1: entered promiscuous mode [ 66.902475][ T29] audit: type=1400 audit(2000000005.820:1071): avc: denied { mount } for pid=5590 comm="syz.1.849" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 67.064758][ T5573] netlink: 'syz.7.841': attribute type 1 has an invalid length. [ 67.072455][ T5573] netlink: 224 bytes leftover after parsing attributes in process `syz.7.841'. [ 67.216074][ T5610] SELinux: failed to load policy [ 67.232673][ T29] audit: type=1400 audit(2000000006.150:1072): avc: denied { mounton } for pid=5613 comm="syz.5.858" path="/108/bus" dev="tmpfs" ino=577 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 67.314159][ T29] audit: type=1400 audit(2000000006.190:1073): avc: denied { unmount } for pid=4188 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 67.334441][ T29] audit: type=1400 audit(2000000006.200:1074): avc: denied { watch watch_reads } for pid=5618 comm="syz.5.861" path="/109" dev="tmpfs" ino=578 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 67.572688][ T29] audit: type=1326 audit(2000000006.490:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5627 comm="syz.5.866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17ca34ebe9 code=0x7ffc0000 [ 67.638640][ T5629] serio: Serial port ptm0 [ 67.662330][ T5638] loop5: detected capacity change from 0 to 1024 [ 67.669497][ T5638] EXT4-fs: inline encryption not supported [ 67.719172][ T5638] EXT4-fs (loop5): can't mount with commit=, fs mounted w/o journal [ 67.863707][ T5652] loop5: detected capacity change from 0 to 512 [ 67.873368][ T5652] EXT4-fs: Ignoring removed nomblk_io_submit option [ 67.880122][ T5652] EXT4-fs: Ignoring removed mblk_io_submit option [ 67.891556][ T5652] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 67.909860][ T5652] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2 [ 67.918566][ T5652] EXT4-fs (loop5): 1 truncate cleaned up [ 67.927915][ T5652] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #2: block 4: comm syz.5.877: lblock 0 mapped to illegal pblock 4 (length 1) [ 67.943856][ T5652] EXT4-fs (loop5): Remounting filesystem read-only [ 68.048836][ T5669] netlink: 'syz.6.884': attribute type 29 has an invalid length. [ 68.084043][ T5669] netlink: 'syz.6.884': attribute type 29 has an invalid length. [ 68.122604][ T5675] serio: Serial port ptm0 [ 68.182554][ T5687] loop6: detected capacity change from 0 to 512 [ 68.192662][ T5687] EXT4-fs: Ignoring removed nomblk_io_submit option [ 68.205763][ T5687] EXT4-fs: Ignoring removed mblk_io_submit option [ 68.218778][ T5687] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2 [ 68.227568][ T5687] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2 [ 68.237358][ T5687] EXT4-fs (loop6): 1 truncate cleaned up [ 68.253678][ T5687] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #2: block 4: comm syz.6.892: lblock 0 mapped to illegal pblock 4 (length 1) [ 68.268360][ T5616] syz.1.860 (5616) used greatest stack depth: 7536 bytes left [ 68.269297][ T5687] EXT4-fs (loop6): Remounting filesystem read-only [ 68.456933][ T5709] loop6: detected capacity change from 0 to 512 [ 68.466210][ T5709] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 68.475525][ T5709] EXT4-fs (loop6): invalid journal inode [ 68.481190][ T5709] EXT4-fs (loop6): can't get journal size [ 68.507013][ T5709] EXT4-fs (loop6): 1 truncate cleaned up [ 68.530222][ T5709] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.900: bg 0: block 255: padding at end of block bitmap is not set [ 68.563939][ T5709] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 68.666154][ T5729] serio: Serial port ptm0 [ 68.809476][ T5744] sctp: [Deprecated]: syz.5.915 (pid 5744) Use of struct sctp_assoc_value in delayed_ack socket option. [ 68.809476][ T5744] Use struct sctp_sack_info instead [ 69.224122][ T5724] syz.7.904 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 69.235079][ T5724] CPU: 1 UID: 0 PID: 5724 Comm: syz.7.904 Not tainted 6.16.0-syzkaller-12245-g2988dfed8a5d #0 PREEMPT(voluntary) [ 69.235151][ T5724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 69.235166][ T5724] Call Trace: [ 69.235259][ T5724] [ 69.235266][ T5724] __dump_stack+0x1d/0x30 [ 69.235289][ T5724] dump_stack_lvl+0xe8/0x140 [ 69.235314][ T5724] dump_stack+0x15/0x1b [ 69.235336][ T5724] dump_header+0x81/0x220 [ 69.235429][ T5724] oom_kill_process+0x342/0x400 [ 69.235561][ T5724] out_of_memory+0x979/0xb80 [ 69.235681][ T5724] try_charge_memcg+0x5e6/0x9e0 [ 69.235715][ T5724] charge_memcg+0x51/0xc0 [ 69.235733][ T5724] mem_cgroup_swapin_charge_folio+0xcc/0x150 [ 69.235758][ T5724] __read_swap_cache_async+0x1df/0x350 [ 69.235837][ T5724] swap_cluster_readahead+0x277/0x3e0 [ 69.235898][ T5724] swapin_readahead+0xde/0x6f0 [ 69.235937][ T5724] ? __filemap_get_folio+0x4f7/0x6b0 [ 69.236109][ T5724] ? swap_cache_get_folio+0x77/0x200 [ 69.236149][ T5724] do_swap_page+0x301/0x2430 [ 69.236175][ T5724] ? tracing_record_taskinfo_sched_switch+0x71/0x260 [ 69.236212][ T5724] ? finish_task_switch+0xad/0x2b0 [ 69.236232][ T5724] ? __pfx_default_wake_function+0x10/0x10 [ 69.236254][ T5724] handle_mm_fault+0x9a5/0x2c20 [ 69.236289][ T5724] do_user_addr_fault+0x636/0x1090 [ 69.236338][ T5724] ? fpregs_restore_userregs+0xe2/0x1d0 [ 69.236375][ T5724] ? switch_fpu_return+0xe/0x20 [ 69.236458][ T5724] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 69.236491][ T5724] exc_page_fault+0x62/0xa0 [ 69.236511][ T5724] asm_exc_page_fault+0x26/0x30 [ 69.236529][ T5724] RIP: 0033:0x7f949aef563c [ 69.236547][ T5724] Code: 66 0f 1f 44 00 00 69 3d 76 00 e8 00 e8 03 00 00 48 8d 1d 77 09 35 00 e8 12 95 12 00 eb 0c 48 81 c3 f0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 f0 00 00 [ 69.236625][ T5724] RSP: 002b:00007ffcf1d46790 EFLAGS: 00010206 [ 69.236642][ T5724] RAX: 0000000000000000 RBX: 00007f949b245fa0 RCX: 0000000000000000 [ 69.236655][ T5724] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055557784b808 [ 69.236667][ T5724] RBP: 00007f949b247da0 R08: 0000000000000000 R09: 7fffffffffffffff [ 69.236679][ T5724] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000010f29 [ 69.236704][ T5724] R13: 00007ffcf1d46880 R14: ffffffffffffffff R15: 00007ffcf1d468a0 [ 69.236724][ T5724] [ 69.236730][ T5724] memory: usage 307200kB, limit 307200kB, failcnt 144 [ 69.472151][ T5724] memory+swap: usage 307376kB, limit 9007199254740988kB, failcnt 0 [ 69.480068][ T5724] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0 [ 69.487487][ T5724] Memory cgroup stats for /syz7: [ 69.488153][ T5724] cache 0 [ 69.496076][ T5724] rss 0 [ 69.498856][ T5724] shmem 0 [ 69.501800][ T5724] mapped_file 0 [ 69.505381][ T5724] dirty 0 [ 69.508326][ T5724] writeback 4096 [ 69.511875][ T5724] workingset_refault_anon 24 [ 69.516496][ T5724] workingset_refault_file 0 [ 69.521004][ T5724] swap 180224 [ 69.524371][ T5724] swapcached 8192 [ 69.528016][ T5724] pgpgin 3260 [ 69.531312][ T5724] pgpgout 3258 [ 69.534763][ T5724] pgfault 7423 [ 69.538145][ T5724] pgmajfault 7 [ 69.540529][ T5758] loop5: detected capacity change from 0 to 512 [ 69.541528][ T5724] inactive_anon 8192 [ 69.541537][ T5724] active_anon 0 [ 69.555241][ T5724] inactive_file 0 [ 69.558432][ T5758] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 69.558893][ T5724] active_file 0 [ 69.558950][ T5724] unevictable 0 [ 69.569921][ T5758] EXT4-fs (loop5): invalid journal inode [ 69.571068][ T5724] hierarchical_memory_limit 314572800 [ 69.574561][ T5758] EXT4-fs (loop5): can't get journal size [ 69.588478][ T5758] EXT4-fs (loop5): 1 truncate cleaned up [ 69.591862][ T5724] hierarchical_memsw_limit 9223372036854771712 [ 69.591882][ T5724] total_cache 0 [ 69.591889][ T5724] total_rss 0 [ 69.591895][ T5724] total_shmem 0 [ 69.591924][ T5724] total_mapped_file 0 [ 69.591933][ T5724] total_dirty 0 [ 69.605611][ T5758] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.921: bg 0: block 255: padding at end of block bitmap is not set [ 69.607278][ T5724] total_writeback 4096 [ 69.607290][ T5724] total_workingset_refault_anon 24 [ 69.610985][ T5758] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 69.614045][ T5724] total_workingset_refault_file 0 [ 69.614058][ T5724] total_swap 180224 [ 69.662591][ T5724] total_swapcached 8192 [ 69.666779][ T5724] total_pgpgin 3260 [ 69.670714][ T5724] total_pgpgout 3258 [ 69.674636][ T5724] total_pgfault 7423 [ 69.678606][ T5724] total_pgmajfault 7 [ 69.682507][ T5724] total_inactive_anon 8192 [ 69.687059][ T5724] total_active_anon 0 [ 69.691106][ T5724] total_inactive_file 0 [ 69.695271][ T5724] total_active_file 0 [ 69.699246][ T5724] total_unevictable 0 [ 69.703236][ T5724] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz7,task_memcg=/syz7,task=syz.7.904,pid=5724,uid=0 [ 69.717871][ T5724] Memory cgroup out of memory: Killed process 5724 (syz.7.904) total-vm:95680kB, anon-rss:1024kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 69.951650][ T5727] syz.7.904 (5727) used greatest stack depth: 7472 bytes left [ 70.044576][ T5795] loop7: detected capacity change from 0 to 512 [ 70.094054][ T5801] loop6: detected capacity change from 0 to 128 [ 70.100969][ T5801] msdos: Bad value for 'gid' [ 70.105684][ T5801] msdos: Bad value for 'gid' [ 70.114039][ T5795] ext4 filesystem being mounted at /35/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 70.149038][ T5795] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 70.166871][ T5810] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 70.221823][ T5812] syzkaller1: entered promiscuous mode [ 70.227401][ T5812] syzkaller1: entered allmulticast mode [ 70.246513][ T5812] PF_CAN: dropped non conform CAN skbuff: dev type 280, len 324 [ 70.310476][ T5816] SELinux: failed to load policy [ 70.365068][ T5826] loop7: detected capacity change from 0 to 1024 [ 70.390034][ T5828] loop6: detected capacity change from 0 to 1024 [ 70.411701][ T5836] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 70.423694][ T5828] EXT4-fs: inline encryption not supported [ 70.429840][ T5828] EXT4-fs: Ignoring removed bh option [ 70.435434][ T5828] /dev/loop6: Can't open blockdev [ 70.449101][ T5826] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4183: comm syz.7.952: Allocating blocks 497-513 which overlap fs metadata [ 70.529959][ T5851] netlink: 'syz.6.964': attribute type 13 has an invalid length. [ 70.537814][ T5851] netlink: 'syz.6.964': attribute type 17 has an invalid length. [ 70.679378][ T5867] loop7: detected capacity change from 0 to 1024 [ 70.708973][ T5867] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 70.720224][ T5867] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 70.738173][ T5851] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 70.759554][ T5867] JBD2: no valid journal superblock found [ 70.765580][ T5867] EXT4-fs (loop7): Could not load journal inode [ 70.802778][ T5867] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 70.972282][ T5908] loop5: detected capacity change from 0 to 1024 [ 70.980341][ T5908] EXT4-fs: Ignoring removed orlov option [ 71.021561][ T5918] loop6: detected capacity change from 0 to 1024 [ 71.037096][ T5918] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 71.048091][ T5918] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 71.071183][ T5918] JBD2: no valid journal superblock found [ 71.077212][ T5918] EXT4-fs (loop6): Could not load journal inode [ 71.084350][ T29] kauditd_printk_skb: 129 callbacks suppressed [ 71.084366][ T29] audit: type=1326 audit(2000000010.010:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5921 comm="syz.5.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17ca34ebe9 code=0x7ffc0000 [ 71.115835][ T29] audit: type=1326 audit(2000000010.010:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5921 comm="syz.5.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17ca34ebe9 code=0x7ffc0000 [ 71.139413][ T29] audit: type=1326 audit(2000000010.010:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5921 comm="syz.5.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f17ca34ebe9 code=0x7ffc0000 [ 71.162897][ T29] audit: type=1326 audit(2000000010.010:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5921 comm="syz.5.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17ca34ebe9 code=0x7ffc0000 [ 71.171072][ T5918] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 71.186377][ T29] audit: type=1326 audit(2000000010.010:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5921 comm="syz.5.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17ca34ebe9 code=0x7ffc0000 [ 71.219221][ T29] audit: type=1326 audit(2000000010.010:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5921 comm="syz.5.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f17ca34ebe9 code=0x7ffc0000 [ 71.242909][ T29] audit: type=1326 audit(2000000010.010:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5921 comm="syz.5.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17ca34ebe9 code=0x7ffc0000 [ 71.266461][ T29] audit: type=1326 audit(2000000010.010:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5921 comm="syz.5.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17ca34ebe9 code=0x7ffc0000 [ 71.290293][ T29] audit: type=1326 audit(2000000010.010:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5921 comm="syz.5.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7f17ca34ebe9 code=0x7ffc0000 [ 71.314113][ T29] audit: type=1326 audit(2000000010.010:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5921 comm="syz.5.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17ca34ebe9 code=0x7ffc0000 [ 71.429959][ T5942] loop5: detected capacity change from 0 to 512 [ 71.462733][ T5942] ext4 filesystem being mounted at /143/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 71.500160][ T5942] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 71.522102][ T5956] netlink: 'syz.6.1010': attribute type 3 has an invalid length. [ 71.601498][ T5972] __nla_validate_parse: 2 callbacks suppressed [ 71.601518][ T5972] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1020'. [ 71.616694][ T5972] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1020'. [ 71.648252][ T5976] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1019'. [ 71.690997][ T5981] pim6reg1: entered promiscuous mode [ 71.696405][ T5981] pim6reg1: entered allmulticast mode [ 71.705757][ T5984] loop5: detected capacity change from 0 to 164 [ 71.720096][ T5984] rock: directory entry would overflow storage [ 71.726499][ T5984] rock: sig=0x4f50, size=4, remaining=3 [ 71.732102][ T5984] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 71.743573][ T5986] loop6: detected capacity change from 0 to 1024 [ 71.755614][ T5986] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 71.781183][ T5986] EXT4-fs error (device loop6): ext4_map_blocks:814: inode #3: block 1: comm syz.6.1026: lblock 1 mapped to illegal pblock 1 (length 1) [ 71.799409][ T5991] netlink: 'syz.1.1028': attribute type 3 has an invalid length. [ 71.804001][ T5986] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.1026: Failed to acquire dquot type 0 [ 71.821906][ T5986] EXT4-fs error (device loop6): ext4_free_blocks:6696: comm syz.6.1026: Freeing blocks not in datazone - block = 0, count = 4096 [ 71.844496][ T5986] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.1026: Invalid inode bitmap blk 0 in block_group 0 [ 71.865280][ T3463] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1) [ 71.891221][ T5986] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem [ 71.900280][ T3463] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 0 [ 71.917524][ T5986] EXT4-fs (loop6): 1 orphan inode deleted [ 71.937664][ T5986] EXT4-fs mount: 26 callbacks suppressed [ 71.937684][ T5986] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.968072][ T6003] netlink: 'syz.5.1034': attribute type 6 has an invalid length. [ 72.022596][ T4327] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.056899][ T6020] loop6: detected capacity change from 0 to 164 [ 72.069712][ T6023] sd 0:0:1:0: device reset [ 72.089927][ T6020] rock: directory entry would overflow storage [ 72.096255][ T6020] rock: sig=0x4f50, size=4, remaining=3 [ 72.101851][ T6020] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 72.247951][ T6052] program syz.2.1058 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 72.302912][ T6059] pim6reg1: entered promiscuous mode [ 72.308437][ T6059] pim6reg1: entered allmulticast mode [ 72.321311][ T6062] loop2: detected capacity change from 0 to 512 [ 72.343552][ T6062] EXT4-fs: Ignoring removed oldalloc option [ 72.366817][ T6062] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.1063: Parent and EA inode have the same ino 15 [ 72.379537][ T6062] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 72.393410][ T6062] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.1063: Parent and EA inode have the same ino 15 [ 72.407510][ T6062] EXT4-fs (loop2): 1 orphan inode deleted [ 72.414740][ T6062] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.440859][ T6073] loop6: detected capacity change from 0 to 512 [ 72.450800][ T6075] SELinux: policydb table sizes (0,0) do not match mine (8,7) [ 72.458577][ T6075] SELinux: failed to load policy [ 72.462659][ T6073] EXT4-fs (loop6): orphan cleanup on readonly fs [ 72.464747][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.480174][ T6073] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1068: bg 0: block 248: padding at end of block bitmap is not set [ 72.494999][ T6073] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.1068: Failed to acquire dquot type 1 [ 72.507002][ T6073] EXT4-fs (loop6): 1 truncate cleaned up [ 72.515005][ T6073] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 72.557000][ T4327] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.566411][ T6082] loop1: detected capacity change from 0 to 1024 [ 72.573657][ T6082] EXT4-fs: inline encryption not supported [ 72.583573][ T6082] EXT4-fs: Ignoring removed bh option [ 72.604071][ T6082] /dev/loop1: Can't open blockdev [ 72.626159][ T6092] loop2: detected capacity change from 0 to 512 [ 72.638095][ T6092] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.651299][ T6092] ext4 filesystem being mounted at /217/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 72.662735][ T6092] EXT4-fs (loop2): shut down requested (1) [ 72.678192][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.755935][ T6105] loop1: detected capacity change from 0 to 164 [ 72.772161][ T6105] rock: directory entry would overflow storage [ 72.778420][ T6105] rock: sig=0x4f50, size=4, remaining=3 [ 72.784026][ T6105] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 73.031538][ T6141] netlink: 'syz.1.1101': attribute type 6 has an invalid length. [ 73.135461][ T6153] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.163353][ T6155] pim6reg1: entered promiscuous mode [ 73.168853][ T6155] pim6reg1: entered allmulticast mode [ 73.214720][ T6153] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.295573][ T6153] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.354836][ T6183] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 73.361467][ T6183] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 73.369088][ T6183] vhci_hcd vhci_hcd.0: Device attached [ 73.396077][ T6153] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.411887][ T6184] vhci_hcd: connection closed [ 73.412063][ T31] vhci_hcd: stop threads [ 73.421139][ T31] vhci_hcd: release socket [ 73.425616][ T31] vhci_hcd: disconnect device [ 73.475296][ T1594] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.483565][ T1594] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.503388][ T1594] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.519435][ T1594] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.906056][ T6209] netlink: 'syz.5.1105': attribute type 1 has an invalid length. [ 73.940873][ T6209] 8021q: adding VLAN 0 to HW filter on device bond2 [ 73.948990][ T6209] bond1: (slave bond2): making interface the new active one [ 73.957054][ T6209] bond1: (slave bond2): Enslaving as an active interface with an up link [ 73.977183][ T6221] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1110'. [ 73.986207][ T6221] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1110'. [ 73.995442][ T6221] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1110'. [ 74.004560][ T6221] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1110'. [ 74.013613][ T6221] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1110'. [ 74.068088][ T6229] syz.7.1116 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 74.075619][ T6223] loop5: detected capacity change from 0 to 8192 [ 74.210806][ T6242] loop6: detected capacity change from 0 to 512 [ 74.223030][ T6242] EXT4-fs: Ignoring removed mblk_io_submit option [ 74.234205][ T6242] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 74.247421][ T6242] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 74.261727][ T6242] EXT4-fs (loop6): 1 truncate cleaned up [ 74.268093][ T6242] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.308674][ T6251] netlink: 'syz.7.1124': attribute type 1 has an invalid length. [ 74.337908][ T6251] 8021q: adding VLAN 0 to HW filter on device bond2 [ 74.347319][ T6251] bond1: (slave bond2): making interface the new active one [ 74.355158][ T6251] bond1: (slave bond2): Enslaving as an active interface with an up link [ 74.441859][ T6264] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 74.654455][ T6283] loop2: detected capacity change from 0 to 512 [ 74.708239][ T6283] EXT4-fs (loop2): too many log groups per flexible block group [ 74.716027][ T6283] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 74.737093][ T6283] EXT4-fs (loop2): mount failed [ 74.862754][ T6297] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1142'. [ 74.871880][ T6297] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1142'. [ 75.130431][ T4327] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.275749][ T6334] loop1: detected capacity change from 0 to 512 [ 75.285480][ T6334] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 75.293971][ T6334] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1160: invalid indirect mapped block 2683928664 (level 1) [ 75.308973][ T6334] EXT4-fs (loop1): 1 truncate cleaned up [ 75.315291][ T6334] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.338233][ T6334] EXT4-fs error (device loop1): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.1.1160: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0 [ 75.395611][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.412511][ T6340] loop7: detected capacity change from 0 to 8192 [ 75.456915][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.467766][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.475569][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.483089][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.490785][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.499070][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.506753][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.514489][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.522090][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.529812][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.537616][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.545242][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.552856][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.560481][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.568130][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.575718][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.585489][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.593665][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.601548][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.609616][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.618515][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.626315][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.634970][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.645299][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.653701][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.662257][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.670350][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.678010][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.685655][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.693214][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.700789][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.708316][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.716053][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.723557][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.746204][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.753874][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.761518][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.769125][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.777089][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.784786][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.792405][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.800184][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.807809][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.815528][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.823137][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.831899][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.839606][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.851440][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.859141][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.868505][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.876508][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.888929][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.902756][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.922411][ T6367] ref_ctr_offset mismatch. inode: 0x4dc offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x300000018 [ 75.922442][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.946931][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.954932][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.962566][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.970389][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.978194][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.987092][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 75.995835][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.006605][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.017203][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.028541][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.037788][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.045766][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.053562][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.093807][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.104906][ T6381] loop1: detected capacity change from 0 to 512 [ 76.107905][ T6379] loop2: detected capacity change from 0 to 8192 [ 76.125228][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.125315][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.132879][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.150559][ T6384] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(6) [ 76.163742][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.164667][ T6384] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 76.164705][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.164738][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.172350][ T6384] vhci_hcd vhci_hcd.0: Device attached [ 76.201066][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.201108][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.213438][ T6387] vhci_hcd: connection closed [ 76.221647][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.222975][ T6381] EXT4-fs (loop1): too many log groups per flexible block group [ 76.226458][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.233896][ T6381] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 76.241723][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.256318][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.259544][ T2760] vhci_hcd: stop threads [ 76.271703][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.275612][ T2760] vhci_hcd: release socket [ 76.275623][ T2760] vhci_hcd: disconnect device [ 76.283257][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.292287][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.299952][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.307784][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.315558][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.322419][ T6381] EXT4-fs (loop1): mount failed [ 76.323557][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.336074][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.343606][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.351402][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.359053][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.366787][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.374423][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.382144][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.389935][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.398931][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.406921][ T6348] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 76.598710][ T6403] loop5: detected capacity change from 0 to 512 [ 76.620845][ T29] kauditd_printk_skb: 256 callbacks suppressed [ 76.620863][ T29] audit: type=1400 audit(2000000015.540:1466): avc: denied { mounton } for pid=6401 comm="syz.5.1188" path="/170/bus" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 76.651624][ T6403] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 76.709140][ T6403] EXT4-fs (loop5): 1 truncate cleaned up [ 76.717861][ T6403] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.744882][ T29] audit: type=1326 audit(2000000015.660:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6413 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5080a7ebe9 code=0x7ffc0000 [ 76.768492][ T29] audit: type=1326 audit(2000000015.660:1468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6413 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5080a7ebe9 code=0x7ffc0000 [ 76.791908][ T29] audit: type=1326 audit(2000000015.660:1469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6413 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f5080a7ebe9 code=0x7ffc0000 [ 76.815297][ T29] audit: type=1326 audit(2000000015.660:1470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6413 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5080a7ebe9 code=0x7ffc0000 [ 76.818434][ T6403] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.862759][ T6423] loop6: detected capacity change from 0 to 512 [ 76.900829][ T6423] EXT4-fs (loop6): too many log groups per flexible block group [ 76.908673][ T6423] EXT4-fs (loop6): failed to initialize mballoc (-12) [ 76.916121][ T6423] EXT4-fs (loop6): mount failed [ 76.979769][ T6435] pim6reg1: entered promiscuous mode [ 76.985234][ T6435] pim6reg1: entered allmulticast mode [ 77.124114][ T6440] random: crng reseeded on system resumption [ 77.290716][ T6463] loop1: detected capacity change from 0 to 512 [ 77.315990][ T6454] loop6: detected capacity change from 0 to 8192 [ 77.334244][ T6463] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 77.375845][ T6463] EXT4-fs (loop1): 1 truncate cleaned up [ 77.389838][ T6463] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.406640][ T6463] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.536959][ T6486] ref_ctr_offset mismatch. inode: 0x3af offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x300000018 [ 77.551485][ T29] audit: type=1400 audit(2000000016.470:1471): avc: denied { read } for pid=6490 comm="syz.7.1229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 77.667427][ T29] audit: type=1326 audit(2000000016.590:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6508 comm="syz.6.1232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34938eebe9 code=0x7ffc0000 [ 77.718444][ T29] audit: type=1326 audit(2000000016.620:1473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6508 comm="syz.6.1232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34938eebe9 code=0x7ffc0000 [ 77.742085][ T29] audit: type=1326 audit(2000000016.620:1474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6508 comm="syz.6.1232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f34938eebe9 code=0x7ffc0000 [ 77.765518][ T29] audit: type=1326 audit(2000000016.620:1475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6508 comm="syz.6.1232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34938eebe9 code=0x7ffc0000 [ 77.817865][ T6521] loop6: detected capacity change from 0 to 512 [ 77.828256][ T6522] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.843835][ T6521] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 77.870645][ T6521] EXT4-fs (loop6): 1 truncate cleaned up [ 77.883804][ T6521] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.899904][ T6521] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.917145][ T6522] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.968204][ T6522] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.016390][ T6522] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.036868][ T6542] __nla_validate_parse: 5 callbacks suppressed [ 78.036902][ T6542] netlink: 51563 bytes leftover after parsing attributes in process `syz.6.1237'. [ 78.071420][ T37] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.086442][ T37] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.113781][ T37] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.129829][ T37] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.388688][ T6576] SELinux: security_context_str_to_sid () failed with errno=-22 [ 78.431092][ T6582] random: crng reseeded on system resumption [ 78.499019][ T6580] loop1: detected capacity change from 0 to 8192 [ 79.079481][ T6648] SELinux: security_context_str_to_sid () failed with errno=-22 [ 79.295262][ T6683] dvmrp0: left allmulticast mode [ 79.587338][ T6728] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1266'. [ 79.596476][ T6728] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1266'. [ 79.605471][ T6728] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1266'. [ 79.646605][ T6736] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 79.721852][ T6748] sctp: [Deprecated]: syz.1.1276 (pid 6748) Use of int in maxseg socket option. [ 79.721852][ T6748] Use struct sctp_assoc_value instead [ 79.823948][ T6762] loop1: detected capacity change from 0 to 512 [ 79.836825][ T6762] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.850440][ T6762] ext4 filesystem being mounted at /258/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.892144][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.930051][ T6773] loop1: detected capacity change from 0 to 512 [ 79.937402][ T6773] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 79.966011][ T6773] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1287: Failed to acquire dquot type 1 [ 79.985028][ T6773] EXT4-fs (loop1): 1 truncate cleaned up [ 79.991527][ T6773] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.034530][ T6784] sctp: [Deprecated]: syz.6.1291 (pid 6784) Use of int in maxseg socket option. [ 80.034530][ T6784] Use struct sctp_assoc_value instead [ 80.051624][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.152738][ T6794] netlink: 88 bytes leftover after parsing attributes in process `syz.2.1296'. [ 80.198845][ T6802] netlink: 'syz.6.1300': attribute type 21 has an invalid length. [ 80.356468][ T6825] netlink: 88 bytes leftover after parsing attributes in process `syz.6.1310'. [ 80.384573][ T6828] netlink: 332 bytes leftover after parsing attributes in process `syz.7.1311'. [ 80.412298][ T6831] netlink: 'syz.7.1313': attribute type 21 has an invalid length. [ 80.564613][ T6852] loop7: detected capacity change from 0 to 512 [ 80.575247][ T6852] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.587958][ T6852] ext4 filesystem being mounted at /102/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.613365][ T5172] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.643176][ T6858] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.689070][ T6858] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.741033][ T6858] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.828063][ T6858] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.879830][ T3463] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.891682][ T3463] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.903715][ T3463] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.915616][ T3463] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.960218][ T6876] loop6: detected capacity change from 0 to 512 [ 80.967538][ T6876] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 80.985101][ T6876] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.1331: Failed to acquire dquot type 1 [ 80.997064][ T6876] EXT4-fs (loop6): 1 truncate cleaned up [ 81.003190][ T6876] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.027549][ T4327] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.328531][ T6889] SELinux: Context system_u:object_r:sendmail_exec_t:s0 is not valid (left unmapped). [ 81.423121][ T6900] loop2: detected capacity change from 0 to 128 [ 81.503191][ T6909] netlink: 'syz.2.1345': attribute type 3 has an invalid length. [ 81.548541][ T6916] loop6: detected capacity change from 0 to 1024 [ 81.555440][ T6916] EXT4-fs: Ignoring removed nobh option [ 81.561073][ T6916] EXT4-fs: Ignoring removed bh option [ 81.578982][ T6916] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.604573][ T6921] netlink: 'syz.2.1350': attribute type 3 has an invalid length. [ 81.627078][ T4327] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.687922][ T6929] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 81.700824][ T29] kauditd_printk_skb: 415 callbacks suppressed [ 81.700880][ T29] audit: type=1326 audit(2000000020.610:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6927 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5080a7ebe9 code=0x7ffc0000 [ 81.731100][ T29] audit: type=1326 audit(2000000020.610:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6927 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5080a7ebe9 code=0x7ffc0000 [ 81.761840][ T29] audit: type=1326 audit(2000000020.630:1889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6927 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5080a7ebe9 code=0x7ffc0000 [ 81.785490][ T29] audit: type=1326 audit(2000000020.630:1890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6927 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5080a7ebe9 code=0x7ffc0000 [ 81.809028][ T29] audit: type=1326 audit(2000000020.630:1891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6927 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5080a7ebe9 code=0x7ffc0000 [ 81.832617][ T29] audit: type=1326 audit(2000000020.630:1892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6927 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5080a7ebe9 code=0x7ffc0000 [ 81.856031][ T29] audit: type=1326 audit(2000000020.630:1893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6927 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5080a7ebe9 code=0x7ffc0000 [ 81.879482][ T29] audit: type=1326 audit(2000000020.630:1894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6927 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5080a7ebe9 code=0x7ffc0000 [ 81.903061][ T29] audit: type=1326 audit(2000000020.630:1895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6927 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5080a7ebe9 code=0x7ffc0000 [ 81.926567][ T29] audit: type=1326 audit(2000000020.630:1896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6927 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5080a7ebe9 code=0x7ffc0000 [ 82.006296][ T6939] netlink: 'syz.2.1358': attribute type 21 has an invalid length. [ 82.100100][ T6947] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 82.137212][ T6953] loop2: detected capacity change from 0 to 7 [ 82.280464][ T6978] loop2: detected capacity change from 0 to 128 [ 82.297572][ T6978] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 82.335765][ T6978] ext4 filesystem being mounted at /295/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.386913][ T6991] loop6: detected capacity change from 0 to 128 [ 82.399037][ T6990] loop7: detected capacity change from 0 to 1024 [ 82.420366][ T3301] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 82.424312][ T6991] FAT-fs (loop6): error, corrupted file size (i_pos 548, 512) [ 82.436941][ T6991] FAT-fs (loop6): Filesystem has been set read-only [ 82.445420][ T6990] EXT4-fs: Ignoring removed nobh option [ 82.446785][ T6991] FAT-fs (loop6): error, corrupted file size (i_pos 548, 512) [ 82.451135][ T6990] EXT4-fs: Ignoring removed bh option [ 82.489152][ T6990] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.602642][ T5172] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.753200][ T7021] loop2: detected capacity change from 0 to 7 [ 82.934942][ T7037] IPVS: stopping master sync thread 7038 ... [ 83.051747][ T7051] loop5: detected capacity change from 0 to 512 [ 83.075327][ T7051] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.089460][ T7051] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.122788][ T4188] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.145945][ T3463] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.175964][ T7063] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 83.217498][ T3463] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.236913][ T7071] loop5: detected capacity change from 0 to 512 [ 83.275274][ T3463] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.285791][ T7071] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.329632][ T4188] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.352149][ T3463] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.362550][ T7086] sd 0:0:1:0: device reset [ 83.445107][ T3463] bridge_slave_1: left allmulticast mode [ 83.450912][ T3463] bridge_slave_1: left promiscuous mode [ 83.456649][ T3463] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.469630][ T3463] bridge_slave_0: left allmulticast mode [ 83.475652][ T3463] bridge_slave_0: left promiscuous mode [ 83.481386][ T3463] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.482308][ T7101] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 83.497075][ T7101] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 83.528823][ T7106] loop6: detected capacity change from 0 to 128 [ 83.590301][ T7113] loop5: detected capacity change from 0 to 1024 [ 83.597127][ T7113] EXT4-fs: Ignoring removed nobh option [ 83.605206][ T7113] EXT4-fs: Ignoring removed bh option [ 83.616830][ T3463] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 83.626951][ T7113] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.628950][ T3463] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 83.658630][ T3463] bond0 (unregistering): Released all slaves [ 83.665624][ T4188] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.739248][ T3463] hsr_slave_0: left promiscuous mode [ 83.750661][ T3463] hsr_slave_1: left promiscuous mode [ 83.756295][ T3463] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 83.763754][ T3463] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 83.776621][ T7125] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1433'. [ 83.779827][ T3463] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 83.793104][ T3463] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 83.810062][ T3463] veth1_macvtap: left promiscuous mode [ 83.815912][ T3463] veth0_macvtap: left promiscuous mode [ 83.821561][ T3463] veth1_vlan: left promiscuous mode [ 83.827001][ T3463] veth0_vlan: left promiscuous mode [ 83.900111][ T3463] team0 (unregistering): Port device team_slave_1 removed [ 83.910565][ T3463] team0 (unregistering): Port device team_slave_0 removed [ 83.950320][ T7073] chnl_net:caif_netlink_parms(): no params data found [ 83.999491][ T7073] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.006823][ T7073] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.014316][ T7073] bridge_slave_0: entered allmulticast mode [ 84.021367][ T7073] bridge_slave_0: entered promiscuous mode [ 84.028419][ T7073] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.035560][ T7073] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.042796][ T7073] bridge_slave_1: entered allmulticast mode [ 84.049580][ T7073] bridge_slave_1: entered promiscuous mode [ 84.079265][ T7073] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.090042][ T7073] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.114172][ T7073] team0: Port device team_slave_0 added [ 84.121086][ T7073] team0: Port device team_slave_1 added [ 84.140520][ T7073] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 84.147706][ T7073] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 84.173837][ T7073] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 84.185537][ T7073] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 84.192549][ T7073] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 84.218521][ T7073] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 84.261730][ T7073] hsr_slave_0: entered promiscuous mode [ 84.268998][ T7073] hsr_slave_1: entered promiscuous mode [ 84.275725][ T7073] debugfs: 'hsr0' already exists in 'hsr' [ 84.281537][ T7073] Cannot create hsr debugfs directory [ 84.297494][ T7153] macvlan0: entered allmulticast mode [ 84.302966][ T7153] veth1_vlan: entered allmulticast mode [ 84.340749][ T7153] veth1_vlan: left allmulticast mode [ 84.376291][ T7153] macvlan0 (unregistering): left allmulticast mode [ 84.426644][ T7073] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 84.437187][ T7073] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 84.447081][ T7073] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 84.457226][ T7073] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 84.496489][ T7073] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.512491][ T7073] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.525231][ T1594] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.532453][ T1594] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.544278][ T1594] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.551456][ T1594] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.628776][ T7073] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.767878][ T7073] veth0_vlan: entered promiscuous mode [ 84.777626][ T7073] veth1_vlan: entered promiscuous mode [ 84.794591][ T7073] veth0_macvtap: entered promiscuous mode [ 84.804375][ T7073] veth1_macvtap: entered promiscuous mode [ 84.816798][ T7073] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.832479][ T7073] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.843753][ T2760] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.847796][ T7180] loop7: detected capacity change from 0 to 512 [ 84.854658][ T2760] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.882295][ T7180] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 84.884640][ T2760] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.922940][ T5172] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.949621][ T1594] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.110299][ T7201] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1463'. [ 85.246775][ T7216] vhci_hcd: invalid port number 96 [ 85.252055][ T7216] vhci_hcd: default hub control req: 0318 vf7fa i0060 l0 [ 85.382685][ T7236] loop7: detected capacity change from 0 to 512 [ 85.393045][ T7236] EXT4-fs: Ignoring removed mblk_io_submit option [ 85.400232][ T7236] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 85.416046][ T7236] EXT4-fs (loop7): 1 truncate cleaned up [ 85.435066][ T7236] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.173295][ T5172] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.218295][ T7259] sd 0:0:1:0: device reset [ 86.270049][ T7271] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 86.272788][ T7269] loop8: detected capacity change from 0 to 2364 [ 86.321841][ T7278] loop5: detected capacity change from 0 to 512 [ 86.332330][ T7278] EXT4-fs: Ignoring removed mblk_io_submit option [ 86.340066][ T7278] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 86.367453][ T7278] EXT4-fs (loop5): 1 truncate cleaned up [ 86.386305][ T7278] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.393069][ T7288] loop1: detected capacity change from 0 to 4096 [ 86.411972][ T7288] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.439838][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.854740][ T7294] ================================================================== [ 86.862880][ T7294] BUG: KCSAN: data-race in file_write_and_wait_range / xas_set_mark [ 86.870911][ T7294] [ 86.873244][ T7294] write to 0xffff888106edcf94 of 4 bytes by task 7278 on cpu 1: [ 86.880893][ T7294] xas_set_mark+0x12b/0x140 [ 86.885431][ T7294] tag_pages_for_writeback+0xc2/0x290 [ 86.890832][ T7294] ext4_do_writepages+0x6b2/0x2750 [ 86.895985][ T7294] ext4_writepages+0x176/0x300 [ 86.900773][ T7294] do_writepages+0x1c3/0x310 [ 86.905384][ T7294] filemap_write_and_wait_range+0x144/0x340 [ 86.911320][ T7294] filemap_invalidate_pages+0xa4/0x1a0 [ 86.916810][ T7294] kiocb_invalidate_pages+0x6e/0x80 [ 86.922033][ T7294] __iomap_dio_rw+0x5d4/0x1250 [ 86.926829][ T7294] iomap_dio_rw+0x40/0x90 [ 86.931187][ T7294] ext4_file_write_iter+0xad9/0xf00 [ 86.936443][ T7294] iter_file_splice_write+0x666/0x9e0 [ 86.941856][ T7294] direct_splice_actor+0x153/0x2a0 [ 86.946992][ T7294] splice_direct_to_actor+0x30f/0x680 [ 86.952382][ T7294] do_splice_direct+0xda/0x150 [ 86.957175][ T7294] do_sendfile+0x380/0x650 [ 86.961649][ T7294] __x64_sys_sendfile64+0x105/0x150 [ 86.966886][ T7294] x64_sys_call+0x2bb0/0x2ff0 [ 86.971590][ T7294] do_syscall_64+0xd2/0x200 [ 86.976133][ T7294] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.982044][ T7294] [ 86.984460][ T7294] read to 0xffff888106edcf94 of 4 bytes by task 7294 on cpu 0: [ 86.992019][ T7294] file_write_and_wait_range+0x10e/0x2c0 [ 86.997691][ T7294] generic_buffers_fsync_noflush+0x45/0x120 [ 87.003622][ T7294] ext4_sync_file+0x1ab/0x690 [ 87.008347][ T7294] vfs_fsync_range+0x10d/0x130 [ 87.013148][ T7294] ext4_buffered_write_iter+0x34f/0x3c0 [ 87.018733][ T7294] ext4_file_write_iter+0xdbf/0xf00 [ 87.023966][ T7294] iter_file_splice_write+0x666/0x9e0 [ 87.029363][ T7294] direct_splice_actor+0x153/0x2a0 [ 87.034501][ T7294] splice_direct_to_actor+0x30f/0x680 [ 87.039897][ T7294] do_splice_direct+0xda/0x150 [ 87.044676][ T7294] do_sendfile+0x380/0x650 [ 87.049127][ T7294] __x64_sys_sendfile64+0x105/0x150 [ 87.054395][ T7294] x64_sys_call+0x2bb0/0x2ff0 [ 87.059103][ T7294] do_syscall_64+0xd2/0x200 [ 87.063727][ T7294] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.069644][ T7294] [ 87.071987][ T7294] value changed: 0x02000021 -> 0x04000021 [ 87.077717][ T7294] [ 87.080049][ T7294] Reported by Kernel Concurrency Sanitizer on: [ 87.086323][ T7294] CPU: 0 UID: 0 PID: 7294 Comm: syz.5.1490 Not tainted 6.16.0-syzkaller-12245-g2988dfed8a5d #0 PREEMPT(voluntary) [ 87.098478][ T7294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 87.108554][ T7294] ================================================================== [ 87.278470][ T4188] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.