last executing test programs: 3.067297423s ago: executing program 3 (id=1133): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0) 3.044641865s ago: executing program 3 (id=1135): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) shutdown(r0, 0x1) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}, 0x9}, 0x90) 3.010333669s ago: executing program 3 (id=1138): bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="8500000097000000350000000000000085000000230000009500000000000000f4670880271e3503200ffa95a2c8c037c5a142dfa8ba6287066c5197fabd5f7010e81ae0b737126e0000000000000009ed8d38665cb6e22ff5dde54704d25c79949c23e2eb15d755a2410ea7c09cc28de194f44800000000b0d3712c7e93363af3c075ff1e23160104d95433bb755af3d576090c4867a7b6393e366c6386d5ec7201d031f40f3012e9576e51a7f550afc852003b2f7846c744ae6af3c037102124d85cec074c6949e1d76d067a97000247fe5f17fdab800f4104dbaba46aac3abe6c4d7f47ef6d02ba536cdacecf7eb6baaa4a9779f8555eaea768c1f2c221c155411c5483b8741036674d41513656d400ef050000000ee282ab76f593d828cf95846be6277c04b8c5324812696a623cd8a4f8dc8dcba00b1b2d2547c45b0c52087b5efabf8496b9a951667dd5b5a0327b56c0ebfb19a34268335648e1f844ce328c10752a42dca52fb98c1452b651ebffffffff00000000419a2f238f173d0cd46dafc6e95500f53e5309ec91d83cf4fbd775d9c07d8d591a4dac60ff00e609b3b20000000000000000000000000000000000000000000000004e41ffd11d49614fc97bff9cfa13a834a8b7d58ef7845b492b808b59a29b3bfa21b4ce7abc79e8279ef3e2151281fe64f52fc86715aca2e027cb0d5ae3a489dd4f97e6dfdaf622a6964faea221d4b6a7d5fbaeb8ce597ec671a0f8cab6877df3ef4b21d902a66f091947f1a69f09007d1c22c1fa85de1caa493de14810f42ed36488b944b3ca4e86a4738f730f473f3f29d592549b220d051c3b31e321d426ac7b28e8204d3253184d307966ad8ef7482da915473bd11a72e9acefc61cb7a40b78a066f120cf5acc12e56107f7cd8144c4b1df091e9fb661120eaeaa4efe4a9e798925a72da837a364c0051118dd744db455ae5e9a579f97b4fcf60e26c7fcbd31ccc030f2a8077e089b36d6a5"], &(0x7f0000000140)='GPL\x00', 0x0, 0xe0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x50, 0x10, 0x0, 0xfffffc1a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0xfffff000, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x8000}, 0x28) 2.971644023s ago: executing program 3 (id=1140): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108) setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @private}}}, 0x108) 2.957919314s ago: executing program 3 (id=1142): r0 = creat(&(0x7f0000000540)='./file0\x00', 0x0) close(r0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000640), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 2.944730305s ago: executing program 3 (id=1144): ptrace(0x10, 0x1) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) ptrace$getenv(0x4210, r1, 0x0, 0x0) 1.786185173s ago: executing program 1 (id=1187): r0 = syz_io_uring_setup(0x5bbd, &(0x7f00000002c0), &(0x7f0000000180), &(0x7f00000001c0)) syz_io_uring_setup(0xbe2, &(0x7f0000000240), 0x0, 0x0) syz_io_uring_setup(0x1106, &(0x7f0000000740), &(0x7f0000000800), 0x0) syz_io_uring_setup(0x10278e, &(0x7f0000000000)={0x0, 0x0, 0x10}, &(0x7f0000000200), &(0x7f00000000c0)) io_uring_enter(r0, 0x47, 0x0, 0x0, 0x0, 0x0) 1.511412969s ago: executing program 1 (id=1200): r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000006180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000140)=0x6, 0x4) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x9a, &(0x7f0000000300)={@broadcast, @link_local, @void, {@ipv4={0x800, @udp={{0xa, 0x4, 0x0, 0x0, 0x8c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@rr={0x7, 0x13, 0xe, [@empty, @local, @multicast2, @multicast1]}]}}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "a1a7d1db4cc384c369b8fb75e555548b4b748ff50858f81951ea4bd31f7a0118", "59a2c02060214a6af3fd17d3c2fad74f", {"75d8f2b869b11ea5c307da8e96e0197d", "058939c6920ddb824df74ef088fb098b"}}}}}}}, 0x0) 656.457129ms ago: executing program 1 (id=1252): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000b00)=ANY=[@ANYBLOB="020300000b0000000000000000000000030006000000000002000000e000000100000000000000000200010000001c000000fb18000000000300050000000000020000007f0000010000000000000000010018"], 0x58}, 0x1, 0x7}, 0x0) 551.385358ms ago: executing program 2 (id=1258): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) futex(0x0, 0x9, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000001080)='smaps_rollup\x00') mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) preadv(r0, &(0x7f0000000140)=[{&(0x7f0000000400)=""/192, 0xc0}], 0x1, 0x0, 0x0) 404.807552ms ago: executing program 1 (id=1261): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_io_uring_setup(0x44fe, &(0x7f00000000c0)={0x0, 0x0, 0x7, 0x3}, &(0x7f0000000140), &(0x7f0000000180)) 353.851977ms ago: executing program 1 (id=1263): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000280), 0xffffffffffffffff) r2 = socket(0x1e, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000f00000008000300", @ANYRES32=r3, @ANYBLOB="0800340002000001"], 0x34}}, 0x0) 353.295547ms ago: executing program 4 (id=1264): perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0xa) syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 321.26488ms ago: executing program 2 (id=1265): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000100000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000580), r1) sendmsg$IEEE802154_LIST_PHY(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x14, r2, 0x30b}, 0x14}}, 0x0) 311.926891ms ago: executing program 0 (id=1266): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) 310.272071ms ago: executing program 4 (id=1267): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000200000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000e0400000000000000000000000000000500000000020000000000000802000000000000000000000a0300000000005f0061"], 0x0, 0x52, 0x0, 0x0, 0xffffffff, 0x0, @void, @value}, 0x28) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xf, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x9163}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x1}}}, &(0x7f0000000440)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f00000005c0)={0x0, 0x2, 0x7, 0x8}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94) 302.509022ms ago: executing program 1 (id=1268): r0 = gettid() syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x101080e, &(0x7f00000001c0)=ANY=[@ANYBLOB="756e686964652c68696465006e6f726f636b2c73657373696f6e3d3078303030303030013030303030303030312c686964652c63007b6865636b3d7374726963f4416e6f636fd689c91ceb036442a5e8b65659212a2bbc4e30952aa22edafcc01c50d9545f6d70726573534d6e6f726f636b2c6368657f12106458668eb97fd25f742c696f636861727365743d69736f383835392d31332c63727566742c7065726d6928d7997c17d1c8704a54dc34229c72656374696f2c61756469742c004b32b19ac463afda9675ef356e50e2fb3d253ba1480f27afe645fded942f5957f2992896524e7731fa148037452b21c34c9918911ac37dff04099efbbf3c69c8fb9bdcda4683151bb24329a40b273da9bce1145213686d55a96caab752943c330423edc3876e0b859d57cd6d60dc5220aa1367c24de5e66343c128db17391d25b7aa35001e68df726f9ca1e0bfab6993329f0318602f3c51a28ed0858da3e3c47e95de50cbd34e68dd8517f1b4e1eeab0000000000e7b4ea43ef9e4d817aae8e0d2e71215bc0127620b046361adbde0b60bee63e91aa28d93cd8d79802966dbfacceffe6b1d302c5515d7323f7cca3f665a6964cba6cd16ae40bc68e94ac6b40bf96a55dcefd4024a5d7a848d08bdb5d8bb89b4c1968cf6ae0fd7858fa38b738c1ee6822f2cfdb30c3941199251d603d495ab6ce2ddb8e918e72b9171aaa287f2b19755bdc92109150850d5c14ec2ac32dee0122b28fcb3e88d5096d6352799c5f13f597695adfd21e644379e6a400000000000000000000000000fa41c3f14dca4ef03fed7e6466a4e2d4503979398731ee0fc7487e0b09466d841e2d8e64ed9e0d4333e6a79acee454fdb4fff932f123000000", @ANYRES16=r0, @ANYRESOCT=r0], 0x1, 0x67e, &(0x7f0000001600)="$eJzs3V1v29Ydx/Ef5SfFHYJiG4IgSJOTZAUcLFMouXFgZMCqUZTNTRIFUh5sYECRNXYRRE63JAMW3xS+2BPQvYHd9WK72IsYsOu9iu1uA4rtbsBuWPCQsiVbD1btJG3y/QStKPLPc/4kFf7BSDwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQ49Vct+yoEbQ2Ns1oXi0Km2OWZ63N6WY2cXNiv5KT/qdiURezWRe/fbj4Qvq/67qcvbusYvpS1N5bF96+963ZQm/9MQl9GZq2wafP9x7d73a3n5wgdkZTN/8qqXCCoDW/FcRh0Kyu+SaIQ7O6suLeXq/Hph40/Hgr7vhN40V+oRNGZsm7acqrq8vGL22FG621WrXh92be/V7FdVfMjxayAy2pFHvrQaMRtNZsTLo4jblrPv1pFuBXm8bsPOxuL09KMg0qnySoMimo4lYq5XKlUl65s3rnruvOHpvhphz3gI5FnPmHFl8zZ3fyBk6pkNb/fzpSQ0W1tKFNmaF/PNUUKVRzxPJcr/6/e9sf229//e9V+YvSD/LFl2Tr/5Xs3ZVR9X9ELkbGrjBsiTNi/nR/5vJWnuq59vRI99VVV9t6cgZtG5mrp23h12eSxz+SzOiINflqKVCsUIGaqto5Jp9jtKoVrcjVB1pXXbGM6grUkK9YW4rVkW8/UZ4i+aqqo1CRjJbk6aaMylrVqpZl5KukLYXaUEtrqqmq/yVJsqOHdr8vj9kK9YLKIwIW+oMqY1oaVf9/9kn2Oc3rv0v9f1Nln4OF/Cw2Lgb4Ckjy6/8pXX0x2QAAAAAAgBfBsf/67tjv7t+RlKgeNHz3VacFAAAAAADOkKNkQZflyP6kTe/I4fofAAAAAIDXjWPvsXMkLdof9TuHd0Kd5B8BZl5CigAAAAAA4JTsnf9X5qXEDlpxVc5U1/8AAAAAAOBr4Hd9Y+zP9sbYTXpf6xckxe0F56//WVA05+y3N7/j7FbTJdXdPObYLwA69UvO+XygXvsyL8m+8/zLTt5bPgjmwbiDn+9MGuvfiY4kMD/T38CIBJy055XZ/J0+1bVslWv5OPMP9gqyS7JeFutBwy95YeNeWdXq+ULH3+z88vHDX0nRwXbuPOxulz78uPvA5rKfztrfTRv9ZCCdwvCdcZjLMzvegr3nYtgWn1O91+XvW81Fx/br9rZ/RtXdQn9H4w7AYZ+/0fXsmF1fzGIX9w5G3E+3v5huf7lkD9nA1kdzzmEW5aNbPuxAjMiiaLO4kcXcWLqRvfTyS9spOMXvzkiV0vFjMJBFpT+LyfvC+e+xfTEui3xfLKdZ/C1taEQWy9NlceyIAMCrsnNYhewg5sfqbq889E5qX6ruTK7u7w9W92d/TBK7wow0m383MbaXotIz+pJj69C87Il19tKQM7qb15WiRpzR3VNUt7Svvxw+AylP+1gW/0+S5F7Z9vuHI1X1s3SFz0b2GzcqM+kuvP1s9+d2APzUR9sfbT+uVJZX3Pdc905Fc3Yz8pcZHc2U32wCAE7wjJ2JEc57upZFXHvw73ezqYGK982DnxSU9KE+VlcPdKv3CIGrw1td7PsZwq3sqlV9V63mwtv3zklHY8u6NfKqztbSvtjKQeyceqsMVurD2OUXfBQAAHi5rk+ow8Prf3Gg/t/SUhaxdGnodfdgLT/6hOBRseXJyb9/1nsDAIA3gx997ix2futEUdD+oLy6Wq521n0Thd6PTRTU1nwTtDp+5K1XW2u+aUdhJ/TChmlHWghqfmzijXY7jDqmHkamHcbBpn3yu8kf/R77zWqrE3hxu+FXY994YatTnZGpBbFn2hs/bATxuh/ZleO27wX1wKt2grBl4nAj8vySMbHv9wUGNb/VCepBOtky7ShoVqMt85OwsdH0Tc2PvShod8KsQduX1zFBqx5GTdtsScnUDzoEAOB19PT53qP73e72kzET+5ock0/MD2mQ75sBAPiKOSzXU6xUfIEJAQAAAAAAAAAAAAAAAAAAAACAY05y/99UE3PDbhaUDub84vyRtf6kYe04OuvEppkoTLtW75aIvUd/HxN87mBOb/f3x+y/tA381zekt+wcZXNmz76vc3ZvvLwD9/2dbI+OjEkXDl20cHAsZs/+r0M68fjPIxYlSZKMX31hcB/Oj9vAwYlZSU/mT3EIBk4TjJsBvIa+CAAA//9z/kFZ") r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000268000/0x4000)=nil, 0x4000, 0x1000002, 0x4016012, r1, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) 287.233283ms ago: executing program 2 (id=1269): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x2f, 0xffffffffffffffff, {0x29}}, './file0\x00'}) 284.215283ms ago: executing program 0 (id=1270): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10) r1 = socket(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0xa00000000000000, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0x990, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000e00], 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b00000000000000000062726964676530000000000000000000766c616e300000000000000000000000736974300000000000000000000000007465716c3000000000000000000000000000000000000000000000000180c20000000000000000000000b8080000b808000030090000616d6f6e6700000000000000000000000000000000000000000000000200000020080000000000000002000000000000000000000a0000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005fd067c94041c2aa3a06a83a0199ae10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000440a000000000000000000000000001b0000000000000000000000000000000000000000000000000000000000000000000000000000f18a0afe9935000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002d0886c1a000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00000000000000000000000000000000000000000000000000000fff000000000000000000000000000000000000000000000000000000000000000000000000008c7f8f1b44f0000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009abde2255a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0ffffff000000000000000000000000000000000000e0c3bd0ed625ff61300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000fffffff90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f2573bd04a3300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005653d6a92c046b05458000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000003f7f1c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001d0000000000000000000000000000000000000000000000000000000000e900000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003fc95bb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d3d2e85100000000000000000000000000000000000000000000000000000000006e666c6f670000001100000000000000000000000000000000000000000000005080000000000000000000000000000000000000a600a9e85725d89818472e65aba21d9bbc1b20e8331c6fd24a5aceaeefe102e42a013ac2c00eeb782c34eab997013e0506220c21a44cc58ff5bc83d5e4066c770000000000002000"/2448]}, 0xa08) 167.963304ms ago: executing program 2 (id=1271): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000001000)=@base={0x10, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 167.510074ms ago: executing program 0 (id=1272): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_ECN={0x8}, @TCA_FQ_PIE_ECN_PROB={0x8}]}}]}, 0x44}}, 0x0) 164.234704ms ago: executing program 4 (id=1273): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x9) bpf$PROG_LOAD(0x5, 0x0, 0x0) fstatfs(0xffffffffffffffff, 0x0) 141.046057ms ago: executing program 2 (id=1274): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r1, 0x404c534a, &(0x7f0000000040)) 87.365392ms ago: executing program 4 (id=1275): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'pim6reg0\x00', 0x2}) ioctl$TUNSETOFFLOAD(r1, 0x400454cc, 0x2) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'pim6reg0\x00', 0x2}) 86.930212ms ago: executing program 0 (id=1276): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) ioperm(0x0, 0x2, 0x2) 86.694632ms ago: executing program 2 (id=1277): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, 0x0, 0x0) poll(&(0x7f0000000100)=[{r0}], 0x1, 0x9d) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8) 86.428472ms ago: executing program 0 (id=1278): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f00000011c0)=[{0x6, 0x0, 0x0, 0xf}]}, 0x10) sendmmsg$inet6(r0, &(0x7f0000000a00)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @local, 0x9}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000300)="79ef34395d4c410d25e52319c6a502980fd70906f311e78ea6dce2f7034f79984352fa1adeabb374dbbf87c7d8", 0x2d}], 0x1, &(0x7f00000020c0)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000000000000000000001000740000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5031b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a5efe6c7115774effe28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c2511eb0f9600a0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6d997eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e641036a8afa2ccdb47d7990d5a007faccb2f86664179f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d841c351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}], 0x1, 0x8008801) sendmmsg$inet6(r0, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)="0de55a5b4592c5ca5825884fdd1d66112c824c7582ebab5729444975e48dd370fd69adf437ad3102", 0x28}], 0x1}}], 0x1, 0x0) 79.718123ms ago: executing program 0 (id=1279): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000280)={@val={0x1c, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6, {[@window={0xe, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e) 65.163374ms ago: executing program 4 (id=1280): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r1}, 0x10) r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d) 0s ago: executing program 4 (id=1281): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000540)='./bus\x00', 0x10, &(0x7f0000000500)=ANY=[@ANYRES64=0x0], 0x81, 0x374, &(0x7f0000000980)="$eJzs3T9oJNUfAPDvZja7uYPfLwELURBWO0HD5TptTJAcHKZRWfxTiIuXU9lEIcFgUlwSC8VSsNTKTkELC7ERRFDEzsLWE+RULDTdgYdPZmd3dpLdhNxhlODnA5m8fe99531n9rE7GXZfnp2P7qXJuLy3dy2mpmpRn394Pq7XYiayGNiJUY0xdQDA6XA9pfg9FY4ZUjvhlACAE9Z7/38+IloxU9S89uVR/ZN3fwA49fp//585qs/UYQ0vn0hKAMAJG7n/f8++5kbvpz54WK98KgAAOK0ef+rpRxaWIh5rtaYiVt/YaG+048Fh+8LleDFWYjnOxXTciCguFPJNrbe9cHFp8Vyr1dqOn2aiHRET/cB2caWwkPXimzFXtpRXGyml7MLHS4tzrZ6I2NnujR+rtY32ZJztj//92VgeXnjMDJKI3ubi0uL5Vn8H7dVB/HbE7vC+RZ7/bEzHt8+Vu0lp8AnGpcUrcxP9B8P4jXYzLpVn4dA7IAAAAAAAAAAAAAAAAAAAAAAAcEtmW6WZcv2clP8uVsqZnR3T3lsfp4jvrw+0W6wPlJopUvrt1fvbb2axb32gg+vzbFhIEAAAAAAAAAAAAAAAAAAAAErrm43orKwsr61vbnWrhe219c2JiMhrXvr6wy/OxG2fpZ4xnccX6sUQzYhyiFZ/2K1uJ2WDzimLGA3P8sEHNe9/UmZc7dMsj2JsGs3xTXuRF/5394/vDJvuygZ7/nPYOYvxB5hV0njowKCr/y9SOsb5GS2cr9Y0R0e/mlKq1LxeDb/yzOgOoxZRj5tOY6s7EYf36U2Ar669cMfg7Hc+LyZGuve+6Seuvv3eL93OSj5y9J7Bxtr6jdTt1Aadb+605Kd6UFOLolCrzoT6UeG7+2s62Xe/PnnnW98cb/RUrXkln88H+mTF4Xx0MLxRFPI080JjOFvODMMn+wexsjw5ZvKXhdr4GX4Lz+nt7376QUo//HzcqP7AefYTIy8btb/n1QcAAAAAAAAAAAAAAAAAAKiqfFe8r/9l38mjoh549OQzAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/zvD//1cKuztxoOY4hT+2x0Q1l9fWIxr/9mECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAf91cAAAD//92GVcs=") r1 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0) write$cgroup_freezer_state(r1, &(0x7f00000002c0)='FREEZING\x00', 0x9) kernel console output (not intermixed with test programs): [ 17.566183][ T29] audit: type=1400 audit(1727748858.458:81): avc: denied { read } for pid=2948 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 Warning: Permanently added '10.128.0.2' (ED25519) to the list of known hosts. [ 21.799850][ T29] audit: type=1400 audit(1727748862.678:82): avc: denied { mounton } for pid=3252 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 21.800788][ T3252] cgroup: Unknown subsys name 'net' [ 21.822664][ T29] audit: type=1400 audit(1727748862.678:83): avc: denied { mount } for pid=3252 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 21.850001][ T29] audit: type=1400 audit(1727748862.718:84): avc: denied { unmount } for pid=3252 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 22.004481][ T3252] cgroup: Unknown subsys name 'cpuset' [ 22.010442][ T3252] cgroup: Unknown subsys name 'rlimit' [ 22.187957][ T29] audit: type=1400 audit(1727748863.078:85): avc: denied { setattr } for pid=3252 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 22.215405][ T29] audit: type=1400 audit(1727748863.078:86): avc: denied { create } for pid=3252 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 22.235984][ T29] audit: type=1400 audit(1727748863.078:87): avc: denied { write } for pid=3252 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 22.242958][ T3257] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 22.256520][ T29] audit: type=1400 audit(1727748863.078:88): avc: denied { read } for pid=3252 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 22.285296][ T29] audit: type=1400 audit(1727748863.088:89): avc: denied { mounton } for pid=3252 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 22.310153][ T29] audit: type=1400 audit(1727748863.088:90): avc: denied { mount } for pid=3252 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 22.333584][ T29] audit: type=1400 audit(1727748863.158:91): avc: denied { relabelto } for pid=3257 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 22.353266][ T3252] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 23.382692][ T3272] chnl_net:caif_netlink_parms(): no params data found [ 23.413972][ T3267] chnl_net:caif_netlink_parms(): no params data found [ 23.426401][ T3264] chnl_net:caif_netlink_parms(): no params data found [ 23.443425][ T3269] chnl_net:caif_netlink_parms(): no params data found [ 23.465256][ T3263] chnl_net:caif_netlink_parms(): no params data found [ 23.505299][ T3272] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.512327][ T3272] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.519526][ T3272] bridge_slave_0: entered allmulticast mode [ 23.526093][ T3272] bridge_slave_0: entered promiscuous mode [ 23.548889][ T3272] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.556058][ T3272] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.563289][ T3272] bridge_slave_1: entered allmulticast mode [ 23.569525][ T3272] bridge_slave_1: entered promiscuous mode [ 23.589675][ T3264] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.596769][ T3264] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.604038][ T3264] bridge_slave_0: entered allmulticast mode [ 23.610348][ T3264] bridge_slave_0: entered promiscuous mode [ 23.638607][ T3267] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.645661][ T3267] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.652783][ T3267] bridge_slave_0: entered allmulticast mode [ 23.659254][ T3267] bridge_slave_0: entered promiscuous mode [ 23.665799][ T3264] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.672902][ T3264] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.680047][ T3264] bridge_slave_1: entered allmulticast mode [ 23.686362][ T3264] bridge_slave_1: entered promiscuous mode [ 23.693589][ T3272] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 23.708381][ T3267] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.715530][ T3267] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.722590][ T3267] bridge_slave_1: entered allmulticast mode [ 23.729030][ T3267] bridge_slave_1: entered promiscuous mode [ 23.739947][ T3272] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 23.770273][ T3264] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 23.783605][ T3269] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.790739][ T3269] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.797961][ T3269] bridge_slave_0: entered allmulticast mode [ 23.804326][ T3269] bridge_slave_0: entered promiscuous mode [ 23.815325][ T3263] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.822371][ T3263] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.829545][ T3263] bridge_slave_0: entered allmulticast mode [ 23.836106][ T3263] bridge_slave_0: entered promiscuous mode [ 23.847123][ T3264] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 23.857238][ T3267] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 23.866991][ T3272] team0: Port device team_slave_0 added [ 23.872638][ T3269] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.879703][ T3269] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.887142][ T3269] bridge_slave_1: entered allmulticast mode [ 23.893585][ T3269] bridge_slave_1: entered promiscuous mode [ 23.899780][ T3263] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.906836][ T3263] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.914093][ T3263] bridge_slave_1: entered allmulticast mode [ 23.920422][ T3263] bridge_slave_1: entered promiscuous mode [ 23.939747][ T3267] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 23.949399][ T3264] team0: Port device team_slave_0 added [ 23.956099][ T3272] team0: Port device team_slave_1 added [ 23.970534][ T3264] team0: Port device team_slave_1 added [ 23.994239][ T3263] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 24.016391][ T3269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 24.026608][ T3263] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 24.040275][ T3264] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 24.047240][ T3264] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.073168][ T3264] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 24.084394][ T3264] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 24.091373][ T3264] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.117282][ T3264] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 24.128755][ T3267] team0: Port device team_slave_0 added [ 24.134927][ T3272] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 24.141895][ T3272] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.167900][ T3272] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 24.179477][ T3269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 24.188869][ T3272] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 24.195813][ T3272] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.221784][ T3272] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 24.237671][ T3263] team0: Port device team_slave_0 added [ 24.245996][ T3267] team0: Port device team_slave_1 added [ 24.262993][ T3263] team0: Port device team_slave_1 added [ 24.281726][ T3267] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 24.288710][ T3267] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.314702][ T3267] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 24.326096][ T3269] team0: Port device team_slave_0 added [ 24.332134][ T3267] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 24.339107][ T3267] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.365142][ T3267] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 24.384185][ T3269] team0: Port device team_slave_1 added [ 24.391643][ T3264] hsr_slave_0: entered promiscuous mode [ 24.397729][ T3264] hsr_slave_1: entered promiscuous mode [ 24.425664][ T3263] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 24.432655][ T3263] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.458616][ T3263] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 24.477946][ T3269] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 24.485036][ T3269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.511022][ T3269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 24.524103][ T3269] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 24.531043][ T3269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.557042][ T3269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 24.568196][ T3263] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 24.575145][ T3263] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.601181][ T3263] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 24.613488][ T3272] hsr_slave_0: entered promiscuous mode [ 24.619453][ T3272] hsr_slave_1: entered promiscuous mode [ 24.625274][ T3272] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 24.632812][ T3272] Cannot create hsr debugfs directory [ 24.668751][ T3267] hsr_slave_0: entered promiscuous mode [ 24.674902][ T3267] hsr_slave_1: entered promiscuous mode [ 24.680784][ T3267] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 24.688363][ T3267] Cannot create hsr debugfs directory [ 24.726061][ T3263] hsr_slave_0: entered promiscuous mode [ 24.731992][ T3263] hsr_slave_1: entered promiscuous mode [ 24.737791][ T3263] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 24.745463][ T3263] Cannot create hsr debugfs directory [ 24.752981][ T3269] hsr_slave_0: entered promiscuous mode [ 24.759239][ T3269] hsr_slave_1: entered promiscuous mode [ 24.765093][ T3269] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 24.772621][ T3269] Cannot create hsr debugfs directory [ 24.890797][ T3264] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 24.904664][ T3264] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 24.923184][ T3264] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 24.939764][ T3264] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 24.974141][ T3272] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 24.982069][ T3272] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 24.992106][ T3272] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 25.003390][ T3272] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 25.027906][ T3267] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 25.045963][ T3267] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 25.055599][ T3267] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 25.066604][ T3267] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 25.088039][ T3263] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 25.096526][ T3263] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 25.105348][ T3263] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 25.114755][ T3263] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 25.129370][ T3264] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.154194][ T3269] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 25.162996][ T3269] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 25.172635][ T3264] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.184893][ T3269] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 25.193255][ T3269] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 25.203778][ T40] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.210874][ T40] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.226045][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.233083][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.305877][ T3272] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.314541][ T3267] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.335872][ T3269] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.347397][ T3263] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.356684][ T3272] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.367903][ T3264] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 25.381687][ T3267] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.393029][ T141] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.400082][ T141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.409331][ T3269] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.423062][ T40] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.430105][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.439658][ T40] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.446688][ T40] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.455390][ T40] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.462519][ T40] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.474999][ T3263] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.489959][ T141] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.497075][ T141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.507153][ T141] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.514376][ T141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.539309][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.546388][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.559698][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.566753][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.605693][ T3264] veth0_vlan: entered promiscuous mode [ 25.616686][ T3269] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 25.633419][ T3272] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 25.666843][ T3264] veth1_vlan: entered promiscuous mode [ 25.683692][ T3267] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 25.733462][ T3264] veth0_macvtap: entered promiscuous mode [ 25.759094][ T3272] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 25.774941][ T3264] veth1_macvtap: entered promiscuous mode [ 25.789872][ T3263] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 25.798959][ T3269] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 25.822489][ T3264] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 25.843479][ T3264] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 25.867193][ T3267] veth0_vlan: entered promiscuous mode [ 25.880970][ T3264] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 25.889782][ T3264] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 25.898501][ T3264] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 25.907280][ T3264] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 25.938590][ T3267] veth1_vlan: entered promiscuous mode [ 25.958169][ T3263] veth0_vlan: entered promiscuous mode [ 25.965844][ T3263] veth1_vlan: entered promiscuous mode [ 25.986011][ T3267] veth0_macvtap: entered promiscuous mode [ 26.002500][ T3263] veth0_macvtap: entered promiscuous mode [ 26.011436][ T3264] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 26.016870][ T3263] veth1_macvtap: entered promiscuous mode [ 26.044154][ T3267] veth1_macvtap: entered promiscuous mode [ 26.054173][ T3267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 26.064773][ T3267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.075401][ T3267] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 26.087086][ T3263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 26.097624][ T3263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.107458][ T3263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 26.117975][ T3263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.128479][ T3263] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 26.141633][ T3267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 26.152130][ T3267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.162730][ T3267] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 26.178165][ T3272] veth0_vlan: entered promiscuous mode [ 26.189371][ T3269] veth0_vlan: entered promiscuous mode [ 26.199567][ T3263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 26.210149][ T3263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.220050][ T3263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 26.230523][ T3263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.245734][ T3263] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 26.255218][ T3272] veth1_vlan: entered promiscuous mode [ 26.263050][ T3269] veth1_vlan: entered promiscuous mode [ 26.270217][ T3267] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.279019][ T3267] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.287749][ T3267] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.296496][ T3267] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.318793][ T3263] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.327684][ T3263] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.336455][ T3263] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.345216][ T3263] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.362027][ T3410] netlink: 132 bytes leftover after parsing attributes in process `syz.2.8'. [ 26.384551][ T3272] veth0_macvtap: entered promiscuous mode [ 26.407464][ T3269] veth0_macvtap: entered promiscuous mode [ 26.424635][ T3269] veth1_macvtap: entered promiscuous mode [ 26.458243][ T3272] veth1_macvtap: entered promiscuous mode [ 26.475575][ T3272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 26.486223][ T3272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.496114][ T3272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 26.506593][ T3272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.507076][ T3419] loop1: detected capacity change from 0 to 8192 [ 26.516395][ T3272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 26.516411][ T3272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.517001][ T3272] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 26.574176][ T3269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 26.584743][ T3269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.589276][ T3424] loop2: detected capacity change from 0 to 764 [ 26.594543][ T3269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 26.611245][ T3269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.621136][ T3269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 26.631564][ T3269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.641401][ T3269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 26.651963][ T3269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.662536][ T3269] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 26.672361][ T3272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 26.682913][ T3272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.692851][ T3272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 26.703277][ T3272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.713175][ T3272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 26.723618][ T3272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.735138][ T3272] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 26.743701][ T3272] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.752525][ T3272] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.761231][ T3272] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.770023][ T3272] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.786191][ T3269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 26.796713][ T3269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.806652][ T3269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 26.817070][ T3269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.827012][ T3269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 26.837423][ T3269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.847383][ T3269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 26.857792][ T3269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 26.886906][ T29] kauditd_printk_skb: 45 callbacks suppressed [ 26.886920][ T29] audit: type=1400 audit(1727748867.768:137): avc: denied { block_suspend } for pid=3429 comm="syz.1.14" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 26.914188][ T29] audit: type=1326 audit(1727748867.768:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3429 comm="syz.1.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdbdb6dff9 code=0x7ffc0000 [ 26.914209][ T29] audit: type=1326 audit(1727748867.768:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3429 comm="syz.1.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdbdb6dff9 code=0x7ffc0000 [ 26.960791][ T29] audit: type=1326 audit(1727748867.768:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3429 comm="syz.1.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fcdbdb6dff9 code=0x7ffc0000 [ 26.988046][ T29] audit: type=1326 audit(1727748867.768:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3429 comm="syz.1.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdbdb6dff9 code=0x7ffc0000 [ 26.991369][ T3269] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 27.011189][ T29] audit: type=1326 audit(1727748867.768:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3429 comm="syz.1.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdbdb6dff9 code=0x7ffc0000 [ 27.041518][ T29] audit: type=1400 audit(1727748867.768:143): avc: denied { create } for pid=3425 comm="syz.0.13" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 27.065477][ T29] audit: type=1400 audit(1727748867.948:144): avc: denied { open } for pid=3434 comm="syz.0.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 27.084463][ T29] audit: type=1400 audit(1727748867.948:145): avc: denied { kernel } for pid=3434 comm="syz.0.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 27.103707][ T29] audit: type=1400 audit(1727748867.948:146): avc: denied { create } for pid=3433 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 27.148996][ T3269] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.157817][ T3269] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.166595][ T3269] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.175338][ T3269] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.292188][ T3457] netlink: 'syz.2.27': attribute type 3 has an invalid length. [ 27.305833][ T3459] syz.0.26 uses obsolete (PF_INET,SOCK_PACKET) [ 27.387594][ T3472] netlink: 'syz.0.33': attribute type 27 has an invalid length. [ 27.428481][ T2966] udevd[2966]: worker [3253] terminated by signal 33 (Unknown signal 33) [ 27.437913][ T2966] udevd[2966]: worker [3253] failed while handling '/devices/virtual/block/loop1' [ 27.472106][ T3488] netlink: 16 bytes leftover after parsing attributes in process `syz.1.35'. [ 27.505475][ T3488] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 27.514363][ T3488] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 27.515356][ T3494] loop4: detected capacity change from 0 to 512 [ 27.523207][ T3488] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 27.538287][ T3488] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 27.565400][ T3494] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 27.567639][ T3488] geneve2: entered promiscuous mode [ 27.583197][ T3488] geneve2: entered allmulticast mode [ 27.594359][ T3494] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 27.719419][ T3494] syz.4.37 (3494) used greatest stack depth: 10736 bytes left [ 27.730389][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 28.098966][ T3555] netlink: 'syz.1.55': attribute type 2 has an invalid length. [ 28.177953][ T3562] netlink: 14568 bytes leftover after parsing attributes in process `syz.1.58'. [ 28.359406][ T3582] loop2: detected capacity change from 0 to 512 [ 28.378556][ T3584] capability: warning: `syz.4.69' uses deprecated v2 capabilities in a way that may be insecure [ 28.390966][ T3582] EXT4-fs: Ignoring removed mblk_io_submit option [ 28.398124][ T3582] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 28.411349][ T3582] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 28.427248][ T3582] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.68: corrupted in-inode xattr: e_value out of bounds [ 28.442012][ T3582] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.68: couldn't read orphan inode 15 (err -117) [ 28.455270][ T3582] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 28.491949][ T3264] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 28.522586][ T3595] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 28.559786][ T3601] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma? [ 28.751644][ T3617] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 28.795688][ T3619] usb usb8: usbfs: process 3619 (syz.0.87) did not claim interface 0 before use [ 28.971553][ T3623] mmap: syz.3.88 (3623) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 29.257587][ T3657] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 29.284525][ T3658] usb usb8: usbfs: process 3658 (syz.1.102) did not claim interface 0 before use [ 29.766387][ T3706] syz.2.124[3706] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 29.766436][ T3706] syz.2.124[3706] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 29.781739][ T3704] syz.4.123 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 29.830580][ T3706] syz.2.124[3706] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 30.020632][ T3734] loop4: detected capacity change from 0 to 512 [ 30.050927][ T3734] EXT4-fs: test_dummy_encryption option not supported [ 30.077276][ T3739] lo speed is unknown, defaulting to 1000 [ 30.089457][ T3739] lo speed is unknown, defaulting to 1000 [ 30.126697][ T3739] lo speed is unknown, defaulting to 1000 [ 30.129712][ T3743] loop0: detected capacity change from 0 to 512 [ 30.134788][ T3739] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 30.147260][ T3743] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 30.151585][ T3739] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 30.168825][ T3743] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 30.176875][ T3743] System zones: 1-12 [ 30.181058][ T3739] lo speed is unknown, defaulting to 1000 [ 30.187276][ T3743] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2862: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 30.187735][ T3739] lo speed is unknown, defaulting to 1000 [ 30.207283][ T3743] EXT4-fs (loop0): 1 truncate cleaned up [ 30.211094][ T3739] lo speed is unknown, defaulting to 1000 [ 30.213316][ T3743] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 30.218963][ T3739] lo speed is unknown, defaulting to 1000 [ 30.238177][ T3739] lo speed is unknown, defaulting to 1000 [ 30.259570][ T3267] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 30.279290][ T3749] netlink: 199796 bytes leftover after parsing attributes in process `syz.3.145'. [ 30.346311][ T3761] netlink: 12 bytes leftover after parsing attributes in process `syz.2.149'. [ 30.593927][ T3794] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 30.619930][ T3797] Illegal XDP return value 4294966772 on prog (id 83) dev syz_tun, expect packet loss! [ 30.696526][ T3798] loop3: detected capacity change from 0 to 512 [ 30.713196][ T3798] ======================================================= [ 30.713196][ T3798] WARNING: The mand mount option has been deprecated and [ 30.713196][ T3798] and is ignored by this kernel. Remove the mand [ 30.713196][ T3798] option from the mount to silence this warning. [ 30.713196][ T3798] ======================================================= [ 30.762383][ T3798] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 30.807679][ T3798] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.163: bg 0: block 248: padding at end of block bitmap is not set [ 30.822154][ T3798] EXT4-fs error (device loop3): ext4_acquire_dquot:6879: comm syz.3.163: Failed to acquire dquot type 1 [ 30.834520][ T3798] EXT4-fs (loop3): 1 truncate cleaned up [ 30.840778][ T3798] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 30.854078][ T3798] ext4 filesystem being mounted at /22/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 30.870377][ T3798] syz.3.163 (3798) used greatest stack depth: 9376 bytes left [ 30.881324][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 30.890725][ T50] EXT4-fs error (device loop3): ext4_release_dquot:6902: comm kworker/u8:3: Failed to release dquot type 1 [ 31.200657][ T3812] loop2: detected capacity change from 0 to 1024 [ 31.385530][ T3837] netlink: 'syz.0.180': attribute type 10 has an invalid length. [ 31.409437][ T3837] veth0_macvtap: left promiscuous mode [ 31.418514][ T3843] netlink: 16 bytes leftover after parsing attributes in process `syz.4.182'. [ 31.426578][ T3837] veth0_macvtap: entered promiscuous mode [ 31.450257][ T3837] team0: Device macvtap0 failed to register rx_handler [ 31.459819][ T3837] veth0_macvtap: left promiscuous mode [ 31.718869][ T3877] loop1: detected capacity change from 0 to 512 [ 31.739427][ T3880] vhci_hcd: default hub control req: 2017 v0080 i0000 l0 [ 31.758326][ T3877] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 31.771829][ T3877] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 31.783155][ T3877] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 31.828474][ T3888] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 31.896797][ T29] kauditd_printk_skb: 184 callbacks suppressed [ 31.896812][ T29] audit: type=1400 audit(1727748871.710:328): avc: denied { ioctl } for pid=3897 comm="syz.4.205" path="/dev/raw-gadget" dev="devtmpfs" ino=118 ioctlcmd=0x5508 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 32.125837][ T3906] loop2: detected capacity change from 0 to 512 [ 32.132751][ T3906] FAT-fs (loop2): bogus logical sector size 0 [ 32.138865][ T3906] FAT-fs (loop2): Can't find a valid FAT filesystem [ 32.356264][ T29] audit: type=1326 audit(1727748872.170:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3921 comm="syz.2.217" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4cc3eddff9 code=0x0 [ 32.545963][ T3934] netlink: 4 bytes leftover after parsing attributes in process `syz.4.222'. [ 32.610052][ T29] audit: type=1400 audit(1727748872.420:330): avc: denied { write } for pid=3942 comm="syz.4.226" lport=132 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 32.655827][ T3951] pimreg: entered allmulticast mode [ 32.656317][ T29] audit: type=1400 audit(1727748872.470:331): avc: denied { mount } for pid=3948 comm="syz.4.229" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 32.663131][ T3951] pimreg: left allmulticast mode [ 32.689705][ T29] audit: type=1400 audit(1727748872.500:332): avc: denied { unmount } for pid=3948 comm="syz.4.229" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 32.724159][ T29] audit: type=1400 audit(1727748872.540:333): avc: denied { mounton } for pid=3952 comm="syz.4.231" path="/syzcgroup/cpu/syz4/cgroup.procs" dev="cgroup" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1 [ 32.873567][ T29] audit: type=1326 audit(1727748872.680:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3960 comm="syz.1.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdbdb6dff9 code=0x7ffc0000 [ 32.896936][ T29] audit: type=1326 audit(1727748872.680:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3960 comm="syz.1.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdbdb6dff9 code=0x7ffc0000 [ 32.920226][ T29] audit: type=1326 audit(1727748872.680:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3960 comm="syz.1.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fcdbdb6dff9 code=0x7ffc0000 [ 32.943359][ T29] audit: type=1326 audit(1727748872.680:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3960 comm="syz.1.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdbdb6dff9 code=0x7ffc0000 [ 33.022127][ T3973] netlink: 12 bytes leftover after parsing attributes in process `syz.1.239'. [ 33.031138][ T3973] netlink: 12 bytes leftover after parsing attributes in process `syz.1.239'. [ 33.133924][ T3980] loop1: detected capacity change from 0 to 512 [ 33.140493][ T3980] EXT4-fs: inline encryption not supported [ 33.155546][ T3980] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.168170][ T3980] ext4 filesystem being mounted at /47/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 33.187075][ T3263] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.251508][ T3990] loop2: detected capacity change from 0 to 512 [ 33.259187][ T3990] EXT4-fs: Ignoring removed orlov option [ 33.269499][ T3990] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 33.282071][ T3990] EXT4-fs (loop2): 1 truncate cleaned up [ 33.288121][ T3990] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.304720][ T3990] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 33.322023][ T3264] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.448031][ T4013] loop2: detected capacity change from 0 to 512 [ 33.487189][ T4013] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.503801][ T4013] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 33.527175][ T4024] netlink: 8 bytes leftover after parsing attributes in process `syz.1.260'. [ 33.531446][ T3264] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.561311][ T4028] netlink: 16 bytes leftover after parsing attributes in process `syz.2.261'. [ 33.629264][ T4035] SELinux: Context Ü is not valid (left unmapped). [ 33.678329][ T4042] netlink: 20 bytes leftover after parsing attributes in process `syz.4.268'. [ 33.687295][ T4042] netlink: 20 bytes leftover after parsing attributes in process `syz.4.268'. [ 33.723914][ T4049] netlink: 'syz.3.271': attribute type 1 has an invalid length. [ 33.748546][ T4051] netlink: 4 bytes leftover after parsing attributes in process `syz.2.272'. [ 34.002641][ T4084] lo speed is unknown, defaulting to 1000 [ 34.010679][ T4089] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 34.011681][ T4086] 9pnet: Could not find request transport: t [ 34.068396][ T4096] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 34.177793][ T4109] netlink: 12 bytes leftover after parsing attributes in process `syz.3.298'. [ 34.433569][ T4142] xt_hashlimit: invalid interval [ 34.541261][ T4165] loop0: detected capacity change from 0 to 164 [ 34.558685][ T4165] Unable to read rock-ridge attributes [ 34.563648][ T4169] loop3: detected capacity change from 0 to 256 [ 34.566702][ T4165] Unable to read rock-ridge attributes [ 34.579113][ T4165] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 34.601940][ T4169] FAT-fs (loop3): Directory bread(block 64) failed [ 34.610467][ T4169] FAT-fs (loop3): Directory bread(block 65) failed [ 34.621177][ T4169] FAT-fs (loop3): Directory bread(block 66) failed [ 34.628857][ T4169] FAT-fs (loop3): Directory bread(block 67) failed [ 34.636267][ T4169] FAT-fs (loop3): Directory bread(block 68) failed [ 34.642790][ T4169] FAT-fs (loop3): Directory bread(block 69) failed [ 34.655243][ T4169] FAT-fs (loop3): Directory bread(block 70) failed [ 34.664239][ T4169] FAT-fs (loop3): Directory bread(block 71) failed [ 34.671011][ T4169] FAT-fs (loop3): Directory bread(block 72) failed [ 34.679060][ T4169] FAT-fs (loop3): Directory bread(block 73) failed [ 34.706031][ T4182] loop4: detected capacity change from 0 to 256 [ 34.753388][ T4169] syz.3.325: attempt to access beyond end of device [ 34.753388][ T4169] loop3: rw=2049, sector=1224, nr_sectors = 608 limit=256 [ 34.771278][ T4169] syz.3.325: attempt to access beyond end of device [ 34.771278][ T4169] loop3: rw=2049, sector=1864, nr_sectors = 1444 limit=256 [ 34.905954][ T4205] loop3: detected capacity change from 0 to 512 [ 34.926074][ T4205] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 34.938714][ T4205] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 34.960782][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 35.277637][ T4239] syz.3.357[4239] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 35.277743][ T4239] syz.3.357[4239] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 35.289671][ T4239] syz.3.357[4239] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 35.385269][ T4249] loop3: detected capacity change from 0 to 2048 [ 35.425635][ T4249] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 35.439593][ T4249] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.362: bg 0: block 274: padding at end of block bitmap is not set [ 35.463914][ T4249] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 117 [ 35.476413][ T4249] EXT4-fs (loop3): This should not happen!! Data will be lost [ 35.476413][ T4249] [ 35.498817][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 35.520397][ T4257] loop0: detected capacity change from 0 to 256 [ 35.530591][ T4257] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 35.543844][ T4257] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 35.552370][ T4257] FAT-fs (loop0): Filesystem has been set read-only [ 35.598829][ T4273] loop3: detected capacity change from 0 to 256 [ 35.611239][ T4273] FAT-fs (loop3): Directory bread(block 64) failed [ 35.619466][ T4273] FAT-fs (loop3): Directory bread(block 65) failed [ 35.626064][ T4273] FAT-fs (loop3): Directory bread(block 66) failed [ 35.632676][ T4273] FAT-fs (loop3): Directory bread(block 67) failed [ 35.639272][ T4273] FAT-fs (loop3): Directory bread(block 68) failed [ 35.645832][ T4273] FAT-fs (loop3): Directory bread(block 69) failed [ 35.652408][ T4273] FAT-fs (loop3): Directory bread(block 70) failed [ 35.658925][ T4273] FAT-fs (loop3): Directory bread(block 71) failed [ 35.665458][ T4273] FAT-fs (loop3): Directory bread(block 72) failed [ 35.672124][ T4273] FAT-fs (loop3): Directory bread(block 73) failed [ 35.714775][ T4281] Invalid ELF header magic: != ELF [ 35.727849][ T4283] loop0: detected capacity change from 0 to 128 [ 35.859486][ T4305] syz_tun: entered promiscuous mode [ 35.866166][ T4305] batadv_slave_0: entered promiscuous mode [ 35.901832][ T4316] SELinux: policydb version 0 does not match my version range 15-33 [ 35.910074][ T4316] SELinux: failed to load policy [ 36.014569][ T4335] xt_TPROXY: Can be used only with -p tcp or -p udp [ 36.506299][ T4349] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 36.514554][ T4349] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 36.585450][ T4359] loop1: detected capacity change from 0 to 512 [ 36.592248][ T4359] EXT4-fs: Ignoring removed i_version option [ 36.599320][ T4359] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002] [ 36.607464][ T4359] System zones: 1-12 [ 36.611724][ T4359] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.413: bg 0: block 131: padding at end of block bitmap is not set [ 36.626453][ T4359] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 36.635313][ T4359] EXT4-fs (loop1): 1 truncate cleaned up [ 36.641389][ T4359] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 36.664986][ T3263] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.894637][ T4381] xt_CT: You must specify a L4 protocol and not use inversions on it [ 36.976120][ T4388] __nla_validate_parse: 3 callbacks suppressed [ 36.976137][ T4388] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.426'. [ 36.994658][ T4390] loop1: detected capacity change from 0 to 512 [ 37.000469][ T4387] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.426'. [ 37.007321][ T4390] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 37.070865][ T4398] syz.1.431[4398] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 37.070901][ T4398] syz.1.431[4398] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 37.082427][ T4398] syz.1.431[4398] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 37.096779][ T4398] Cannot find set identified by id 0 to match [ 37.134569][ T29] kauditd_printk_skb: 140 callbacks suppressed [ 37.134582][ T29] audit: type=1326 audit(1727748876.950:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4401 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bf286dff9 code=0x7ffc0000 [ 37.163984][ T29] audit: type=1326 audit(1727748876.950:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4401 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bf286dff9 code=0x7ffc0000 [ 37.176750][ T4406] loop3: detected capacity change from 0 to 128 [ 37.188062][ T29] audit: type=1326 audit(1727748876.950:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4401 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7f4bf286dff9 code=0x7ffc0000 [ 37.217001][ T29] audit: type=1326 audit(1727748876.950:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4401 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bf286dff9 code=0x7ffc0000 [ 37.240296][ T29] audit: type=1326 audit(1727748876.950:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4401 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bf286dff9 code=0x7ffc0000 [ 37.263506][ C1] vxcan0: j1939_tp_rxtimer: 0xffff8881151df400: rx timeout, send abort [ 37.271902][ C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff8881151df400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 37.271946][ C1] ------------[ cut here ]------------ [ 37.271953][ C1] refcount_t: underflow; use-after-free. [ 37.272147][ C1] WARNING: CPU: 1 PID: 29 at lib/refcount.c:28 refcount_warn_saturate+0x1c6/0x230 [ 37.272196][ C1] Modules linked in: [ 37.272208][ C1] CPU: 1 UID: 0 PID: 29 Comm: kauditd Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 37.272229][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 37.272240][ C1] RIP: 0010:refcount_warn_saturate+0x1c6/0x230 [ 37.272276][ C1] Code: 72 ff ff ff e8 7b 87 71 ff 48 c7 c7 be d6 b2 86 e8 0f 6d 8a ff c6 05 26 2d f4 04 01 90 48 c7 c7 02 a6 1b 86 e8 4b 4c 53 ff 90 <0f> 0b 90 90 e9 43 ff ff ff e8 4c 87 71 ff 48 c7 c7 bb d6 b2 86 e8 [ 37.272298][ C1] RSP: 0018:ffffc900000e4b40 EFLAGS: 00010246 [ 37.272321][ C1] RAX: 228db861b9a67800 RBX: ffff888115717be4 RCX: ffff888100fc2100 [ 37.272344][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 37.272366][ C1] RBP: 0000000000000003 R08: ffffffff8111f757 R09: 0000000000000000 [ 37.272377][ C1] R10: 0001ffffffffffff R11: 0001c900000e4a30 R12: ffff8881151df468 [ 37.272388][ C1] R13: 0000000000000000 R14: ffff888115717be4 R15: 0000000000000000 [ 37.272400][ C1] FS: 0000000000000000(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 37.272417][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 37.272433][ C1] CR2: 0000001b2fb1fffc CR3: 0000000108db6000 CR4: 00000000003506f0 [ 37.272449][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 37.272464][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 37.272495][ C1] Call Trace: [ 37.272500][ C1] [ 37.272507][ C1] ? __warn+0x141/0x350 [ 37.272542][ C1] ? report_bug+0x315/0x420 [ 37.272576][ C1] ? refcount_warn_saturate+0x1c6/0x230 [ 37.272618][ C1] ? handle_bug+0x60/0x90 [ 37.272636][ C1] ? exc_invalid_op+0x1a/0x50 [ 37.272654][ C1] ? asm_exc_invalid_op+0x1a/0x20 [ 37.272699][ C1] ? __warn_printk+0x167/0x1b0 [ 37.272734][ C1] ? refcount_warn_saturate+0x1c6/0x230 [ 37.272758][ C1] sk_skb_reason_drop+0xe9/0x290 [ 37.272809][ C1] j1939_session_put+0x157/0x2a0 [ 37.272837][ C1] j1939_xtp_rx_abort_one+0x9d/0x410 [ 37.272864][ C1] j1939_tp_recv+0x71e/0xa80 [ 37.272886][ C1] j1939_can_recv+0x45f/0x550 [ 37.272908][ C1] ? __pfx_j1939_can_recv+0x10/0x10 [ 37.272948][ C1] can_rcv_filter+0x225/0x4c0 [ 37.272975][ C1] can_receive+0x182/0x1f0 [ 37.272999][ C1] ? can_rcv+0xdc/0x180 [ 37.273022][ C1] ? __pfx_ip_rcv+0x10/0x10 [ 37.273043][ C1] can_rcv+0xe7/0x180 [ 37.273066][ C1] ? __pfx_can_rcv+0x10/0x10 [ 37.273092][ C1] __netif_receive_skb+0x123/0x280 [ 37.273129][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 37.273167][ C1] process_backlog+0x22e/0x440 [ 37.273188][ C1] __napi_poll+0x63/0x3c0 [ 37.273225][ C1] ? net_rx_action+0x376/0x7f0 [ 37.273248][ C1] net_rx_action+0x3a1/0x7f0 [ 37.273292][ C1] handle_softirqs+0xbf/0x280 [ 37.273311][ C1] irq_exit_rcu+0x3e/0x90 [ 37.273341][ C1] sysvec_call_function_single+0x6b/0x80 [ 37.273370][ C1] [ 37.273377][ C1] [ 37.273384][ C1] asm_sysvec_call_function_single+0x1a/0x20 [ 37.273421][ C1] RIP: 0010:console_flush_all+0x56b/0x770 [ 37.273462][ C1] Code: 4c 89 f6 48 81 e6 00 02 00 00 31 ff e8 ce 2d 12 00 49 81 e6 00 02 00 00 75 07 e8 e0 28 12 00 eb 06 e8 d9 28 12 00 fb 4d 89 ee <44> 0f b6 64 24 02 48 8b 6c 24 08 48 89 ef e8 e2 1a 2b 00 48 8b 6d [ 37.273483][ C1] RSP: 0018:ffffc90000103b90 EFLAGS: 00000293 [ 37.273500][ C1] RAX: ffffffff811e0827 RBX: ffffc90000103c37 RCX: ffff888100fc2100 [ 37.273515][ C1] RDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000 [ 37.273537][ C1] RBP: ffffc90000103c37 R08: ffffffff811e0812 R09: 0000000000000000 [ 37.273548][ C1] R10: 0001c90000103c37 R11: 0001ffff88bc7950 R12: 0000000000000000 [ 37.273559][ C1] R13: ffffc90000103c28 R14: ffffc90000103c28 R15: ffffffff868169e0 [ 37.273572][ C1] ? console_flush_all+0x552/0x770 [ 37.273609][ C1] ? console_flush_all+0x567/0x770 [ 37.273641][ C1] console_unlock+0xab/0x330 [ 37.273675][ C1] ? _raw_spin_unlock_irqrestore+0x2b/0x60 [ 37.273734][ C1] vprintk_emit+0x3f4/0x680 [ 37.273760][ C1] vprintk_default+0x26/0x30 [ 37.273792][ C1] vprintk+0x75/0x80 [ 37.273809][ C1] _printk+0x7a/0xa0 [ 37.273834][ C1] ? kauditd_hold_skb+0x18f/0x1b0 [ 37.273875][ C1] kauditd_hold_skb+0x1a3/0x1b0 [ 37.273901][ C1] ? __pfx_kauditd_hold_skb+0x10/0x10 [ 37.273923][ C1] ? __pfx_kauditd_send_multicast_skb+0x10/0x10 [ 37.273967][ C1] kauditd_send_queue+0x288/0x2e0 [ 37.273989][ C1] ? __pfx_kauditd_send_multicast_skb+0x10/0x10 [ 37.274023][ C1] ? __pfx_kauditd_hold_skb+0x10/0x10 [ 37.274063][ C1] ? __pfx_kauditd_hold_skb+0x10/0x10 [ 37.274091][ C1] kauditd_thread+0x42a/0x650 [ 37.274119][ C1] ? _raw_spin_unlock_irqrestore+0x2b/0x60 [ 37.274161][ C1] ? _raw_spin_lock_irqsave+0x3c/0xb0 [ 37.274199][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 37.274236][ C1] ? __pfx_kauditd_thread+0x10/0x10 [ 37.274270][ C1] kthread+0x1d1/0x210 [ 37.274294][ C1] ? __pfx_kthread+0x10/0x10 [ 37.274326][ C1] ret_from_fork+0x4b/0x60 [ 37.274350][ C1] ? __pfx_kthread+0x10/0x10 [ 37.274368][ C1] ret_from_fork_asm+0x1a/0x30 [ 37.274409][ C1] [ 37.274416][ C1] ---[ end trace 0000000000000000 ]--- [ 37.812877][ T29] audit: type=1400 audit(1727748877.110:483): avc: denied { read } for pid=4407 comm="syz.1.437" name="usbmon7" dev="devtmpfs" ino=139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 37.836076][ T29] audit: type=1400 audit(1727748877.110:484): avc: denied { open } for pid=4407 comm="syz.1.437" path="/dev/usbmon7" dev="devtmpfs" ino=139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 37.859797][ T29] audit: type=1400 audit(1727748877.110:485): avc: denied { append } for pid=4407 comm="syz.1.437" name="001" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 37.885172][ T4412] vhci_hcd: default hub control req: 0200 v0000 i0000 l0 [ 37.899376][ T29] audit: type=1326 audit(1727748877.710:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4415 comm="syz.3.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bf286dff9 code=0x7ffc0000 [ 37.940601][ T29] audit: type=1326 audit(1727748877.740:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4415 comm="syz.3.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bf286dff9 code=0x7ffc0000 [ 38.039680][ T4434] hub 9-0:1.0: USB hub found [ 38.046736][ T4434] hub 9-0:1.0: 8 ports detected [ 38.176434][ T4444] hub 8-0:1.0: USB hub found [ 38.178437][ T4448] sctp: [Deprecated]: syz.1.452 (pid 4448) Use of int in max_burst socket option deprecated. [ 38.178437][ T4448] Use struct sctp_assoc_value instead [ 38.185157][ T4444] hub 8-0:1.0: 8 ports detected [ 38.526121][ T4511] netlink: 12 bytes leftover after parsing attributes in process `syz.0.486'. [ 39.247934][ T4530] loop3: detected capacity change from 0 to 512 [ 39.256050][ T4530] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 39.276969][ T4530] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.290719][ T4530] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 39.305035][ T4530] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 39.320838][ T4530] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 5 with max blocks 1 with error 28 [ 39.333185][ T4530] EXT4-fs (loop3): This should not happen!! Data will be lost [ 39.333185][ T4530] [ 39.342829][ T4530] EXT4-fs (loop3): Total free blocks count 0 [ 39.348822][ T4530] EXT4-fs (loop3): Free/Dirty block details [ 39.354734][ T4530] EXT4-fs (loop3): free_blocks=39626 [ 39.360039][ T4530] EXT4-fs (loop3): dirty_blocks=1 [ 39.365083][ T4530] EXT4-fs (loop3): Block reservation details [ 39.371074][ T4530] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 39.386766][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.459426][ T4547] lo speed is unknown, defaulting to 1000 [ 39.571952][ T4571] loop3: detected capacity change from 0 to 512 [ 39.578581][ T4571] EXT4-fs: Ignoring removed nobh option [ 39.586663][ T4571] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13 [ 39.595893][ T4571] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.514: attempt to clear invalid blocks 2 len 1 [ 39.609810][ T4571] EXT4-fs (loop3): Remounting filesystem read-only [ 39.616996][ T4571] EXT4-fs (loop3): 1 truncate cleaned up [ 39.623010][ T4571] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.636432][ T4571] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 39.643491][ T4571] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.720935][ T4583] netlink: 16 bytes leftover after parsing attributes in process `syz.3.519'. [ 39.755391][ T4583] netlink: 16 bytes leftover after parsing attributes in process `syz.3.519'. [ 39.780780][ T4583] netlink: 16 bytes leftover after parsing attributes in process `syz.3.519'. [ 39.857917][ T4607] netlink: 20 bytes leftover after parsing attributes in process `syz.0.529'. [ 39.867206][ T4608] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_team, syncid = 0, id = 0 [ 40.324274][ T4666] bridge0: port 3(hsr_slave_1) entered blocking state [ 40.331134][ T4666] bridge0: port 3(hsr_slave_1) entered disabled state [ 40.338246][ T4666] hsr_slave_1: entered allmulticast mode [ 40.344689][ T4666] hsr_slave_1: left allmulticast mode [ 40.386021][ T4674] loop3: detected capacity change from 0 to 512 [ 40.395240][ T4674] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.401178][ T4679] loop0: detected capacity change from 0 to 512 [ 40.407805][ T4674] ext4 filesystem being mounted at /147/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 40.415413][ T4679] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 40.436854][ T4679] EXT4-fs (loop0): 1 orphan inode deleted [ 40.442682][ T4679] EXT4-fs (loop0): 1 truncate cleaned up [ 40.448757][ T4679] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 40.465671][ T4679] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 40.480406][ T4679] EXT4-fs (loop0): Remounting filesystem read-only [ 40.480694][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.487116][ T4679] EXT4-fs (loop0): error restoring inline_data for inode -- potential data loss! (inode 12, error -5) [ 40.518906][ T3267] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.555800][ T4692] SELinux: Context system_u:object_r:var_t:s0 is not valid (left unmapped). [ 40.603122][ T4693] loop0: detected capacity change from 0 to 8192 [ 41.604394][ T4744] loop3: detected capacity change from 0 to 1024 [ 41.613164][ T4744] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.638544][ T4750] loop1: detected capacity change from 0 to 256 [ 41.647414][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.648230][ T4752] loop0: detected capacity change from 0 to 512 [ 41.676076][ T4752] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.689345][ T4752] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 41.691985][ T4758] IPv6: NLM_F_CREATE should be specified when creating new route [ 41.755974][ T3267] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.784121][ T4770] netlink: 'syz.3.600': attribute type 8 has an invalid length. [ 41.792147][ T4774] binfmt_misc: register: failed to install interpreter file ./file0 [ 41.905429][ T4794] netlink: 292 bytes leftover after parsing attributes in process `syz.0.611'. [ 42.059137][ T4808] loop3: detected capacity change from 0 to 128 [ 42.067853][ T4806] loop0: detected capacity change from 0 to 256 [ 42.211288][ T4818] loop0: detected capacity change from 0 to 1024 [ 42.256071][ T4818] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 42.346218][ T29] kauditd_printk_skb: 264 callbacks suppressed [ 42.346230][ T29] audit: type=1400 audit(1727748882.160:752): avc: denied { create } for pid=4825 comm="syz.3.626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 42.411121][ T4828] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 42.423882][ T29] audit: type=1400 audit(1727748882.190:753): avc: denied { bind } for pid=4825 comm="syz.3.626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 42.443500][ T29] audit: type=1400 audit(1727748882.190:754): avc: denied { read } for pid=4825 comm="syz.3.626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 42.473947][ T4828] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 42.677130][ T4818] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 42.692193][ T4818] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 42.704492][ T4818] EXT4-fs (loop0): This should not happen!! Data will be lost [ 42.704492][ T4818] [ 42.714131][ T4818] EXT4-fs (loop0): Total free blocks count 0 [ 42.720107][ T4818] EXT4-fs (loop0): Free/Dirty block details [ 42.726031][ T4818] EXT4-fs (loop0): free_blocks=68451041280 [ 42.731832][ T4818] EXT4-fs (loop0): dirty_blocks=16400 [ 42.737343][ T4818] EXT4-fs (loop0): Block reservation details [ 42.743311][ T4818] EXT4-fs (loop0): i_reserved_data_blocks=1025 [ 42.765167][ T40] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2048 with error 28 [ 42.837673][ T4781] kexec: Could not allocate control_code_buffer [ 43.004660][ T4841] sctp: [Deprecated]: syz.0.633 (pid 4841) Use of struct sctp_assoc_value in delayed_ack socket option. [ 43.004660][ T4841] Use struct sctp_sack_info instead [ 43.031388][ T29] audit: type=1400 audit(1727748882.840:755): avc: denied { create } for pid=4842 comm="syz.0.634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 43.053755][ T29] audit: type=1400 audit(1727748882.840:756): avc: denied { write } for pid=4842 comm="syz.0.634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 43.075133][ T29] audit: type=1400 audit(1727748882.890:757): avc: denied { create } for pid=4845 comm="syz.3.636" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 43.096575][ T29] audit: type=1400 audit(1727748882.910:758): avc: denied { write } for pid=4845 comm="syz.3.636" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 43.116533][ T29] audit: type=1400 audit(1727748882.910:759): avc: denied { nlmsg_write } for pid=4845 comm="syz.3.636" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 43.137164][ T29] audit: type=1400 audit(1727748882.910:760): avc: denied { bind } for pid=4845 comm="syz.3.636" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 43.156376][ T29] audit: type=1400 audit(1727748882.910:761): avc: denied { name_bind } for pid=4845 comm="syz.3.636" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 43.218145][ T4857] syzkaller1: entered promiscuous mode [ 43.223880][ T4857] syzkaller1: entered allmulticast mode [ 43.387207][ T4867] sctp: [Deprecated]: syz.0.646 (pid 4867) Use of struct sctp_assoc_value in delayed_ack socket option. [ 43.387207][ T4867] Use struct sctp_sack_info instead [ 43.486411][ T3339] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4 [ 43.494285][ T3339] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2 [ 43.502039][ T3339] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x3 [ 43.510788][ T3339] hid-generic 0000:3000000:0000.0001: hidraw0: HID v0.00 Device [sy] on syz0 [ 43.543639][ T4887] loop0: detected capacity change from 0 to 256 [ 43.550968][ T4887] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 43.711211][ C0] hrtimer: interrupt took 37782 ns [ 43.754195][ T4899] netlink: 24 bytes leftover after parsing attributes in process `syz.1.662'. [ 43.770726][ T4899] loop1: detected capacity change from 0 to 2048 [ 43.809129][ T4899] Alternate GPT is invalid, using primary GPT. [ 43.815532][ T4899] loop1: p2 p3 p7 [ 43.860321][ T4904] loop1: detected capacity change from 0 to 2048 [ 43.925554][ T4904] loop1: p1 < > p4 [ 43.929890][ T4904] loop1: p4 size 393216 extends beyond EOD, truncated [ 43.965471][ T4904] SELinux: Context system_u:object_r:apt_var_lib_t:s0 is not valid (left unmapped). [ 44.023323][ T4921] loop3: detected capacity change from 0 to 512 [ 44.048414][ T4921] EXT4-fs error (device loop3): ext4_orphan_get:1388: inode #15: comm syz.3.671: casefold flag without casefold feature [ 44.063621][ T4921] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.671: couldn't read orphan inode 15 (err -117) [ 44.079637][ T4912] lo speed is unknown, defaulting to 1000 [ 44.087609][ T4921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.123785][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.145319][ T3352] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.158391][ T4912] chnl_net:caif_netlink_parms(): no params data found [ 44.212883][ T3352] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.254967][ T4912] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.262157][ T4912] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.270267][ T4912] bridge_slave_0: entered allmulticast mode [ 44.277475][ T4912] bridge_slave_0: entered promiscuous mode [ 44.287682][ T3352] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.299445][ T4912] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.306527][ T4912] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.314813][ T4912] bridge_slave_1: entered allmulticast mode [ 44.321234][ T4912] bridge_slave_1: entered promiscuous mode [ 44.347965][ T4912] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.359906][ T3352] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.370873][ T4960] netlink: 16 bytes leftover after parsing attributes in process `syz.1.684'. [ 44.381766][ T4912] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.412874][ T4912] team0: Port device team_slave_0 added [ 44.433946][ T4912] team0: Port device team_slave_1 added [ 44.469413][ T4912] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.476413][ T4912] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.502364][ T4912] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.522327][ T3352] bridge_slave_1: left allmulticast mode [ 44.528148][ T3352] bridge_slave_1: left promiscuous mode [ 44.533934][ T3352] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.543106][ T3352] bridge_slave_0: left allmulticast mode [ 44.548896][ T3352] bridge_slave_0: left promiscuous mode [ 44.554581][ T3352] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.659545][ T3352] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 44.670397][ T3352] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 44.688251][ T3352] bond0 (unregistering): Released all slaves [ 44.703967][ T4912] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 44.710929][ T4912] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.736918][ T4912] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 44.784408][ T3352] hsr_slave_0: left promiscuous mode [ 44.792057][ T3352] hsr_slave_1: left promiscuous mode [ 44.793951][ T5018] loop0: detected capacity change from 0 to 128 [ 44.809608][ T3352] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 44.817065][ T3352] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 44.825737][ T3352] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 44.833206][ T3352] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 44.845094][ T3352] veth1_macvtap: left promiscuous mode [ 44.850642][ T3352] veth0_macvtap: left promiscuous mode [ 44.856227][ T3352] veth1_vlan: left promiscuous mode [ 44.858500][ T5018] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 44.861447][ T3352] veth0_vlan: left promiscuous mode [ 44.879370][ T5018] ext4 filesystem being mounted at /183/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 44.961721][ T3267] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 45.037085][ T3352] team0 (unregistering): Port device team_slave_1 removed [ 45.047013][ T3352] team0 (unregistering): Port device team_slave_0 removed [ 45.083093][ T4912] hsr_slave_0: entered promiscuous mode [ 45.089138][ T4912] hsr_slave_1: entered promiscuous mode [ 45.179749][ T5061] loop0: detected capacity change from 0 to 1024 [ 45.186723][ T5061] EXT4-fs: quotafile must be on filesystem root [ 45.195538][ T5034] lo speed is unknown, defaulting to 1000 [ 45.249955][ T5069] loop0: detected capacity change from 0 to 512 [ 45.264849][ T5069] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 45.273020][ T5069] System zones: 0-2, 18-18, 34-34 [ 45.278946][ T5069] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.729: bg 0: block 248: padding at end of block bitmap is not set [ 45.295436][ T5069] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.729: Failed to acquire dquot type 1 [ 45.307191][ T5069] EXT4-fs (loop0): 1 truncate cleaned up [ 45.312933][ T5034] chnl_net:caif_netlink_parms(): no params data found [ 45.313114][ T5069] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.333115][ T5069] ext4 filesystem being mounted at /192/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 45.355192][ T3267] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.411031][ T5034] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.418157][ T5034] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.425395][ T5034] bridge_slave_0: entered allmulticast mode [ 45.431887][ T5034] bridge_slave_0: entered promiscuous mode [ 45.440362][ T5088] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 45.450025][ T5034] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.457290][ T5034] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.465330][ T5034] bridge_slave_1: entered allmulticast mode [ 45.471656][ T5034] bridge_slave_1: entered promiscuous mode [ 45.490695][ T5034] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.507117][ T5034] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.533626][ T5034] team0: Port device team_slave_0 added [ 45.540665][ T5034] team0: Port device team_slave_1 added [ 45.558204][ T4912] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 45.567103][ T5034] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.574125][ T5034] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.600062][ T5034] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.612231][ T5034] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.619228][ T5034] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.645157][ T5034] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.656540][ T4912] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 45.673623][ T4912] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 45.689901][ T5034] hsr_slave_0: entered promiscuous mode [ 45.696128][ T5034] hsr_slave_1: entered promiscuous mode [ 45.702644][ T5034] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 45.710666][ T5034] Cannot create hsr debugfs directory [ 45.716195][ T4912] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 45.777309][ T5034] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.799652][ T4912] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.815291][ T4912] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.824419][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.831458][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.842387][ T5034] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.855552][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.862668][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.890560][ T5034] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.940925][ T5034] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.957692][ T4912] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.999720][ T5034] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 46.008592][ T5034] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 46.017979][ T5034] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 46.027992][ T5034] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 46.075498][ T4912] veth0_vlan: entered promiscuous mode [ 46.083527][ T4912] veth1_vlan: entered promiscuous mode [ 46.122147][ T5034] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.130832][ T4912] veth0_macvtap: entered promiscuous mode [ 46.147556][ T4912] veth1_macvtap: entered promiscuous mode [ 46.157151][ T5034] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.168515][ T4912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.179017][ T4912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.188898][ T4912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.199391][ T4912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.209224][ T4912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.219748][ T4912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.229551][ T4912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.240051][ T4912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.251968][ T4912] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.266789][ T3352] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.273938][ T3352] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.287384][ T40] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.294545][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.304231][ T4912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.314809][ T4912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.324707][ T4912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.335188][ T4912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.345091][ T4912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.355538][ T4912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.365389][ T4912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.375865][ T4912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.390391][ T4912] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.398853][ T4912] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.407581][ T4912] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.416364][ T4912] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.425059][ T4912] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.438326][ T5158] netlink: 8 bytes leftover after parsing attributes in process `syz.3.763'. [ 46.480322][ T5034] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 46.490771][ T5034] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 46.549679][ T5165] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma? [ 46.571288][ T5034] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.675090][ T5197] loop2: detected capacity change from 0 to 128 [ 46.719596][ T5201] loop3: detected capacity change from 0 to 1764 [ 46.720907][ T5034] veth0_vlan: entered promiscuous mode [ 46.739503][ T5034] veth1_vlan: entered promiscuous mode [ 46.759857][ T5213] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma? [ 46.780877][ T5034] veth0_macvtap: entered promiscuous mode [ 46.801596][ T5034] veth1_macvtap: entered promiscuous mode [ 46.818520][ T5034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.829235][ T5034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.839118][ T5034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.849635][ T5034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.859487][ T5034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.869952][ T5034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.879773][ T5034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.890353][ T5034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.900273][ T5034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.910793][ T5034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.939309][ T5034] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.987404][ T5034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.997978][ T5034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.007855][ T5034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.018464][ T5034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.028542][ T5034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.039138][ T5034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.049056][ T5034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.059588][ T5034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.069405][ T5034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.079886][ T5034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.090626][ T5034] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.107700][ T5034] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.116552][ T5034] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.125440][ T5034] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.134277][ T5034] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.146953][ T5239] No such timeout policy "syz0" [ 47.184242][ T5245] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 3976 [ 47.347337][ T5278] xt_CT: You must specify a L4 protocol and not use inversions on it [ 47.350427][ T5281] loop3: detected capacity change from 0 to 1024 [ 47.366946][ T5281] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 47.385944][ T29] kauditd_printk_skb: 170 callbacks suppressed [ 47.385958][ T29] audit: type=1400 audit(1727748887.200:930): avc: denied { getopt } for pid=5286 comm="syz.0.813" lport=46649 faddr=::ffff:10.1.1.1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 47.477609][ T29] audit: type=1400 audit(1727748887.290:931): avc: denied { mount } for pid=5303 comm="syz.4.819" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 47.537491][ T5311] hub 2-0:1.0: USB hub found [ 47.542428][ T5311] hub 2-0:1.0: 8 ports detected [ 47.629071][ T29] audit: type=1400 audit(1727748887.440:932): avc: denied { ioctl } for pid=5327 comm="syz.1.828" path="/dev/input/event0" dev="devtmpfs" ino=218 ioctlcmd=0x4590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 47.637222][ T5332] syz.4.830[5332] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 47.658529][ T29] audit: type=1326 audit(1727748887.470:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.0.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b5bddff9 code=0x7ffc0000 [ 47.661945][ T5332] syz.4.830[5332] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 47.669828][ T29] audit: type=1326 audit(1727748887.470:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.0.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b5bddff9 code=0x7ffc0000 [ 47.671507][ T29] audit: type=1326 audit(1727748887.480:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.0.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ff9b5bddff9 code=0x7ffc0000 [ 47.693797][ T5332] syz.4.830[5332] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 47.704301][ T29] audit: type=1326 audit(1727748887.480:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b5bddff9 code=0x7ffc0000 [ 47.785177][ T29] audit: type=1326 audit(1727748887.480:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b5bddff9 code=0x7ffc0000 [ 47.817525][ T5341] netlink: 24 bytes leftover after parsing attributes in process `syz.0.833'. [ 47.837935][ T29] audit: type=1326 audit(1727748887.560:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9b5bddff9 code=0x7ffc0000 [ 47.860818][ T29] audit: type=1326 audit(1727748887.560:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b5bddff9 code=0x7ffc0000 [ 47.895072][ T5352] loop4: detected capacity change from 0 to 2048 [ 47.921149][ T5352] EXT4-fs (loop4): failed to initialize system zone (-117) [ 47.929137][ T5352] EXT4-fs (loop4): mount failed [ 47.935193][ T5359] loop2: detected capacity change from 0 to 1024 [ 47.972464][ T5359] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.984642][ T5359] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 48.007039][ T5368] loop1: detected capacity change from 0 to 2048 [ 48.018243][ T4912] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.049290][ T5368] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 48.050698][ T5378] loop4: detected capacity change from 0 to 764 [ 48.062780][ T5380] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 48.075286][ T5380] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 48.091476][ T5380] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 48.093534][ T3263] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.098902][ T5380] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 48.229193][ T5397] loop1: detected capacity change from 0 to 764 [ 48.296093][ T5405] IPVS: Error joining to the multicast group [ 48.296133][ T5392] usb usb3: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 48.310670][ T5392] vhci_hcd: default hub control req: d300 v0000 i0000 l0 [ 48.360330][ T5413] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 64993 [ 48.370794][ T5418] netlink: 12 bytes leftover after parsing attributes in process `syz.4.866'. [ 48.379853][ T5418] netlink: 12 bytes leftover after parsing attributes in process `syz.4.866'. [ 48.564457][ T5455] netlink: 4 bytes leftover after parsing attributes in process `syz.1.882'. [ 48.578026][ T5459] loop4: detected capacity change from 0 to 256 [ 48.600070][ T5459] FAT-fs (loop4): Directory bread(block 64) failed [ 48.609268][ T5459] FAT-fs (loop4): Directory bread(block 65) failed [ 48.616804][ T5459] FAT-fs (loop4): Directory bread(block 66) failed [ 48.635159][ T5459] FAT-fs (loop4): Directory bread(block 67) failed [ 48.649607][ T5459] FAT-fs (loop4): Directory bread(block 68) failed [ 48.656945][ T5459] FAT-fs (loop4): Directory bread(block 69) failed [ 48.664349][ T5459] FAT-fs (loop4): Directory bread(block 70) failed [ 48.671182][ T5459] FAT-fs (loop4): Directory bread(block 71) failed [ 48.677818][ T5459] FAT-fs (loop4): Directory bread(block 72) failed [ 48.684602][ T5459] FAT-fs (loop4): Directory bread(block 73) failed [ 48.688834][ T5472] loop1: detected capacity change from 0 to 2048 [ 48.720318][ T5472] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 48.734740][ T5459] syz.4.885: attempt to access beyond end of device [ 48.734740][ T5459] loop4: rw=0, sector=1768, nr_sectors = 4 limit=256 [ 48.751151][ T5472] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 48.776779][ T5472] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 28 with error 28 [ 48.789100][ T5472] EXT4-fs (loop1): This should not happen!! Data will be lost [ 48.789100][ T5472] [ 48.798764][ T5472] EXT4-fs (loop1): Total free blocks count 0 [ 48.804767][ T5472] EXT4-fs (loop1): Free/Dirty block details [ 48.810649][ T5472] EXT4-fs (loop1): free_blocks=2415919104 [ 48.816383][ T5472] EXT4-fs (loop1): dirty_blocks=32 [ 48.821469][ T5472] EXT4-fs (loop1): Block reservation details [ 48.827440][ T5472] EXT4-fs (loop1): i_reserved_data_blocks=2 [ 48.834367][ T5472] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 33 with error 28 [ 48.948664][ T5511] loop4: detected capacity change from 0 to 512 [ 48.968666][ T5511] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.981283][ T5511] ext4 filesystem being mounted at /29/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 49.025411][ T5519] netlink: 12 bytes leftover after parsing attributes in process `syz.3.913'. [ 49.044360][ T5034] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.159771][ T5560] loop3: detected capacity change from 0 to 512 [ 49.161445][ T5561] loop1: detected capacity change from 0 to 512 [ 49.173279][ T5560] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 49.184999][ T5563] siw: device registration error -23 [ 49.203226][ T5560] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 49.211683][ T5560] System zones: 1-12 [ 49.217245][ T5560] EXT4-fs (loop3): 1 truncate cleaned up [ 49.223455][ T5560] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.232252][ T5561] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.261537][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.274126][ T5561] ext4 filesystem being mounted at /214/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 49.334020][ T3263] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.375595][ T5581] netlink: 12 bytes leftover after parsing attributes in process `syz.4.934'. [ 49.600253][ T5618] hub 9-0:1.0: USB hub found [ 49.605387][ T5618] hub 9-0:1.0: 8 ports detected [ 49.685327][ T5640] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5640 comm=syz.4.965 [ 49.759255][ T5654] netlink: 4 bytes leftover after parsing attributes in process `syz.2.971'. [ 50.247702][ T5679] netlink: 12 bytes leftover after parsing attributes in process `syz.0.982'. [ 50.256663][ T5679] netlink: 12 bytes leftover after parsing attributes in process `syz.0.982'. [ 50.525993][ T5694] netlink: 'syz.1.998': attribute type 1 has an invalid length. [ 50.551832][ T5699] loop1: detected capacity change from 0 to 512 [ 50.559096][ T5701] netlink: 16 bytes leftover after parsing attributes in process `syz.4.990'. [ 50.576206][ T5699] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.588943][ T5699] ext4 filesystem being mounted at /220/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 50.607973][ T3263] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.664468][ T5719] netlink: 20 bytes leftover after parsing attributes in process `syz.1.997'. [ 50.673360][ T5719] netlink: 20 bytes leftover after parsing attributes in process `syz.1.997'. [ 50.693693][ T5721] netlink: 4 bytes leftover after parsing attributes in process `syz.4.999'. [ 50.784793][ T5744] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 50.838496][ T5757] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1017'. [ 51.028327][ T5790] xt_hashlimit: invalid interval [ 51.262252][ T5839] loop2: detected capacity change from 0 to 512 [ 51.275363][ T5839] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 51.288712][ T5839] ext4 filesystem being mounted at /49/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 51.339262][ T4912] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 51.454365][ T5867] syz.2.1068[5867] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 51.454417][ T5867] syz.2.1068[5867] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 51.466326][ T5867] syz.2.1068[5867] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 51.561139][ T5879] loop4: detected capacity change from 0 to 2048 [ 51.605813][ T5891] loop1: detected capacity change from 0 to 512 [ 51.613390][ T5879] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.634236][ T5891] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 51.644123][ T5879] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1073: bg 0: block 274: padding at end of block bitmap is not set [ 51.662081][ T5891] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 51.679382][ T5879] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 117 [ 51.691905][ T5879] EXT4-fs (loop4): This should not happen!! Data will be lost [ 51.691905][ T5879] [ 51.710453][ T5891] ext4 filesystem being mounted at /246/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 51.737967][ T5891] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 51.768532][ T5034] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.792564][ T5891] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 5 with max blocks 1 with error 28 [ 51.804929][ T5891] EXT4-fs (loop1): This should not happen!! Data will be lost [ 51.804929][ T5891] [ 51.814605][ T5891] EXT4-fs (loop1): Total free blocks count 0 [ 51.820592][ T5891] EXT4-fs (loop1): Free/Dirty block details [ 51.826546][ T5891] EXT4-fs (loop1): free_blocks=39626 [ 51.831865][ T5891] EXT4-fs (loop1): dirty_blocks=1 [ 51.836892][ T5891] EXT4-fs (loop1): Block reservation details [ 51.842873][ T5891] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 51.872462][ T3263] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.029550][ T5925] hub 8-0:1.0: USB hub found [ 52.041441][ T5925] hub 8-0:1.0: 8 ports detected [ 52.092322][ T5938] loop4: detected capacity change from 0 to 128 [ 52.145442][ T5944] syz.4.1102[5944] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.145562][ T5944] syz.4.1102[5944] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.157942][ T5944] syz.4.1102[5944] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.172019][ T5944] Cannot find set identified by id 0 to match [ 52.267001][ T5952] loop3: detected capacity change from 0 to 512 [ 52.280405][ T5952] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 52.390094][ T5959] xt_CT: You must specify a L4 protocol and not use inversions on it [ 52.461038][ T29] kauditd_printk_skb: 149 callbacks suppressed [ 52.461052][ T29] audit: type=1326 audit(1727748892.270:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5970 comm="syz.0.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b5bddff9 code=0x7ffc0000 [ 52.501301][ T29] audit: type=1326 audit(1727748892.280:1090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5970 comm="syz.0.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7ff9b5bddff9 code=0x7ffc0000 [ 52.524680][ T29] audit: type=1326 audit(1727748892.280:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5970 comm="syz.0.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b5bddff9 code=0x7ffc0000 [ 52.548147][ T29] audit: type=1326 audit(1727748892.280:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5970 comm="syz.0.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b5bddff9 code=0x7ffc0000 [ 52.571692][ T29] audit: type=1326 audit(1727748892.280:1093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5970 comm="syz.0.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7ff9b5bddff9 code=0x7ffc0000 [ 52.595019][ T29] audit: type=1326 audit(1727748892.280:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5970 comm="syz.0.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b5bddff9 code=0x7ffc0000 [ 52.618566][ T29] audit: type=1326 audit(1727748892.280:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5970 comm="syz.0.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9b5bddff9 code=0x7ffc0000 [ 52.644018][ T29] audit: type=1326 audit(1727748892.460:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5974 comm="syz.2.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3afd8cdff9 code=0x7ffc0000 [ 52.667585][ T29] audit: type=1326 audit(1727748892.460:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5974 comm="syz.2.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3afd8cdff9 code=0x7ffc0000 [ 52.691187][ T29] audit: type=1326 audit(1727748892.460:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5974 comm="syz.2.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3afd8cdff9 code=0x7ffc0000 [ 52.728002][ T5982] syz_tun: entered promiscuous mode [ 52.734099][ T5982] batadv_slave_0: entered promiscuous mode [ 52.742031][ T5982] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 52.750184][ T5982] Cannot create hsr debugfs directory [ 52.801344][ T5993] loop2: detected capacity change from 0 to 128 [ 52.835343][ T5995] loop3: detected capacity change from 0 to 256 [ 52.842647][ T5995] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 52.842741][ T5997] Invalid ELF header magic: != ELF [ 52.855183][ T5995] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 52.866895][ T5995] FAT-fs (loop3): Filesystem has been set read-only [ 52.930434][ T6003] lo speed is unknown, defaulting to 1000 [ 53.000365][ T6011] loop2: detected capacity change from 0 to 256 [ 53.240407][ T6033] loop4: detected capacity change from 0 to 2048 [ 53.284193][ T6033] loop4: p1 < > p4 [ 53.288466][ T6033] loop4: p4 size 393216 extends beyond EOD, truncated [ 53.295306][ C0] vxcan0: j1939_tp_rxtimer: 0xffff8881151e8600: rx timeout, send abort [ 53.295362][ C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff8881151e8600: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 53.335784][ T6035] netlink: 'syz.1.1156': attribute type 10 has an invalid length. [ 53.343865][ T6035] veth0_macvtap: left promiscuous mode [ 53.352247][ T6035] veth0_macvtap: entered promiscuous mode [ 53.359186][ T6035] team0: Device macvtap0 failed to register rx_handler [ 53.368217][ T6035] veth0_macvtap: left promiscuous mode [ 53.380665][ T6039] loop4: detected capacity change from 0 to 512 [ 53.388904][ T6039] EXT4-fs error (device loop4): ext4_orphan_get:1388: inode #15: comm syz.4.1147: casefold flag without casefold feature [ 53.401765][ T6039] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1147: couldn't read orphan inode 15 (err -117) [ 53.413984][ T6039] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.438407][ T5034] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.473798][ T6050] loop1: detected capacity change from 0 to 512 [ 53.485325][ T6050] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.498044][ T6050] ext4 filesystem being mounted at /253/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 53.545205][ T3263] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.189819][ T6125] loop2: detected capacity change from 0 to 512 [ 54.190440][ T6126] loop1: detected capacity change from 0 to 512 [ 54.206200][ T6125] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 54.206328][ T6126] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 54.218931][ T6125] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.232155][ T6126] ext4 filesystem being mounted at /264/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.271743][ T3263] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.289683][ T4912] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.604769][ T6153] loop2: detected capacity change from 0 to 512 [ 54.611594][ T6153] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 54.622960][ T6153] EXT4-fs (loop2): 1 orphan inode deleted [ 54.628771][ T6153] EXT4-fs (loop2): 1 truncate cleaned up [ 54.635049][ T6153] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 54.652023][ T6153] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 54.669636][ T6153] EXT4-fs (loop2): Remounting filesystem read-only [ 54.676595][ T6153] EXT4-fs (loop2): error restoring inline_data for inode -- potential data loss! (inode 12, error -5) [ 54.695438][ T4912] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.857189][ T6175] __nla_validate_parse: 4 callbacks suppressed [ 54.857205][ T6175] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1217'. [ 54.872931][ T6175] Zero length message leads to an empty skb [ 54.898143][ T6177] xt_CT: You must specify a L4 protocol and not use inversions on it [ 54.937328][ T6187] bridge0: port 3(vlan2) entered blocking state [ 54.943631][ T6187] bridge0: port 3(vlan2) entered disabled state [ 54.950049][ T6187] vlan2: entered allmulticast mode [ 54.955254][ T6187] xfrm0: entered allmulticast mode [ 54.961879][ T6187] vlan2: entered promiscuous mode [ 54.966952][ T6187] xfrm0: entered promiscuous mode [ 54.972345][ T6187] bridge0: port 3(vlan2) entered blocking state [ 54.978696][ T6187] bridge0: port 3(vlan2) entered forwarding state [ 55.016521][ T6195] futex_wake_op: syz.2.1218 tries to shift op by 35; fix this program [ 55.146491][ T6223] syz.2.1232[6223] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 55.146566][ T6223] syz.2.1232[6223] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 55.158231][ T6223] syz.2.1232[6223] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 55.250955][ T6239] loop2: detected capacity change from 0 to 1024 [ 55.270135][ T6239] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 55.385573][ T6259] IPVS: Error joining to the multicast group [ 55.623126][ T6293] loop4: detected capacity change from 0 to 1024 [ 55.736337][ T6302] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1263'. [ 55.761464][ T6312] loop1: detected capacity change from 0 to 164 [ 55.776849][ T6312] syz.1.1268: attempt to access beyond end of device [ 55.776849][ T6312] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 55.790836][ T6312] syz.1.1268: attempt to access beyond end of device [ 55.790836][ T6312] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 55.804318][ T6312] syz.1.1268: attempt to access beyond end of device [ 55.804318][ T6312] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 55.818940][ T6312] syz.1.1268: attempt to access beyond end of device [ 55.818940][ T6312] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 55.832452][ T6312] syz.1.1268: attempt to access beyond end of device [ 55.832452][ T6312] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 55.846037][ T6318] syz.1.1268: attempt to access beyond end of device [ 55.846037][ T6318] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 55.859489][ T6312] syz.1.1268: attempt to access beyond end of device [ 55.859489][ T6312] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 55.873055][ T6318] syz.1.1268: attempt to access beyond end of device [ 55.873055][ T6318] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 55.900710][ T6312] syz.1.1268: attempt to access beyond end of device [ 55.900710][ T6312] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 55.925692][ T6318] syz.1.1268: attempt to access beyond end of device [ 55.925692][ T6318] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 56.016043][ T6339] ================================================================== [ 56.024235][ T6339] BUG: KCSAN: data-race in do_sys_poll / pollwake [ 56.030654][ T6339] [ 56.032974][ T6339] read to 0xffffc900015afc10 of 4 bytes by task 6332 on cpu 0: [ 56.040513][ T6339] do_sys_poll+0x986/0xc10 [ 56.044929][ T6339] __se_sys_poll+0xe1/0x200 [ 56.049420][ T6339] __x64_sys_poll+0x43/0x50 [ 56.053934][ T6339] x64_sys_call+0x29db/0x2d60 [ 56.058612][ T6339] do_syscall_64+0xc9/0x1c0 [ 56.063117][ T6339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.069022][ T6339] [ 56.071333][ T6339] write to 0xffffc900015afc10 of 4 bytes by task 6339 on cpu 1: [ 56.078959][ T6339] pollwake+0xbe/0x110 [ 56.083032][ T6339] __wake_up+0x65/0xb0 [ 56.087109][ T6339] snd_seq_cell_free+0x1e7/0x210 [ 56.092044][ T6339] snd_seq_dispatch_event+0x210/0x240 [ 56.097410][ T6339] snd_seq_check_queue+0x17b/0x300 [ 56.102527][ T6339] snd_seq_enqueue_event+0x26e/0x2a0 [ 56.107816][ T6339] snd_seq_client_enqueue_event+0x21a/0x2b0 [ 56.113701][ T6339] snd_seq_write+0x3f3/0x500 [ 56.118288][ T6339] vfs_write+0x26c/0x910 [ 56.122513][ T6339] ksys_write+0xeb/0x1b0 [ 56.126735][ T6339] __x64_sys_write+0x42/0x50 [ 56.131302][ T6339] x64_sys_call+0x27dd/0x2d60 [ 56.135953][ T6339] do_syscall_64+0xc9/0x1c0 [ 56.140432][ T6339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.146318][ T6339] [ 56.148617][ T6339] value changed: 0x00000001 -> 0x00000000 [ 56.154308][ T6339] [ 56.156605][ T6339] Reported by Kernel Concurrency Sanitizer on: [ 56.162728][ T6339] CPU: 1 UID: 0 PID: 6339 Comm: syz.2.1277 Tainted: G W 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 56.174861][ T6339] Tainted: [W]=WARN [ 56.178639][ T6339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 56.188670][ T6339] ================================================================== [ 56.220005][ T6341] loop4: detected capacity change from 0 to 256 [ 56.237374][ T6341] FAT-fs (loop4): Directory bread(block 64) failed [ 56.245744][ T6341] FAT-fs (loop4): Directory bread(block 65) failed [ 56.252308][ T6341] FAT-fs (loop4): Directory bread(block 66) failed [ 56.259059][ T6341] FAT-fs (loop4): Directory bread(block 67) failed [ 56.265738][ T6341] FAT-fs (loop4): Directory bread(block 68) failed [ 56.272259][ T6341] FAT-fs (loop4): Directory bread(block 69) failed [ 56.278971][ T6341] FAT-fs (loop4): Directory bread(block 70) failed [ 56.285546][ T6341] FAT-fs (loop4): Directory bread(block 71) failed [ 56.292094][ T6341] FAT-fs (loop4): Directory bread(block 72) failed [ 56.298692][ T6341] FAT-fs (loop4): Directory bread(block 73) failed