last executing test programs: 3.481297019s ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000440)=@framed={{}, [@printk={@ld}]}, &(0x7f0000000ac0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0xc0ed0040, &(0x7f0000000000)={[{@prjquota}, {@jqfmt_vfsv0}, {@dioread_lock}]}, 0xfe, 0x470, &(0x7f0000000940)="$eJzs3MtvVFUYAPDvTqel5WER8QGCVtFIfLS0PGThRqOJC40musC4qtNCkIEaWhMhRNEFxrgwJO6NSxP/Ale6MerKxC3uDYkxbEBXY87MvdAOM7WPaac4v19y4Zx773DOd889M+eeM0MAPWsk/ZFFbI2IKxExHBHl5hNGGn/duHah8ve1C5UsarU3/srSy+L6tQuV/J+ob8mWxo5aLc9valHupbcjJqvV6bN5fmzu9Htjs+fOP3Py9OSJ6RPTZyaOHj10cO/AkYnDHYkzxXV994cze3a9/NblVyvHLr/z87epvlvz40UcnTTSuLotPd7pwrps27x0Vu5iRViW1G79+XYlhqMvhm4eG46XPulq5YA1VavVaq0+n3MXa8D/WBbdrgHQHcUHfXr+LbZ1GnpsCH8+35jwSHHfyLfGkXKU8nP6m55vO2kwIo5d/OertMUazUMAAMz3fRr/PN1q/FeK++add1e+hrI9Iu6OiB0RcU9E7IyIeyPq594fEQ8ss/zmFZLbxz+lqysKbInS+O+5fG1r4fivGP3F9r48t60ef392/GR1+kB+TfZH/6aUH1/wkoV+ePG3L5r3fZ5Ps4/MG/+lLZVfjAXzelwtN03QTU3OTXYk+BT/xxG7y63iz26uA2YRsSsidq+wjJNPfrOn3bH/jn8RHVhnqn0d8USj/S9GU/yFrO365PizRyYOjw1GdfrAWHFX3O6XXy+93q78VcXfAan9N7e8/xvxp2fEbDBi9tz5U/X12tnll3Hp908rWZtjO1d4/w9kb9bTA/m+Dybn5s6ORwxkr6Ts0IL9E7deW+SL81P8+/e17v87Go9n9SvxYESkm3hvRDwUEQ/nbfdIRDwaEfsWif+nFx57t92x9u2/yKx8B6X4pxZp//SWl1K32n/5ib5TP37Xrvzaktr/UD21P9+zlPe/pVZwNdcOAAAA7hSl+nfgs9LozXSpNDra+A7/zthcqs7Mzj11fOb9M1ON78pvj/5SMdM1PG8+dDyfGy7yE035g/m88Zd9Q/X8aGWmOtXt4KHHbWnT/5M/+rpdO2DN+b0W9C79H3qX/g+9S/+H3qX/Q48aaL37o/WuB9AVy//8H1yTegDrz/gfepf+D71L/4ee1Pa38aVV/eT/Tk2UN0Y1WiaGNkY1ikSUNkQ1Opd47bNGl9go9SkS5SX/ZxYrTGxqeajb70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//z8/5no=") 3.09242048s ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0xf) ioctl$TCFLSH(r2, 0x400455c8, 0x40000000004) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180)=0x33) 3.02252452s ago: executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)={0x1c, 0x76, 0x31f, 0x0, 0x0, "", [@nested={0x9, 0x0, 0x0, 0x1, [@generic="93baab0c57"]}]}, 0x1c}], 0x1}, 0x0) 2.926395805s ago: executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) write(r0, &(0x7f0000000400)="8f2a09fb3a000000000000f70480258009b41fa502c9e9ca", 0x18) 2.862205876s ago: executing program 1: r0 = io_uring_setup(0x13b9, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) close(r0) 2.579424859s ago: executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4}, 0x48) bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='hugetlbfs\x00', 0x0, 0x0) 2.519044289s ago: executing program 4: socketpair$unix(0x1, 0x0, 0x0, 0x0) open(0x0, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) r2 = userfaultfd(0x801) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f000076e000/0x4000)=nil, 0x400000, 0x0, 0x2}) 2.50862487s ago: executing program 4: bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket(0x0, 0x0, 0x0) bind$vsock_stream(r0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000000a0605d4290000001b0000000000000005000100070000000900020073797a300000000004000780"], 0x2c}}, 0x0) 2.498933682s ago: executing program 4: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000200)={0x0, 0x0, 0x5, {0x5, 0x0, "a8c6df"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_usb_control_io(r0, 0x0, 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000000), 0x9) syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0003"], 0x0, 0x0}, 0x0) 2.299550223s ago: executing program 3: syz_emit_ethernet(0x6e, &(0x7f0000000bc0)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x38, 0x3a, 0x0, @remote, @local, {[], @pkt_toobig={0x3, 0x2, 0x0, 0x0, {0x0, 0x6, "020810", 0x0, 0x11, 0x0, @private1, @empty, [], "fb807f04442be993"}}}}}}}, 0x0) 2.290167514s ago: executing program 3: creat(&(0x7f0000000040)='./bus\x00', 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) 2.280746246s ago: executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4018aee3, &(0x7f0000000200)=ANY=[]) 2.241610222s ago: executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in=@dev, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x60, 0x0, 0x0, 0x0, 0xee01}}}, 0xb8}}, 0x0) 2.229043173s ago: executing program 3: r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) fstat(r0, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x100080d, &(0x7f0000000340)=ANY=[@ANYRES8=r1, @ANYRES16], 0xff, 0x1f1, &(0x7f0000000900)="$eJzsmb2LE0EYxp+Z3cveHSLYWNhYeOCJ3n5F5ZorThArQThFLYO3CcFNIskKSUAk2NhYigi2/gMWFqks7OxstVBBsDClYCGMzOy4mSRuSLgigbw/yOR53/l6Z0ieLRYEQaws377++vLsyu7NCwCOYQuOzv+whmM4kEWfXz48/3zv6qs3n16/rx9/1B9fbx2AELPvvwHg3b6FREVCiMej/VuyeTGauwWOc1rfBoObyj9CkQYRGO4qZQOZBhobWsSRe68RH5arceTLJpBNKJuiuZecPegxHGZnE4IZ/a1O934pjqPmuFgT//aZ6JpXTLs/Vd8+x56OZX0cwJ2nT3oy1ncDHzy9SwABOAKti2A40HoXDlzXHV6Jcf5T9nB9a5bzL0qw3+nPQGZO7Cy+npURwlmKMmYQbDwj/9BZ5uSg/2Fy1vdlKT5fMOQ4jjIuAFnmmh7zcTOOrx9h04LecbLLMv2J2cBZw59s2Jl/eEntgdfqdHeqtVIlqkT1MCxe9i/6/qXQK1cd+J6yoyn+t678adNYf80cYDxQCqyAdilJmkEbSJpBFodpazjuwdvGTzWHK//j2D6TriEvWR3b+X89TH+4+pZq28otniAIgiAIgiAIgiAIgiAIYi5OgyF9BaJeVIkcwhtq9N8AAAD//zSFbeI=") 2.091677295s ago: executing program 3: syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file0\x00', 0xa00a14, &(0x7f0000000080)=ANY=[], 0x1, 0x322, &(0x7f0000000580)="$eJzs3M9LI2cYwPEnP4xJxEwOpaWF4kt7aXsYNO25EIpCaaCiplQLhVEnbcg0kUywpJRqT72W/ge97EE8ehN29x/wsrfdy1725mVhDyuL7CyZH5roJO6OZqPr9wMy78zzPOP7khieCc4c/vjvb7WKrVeMlsTTSmIiIkcieYlLIOZv4+44Jd225fOJZw8/Xlxe+a5YKs0uKDVXXPqyoJTKTd39/c+Mn7Y/Lgf5nw+fFp4cvH/w4eHLpV+rtqraqt5oKUOtNh63jFXLVOtVu6YrNW+Zhm2qat02m1684cUrVmNjo62M+vpkdqNp2rYy6m1VM9uq1VCtZlsZvxjVutJ1XU1mJUwq9OhtVd5ZWDCKEYvXrngyiOqF4zgDwk6saCREJHMuUt4Z6rwAAMC1dKb/T7gtfaT+X3Ju/99JPu3/dz+535r4YS/n9//7qbD+/6tH3rl6+v+0iFxp/58OWf35jujG23qT5Ev1/7geps5f08Z69prNopH1/35df/+0O+0O6P8BAAAAAAAAAAAAAAAAAAAAALgJjhxHcxxHC7b+zxenGd6xUc4Rw9Pn9dfG/Tumgv1RzxPDsbi8Imn3xr1kTsT6Z7O8Wfa2fjxInBZNjt33g68zDu48Uh15uWdt+fVbm+WEGylWpCqWmDIjmuTP1jvO3Lel2Rnl6a0fk2x3fUE0eS+8vhBan5LPPu2q10WTB2vSEEvWO+/rY+ek/q8Zpb75vnSmPuPmAQAAAADwLtDVidDrd13vF/fqT66ve78fEOm6Pp8OvT5Pah8lR7t2AAAAAABuC7v9R82wLLM5YJCRi3OiD5LRyscG5SS6VtgTku2+S075Twge3koHDIJ/pKilukJp+d8/HOXMwfqHM+e4RKmaEmfcm9VlfnvwtVG/HJkf9uuV7BP64L87z6OdOeY/tbc79PVe+oKVDm0w9lofHk7ikp8+AAAAAN6moOnP2O5ubNTzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAADgNhrwGLDkVT1ObNRrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK6LVwEAAP//mxn/6g==") prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$inet6(0xa, 0x2, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x315, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, {0x9}}}]}}]}}, 0x0) 1.958269576s ago: executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0) open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x10103e, 0x0) ftruncate(r0, 0x20cf01) r1 = open(&(0x7f00000005c0)='./bus\x00', 0x147842, 0x0) preadv2(r1, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0) 1.943266898s ago: executing program 1: syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000080)='./file1\x00', 0x8000c2, &(0x7f0000000380), 0x1, 0x5bf, &(0x7f00000003c0)="$eJzs3UFsHFcZAOB/x3Z2ndh1CkUqCIhpCwFFtWOnjapeCBckqCqQAqceUsveWJHX2ci7LrXxwT5x4IpEJU5w4cKJQyUOSD0hrtzgxqUckAKKQDUSqqaa8a6zu961ndhrx97vk0b7Zmf2/e9NMm92nnfeC2BgTUbEZkRciIh3I2IiCvn7hcYSt3aWbL9PHm3Mbz/amC9Emt7+93Ajh43KcEeelyLiZ11iFVvStbX1pblKpbzSWJ+uLz+Yrq2tv3pveW6xvFi+Pzt7c+bm9TduvD57bHW9svz7h9+999aP//iHr3z8l81v/TSrX9LYltWtZddCmqZHD/jtxjGMkRiL0TyVxcuO11tHz/2ZMNSoz4XTLghPJfv/+LmIeKnlXMiVmonOsxsAOOvSdCLSidb1x5K2tTQtdNkHADh7snv+sSgkU437/7FIkqmpvA+v9EJcTCrVWv3a3erq/YVsW8TlGEnu3quUr+d9hRHFGClk6zP5tnx7vj7bsX4jIp6PiF8UR/P1qflqZeG0vvQAwIC71HH9/28xu/4XD/PRUv9LBwD0jSs5AAyevdf/kVMpBwBwctz/A8Dgabn+9/7L/6eNXwyeTJEAgD4rdTz739Xu438AwHnQtf//nfHH6Rd3hwMDAM4Jf/8HgIHyw7ffzpZ0Oy3k418vvLe2ulR979WFcm1panl1fmq+uvKFocVqdTEfs2e5SxZbrSuVavXBzGux+v50vVyrT9fW1u8sV1fv1+/k43rfKRsnGgBO3/NXPvpbISI23xzNl2jO5XDwDwKAM85pDoNr6LQLAJwas3vB4DLQD9Djx727jwN3/YnQaER80DvP0WMoF9A/V7/Yo/+/87tBe0fhp4YBgLOvcVrrBoABdLT+f70HcJbtf+H3YBCcZ2laMJ8/AAyYQ9zB+4kgnHMHDe6lJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2GsuXQjLVmAt8LJJkaipiPCIux0jh7r1K+XpEPBcRfy2OFLP1mdMuNABwRMk/C435v65OvDLWufVC4X/F/DUifvKr20P5lME7dt+vf3D7l+/P1esrs10DFPtfBwCgxXDnG83rdP7aciP/yaON+eZykgV8+J2dyUWzuNuPNuYfz0c83Cj8RD5H8cX/FNoqUzimiYk3tyLixc76J7vbLzdmPu2Mn8UeP+74L49H7B7/Qt438zh++9eoJN+285odi8+PHjLeMZQZzouPsvbnVrf2L4nJ/LVx/g1nLVK6O01yKX6+t3F9Cs32bzvdaf+2W+Jn+f9gvJS3Nd3av8m2nJLeMV770/d2UnsbiYdbQ+mXhiOasbdb2p8dpTzVLf4rh6zj37/81Zd6Haz01xFXY7/4O6np+vKD6dra+u++/+GfF8uL5fuzszdnbl5/48brs9N5H/V0s6d6r3+9ee25XmV7uBVxsUf80gH1/3ojfdD/g9/8/913vpbVtcudcBb/my93i5/EC/vEz66J3zggbtPcxQ97Tt+dxV/oUf/htvgX2j6XvXetM7PJ7jE+/sf6wiGLCgCcgNra+tJcpVJeOUwiifWlueZ3yEN/qi0x+lSfOmQinvhTSRwl6EjbQSj1q16Xemz67RNnOBK771zpzz9BfxJbT7BzsV/FSPY9ZYai0uyP2iefWxGxtt7Yb/PUjurk/vvklTj5tgg4We0nPQAAAAAAAAAAAAAA8Cyq/agx5N8xP2lUWun5ZIEhaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg2nwUAAP//zx3Euw==") r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB="31010000dccd5e08cb060700000000952301090224000100007e000904340102d469e70009058a", @ANYRES8], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x4, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) prlimit64(0x0, 0x0, 0x0, 0x0) ioctl$EVIOCGABS20(r1, 0x80184560, &(0x7f0000000180)=""/241) 377.160331ms ago: executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETOFFLOAD(r1, 0x400454c9, 0xba98575a95aeb70d) close(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="1e0306003c5c98012884636086"], 0xffdd) 237.467153ms ago: executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@ipv4_newroute={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3800}}, 0x1c}}, 0x0) 223.020535ms ago: executing program 4: syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x810, &(0x7f0000001180), 0x1, 0x523, &(0x7f0000000240)="$eJzs3e9rJGcdAPDvTLLX3F1qtipyFmyLrdwVvd1LY9so0lYQ9U1Bre9jTDYhZJMN2U29hKIp/gGCiAr63jeCf4BQCv4DIhT0vagoIld9qTeyOxNNsrvJkmyy183nA5N5np2Z5/s8Q3Z2fjw8E8CV9UxEvBYRExHxfETMFJ+nxbTQzuzn673/4K2l9pRElr3xjySS4rODstr5yYi4mW8SUxHxja9EfDvpjtvc3VtfrNdr20W+2trYqjZ39+6ubSyu1lZrm3Nzsy/Nvzz/4vy9rJCvuH+2dpYj4pUv/eXHP/jFl1955zPf+ePC3+58t12tL3wsr3dELJ2t5JPlZZc6++JAex9tX0SwEWm3pzQx6loAADCI9jn+hyPik53z/5mY6JzNAQAAAOMke3U6/p1EZAAAAMDYSiNiOpK0UvQFmI40rVTyPrwfjRtpvdFsfXqlsbO53F4WUY5SurJWr90r+gqXo5S087NFH9uD/AvH8nMR8URE/GjmeidfWWrUl0d98wMAAACuiJtPH73+/9dM2kkDAAAAY6bcNwMAAACMC5f8AAAAMP5c/wMAAMBY+9rrr7en7OA93stv7u6sN968u1xrrlc2dpYqS43trcpqo7HaGbNv47Ty6o3G1mdjc+d+tVVrtqrN3b2FjcbOZmth7cgrsAEAAIBL9MTT7/4hiYj9z1/vTFGMAwhwxJ9HXQFgmCZGXQFgZCZHXQFgZEqnruEIAeMuOWV5d+ed/F5h/PZi6gMAAAzf7Y93P/+/Viw7/d4A8EGmrw8AXD2e7sHVVTprD8Bbw64JMCofymeP9Vved/COPs//f34ond9jyLIzVw4AABiK6c6UpJXiPH060rRSiXi881qAUrKyVq/dK64Pfj9Teqydn+1smZzaZxgAAAAAAAAAAAAAAAAAAAAAAAAAyGVZEhkAAAAw1iLSvyad0fwjbs88N3307sCxt3797I2f3F9stbZnI659NX+r17WIaP20+PyFzCsBAAAA4BGQX6cX89lR1wYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAcfP+g7eWDqbLjPv3L0ZEuVf8yZjqzKeiFBE3/pnE5KHtkoiYGEL8/bcj4lav+Ek8zLKsXNSiV/zrFxy/3Nk1veOnEXFzCPHhKnu3ffx5rdf3L41nOvPe37/JYjqv/se/9H/Hv4k+x5/Hj+X7efK9X1X7xn874snJ3sefg/hJHv9IiHbm2QHb+K1v7u31XHCoyF7xD8eqtja2qs3dvbtrG4urtdXa5tzc7EvzL8+/OH+vurJWrxV/e4b54Sd+/fCk9t/oE798tP1d+/+5gVqfxX/eu//gI3mm1Cv+nWd7//7e6hM/LX77PlWk28tvH6T38/RhT/3yd0+d1P7lPu2fOqX9dwZqf3zu+a9//089l3TtDQDgMjR399YX6/Xa9gmJqQHWueTEq49GNYaYiEejGqNKZN/L/x/PV845N+9KZOfZfDKGUI1rXd/TiThrgUnEfrusAf8hAQCAMfP/k/6TniABAAAAAAAAAAAAAAAAAAAAF2mAwcPe+U10DTk2FREDjz12POb+aJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCi/wYAAP//9G7RaA==") r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r1 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000480)={0xa, 0x0, 0x0, @mcast1={0xff, 0x5}}, 0x1c) write$binfmt_script(r1, &(0x7f0000000080), 0x208e24b) fallocate(r0, 0x0, 0x0, 0x1a00) 215.737656ms ago: executing program 0: bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x0, 0x0) getpid() bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10) keyctl$setperm(0x5, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000fdfffff70f4000003000078008000200060000000c0003"], 0x44}}, 0x0) 142.153108ms ago: executing program 0: r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000002fc0)=@newqdisc={0x30, 0x24, 0xb0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}]}, 0x30}}, 0x0) 116.738722ms ago: executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}]}, 0x24}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newlink={0x64, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x30, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x64}}, 0x0) 28.030835ms ago: executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4400000010000304000000000400000000000000", @ANYRES32=0x0, @ANYBLOB="005b000000000000140012800c0001006d6163766c616e000400028008000500", @ANYBLOB='\b\x00\n'], 0x44}}, 0x0) 0s ago: executing program 0: bpf$ENABLE_STATS(0x20, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020006c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) write$cgroup_subtree(r0, 0x0, 0xda00) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.134' (ED25519) to the list of known hosts. 2024/06/10 22:11:51 fuzzer started 2024/06/10 22:11:51 dialing manager at 10.128.0.163:30000 [ 22.468705][ T23] audit: type=1400 audit(1718057511.889:66): avc: denied { node_bind } for pid=346 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 22.490040][ T23] audit: type=1400 audit(1718057511.889:67): avc: denied { name_bind } for pid=346 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 22.536938][ T23] audit: type=1400 audit(1718057511.959:68): avc: denied { mounton } for pid=355 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 22.559644][ T355] cgroup1: Unknown subsys name 'net' [ 22.560797][ T23] audit: type=1400 audit(1718057511.959:69): avc: denied { mounton } for pid=356 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 22.570089][ T355] cgroup1: Unknown subsys name 'net_prio' [ 22.591605][ T23] audit: type=1400 audit(1718057511.959:70): avc: denied { mount } for pid=356 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 22.608287][ T355] cgroup1: Unknown subsys name 'devices' [ 22.619797][ T23] audit: type=1400 audit(1718057511.959:71): avc: denied { mount } for pid=355 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 22.646957][ T23] audit: type=1400 audit(1718057511.989:72): avc: denied { setattr } for pid=358 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=1845 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 22.653084][ T361] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 22.670393][ T23] audit: type=1400 audit(1718057512.009:73): avc: denied { read } for pid=144 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 22.700386][ T23] audit: type=1400 audit(1718057512.099:74): avc: denied { unmount } for pid=355 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 22.720082][ T23] audit: type=1400 audit(1718057512.099:75): avc: denied { relabelto } for pid=361 comm="mkswap" name="swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 22.816232][ T359] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 22.844044][ T355] cgroup1: Unknown subsys name 'hugetlb' [ 22.849773][ T355] cgroup1: Unknown subsys name 'rlimit' 2024/06/10 22:11:52 starting 5 executor processes [ 23.485391][ T373] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.493454][ T373] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.500893][ T373] device bridge_slave_0 entered promiscuous mode [ 23.510354][ T373] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.517265][ T373] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.524689][ T373] device bridge_slave_1 entered promiscuous mode [ 23.685437][ T378] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.692399][ T378] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.699736][ T378] device bridge_slave_0 entered promiscuous mode [ 23.732153][ T378] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.738984][ T378] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.746386][ T378] device bridge_slave_1 entered promiscuous mode [ 23.763396][ T380] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.770254][ T380] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.777926][ T380] device bridge_slave_0 entered promiscuous mode [ 23.784840][ T380] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.792170][ T380] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.799427][ T380] device bridge_slave_1 entered promiscuous mode [ 23.877684][ T379] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.884797][ T379] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.892245][ T379] device bridge_slave_0 entered promiscuous mode [ 23.908091][ T379] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.915085][ T379] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.922490][ T379] device bridge_slave_1 entered promiscuous mode [ 23.942111][ T377] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.948941][ T377] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.956386][ T377] device bridge_slave_0 entered promiscuous mode [ 23.966650][ T377] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.973535][ T377] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.980839][ T377] device bridge_slave_1 entered promiscuous mode [ 24.030563][ T373] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.037514][ T373] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.044661][ T373] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.051504][ T373] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.146858][ T380] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.153850][ T380] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.161400][ T380] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.168135][ T380] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.191970][ T378] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.198919][ T378] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.206040][ T378] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.215289][ T378] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.234904][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 24.243965][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 24.252515][ T74] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.259904][ T74] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.267319][ T74] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.274774][ T74] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.283005][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 24.290451][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 24.338305][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 24.349824][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 24.374796][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 24.390231][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 24.399032][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.407341][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.420510][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 24.430071][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.439085][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.475619][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 24.484394][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 24.494107][ T381] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.501050][ T381] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.508711][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 24.516914][ T381] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.523776][ T381] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.531118][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 24.539419][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 24.551666][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 24.560154][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 24.581524][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 24.588913][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 24.596893][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 24.606143][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 24.614598][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.621475][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.629093][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 24.637947][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 24.646174][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.653127][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.660532][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 24.691603][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 24.698956][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 24.706792][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 24.716778][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 24.725138][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 24.733484][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 24.741571][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.748493][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.755945][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 24.764436][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 24.772740][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.779556][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.786828][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 24.794966][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 24.803079][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 24.811128][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 24.819142][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 24.827416][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 24.835339][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 24.843685][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 24.851618][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 24.874024][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 24.882679][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 24.890893][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 24.899832][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 24.908540][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 24.916940][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 24.927645][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 24.936442][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 24.958775][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 24.967433][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 24.976024][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 24.985030][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 24.993543][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 25.002388][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 25.025140][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.034201][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.042767][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 25.050934][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.058842][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 25.067698][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.075878][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 25.084589][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 25.108203][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.117119][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.125376][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 25.153476][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 25.162918][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.171017][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.179916][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.188383][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.197001][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.252357][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.260205][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.272796][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.278576][ T402] [ 25.281462][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.283705][ T402] ********************************************************** [ 25.291617][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.298674][ T402] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** [ 25.306963][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 25.322526][ T402] ** ** [ 25.322761][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 25.338462][ T402] ** trace_printk() being used. Allocating extra memory. ** [ 25.338540][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.364333][ T402] ** ** [ 25.381594][ T402] ** This means that this is a DEBUG kernel and it is ** [ 25.386002][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.398261][ T402] ** unsafe for production use. ** [ 25.414166][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.414169][ T402] ** ** [ 25.414187][ T402] ** If you see this message and you are not debugging ** [ 25.423181][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.446360][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.446942][ T402] ** the kernel, report this immediately to your vendor! ** [ 25.456168][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.479066][ T402] ** ** [ 25.487188][ T402] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** [ 25.492501][ T404] ====================================================== [ 25.492501][ T404] WARNING: the mand mount option is being deprecated and [ 25.492501][ T404] will be removed in v5.15! [ 25.492501][ T404] ====================================================== [ 25.496350][ T402] ********************************************************** [ 25.531645][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.541195][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.551646][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.557976][ T404] EXT4-fs (loop1): Project quota feature not enabled. Cannot enable project quota enforcement. [ 25.560399][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.666457][ T413] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 25.675134][ T416] Bluetooth: hci0: sending frame failed (-49) [ 25.761068][ T424] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=118 sclass=netlink_route_socket pid=424 comm=syz-executor.1 [ 25.831100][ T427] EXT4-fs (loop4): Ignoring removed orlov option [ 25.841238][ T427] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 25.870793][ T439] capability: warning: `syz-executor.3' uses deprecated v2 capabilities in a way that may be insecure [ 25.876480][ T427] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,nodelalloc,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue [ 26.085359][ T449] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 26.093385][ T449] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 26.104008][ T449] EXT4-fs (loop4): 1 truncate cleaned up [ 26.109722][ T449] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrquota,usrjquota=.errors=continue,noload,data_err=ignore,grpjquota="errors=continue,jqfmt=vfsold,noblock_validity,,errors=continue [ 26.188278][ T464] request_module fs-hugetlbfs succeeded, but still no fs? [ 26.313955][ T473] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 26.405421][ T484] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 26.442430][ T490] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 26.491468][ T74] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 26.525317][ T495] erofs: (device loop3): check_layout_compatibility: unidentified incompatible feature 8, please upgrade kernel version [ 26.634904][ T498] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 26.825743][ T504] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities [ 26.851572][ T74] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 26.871732][ T74] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 26.882561][ T74] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 26.891454][ T74] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 26.900593][ T74] usb 5-1: config 0 descriptor?? [ 26.981421][ T381] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 26.990915][ T509] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,abort,dioread_lock,norecovery,discard,lazytime,noload,usrquota,noauto_da_alloc,,errors=continue [ 27.101438][ T124] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 27.311469][ T5] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 27.341404][ T124] usb 2-1: Using ep0 maxpacket: 8 [ 27.341477][ T381] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 27.359077][ T381] usb 4-1: New USB device found, idVendor=056a, idProduct=0315, bcdDevice= 0.00 [ 27.368515][ T74] hid (null): bogus close delimiter [ 27.375747][ T381] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 27.384345][ T381] usb 4-1: config 0 descriptor?? [ 27.422095][ T381] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 27.471559][ T124] usb 2-1: config 0 has an invalid interface number: 52 but max is 0 [ 27.479592][ T124] usb 2-1: config 0 has an invalid descriptor of length 88, skipping remainder of the config [ 27.490194][ T124] usb 2-1: config 0 has no interface number 0 [ 27.496759][ T124] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 82, changing to 10 [ 27.509900][ T124] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 1703, setting to 1024 [ 27.521503][ T124] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 27.534580][ T124] usb 2-1: config 0 interface 52 has no altsetting 0 [ 27.621943][ T23] kauditd_printk_skb: 79 callbacks suppressed [ 27.621952][ T23] audit: type=1326 audit(1718057517.049:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=497 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7933f8ef69 code=0x7ffc0000 [ 27.653014][ T23] audit: type=1326 audit(1718057517.049:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=497 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7933f8ef69 code=0x7ffc0000 [ 27.677056][ T124] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 27.686367][ T124] usb 2-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 27.694673][ T5] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 27.703459][ T124] usb 2-1: Product: syz [ 27.707401][ T124] usb 2-1: SerialNumber: syz [ 27.711920][ T5] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 27.723834][ T124] usb 2-1: config 0 descriptor?? [ 27.728961][ T5] usb 1-1: config 0 descriptor?? [ 27.731448][ T395] Bluetooth: hci0: command 0x1003 tx timeout [ 27.740299][ T416] Bluetooth: hci0: sending frame failed (-49) [ 27.861517][ T74] usb 5-1: string descriptor 0 read error: -71 [ 27.881580][ T74] uclogic 0003:256C:006D.0001: failed retrieving string descriptor #200: -71 [ 27.890600][ T74] uclogic 0003:256C:006D.0001: failed retrieving pen parameters: -71 [ 27.899954][ T74] uclogic 0003:256C:006D.0001: failed probing pen v2 parameters: -71 [ 27.908071][ T74] uclogic 0003:256C:006D.0001: failed probing parameters: -71 [ 27.916238][ T74] uclogic: probe of 0003:256C:006D.0001 failed with error -71 [ 27.925081][ T74] usb 5-1: USB disconnect, device number 2 [ 27.974056][ T5] usb 1-1: USB disconnect, device number 2 [ 28.364889][ T519] device syzkaller0 entered promiscuous mode [ 28.375190][ T23] audit: type=1400 audit(1718057517.799:157): avc: denied { relabelfrom } for pid=518 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 28.396294][ T23] audit: type=1400 audit(1718057517.799:158): avc: denied { relabelto } for pid=518 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 28.532526][ T523] EXT4-fs: Warning: mounting with data=journal disables delayed allocation and O_DIRECT support! [ 28.534533][ T526] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 28.552252][ T526] tipc: Started in network mode [ 28.556839][ T526] tipc: Own node identity 6, cluster identity 4711 [ 28.563197][ T526] tipc: 32-bit node address hash set to 6 [ 28.583770][ T523] EXT4-fs (loop4): 1 orphan inode deleted [ 28.590229][ T523] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 28.604672][ T523] ext4 filesystem being mounted at /root/syzkaller-testdir1247712835/syzkaller.DWX4Ws/11/file1 supports timestamps until 2038 (0x7fffffff) [ 28.617593][ T23] audit: type=1400 audit(1718057518.039:159): avc: denied { ioctl } for pid=531 comm="syz-executor.0" path="socket:[12502]" dev="sockfs" ino=12502 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 28.636684][ T523] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6099: Corrupt filesystem [ 28.644656][ T23] audit: type=1400 audit(1718057518.039:160): avc: denied { mounton } for pid=522 comm="syz-executor.4" path="/root/syzkaller-testdir1247712835/syzkaller.DWX4Ws/11/file1/bus" dev="loop4" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 28.655440][ T532] syz-executor.0 (532) used greatest stack depth: 22072 bytes left [ 28.691976][ T523] ------------[ cut here ]------------ [ 28.697259][ T523] kernel BUG at fs/ext4/ext4.h:2984! [ 28.697986][ T534] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 28.703146][ T523] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 28.717773][ T523] CPU: 1 PID: 523 Comm: syz-executor.4 Not tainted 5.4.274-syzkaller-00016-gdd432c37afcd #0 [ 28.727747][ T523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 28.737670][ T523] RIP: 0010:ext4_mb_find_by_goal+0xba1/0xbe0 [ 28.743450][ T523] Code: fc ff ff 48 8b 4c 24 28 80 e1 07 80 c1 03 38 c1 0f 8c 22 fc ff ff 48 8b 7c 24 28 e8 99 74 c8 ff e9 13 fc ff ff e8 af 8f 98 ff <0f> 0b e8 f8 44 6f ff e8 a3 8f 98 ff 0f 0b e8 9c 8f 98 ff 0f 0b e8 [ 28.763006][ T523] RSP: 0018:ffff8881e9f07400 EFLAGS: 00010283 [ 28.768890][ T523] RAX: ffffffff81cbac71 RBX: 0000000000000001 RCX: 0000000000040000 [ 28.776786][ T523] RDX: ffffc90000540000 RSI: 000000000003a2d8 RDI: 000000000003a2d9 [ 28.784595][ T523] RBP: ffff8881e9f07510 R08: ffffffff81cba1f1 R09: ffffed103b5e448e [ 28.792855][ T523] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 28.800744][ T523] R13: ffff8881e990c3f0 R14: 0000000000000001 R15: 1ffff1103d32187e [ 28.808563][ T523] FS: 00007f808995c6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 28.817577][ T523] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 28.823999][ T523] CR2: 00007f6669f906a0 CR3: 00000001d223b000 CR4: 00000000003406a0 [ 28.831908][ T523] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 28.839716][ T523] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 28.847518][ T523] Call Trace: [ 28.850696][ T523] ? __die+0xb4/0x100 [ 28.854480][ T523] ? die+0x26/0x50 [ 28.858042][ T523] ? do_trap+0x1e7/0x340 [ 28.862556][ T523] ? ext4_mb_find_by_goal+0xba1/0xbe0 [ 28.867765][ T523] ? ext4_mb_find_by_goal+0xba1/0xbe0 [ 28.872962][ T523] ? do_invalid_op+0xfb/0x110 [ 28.877644][ T523] ? ext4_mb_find_by_goal+0xba1/0xbe0 [ 28.882867][ T523] ? invalid_op+0x1e/0x30 [ 28.887019][ T523] ? ext4_mb_find_by_goal+0x121/0xbe0 [ 28.892226][ T523] ? ext4_mb_find_by_goal+0xba1/0xbe0 [ 28.897432][ T523] ? ext4_mb_find_by_goal+0xba1/0xbe0 [ 28.902644][ T523] ? kmem_cache_alloc+0xd9/0x250 [ 28.907436][ T523] ? ext4_mb_new_blocks+0x29f/0x2d10 [ 28.912543][ T523] ? ext4_alloc_file_blocks+0x3b1/0xc20 [ 28.917944][ T523] ? ext4_mb_use_inode_pa+0x4b0/0x4b0 [ 28.923125][ T523] ext4_mb_regular_allocator+0x229/0x10d0 [ 28.928684][ T523] ? ext4_mb_initialize_context+0x7bf/0xb80 [ 28.934422][ T523] ? ext4_mb_normalize_request+0xf5/0x1250 [ 28.940052][ T523] ? ext4_mb_normalize_request+0x1250/0x1250 [ 28.945869][ T523] ext4_mb_new_blocks+0x59a/0x2d10 [ 28.950824][ T523] ? memset+0x1f/0x40 [ 28.954629][ T523] ? ext4_ext_check_overlap+0x180/0x5b0 [ 28.960027][ T523] ? ext4_inode_to_goal_block+0x210/0x360 [ 28.965576][ T523] ext4_ext_map_blocks+0x1e70/0x7450 [ 28.970794][ T523] ? ___preempt_schedule+0x16/0x20 [ 28.975724][ T523] ? try_to_wake_up+0x9d3/0x14f0 [ 28.980522][ T523] ? ext4_ext_release+0x10/0x10 [ 28.985185][ T523] ? check_preemption_disabled+0x9f/0x320 [ 28.990738][ T523] ? plist_check_list+0x20d/0x220 [ 28.995626][ T523] ? plist_del+0x3bf/0x3e0 [ 29.000830][ T523] ? debug_smp_processor_id+0x20/0x20 [ 29.006648][ T523] ? wake_up_q+0xa8/0xf0 [ 29.010816][ T523] ? _raw_read_unlock+0x21/0x40 [ 29.015500][ T523] ? ext4_es_lookup_extent+0x559/0x9d0 [ 29.020896][ T523] ext4_map_blocks+0xa2f/0x1ba0 [ 29.025509][ T523] ? ext4_issue_zeroout+0x150/0x150 [ 29.030610][ T523] ? __ext4_journal_start_sb+0x295/0x460 [ 29.036784][ T523] ext4_alloc_file_blocks+0x3b1/0xc20 [ 29.042333][ T523] ? trace_ext4_fallocate_enter+0x1d0/0x1d0 [ 29.048087][ T523] ? down_read_killable+0x220/0x220 [ 29.053188][ T523] ? check_preemption_disabled+0x9f/0x320 [ 29.058741][ T523] ? avc_policy_seqno+0x17/0x70 [ 29.063445][ T523] ? debug_smp_processor_id+0x20/0x20 [ 29.068652][ T523] ? selinux_file_permission+0x2be/0x530 [ 29.074106][ T523] ? trace_ext4_fallocate_enter+0x26/0x1d0 [ 29.080233][ T523] ? inode_newsize_ok+0x17c/0x1b0 [ 29.085271][ T523] ext4_fallocate+0x3b5/0x570 [ 29.089762][ T523] vfs_fallocate+0x551/0x6b0 [ 29.094195][ T523] __x64_sys_fallocate+0xb9/0x100 [ 29.099134][ T523] do_syscall_64+0xca/0x1c0 [ 29.103475][ T523] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 29.109209][ T523] RIP: 0033:0x7f808a5e1f69 [ 29.113547][ T523] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 2024/06/10 22:11:58 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 29.133159][ T523] RSP: 002b:00007f808995c0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 29.141395][ T523] RAX: ffffffffffffffda RBX: 00007f808a718f80 RCX: 00007f808a5e1f69 [ 29.149292][ T523] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 29.157112][ T523] RBP: 00007f808a63f6fe R08: 0000000000000000 R09: 0000000000000000 [ 29.164919][ T523] R10: 0000000000001a00 R11: 0000000000000246 R12: 0000000000000000 [ 29.172740][ T523] R13: 000000000000000b R14: 00007f808a718f80 R15: 00007fff5ff874b8 [ 29.180657][ T523] Modules linked in: [ 29.210214][ T523] ---[ end trace 01624b8af49bdffe ]--- [ 29.216208][ T523] RIP: 0010:ext4_mb_find_by_goal+0xba1/0xbe0 [ 29.222058][ T523] Code: fc ff ff 48 8b 4c 24 28 80 e1 07 80 c1 03 38 c1 0f 8c 22 fc ff ff 48 8b 7c 24 28 e8 99 74 c8 ff e9 13 fc ff ff e8 af 8f 98 ff <0f> 0b e8 f8 44 6f ff e8 a3 8f 98 ff 0f 0b e8 9c 8f 98 ff 0f 0b e8 [ 29.251450][ T523] RSP: 0018:ffff8881e9f07400 EFLAGS: 00010283 [ 29.264619][ T523] RAX: ffffffff81cbac71 RBX: 0000000000000001 RCX: 0000000000040000 [ 29.281124][ T523] RDX: ffffc90000540000 RSI: 000000000003a2d8 RDI: 000000000003a2d9 [ 29.291928][ T523] RBP: ffff8881e9f07510 R08: ffffffff81cba1f1 R09: ffffed103b5e448e [ 29.299980][ T523] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 29.309550][ T523] R13: ffff8881e990c3f0 R14: 0000000000000001 R15: 1ffff1103d32187e [ 29.309964][ T379] syz-executor.1 (379) used greatest stack depth: 21240 bytes left [ 29.325953][ T74] usb 2-1: USB disconnect, device number 2 [ 29.332217][ T523] FS: 00007f808995c6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 29.341741][ T523] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 29.348139][ T523] CR2: 00007f6669f906a0 CR3: 00000001d223b000 CR4: 00000000003406a0 [ 29.356241][ T523] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 29.364603][ T523] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 29.372801][ T523] Kernel panic - not syncing: Fatal exception [ 29.372925][ T380] syz-executor.0 (380) used greatest stack depth: 20760 bytes left [ 29.386736][ T523] Kernel Offset: disabled [ 29.390876][ T523] Rebooting in 86400 seconds..