last executing test programs: 4m17.312796003s ago: executing program 32 (id=83): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000003c0)='mm_page_alloc\x00', r1, 0x0, 0xffffffffffffffff}, 0x18) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x7, 0x0, 0x0, 0x3, 0x82, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xf}, 0x8080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10000000000007}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x2) 2m34.441061609s ago: executing program 33 (id=3679): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x1000, 0x2, 0x0, 0x0, 0x8000002, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x100000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x3, 0x0, 0x1, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, 0x9, 0x0, 0x0, 0x7, 0xfbfffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x4fd, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x7e98263b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xff, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x0, 0x0, 0xd819ac9, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x80000001, 0x0, 0x10, 0x20, 0x4, 0x400000b2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x4, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0x0, 0x20000040, 0xffffffff, 0x400, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xaaf0]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xb, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x0) 2m31.782580413s ago: executing program 34 (id=3817): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x2}, 0x18) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x511e36599023629, 0x100040, 0xe, 0x2, 0x2, 0x2, 0x0, 0x0, 0x5, 0x1}) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f00000004c0)={{0x80}, 'port0\x00', 0x50, 0x100c75, 0x7, 0x4, 0x1ff, 0x0, 0x0, 0x0, 0x6}) 2m26.743533711s ago: executing program 6 (id=4118): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r0, r0) setpgid(0x0, r0) syz_read_part_table(0x1050, &(0x7f0000000000)="$eJzsz7GtwjAYBOB7eQlJCsRKsAENm7APFQ1TULEGJWMEQWyYACGk7yvs8y+dLYev+nul4bn+l9M26zk0ZbC8DJmmsdbGdG3OSRbHW/rHpN60X5Vw7ZPNWPvtvB2m7v1wszt97mcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DvuAQAA//8yUgpN") wait4(r0, 0x0, 0x2, 0x0) process_vm_writev(r0, &(0x7f00000011c0)=[{&(0x7f0000001080)=""/191, 0xbf}], 0x1, &(0x7f00000015c0)=[{&(0x7f0000001bc0)=""/4096, 0x1000}], 0x1, 0x0) 2m26.564154178s ago: executing program 6 (id=4124): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f00000001c0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0xfffc, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f00000000c0)={0xfd, 0x0, 0xfe, 0x22, 0x0, 0x7, 0x6, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3}, 0xe) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000040)=0x10001, 0x4) shutdown(r0, 0x1) recvmmsg(r0, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0) 2m26.456902363s ago: executing program 6 (id=4131): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x42, 0x0, &(0x7f0000000100), 0x0, 0x24, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x2f) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, @fallback=0xf}, 0x94) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bond_slave_0\x00', 0x800}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000080)) 2m26.412774835s ago: executing program 6 (id=4133): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x9, 0x7, 0x0, 0x0, 0x0, 0x40008, 0x590, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x4c58, 0x4, 0x0, 0x0, 0x7, 0x4ac, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000003, 0x13, r2, 0x0) 2m26.336651218s ago: executing program 6 (id=4136): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000a80)='kfree\x00', r0}, 0x18) socket$inet_sctp(0x2, 0x5, 0x84) mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000780)='./file0/../file0\x00', 0x0, 0xa06002, 0x0) 2m26.336478719s ago: executing program 6 (id=4137): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x400000000000247, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000ec0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0xf6) 2m11.342392555s ago: executing program 35 (id=4137): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x400000000000247, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000ec0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0xf6) 1m36.68105585s ago: executing program 0 (id=5944): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00') writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8) 1m36.622764863s ago: executing program 0 (id=5948): unshare(0x6a040000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) unshare(0x20000) r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000200)={'nat\x00', 0x0, 0x0, 0x0, [0xd, 0x7fffffff, 0x8, 0x8, 0x5, 0x5]}, &(0x7f00000002c0)=0x50) fsmount(0xffffffffffffffff, 0x0, 0x80) 1m36.135518864s ago: executing program 0 (id=5965): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="5953fdfffffffddbdf256b000000080043"], 0x28}}, 0x50) 1m36.061480097s ago: executing program 0 (id=5969): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0x0, 0x5200, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00') 1m36.002048179s ago: executing program 0 (id=5981): r0 = open(&(0x7f00009e1000)='./file0\x00', 0x149040, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000640)='kmem_cache_free\x00', r2}, 0x18) fcntl$setlease(r0, 0x400, 0x0) fcntl$setlease(r0, 0x400, 0x2) 1m35.843331546s ago: executing program 0 (id=5976): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000001200)=@raw={'raw\x00', 0x4001, 0x3, 0x3a0, 0x230, 0x700001b, 0x148, 0x0, 0x148, 0x308, 0x206, 0x240, 0x308, 0x240, 0x7fffffe, 0x0, {[{{@ip={@local, @rand_addr, 0x0, 0x0, 'tunl0\x00', 'bond_slave_1\x00', {0xff}}, 0x1ea, 0x1e8, 0x230, 0x0, {0x390, 0x8f00}, [@common=@inet=@hashlimit2={{0x150}, {'pim6reg1\x00', {0x5, 0x1ff, 0x1, 0x1, 0x1, 0x100, 0x1, 0x8, 0x20}, {0x8}}}, @common=@inet=@socket2={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x8, 0x9, 'snmp\x00', {0xc000}}}}, {{@uncond, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x0, 0x6275dd3c01ecbf44, 0x2, 0x4, 0x4], 0x4, 0x2}}}]}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400) 1m35.843174006s ago: executing program 36 (id=5976): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000001200)=@raw={'raw\x00', 0x4001, 0x3, 0x3a0, 0x230, 0x700001b, 0x148, 0x0, 0x148, 0x308, 0x206, 0x240, 0x308, 0x240, 0x7fffffe, 0x0, {[{{@ip={@local, @rand_addr, 0x0, 0x0, 'tunl0\x00', 'bond_slave_1\x00', {0xff}}, 0x1ea, 0x1e8, 0x230, 0x0, {0x390, 0x8f00}, [@common=@inet=@hashlimit2={{0x150}, {'pim6reg1\x00', {0x5, 0x1ff, 0x1, 0x1, 0x1, 0x100, 0x1, 0x8, 0x20}, {0x8}}}, @common=@inet=@socket2={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x8, 0x9, 'snmp\x00', {0xc000}}}}, {{@uncond, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x0, 0x6275dd3c01ecbf44, 0x2, 0x4, 0x4], 0x4, 0x2}}}]}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400) 1m5.740190455s ago: executing program 7 (id=7326): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) socket$inet(0x2, 0x1, 0x0) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2800c1e, &(0x7f0000000000)={[{@test_dummy_encryption}, {@usrjquota}]}, 0xff, 0x249, &(0x7f0000000500)="$eJzs3T9oJGUcBuB3ZneNuVvk1EYQ/4CIaCCcnWBzNgoHchwiggoRERslEWKCXWJlY6G1SiqbIHZGS0kTbBTBKmqK2AgaLAwWWqzsTiIx2aBx484l8zwwOzM7881vhpn3m2VhmACNdSnJlSStJFNJOkmKgyvcWw2X9mZXJjdmkl7vqV+KwXrVfGW/3cUky0keSbJeFnmlnSyuPbf92+YTD7y90Ln/w7VnJ8d6kHt2tree3P3g2lufXH148atvfrpW5Eq6fzuu01cM+a5dJLf9H8VuEEW77j3g37j+xsff9nN/e5L7BvnvpEx18t6Zv2m9k4feP67tuz9/fec49xU4fb1ep38PXO4BjVMm6aYop5NU02U5PV39hv+udaF8dW7+9amX5xZmX6q7pwJOSzfZevyziU8vHsr/j60q/8A5Vf0ptfX09dXv+xO7rZM2Bc6ku6pR//4/9cLSgzlh/oGzT/6hueQfmkv+obnkH5pL/qG55B+aS/6hueQfmkv+4ZybOH7RwfwDAM3Sm6j7CWSgLnX3PwAAAAAAAAAAAAAAAAAAwFErkxsz+8O4an7xXrLzWJL2sPqtwfuIk5sHnxd+Lfqr/aWomo3k+XtG3MCIPqr56etbfqi3/pd311t/aTZZfjPJ5Xb76PVX7F1//92t/7C88+KIBU7o8Lt7H31mvPUP+2O13vpXN5PP+/3P5WH9T5k7BuPh/U+3f/5GrP/a7yNuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLH5MwAA//8lhG1E") times(0x0) 1m5.673221827s ago: executing program 7 (id=7328): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x6048800) 1m5.216941237s ago: executing program 7 (id=7335): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="5c0100001000130720000000fcdbdf25e0000001000000000000000000000000ff020000000000000000000000000001000400004e2100020000000021000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000004d632000000e000000200000000000000000000000000000000000000000000000000000000020000000000000009000000000000000d00000000000000000000000000000001000080000000004305000000000000040000000000000000000000000000800000000000000000fdfffffff9ffffff0000000000000000000000002cbd70000035100002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c538c7cb7a0c001c00", @ANYRES32=r3], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x10) 1m5.173135499s ago: executing program 7 (id=7337): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x110) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x831018, 0x0) mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x212509d, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='hugetlbfs\x00', 0x800010, 0x0) 1m5.14499474s ago: executing program 7 (id=7339): r0 = socket$vsock_stream(0x28, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10) connect$vsock_stream(r0, &(0x7f0000000100)={0x28, 0x0, 0x2710}, 0x10) connect$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @my=0x0}, 0x10) 1m1.330159325s ago: executing program 7 (id=7422): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)={0x114, 0x29, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x103, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac0b}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @loopback}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8", @typed={0x8, 0x145, 0x0, 0x0, @ipv4=@remote}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0) 1m1.277920037s ago: executing program 37 (id=7422): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)={0x114, 0x29, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x103, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac0b}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @loopback}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8", @typed={0x8, 0x145, 0x0, 0x0, @ipv4=@remote}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0) 58.604860182s ago: executing program 9 (id=7502): prctl$PR_SET_NAME(0xf, &(0x7f0000001d00)='\x00-\x00\x1dz\xde\xe8>*\xf9z\x91\x93\xef\x9e\x97V+\xb9\rQ\x82\x80\f96\xae\x8c(\x00\xf2\x1e\xc9\xf4\xbbv\x9dK\xfb\fO.\r\x84&\xa4\x12vP\x9e*\xbe\x1dS\x97\xb5\xe9k\xeb\xdd\x9daX\x8c\x8c\xc0\x04`b\x10Lv3X\x18Q\x1b\xfd\xb3\xc0\x83q0n\x1e\x91\xdf\xd0 r$\xd0\x13k\xb7\x854\xafe]\xff\x145=\x90\x1bIa\x81\xa5.\xe0\x8b\"P\x1c\xd7\xa7\xde\xc0\xec\xdc\x93\xb4(\xd0>\xc6M\x17\xbd\x8c\xcf\x04_y\a\x16(u\xe0m\xa2\xbf\xd0\xfe\xea\x05\xbe\x04\x14u\x81\x15\xd3\x01\xd8x\b\xfe\x17\x8dL\xfd\xf6\"j/h\xbd\xbb\x8dr\x8eKP\b[Y\xf1\xc3\x15\xccv\xb7{b\x01Z\xe3\xe0$\xe4\x15\xdb\b@\\\xd6\xb1\xea\tX\xd3\xb9\xf2\r73\xf1\x82\xcc\x80SX\xeb\x84q\xf4\x8b\x18-\x93\xc3f\x0f\xde\xb4I\xab\x84\xf9\x05+\xe9\xc1q\x8d3+\xbc\xa37\xd3\xc4\xb9=\xcf!Y\x88\xf96+\'\x1fR7\xfa\xa6\xb8\fp\xda\x05\x14\xc4\xc6\x919\x9f}\x84\x1c\xf6\xc9yA*qf\x0eD\xc5\bu\xbc\xd7\xe3\xe82@\x9b\xe4&\xace\xbe\xb5\xe04\x91\xb6\xdc1t\xa9\xb3@-\xdb\xd1\x18\x13\x89G0xffffffffffffffff}) sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0x73220c8b}], 0x1}, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 57.333231777s ago: executing program 9 (id=7545): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000008000000004"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000004000000008000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r2) sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000400000008000700000000000800020005000000050008"], 0x34}}, 0x0) 57.332737907s ago: executing program 38 (id=7545): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000008000000004"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000004000000008000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r2) sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000400000008000700000000000800020005000000050008"], 0x34}}, 0x0) 42.876882071s ago: executing program 3 (id=8126): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000080), &(0x7f0000000180)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r2}, 0x9) r3 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x328000, 0x1000}, 0x20) 42.876264501s ago: executing program 3 (id=8129): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x3c, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2) 42.862662301s ago: executing program 3 (id=8130): setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000a00)=@mangle={'mangle\x00', 0x1f, 0x6, 0x530, 0x1a0, 0x3f8, 0x2b8, 0x0, 0xd0, 0x518, 0x518, 0x518, 0x518, 0x518, 0x6, 0x0, {[{{@ipv6={@private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x10}, [0xffffffff, 0xffffffff, 0x7f000101, 0xff000000], [0xffffff00, 0xffffffff, 0xff000000, 0xff000000], 'pimreg\x00', 'veth1_to_bridge\x00', {}, {}, 0xfd, 0xff, 0x2, 0x8}, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x5, 0x5}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x0, 0x5}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x1}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@loopback, @ipv4=@private=0xa010101, 0x21, 0x3b, 0x200}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x1, 0x2}}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x3, 0x2, 0x17c, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590) r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80), 0x36f, 0x20102, 0x0) ppoll(&(0x7f0000000040)=[{r0, 0x100}], 0x1, 0x0, 0x0, 0x0) 42.846622792s ago: executing program 3 (id=8131): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x42718, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd07, 0x40}, 0x100b28, 0x6, 0x80, 0x1, 0xb, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x40, 0x9, 0x7ffc0002}]}) io_setup(0x8f0, &(0x7f0000002400)=0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10) io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) 42.739161007s ago: executing program 3 (id=8140): mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) 42.67264288s ago: executing program 3 (id=8142): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448d4, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 27.704127265s ago: executing program 39 (id=8142): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x800448d4, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 1.610335171s ago: executing program 8 (id=9557): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) clock_settime(0x0, &(0x7f0000000040)={r2, r3+10000000}) 1.464918307s ago: executing program 8 (id=9558): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x200000b, 0x50, r0, 0xc6d99000) pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) fremovexattr(r1, &(0x7f0000000280)=@known='trusted.overlay.metacopy\x00') lseek(r1, 0x5, 0x4) 1.132929471s ago: executing program 2 (id=9561): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0100000007000000e27f000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b706000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x8004, &(0x7f0000000080)={[{@discard}, {@bh}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x7b9, &(0x7f00000007c0)="$eJzs3d9rHNUeAPDvbJLmR3tvcuFy7+1b4EJvoHRzU2Or4EPFBxEsFPTZNmy2oWaTLdlNaULAFhF8EVR8EPSlz/6ob776A3zS/8IHaamaFis+SGR2Z5M02c2vJtloPh+YzDkzsznnO+fMzNmdYTeAQ2sw/ZOLOB4RbycR/dnyJCK6aqnOiHP17R4uLvRERCGJpaWXfkpq2zxYXCjEqtekjmaZ/0TEV29EnMytL7cyNz85VioVZ7L8cHXq6nBlbv7UlamxieJEcfrMyOjo6bNPnj2ze7H+8t38sbvvPP+/T8/99vq/b7/1dRLn4li2bnUcu2UwBrN90pXuwkc8t9uFtVnS7gqwI+mh2VE/yuN49EdHLdVC737WDADYK69FxBIAcMgkrv8AcMg0Pgd4sLhQaEzt/URif917NiJ66vE/zKb6ms7snl1P7T5o34PkkTsjSUQM7EL5gxHx4eevnOjI8mk93EsD9sONmxFxaWBw/fk/WffMwnb9f6OVS9212eCaxYft+gPt9EU6/nmq2fgvtzz+iSbjn+76sfuvxy1/8+M/d+dxy9hIOv57pv5s25rx3/JDawMdWe5vtTFfV3L5SqmYntv+HhFD0dWd5kdqmzYfuQ3d//1+q/Kz8d/H6fTzu69+lJafzle2yN3p7H70NeNj1c5vHjfwzL2b0Zcl18SfLLd/0mL8e2GLZbzw9JsftFqXxp/G25jWx7+3lm5FnGja/ittmWz4fOJwrTsMNzpFE599/35fq/JXt386peWn892PtLl7N6PWAZJkZR/U1yzHP5Csfl6zsv0yvr3V/2WrdZvH37T/jx1JXq6lj2TLro9VqzMjEUeSF9cvP73y2ka+sX0a/9B/mx//9WKb9//0PeGlLcbfeffHT3Ye/95K4x/fuP+vaf+ebPHKks0Stx9OdrQqf2vtP1pLDWVL0vbfLK6t1GtnvRkAAAAAAAAAAAAAAAAAAAAAAAAAti8XEcciyeWX07lcPl//De9/Rl+uVK5UT14uz06PR+23sgeiK9f4qsv+Vd+HOpJ9H34jf3pN/omI+EdEvNfdW8vnC+XSeLuDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDM0Ra//5/6obvdtQMA9kxPuysAAOw7138AOHy2d/3v3bN6AAD7x/t/ADh8tnz9v7S39QAA9o/3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyxC+fPp9PSr4sLhTQ/fm1udrJ87dR4sTKZn5ot5Avlmav5iXJ5olTMF8pTLf/RjfqsVC5fHY3p2evD1WKlOlyZm784VZ6drl68MjU2UbxY7Nq3yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg6ypz85NjpVJx5i+RuLES2C7/5962xtV3MHbvqkRnHIhqHOhEdxyIauwwsfos0duGMxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn8MfAQAA//94WBdi") r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x141142, 0x50) io_setup(0x20fe, &(0x7f0000000540)=0x0) io_submit(r3, 0x3, &(0x7f0000002680)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000200)='p', 0x8200, 0x600}]) 1.111635492s ago: executing program 8 (id=9563): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c00008008000340000000022c0000000e0a010200000000000000120a0000000900010073797a31000000000900020073797a31"], 0xdc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 1.036739066s ago: executing program 8 (id=9566): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xe, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x2}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r1, &(0x7f0000000300), &(0x7f0000000000)=""/10, 0x2}, 0x20) 999.113137ms ago: executing program 8 (id=9569): mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x6, &(0x7f0000000000)=0x9, 0x8, 0x0) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r0 = creat(&(0x7f0000000140)='./bus\x00', 0xc) write$cgroup_int(r0, &(0x7f0000000540), 0xfffffdd8) madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)) 881.874062ms ago: executing program 1 (id=9574): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff0000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r0 = io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0x100c8a2, 0xc000, 0x8, 0x328}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x13, 0x0, 0x0, &(0x7f0000000680)='syzkaller\x00', 0x8005, 0x0, 0x0, 0x0, 0x76, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x7, 0x4, 0x5, 0x5}, 0x14) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB=')'], 0x50) io_uring_enter(r0, 0x2219, 0xcf74, 0x16, 0x0, 0x0) 831.598664ms ago: executing program 5 (id=9576): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1, 0x4, 0xdd, 0xa, 0x0, 0xffffffffffffffff, 0x2}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0, 0xffffffffffffffff}, &(0x7f0000000300), &(0x7f00000002c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_GET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x2c, r4, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x90) 821.606985ms ago: executing program 2 (id=9577): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94) bpf$MAP_CREATE(0x0, 0x0, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000002c0)='rxrpc_peer\x00', r1}, 0x18) r2 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0) 792.539816ms ago: executing program 5 (id=9578): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11ff0) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x4, 0x80403, 0x200000002006, 0x20000000007fc}) 753.830148ms ago: executing program 1 (id=9580): prlimit64(0x0, 0x9, &(0x7f0000000d80)={0x3, 0x1c88000000}, 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10) close(r0) execve(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000002200)={[&(0x7f0000000340)='^-%-\\x\\$})\'!&}*', &(0x7f0000000440)='syz0']}, 0x0) 691.72074ms ago: executing program 2 (id=9582): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xfc}, 0x1, 0x0, 0x0, 0x20040080}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000440)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@ccm_128={{0x304}, "25beb819521eb41d", "cae5e9937ba539347092d917d39ed975", "98999999", "50f641306280c4e9"}, 0x28) setsockopt$inet6_tcp_int(r0, 0x11a, 0x4, &(0x7f0000000040), 0x44) 687.972431ms ago: executing program 5 (id=9583): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = memfd_create(&(0x7f0000000480)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\x03\x00\x00\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10`\xee\xa9\x8b\x06%\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xa96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xd9Jx\xaa\x8f~\xb94a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xcaX\xe3\xd6m\xf7@]iNP\xf1\x1d\xab\x13\xce\x152s\xb8\x85\x98\x84\xbf\x8c\x80{\x16\t\xd6\x17P3\xe9\xebGKL\xd3\x88\xd2\xb1\rLG\x8e\xd6\xa72\xf4\x92\xeb&\xa5\xcc\x14FZN\x98%[p\x989\xf6\xf5\xb6\xedP\xff\xff\xff\xff\xff\xff\xff\xef)\x0f6\x88\x03P\x8ak\xf9\xc9\x82`\xb4Ku\x99\xab\xd4\xb2\xaa1\x99O\x8b\x9b-\xe3\xe6R\xa2T\x1e\n!\xad$\x93c\xd3\"\xd6\xa1\xd6\xfc\v\x81\x9e\xc1\xb3T\n\xd9\xff\x18 \xf8\xc4\xef\xd2\xb0\xf8\x80\xb8\x1e\xb7fo\x1c\a\xc9\x1a!D\xde\xc6\xf1\x13\xc2F\xc44A\x1d\xb7\xe6\xfbB\xee4\xa1\xdf+\xa5\xb1\xc2\xfb\xc0\t\x15\x7fA{\xe0\xc7\xe0\x96\xc9\xe6\x8fk\xe6\x87;\x03\xff\xb0\x10\x10\x1e\x14\x99\xc7\xd5)\x8d\xc7\xf0\xfd\xe9d\xc9\xce\x85\x88\x88\xcd\xf6\xb2\xbf\xf8E\xe4\xd8\xd0\xe00\xbd\xc2M\xe7\x1b\xac\xc0\v\xb0\xfc\"\x12\x8d\xa5\x96\x10\xf3\x82~2\xa3[\xa4w]\n\xb1+\xac\bR&B\xebW0\xe2\xffBO9y\x8e\xb6\x03\x99\r', 0x3) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0040, &(0x7f0000000240)={[{@noblock_validity}, {@resgid}, {@acl}, {@noinit_itable}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@nodiscard}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xd3a}}], [{@euid_eq}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLf6U8WloIFETFI2nSBz1wAYHEAQQSHIo4BSetSt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPRenfTxLVDHk6c4s9H2nZmd92Z786OPTtjN4CuNZT+kUTsjohfI2Iwyy4/YSj76+bCbOWvhdlKErXaa38m9fNuLMxW8n9i8XW7sh21Wp7f0aTc+TcjxqvVyct5fmTm4jsj01euPnX+4vi5yXOTl8ZOnz5x/HDfqbGTbYkzjevGwfenDh148Y1rL1fOXHvrx6/T+u7OjxdxtNNQdnWberTdhXXYniXppNzBirAmabulzdVb7/+D0RMDi8cG44WPOlo5YFPVarVas8/n3FwN+A9LotM1ADqj+KBPn3+LbYuGHtvCH89mD0Bp3DfzLTtSjlJ+Tm/D82079UfEmbm/v0i32KR5CACApb5Nxz9PNhv/leKeJef9L19D2RsR/4+IfRFxV0Tsj4i7I+rn3hsR962x/MYVktvHP6Xr6wpsldLx3zP52tby8V8x+ou9PXluTz3+3uTs+erksfyaHI3eHWl+dNlLlvvu+V8+a9z3aT7NPrRk/JduafnFWDCvx/VywwTdxPjMeFuCT+P/MOJguVn8SRTLOElEHIiIg+ss4/zjXx1qdezf419BG9aZal9GPJa1/1w0xF9IWq5Pjj59auzkSH9UJ4+NFHfF7X76ef7VVuVvKP42SNt/Z9P7P4s/fUZM+iOmr1y9UF+vnV57GfO/fVxJWhzbv877vy95vZ7uy/e9Nz4zc3k0oi95Kc0OLNs/duu1Rb44P43/6JHm/X9f9nhWvxL3R0R6Ex+OiAci4sG87R6KiIcj4sgK8f/w3CNvtzrWuv1XmJVvozT+iRXaP33LS1O32n/tiZ4L33/Tqvzaqtr/RD11NN+zmve/1VZwI9cOAAAA7hSl+nfgk9LwYrpUGh7OvsO/P3aWqlPTM0+cnXr30kT2Xfm90VsqZroGl8yHjuZzw0V+rCF/PJ83/rxnoJ4frkxVJzodPHS5XS36f+r3nk7XDth0fq8F3Uv/h+6l/0P30v+he+n/0KX6mu/+YKvrAXTE2j//+zelHsDWM/6H7qX/Q/fS/6ErtfxtfGlDP/m/UxPl7VGNpomB7VGNIhGlbVGN9iVe+STrEtulPkWivOr/zGKdiR1ND3X6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA9/gkAAP//Uo/mdg==") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = dup(r0) write$binfmt_elf64(r1, &(0x7f0000000c00)=ANY=[@ANYBLOB="7f454c4606ff78a3050000000000000002003e00cd"], 0x178) execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 672.317211ms ago: executing program 1 (id=9585): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0xffffffffffffffa0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3, 0x0, 0x0, 0x41100}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='cgroup\x00') preadv(r2, &(0x7f00000000c0)=[{&(0x7f00000005c0)=""/128, 0x80}], 0x1, 0x104, 0x8b4) 638.686743ms ago: executing program 2 (id=9586): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000100000000000a20000000000a01010000000000000000010000000900010073797a300000000068000000090a010400000000000000000100000008000a4000000000200011800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30000000000900020073797a3200000000080005400000001f0c000980080001400037"], 0xb0}}, 0x0) 624.003864ms ago: executing program 1 (id=9587): listen(0xffffffffffffffff, 0x3) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00'}) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000700)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab190c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e23, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}, 0xffffffff}, 0x1c) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000001000010025bd7000f9dbdf2500000004", @ANYRES32=0x0, @ANYBLOB="158804000300000008001b000000000008000d"], 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) 330.180936ms ago: executing program 1 (id=9588): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000500)='kmem_cache_free\x00', r1}, 0x18) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2060, 0x0) fcntl$setlease(r2, 0x400, 0x0) fsetxattr$trusted_overlay_redirect(r2, &(0x7f0000000040), 0x0, 0x0, 0x0) fremovexattr(r2, &(0x7f00000000c0)=@known='trusted.overlay.redirect\x00') 329.837566ms ago: executing program 5 (id=9589): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x4}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000040)={0x0, 0x5}, 0x8) sendmsg$inet_sctp(r0, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x4000891) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0xe9, 0x9, 0x7}]}, 0x10) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000001840)=ANY=[@ANYRES32=0x0, @ANYBLOB="ff"], 0x8) 313.498547ms ago: executing program 4 (id=9590): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x18) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r2}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7ffc, 0xcc}, 0x50) 254.622649ms ago: executing program 1 (id=9591): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12) write(r1, &(0x7f0000000a00)="c7885a8f24f458bed72116", 0xb) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7ffff000) syz_clone(0x4000, &(0x7f00000001c0)="b0c4dc345846be585bf5b5590398bdef9afdcc0aea", 0x15, &(0x7f0000000200), &(0x7f0000000280), &(0x7f0000000640)="309b418c2ff6ecdc2325525eb0f919ed1e740654d86989c6c6078bc1da5e22f1aba91544f7a3d49c85c63c4ecbc0126032a428edf3f02782f9be1f36d8f276bf565a2ae3422f772cb62ad7b776582306ae5c8544501f942375553298fbdf44ff5954bdb9599b50228be204d9fa3a366c83a7") 200.979562ms ago: executing program 5 (id=9592): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) r1 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x1, 0x0, 0x8000021e}, &(0x7f0000000400)=0x0, &(0x7f0000000100)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffdfffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x7ff, 0x0, 0x1}) io_uring_enter(r1, 0x47fa, 0x0, 0x0, 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x64040011, 0x1}) 191.574492ms ago: executing program 4 (id=9593): r0 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0x7ff4, 0x1000, 0x2, 0x3a2}) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r1}, 0x18) r2 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r2, &(0x7f0000000040)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24) listen(r2, 0x4) close_range(r0, r2, 0x0) 161.330323ms ago: executing program 4 (id=9594): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="160000000000000005000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000bc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9) syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x208a022, 0x0, 0x1, 0x0, &(0x7f0000000240)) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0) umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x0) 106.916836ms ago: executing program 4 (id=9595): socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x35, 0x4, 0x2}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2, 0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r3, &(0x7f00000001c0), &(0x7f0000000400)=""/198}, 0x20) 87.948897ms ago: executing program 8 (id=9596): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'syz_tun\x00', 0x0}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="300000001000010021bd7000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="858804000300000008001b000000000008000d00080000004469db08a9d815762789002d90"], 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0xffc3, &(0x7f00000001c0)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xfff3}}}, 0x24}}, 0x0) 81.298966ms ago: executing program 2 (id=9597): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000007"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e0000000000000000000800038004000380080005"], 0x3c}}, 0x0) 44.757718ms ago: executing program 5 (id=9598): r0 = epoll_create1(0x80000) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0xa00) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x20000014}) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) recvmsg(r1, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x2000) close_range(r2, 0xffffffffffffffff, 0x0) 1.525711ms ago: executing program 4 (id=9599): prlimit64(0x0, 0x9, &(0x7f0000000d80)={0x3, 0x1c88000000}, 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10) close(r0) execve(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000002200)={[&(0x7f0000000340)='^-%-\\x\\$})\'!&}*', &(0x7f0000000440)='syz0']}, 0x0) 851.44µs ago: executing program 2 (id=9600): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) r1 = syz_io_uring_setup(0x49b, &(0x7f0000000380)={0x0, 0xd6f0, 0x800, 0x82, 0x20e}, &(0x7f0000000200)=0x0, &(0x7f0000000680)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000100)=0xfffffffe, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x400, 0x1}) io_uring_enter(r1, 0x5fdd, 0x217, 0xa5, 0x0, 0x0) 0s ago: executing program 4 (id=9601): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], &(0x7f00000005c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r2}, 0x18) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="06"], 0x9) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000380)={0x0, 0x6}, 0x8) kernel console output (not intermixed with test programs): 1187] syz.9.7458: attempt to access beyond end of device [ 230.154631][T21187] loop9: rw=2049, sector=720, nr_sectors = 32 limit=512 [ 230.170157][T21187] syz.9.7458: attempt to access beyond end of device [ 230.170157][T21187] loop9: rw=2049, sector=784, nr_sectors = 32 limit=512 [ 230.184131][T21187] syz.9.7458: attempt to access beyond end of device [ 230.184131][T21187] loop9: rw=2049, sector=848, nr_sectors = 32 limit=512 [ 230.424276][T21106] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 230.428199][T21106] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 230.442206][T21106] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 230.443199][T21236] loop4: detected capacity change from 0 to 128 [ 230.457514][T21106] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 230.466413][T21106] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.466439][T21106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.466501][T21106] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.466604][T21106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.476549][T21236] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 230.477741][T21236] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 230.503353][T21106] 8021q: adding VLAN 0 to HW filter on device bond0 [ 230.535975][T13483] bridge0: port 1(bridge_slave_0) entered disabled state [ 230.536970][T13483] bridge0: port 2(bridge_slave_1) entered disabled state [ 230.554936][T21106] 8021q: adding VLAN 0 to HW filter on device team0 [ 230.569347][T13494] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 230.580465][T13494] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.580504][T13494] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.584460][T13483] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.584530][T13483] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.710181][T21258] smc: net device bond0 applied user defined pnetid SYZ0 [ 230.710396][T21258] smc: net device bond0 erased user defined pnetid SYZ0 [ 230.718721][T21106] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.859673][T21106] veth0_vlan: entered promiscuous mode [ 230.861899][T21106] veth1_vlan: entered promiscuous mode [ 230.874400][T21106] veth0_macvtap: entered promiscuous mode [ 230.899026][T21287] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7487'. [ 230.899041][T21287] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7487'. [ 230.911004][T21106] veth1_macvtap: entered promiscuous mode [ 230.915453][T21106] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 230.920724][T21106] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 230.963757][T21292] netlink: 'syz.1.7488': attribute type 6 has an invalid length. [ 230.976101][T13494] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.976165][T13494] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.976206][T13494] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.976241][T13494] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.087432][T21311] loop9: detected capacity change from 0 to 128 [ 231.330435][T21359] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 231.397002][T21376] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7507'. [ 231.479134][T21388] smc: net device bond0 applied user defined pnetid SYZ0 [ 231.486636][T21388] smc: net device bond0 erased user defined pnetid SYZ0 [ 231.506352][T21394] loop9: detected capacity change from 0 to 1024 [ 231.513409][T21394] EXT4-fs: inline encryption not supported [ 231.609816][T21394] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:4193: comm syz.9.7510: Allocating blocks 497-513 which overlap fs metadata [ 231.712536][T21432] loop9: detected capacity change from 0 to 1024 [ 231.719341][T21432] EXT4-fs: Ignoring removed nomblk_io_submit option [ 232.005936][T21488] loop8: detected capacity change from 0 to 512 [ 232.013328][T21488] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 232.040140][T21488] syz.8.7529: attempt to access beyond end of device [ 232.040140][T21488] loop8: rw=2049, sector=656, nr_sectors = 32 limit=512 [ 232.056850][T21454] EXT4-fs unmount: 11 callbacks suppressed [ 232.056866][T21454] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.060829][T21488] syz.8.7529: attempt to access beyond end of device [ 232.060829][T21488] loop8: rw=2049, sector=720, nr_sectors = 32 limit=512 [ 232.085582][T21488] syz.8.7529: attempt to access beyond end of device [ 232.085582][T21488] loop8: rw=2049, sector=784, nr_sectors = 32 limit=512 [ 232.099192][T21488] syz.8.7529: attempt to access beyond end of device [ 232.099192][T21488] loop8: rw=2049, sector=848, nr_sectors = 32 limit=512 [ 232.158329][T21501] veth2: entered promiscuous mode [ 232.163763][T21501] veth2: entered allmulticast mode [ 232.174179][T13483] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.210828][T13483] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.271533][T13483] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.331742][T13483] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.406610][T13483] bridge_slave_1: left allmulticast mode [ 232.412362][T13483] bridge_slave_1: left promiscuous mode [ 232.418104][T13483] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.427041][T13483] bridge_slave_0: left allmulticast mode [ 232.432717][T13483] bridge_slave_0: left promiscuous mode [ 232.438375][T13483] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.537310][T13483] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 232.550530][T13483] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 232.560535][T13483] bond0 (unregistering): Released all slaves [ 232.630419][T13483] hsr_slave_0: left promiscuous mode [ 232.639880][T13483] hsr_slave_1: left promiscuous mode [ 232.649448][T13483] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 232.656847][T13483] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 232.664687][T13483] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 232.672224][T13483] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 232.682951][T13483] veth1_macvtap: left promiscuous mode [ 232.688420][T13483] veth0_macvtap: left promiscuous mode [ 232.694296][T13483] veth1_vlan: left promiscuous mode [ 232.700137][T13483] veth0_vlan: left promiscuous mode [ 232.767454][T13483] team0 (unregistering): Port device team_slave_1 removed [ 232.779604][T13483] team0 (unregistering): Port device team_slave_0 removed [ 232.918043][T21530] chnl_net:caif_netlink_parms(): no params data found [ 232.951547][T21530] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.958571][T21530] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.965710][T21530] bridge_slave_0: entered allmulticast mode [ 232.972225][T21530] bridge_slave_0: entered promiscuous mode [ 232.978867][T21530] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.985938][T21530] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.993174][T21530] bridge_slave_1: entered allmulticast mode [ 232.999518][T21530] bridge_slave_1: entered promiscuous mode [ 233.019110][T21530] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 233.032734][T21530] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 233.053496][T21530] team0: Port device team_slave_0 added [ 233.060225][T21530] team0: Port device team_slave_1 added [ 233.078757][T21530] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 233.085726][T21530] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 233.111789][T21530] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 233.122971][T21530] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 233.129946][T21530] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 233.136610][T21551] loop8: detected capacity change from 0 to 8192 [ 233.155985][T21530] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 233.190704][T21530] hsr_slave_0: entered promiscuous mode [ 233.196836][T21530] hsr_slave_1: entered promiscuous mode [ 233.203111][T21530] debugfs: 'hsr0' already exists in 'hsr' [ 233.208899][T21530] Cannot create hsr debugfs directory [ 233.321751][T21567] loop3: detected capacity change from 0 to 512 [ 233.340165][T21567] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.7558: error while reading EA inode 32 err=-116 [ 233.356030][T21567] EXT4-fs (loop3): Remounting filesystem read-only [ 233.363007][T21567] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 233.380323][T21567] EXT4-fs (loop3): 1 orphan inode deleted [ 233.386587][T21567] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 233.410242][T21571] FAT-fs (loop17): unable to read boot sector [ 233.438725][T21106] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.485134][T21585] loop1: detected capacity change from 0 to 2048 [ 233.504725][T21530] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 233.520954][T21585] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 233.534697][T21530] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 233.550695][T21530] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 233.561229][T21530] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 233.590611][T21530] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.597723][T21530] bridge0: port 2(bridge_slave_1) entered forwarding state [ 233.605002][T21530] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.606090][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.612120][T21530] bridge0: port 1(bridge_slave_0) entered forwarding state [ 233.634769][T13483] bridge0: port 1(bridge_slave_0) entered disabled state [ 233.650235][T13483] bridge0: port 2(bridge_slave_1) entered disabled state [ 233.677576][T21609] loop4: detected capacity change from 0 to 256 [ 233.695739][T21614] loop1: detected capacity change from 0 to 2048 [ 233.718114][T21530] 8021q: adding VLAN 0 to HW filter on device bond0 [ 233.730846][T21614] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 233.736800][T21530] 8021q: adding VLAN 0 to HW filter on device team0 [ 233.757615][T13494] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.764695][T13494] bridge0: port 1(bridge_slave_0) entered forwarding state [ 233.775101][T21609] FAT-fs (loop4): Directory bread(block 64) failed [ 233.789599][T21609] FAT-fs (loop4): Directory bread(block 65) failed [ 233.795955][T21624] loop3: detected capacity change from 0 to 512 [ 233.803529][T21609] FAT-fs (loop4): Directory bread(block 66) failed [ 233.810349][T13483] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.817467][T13483] bridge0: port 2(bridge_slave_1) entered forwarding state [ 233.825682][T21609] FAT-fs (loop4): Directory bread(block 67) failed [ 233.830224][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.833062][T21609] FAT-fs (loop4): Directory bread(block 68) failed [ 233.847775][T21609] FAT-fs (loop4): Directory bread(block 69) failed [ 233.853335][T21530] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 233.864785][T21530] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 233.876466][T21624] __quota_error: 157 callbacks suppressed [ 233.876482][T21624] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6). [ 233.882499][T21609] FAT-fs (loop4): Directory bread(block 70) failed [ 233.898744][T21609] FAT-fs (loop4): Directory bread(block 71) failed [ 233.905458][T21609] FAT-fs (loop4): Directory bread(block 72) failed [ 233.912085][T21624] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 233.912334][T21609] FAT-fs (loop4): Directory bread(block 73) failed [ 233.937278][T21624] EXT4-fs (loop3): mount failed [ 233.975769][ T29] audit: type=1400 audit(247.959:10469): avc: denied { setopt } for pid=21634 comm="syz.1.7583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 234.007424][ T29] audit: type=1400 audit(247.989:10470): avc: denied { name_connect } for pid=21637 comm="syz.8.7584" dest=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1 [ 234.053856][T21530] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.079333][ T29] audit: type=1400 audit(248.059:10471): avc: denied { sqpoll } for pid=21643 comm="syz.8.7586" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 234.098186][ T29] audit: type=1400 audit(248.059:10472): avc: denied { read write } for pid=21643 comm="syz.8.7586" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 234.121083][ T29] audit: type=1400 audit(248.059:10473): avc: denied { open } for pid=21643 comm="syz.8.7586" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 234.143792][ T29] audit: type=1400 audit(248.059:10474): avc: denied { ioctl } for pid=21643 comm="syz.8.7586" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 234.173524][T21609] syz.4.7573: attempt to access beyond end of device [ 234.173524][T21609] loop4: rw=2049, sector=1800, nr_sectors = 76 limit=256 [ 234.187329][ T29] audit: type=1400 audit(248.159:10475): avc: denied { module_load } for pid=21608 comm="syz.4.7573" path="/1636/file1/bus" dev="loop4" ino=208 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=system permissive=1 [ 234.300707][T21657] SELinux: failed to load policy [ 234.300909][T21530] veth0_vlan: entered promiscuous mode [ 234.317330][T21649] serio: Serial port ttyS3 [ 234.325731][T21530] veth1_vlan: entered promiscuous mode [ 234.332661][ T29] audit: type=1326 audit(248.319:10476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21658 comm="syz.4.7590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 234.361914][T21530] veth0_macvtap: entered promiscuous mode [ 234.377282][T21530] veth1_macvtap: entered promiscuous mode [ 234.384340][T21664] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=21664 comm=syz.8.7592 [ 234.397054][T21664] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=21664 comm=syz.8.7592 [ 234.409590][ T29] audit: type=1326 audit(248.319:10477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21658 comm="syz.4.7590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 234.440039][T21666] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7594'. [ 234.440259][T21530] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 234.459031][T21666] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7594'. [ 234.459836][T21530] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 234.490560][T13483] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.500257][T13483] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.508946][T13483] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.530977][T13483] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.667768][T21699] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7607'. [ 234.678183][T21697] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7606'. [ 234.687128][T21697] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7606'. [ 234.701808][T13483] netdevsim netdevsim8 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 234.710326][T21697] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7606'. [ 234.710430][T13483] netdevsim netdevsim8 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 234.719199][T21697] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7606'. [ 234.736582][T13483] netdevsim netdevsim8 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 234.745888][T13483] netdevsim netdevsim8 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 234.972636][T21738] loop8: detected capacity change from 0 to 8192 [ 235.020150][T21738] loop8: p2 p3 p4 [ 235.023908][T21738] loop8: p2 start 164919041 is beyond EOD, truncated [ 235.030610][T21738] loop8: p3 size 66846464 extends beyond EOD, truncated [ 235.061852][T21745] loop2: detected capacity change from 0 to 8192 [ 235.122685][T21738] loop8: p4 size 37048832 extends beyond EOD, truncated [ 235.197495][T21755] $Hÿ: renamed from .` [ 235.203797][T21755] $Hÿ: entered promiscuous mode [ 235.208846][T21755] bond_slave_0: entered promiscuous mode [ 235.209356][T21753] loop2: detected capacity change from 0 to 4096 [ 235.214598][T21755] bond_slave_1: entered promiscuous mode [ 235.226919][T21755] dummy0: entered promiscuous mode [ 235.230299][T21753] EXT4-fs: Ignoring removed nomblk_io_submit option [ 235.244776][T21753] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 235.273005][T21760] loop8: detected capacity change from 0 to 1024 [ 235.280174][T21760] EXT4-fs: inline encryption not supported [ 235.291379][T21760] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 235.427310][T21760] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4193: comm syz.8.7634: Allocating blocks 497-513 which overlap fs metadata [ 235.502221][T21530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.525126][T14343] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.554547][T21787] netlink: 180 bytes leftover after parsing attributes in process `syz.3.7646'. [ 235.613901][T21796] loop3: detected capacity change from 0 to 128 [ 235.623810][T21796] FAT-fs (loop3): Directory bread(block 32) failed [ 235.632957][T21796] FAT-fs (loop3): Directory bread(block 33) failed [ 235.640040][T21796] FAT-fs (loop3): Directory bread(block 34) failed [ 235.646795][T21796] FAT-fs (loop3): Directory bread(block 35) failed [ 235.653744][T21796] FAT-fs (loop3): Directory bread(block 36) failed [ 235.660485][T21796] FAT-fs (loop3): Directory bread(block 37) failed [ 235.667118][T21796] FAT-fs (loop3): Directory bread(block 38) failed [ 235.674479][T21796] FAT-fs (loop3): Directory bread(block 39) failed [ 235.681041][T21796] FAT-fs (loop3): Directory bread(block 40) failed [ 235.687532][T21796] FAT-fs (loop3): Directory bread(block 41) failed [ 235.708449][T21796] : attempt to access beyond end of device [ 235.708449][T21796] loop3: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 235.723549][T21796] : attempt to access beyond end of device [ 235.723549][T21796] loop3: rw=0, sector=4600, nr_sectors = 4 limit=128 [ 235.757912][T21804] sch_tbf: peakrate 7 is lower than or equals to rate 7 ! [ 235.879966][T21818] loop2: detected capacity change from 0 to 1024 [ 235.886545][T21818] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 236.018559][ T6720] Bluetooth: hci0: command 0x1003 tx timeout [ 236.024641][ T3513] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 236.123282][T21844] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7673'. [ 236.132238][T21844] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7673'. [ 236.144957][T13483] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 236.155715][T13483] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 236.173092][T13483] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 236.182888][T13483] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 236.249415][T21862] SELinux: Context system_u:object_r:system_cron_spool_t:s0 is not valid (left unmapped). [ 236.261640][T21864] SELinux: policydb version 0 does not match my version range 15-35 [ 236.270638][T21864] SELinux: failed to load policy [ 236.374165][T21886] netlink: 'syz.8.7693': attribute type 14 has an invalid length. [ 236.385033][T21886] netlink: 'syz.8.7693': attribute type 14 has an invalid length. [ 236.522052][T21910] loop8: detected capacity change from 0 to 512 [ 236.541151][T21910] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 236.556390][T21910] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #2: comm syz.8.7704: corrupted inode contents [ 236.568600][T21910] EXT4-fs error (device loop8): ext4_dirty_inode:6517: inode #2: comm syz.8.7704: mark_inode_dirty error [ 236.569833][T21914] loop4: detected capacity change from 0 to 512 [ 236.582529][T21910] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #2: comm syz.8.7704: corrupted inode contents [ 236.598689][T21910] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #2: comm syz.8.7704: mark_inode_dirty error [ 236.610575][T21914] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 236.621239][T21910] EXT4-fs warning (device loop8): ext4_empty_dir:3089: inode #18: comm syz.8.7704: directory missing '.' [ 236.634090][T21914] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 236.647593][T14343] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.674712][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 236.801871][T21940] loop4: detected capacity change from 0 to 1024 [ 236.808480][T21940] EXT4-fs: inline encryption not supported [ 236.819956][T21940] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 236.854034][T21944] loop8: detected capacity change from 0 to 512 [ 236.881396][T21944] EXT4-fs warning (device loop8): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 236.906428][T21944] EXT4-fs (loop8): mount failed [ 236.959877][T21940] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.7716: Allocating blocks 497-513 which overlap fs metadata [ 237.051221][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.136651][T22000] netlink: 'syz.3.7731': attribute type 13 has an invalid length. [ 237.211168][T22000] bridge0: port 2(bridge_slave_1) entered disabled state [ 237.218353][T22000] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.342462][T22000] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 237.355151][T22000] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 237.418044][T13496] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.447259][T13496] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.473838][T13496] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.487374][T13496] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.588600][T22096] IPv6: NLM_F_CREATE should be specified when creating new route [ 237.842112][T22153] SELinux: failed to load policy [ 237.859579][ T36] Process accounting resumed [ 237.911507][T22163] netlink: 'syz.8.7759': attribute type 10 has an invalid length. [ 237.919472][T22163] batadv0: entered allmulticast mode [ 237.926506][T22163] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 237.934855][T22163] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 237.944428][T22163] netlink: 'syz.8.7759': attribute type 10 has an invalid length. [ 237.952273][T22163] batadv0: entered promiscuous mode [ 237.958627][T22163] bond0: (slave batadv0): Releasing backup interface [ 237.966887][T22163] bridge0: port 4(batadv0) entered blocking state [ 237.973347][T22163] bridge0: port 4(batadv0) entered disabled state [ 238.034134][T22171] $Hÿ: renamed from bond0 (while UP) [ 238.041050][T22171] $Hÿ: entered promiscuous mode [ 238.046078][T22171] bond_slave_0: entered promiscuous mode [ 238.051870][T22171] bond_slave_1: entered promiscuous mode [ 238.287516][T13494] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 238.296739][T13494] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 238.607990][T22231] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 238.730276][T22238] Bluetooth: hci0: Frame reassembly failed (-84) [ 238.737610][T13496] Bluetooth: hci0: Frame reassembly failed (-84) [ 238.879610][ T29] kauditd_printk_skb: 185 callbacks suppressed [ 238.879625][ T29] audit: type=1400 audit(252.871:10662): avc: denied { append } for pid=22247 comm="syz.4.7799" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 238.943932][ T29] audit: type=1326 audit(252.901:10663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22249 comm="syz.4.7801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 238.966978][ T29] audit: type=1326 audit(252.901:10664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22249 comm="syz.4.7801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 238.984782][T22254] loop4: detected capacity change from 0 to 1024 [ 238.990278][ T29] audit: type=1326 audit(252.901:10665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22249 comm="syz.4.7801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 238.997883][T22254] EXT4-fs: Ignoring removed mblk_io_submit option [ 239.019670][ T29] audit: type=1326 audit(252.901:10666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22249 comm="syz.4.7801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 239.048810][ T29] audit: type=1326 audit(252.901:10667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22249 comm="syz.4.7801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 239.071850][ T29] audit: type=1326 audit(252.901:10668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22249 comm="syz.4.7801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 239.094960][ T29] audit: type=1326 audit(252.901:10669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22249 comm="syz.4.7801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 239.117922][ T29] audit: type=1326 audit(252.901:10670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22249 comm="syz.4.7801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 239.141191][ T29] audit: type=1326 audit(252.901:10671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22249 comm="syz.4.7801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 239.192928][T22254] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 239.261626][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.452412][T13494] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 240.385428][T22342] SELinux: security_context_str_to_sid (Eá…) failed with errno=-22 [ 240.518723][ T9] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 240.526373][ T9] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 240.533746][ T9] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 240.541436][ T9] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 240.548837][ T9] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 240.556350][ T9] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 240.563767][ T9] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 240.571243][ T9] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 240.578654][ T9] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 240.586247][ T9] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 240.590703][T22373] __nla_validate_parse: 8 callbacks suppressed [ 240.590715][T22373] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7852'. [ 240.602154][ T9] hid-generic 0000:0000:0000.0014: hidraw0: HID v0.00 Device [sy] on syz0 [ 240.618973][T22373] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7852'. [ 240.678909][T22383] loop4: detected capacity change from 0 to 1024 [ 240.697518][T22383] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 240.736227][ T6720] Bluetooth: hci0: command 0x1003 tx timeout [ 240.739723][T22396] loop8: detected capacity change from 0 to 2048 [ 240.742316][ T3513] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 240.786458][T22396] loop8: p2 < > p4 [ 240.791244][T22396] loop8: p4 size 262144 extends beyond EOD, truncated [ 240.982161][T22419] loop2: detected capacity change from 0 to 1024 [ 241.049466][T22419] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 241.071461][T22419] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: comm syz.2.7872: lblock 0 mapped to illegal pblock 0 (length 6) [ 241.085470][T22419] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 241.085689][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 241.097811][T22419] EXT4-fs (loop2): This should not happen!! Data will be lost [ 241.097811][T22419] [ 241.125135][T22419] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.7872: bg 0: block 112: padding at end of block bitmap is not set [ 241.141554][T22419] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 20 with max blocks 44 with error 117 [ 241.154092][T22419] EXT4-fs (loop2): This should not happen!! Data will be lost [ 241.154092][T22419] [ 241.175613][T22442] netlink: 24 bytes leftover after parsing attributes in process `syz.8.7880'. [ 241.185216][T13483] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:41: lblock 8 mapped to illegal pblock 8 (length 8) [ 241.206505][T13483] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 241.218850][T13483] EXT4-fs (loop2): This should not happen!! Data will be lost [ 241.218850][T13483] [ 241.263838][T21530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 241.316965][T22465] netlink: 105116 bytes leftover after parsing attributes in process `syz.8.7888'. [ 241.367135][T22473] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7892'. [ 241.376270][T22473] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7892'. [ 241.419968][T22482] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7896'. [ 241.436525][T22482] IPVS: Error connecting to the multicast addr [ 242.119886][T22545] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7925'. [ 242.128920][T22545] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7925'. [ 242.420681][T22561] loop4: detected capacity change from 0 to 512 [ 242.435589][T22561] EXT4-fs (loop4): orphan cleanup on readonly fs [ 242.445790][T22561] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.7932: couldn't read orphan inode 26 (err -116) [ 242.458693][T22561] EXT4-fs (loop4): Remounting filesystem read-only [ 242.467571][T22561] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 242.531231][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 242.588221][T22581] loop2: detected capacity change from 0 to 512 [ 242.612038][T22581] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 242.646790][T22581] SELinux: Context @ is not valid (left unmapped). [ 242.673197][T21530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 242.707801][T22601] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125 [ 242.746865][T22608] netlink: 68 bytes leftover after parsing attributes in process `syz.3.7950'. [ 242.917484][T22647] loop1: detected capacity change from 0 to 1024 [ 242.926069][T22647] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a002c018, mo2=0002] [ 242.934217][T22647] System zones: 0-1, 3-12 [ 242.939184][T22647] EXT4-fs (loop1): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 243.121993][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 243.225693][T22679] macsec0: entered promiscuous mode [ 243.231066][T22679] hsr0: entered promiscuous mode [ 243.236347][T22679] macsec0: entered allmulticast mode [ 243.241657][T22679] hsr0: entered allmulticast mode [ 243.246764][T22679] hsr_slave_0: entered allmulticast mode [ 243.252384][T22679] hsr_slave_1: entered allmulticast mode [ 243.259320][T22679] hsr0: left allmulticast mode [ 243.264083][T22679] hsr_slave_0: left allmulticast mode [ 243.269540][T22679] hsr_slave_1: left allmulticast mode [ 243.274966][T22679] hsr0: left promiscuous mode [ 243.377369][T22688] loop1: detected capacity change from 0 to 128 [ 243.384090][T22688] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 243.406920][T22688] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 243.428494][T22692] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 243.438994][T22692] SELinux: failed to load policy [ 243.474929][T13496] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 243.555494][ T36] kernel write not supported for file bpf-prog (pid: 36 comm: kworker/1:1) [ 243.886313][ T29] kauditd_printk_skb: 345 callbacks suppressed [ 243.886400][ T29] audit: type=1326 audit(257.884:11017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22734 comm="syz.2.8002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8685fd65e7 code=0x7ffc0000 [ 243.915718][ T29] audit: type=1326 audit(257.884:11018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22734 comm="syz.2.8002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8685f7b829 code=0x7ffc0000 [ 243.938625][ T29] audit: type=1326 audit(257.884:11019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22734 comm="syz.2.8002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f8685fdf749 code=0x7ffc0000 [ 243.961572][ T29] audit: type=1326 audit(257.884:11020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22731 comm="syz.1.7997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f2a5f86f749 code=0x7ffc0000 [ 243.984534][ T29] audit: type=1326 audit(257.884:11021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22734 comm="syz.2.8002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8685fd65e7 code=0x7ffc0000 [ 244.007434][ T29] audit: type=1326 audit(257.884:11022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22734 comm="syz.2.8002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8685f7b829 code=0x7ffc0000 [ 244.030352][ T29] audit: type=1326 audit(257.884:11023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22734 comm="syz.2.8002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f8685fdf749 code=0x7ffc0000 [ 244.053365][ T29] audit: type=1326 audit(257.884:11024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22734 comm="syz.2.8002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8685fd65e7 code=0x7ffc0000 [ 244.076262][ T29] audit: type=1326 audit(257.884:11025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22734 comm="syz.2.8002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8685f7b829 code=0x7ffc0000 [ 244.099151][ T29] audit: type=1326 audit(257.884:11026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22734 comm="syz.2.8002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f8685fdf749 code=0x7ffc0000 [ 244.624244][T22770] pimreg: entered allmulticast mode [ 244.633168][T22770] pimreg: left allmulticast mode [ 244.705720][T22775] loop3: detected capacity change from 0 to 2048 [ 244.772423][T22793] loop3: detected capacity change from 0 to 1024 [ 244.784408][T22795] loop4: detected capacity change from 0 to 128 [ 244.808546][T22795] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 244.834466][T22793] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 244.849074][T22803] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=22803 comm=syz.1.8033 [ 244.861665][T22803] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=22803 comm=syz.1.8033 [ 244.896526][T22793] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: comm syz.3.8030: lblock 0 mapped to illegal pblock 0 (length 6) [ 244.899386][T22795] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 244.909957][T22793] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 244.933961][T22793] EXT4-fs (loop3): This should not happen!! Data will be lost [ 244.933961][T22793] [ 244.962513][T22810] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.8030: bg 0: block 112: padding at end of block bitmap is not set [ 244.977321][T22810] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 20 with max blocks 44 with error 117 [ 244.989858][T22810] EXT4-fs (loop3): This should not happen!! Data will be lost [ 244.989858][T22810] [ 244.999854][T22783] EXT4-fs (loop4): shut down requested (0) [ 245.024141][ T3317] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 245.097560][T13449] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:11: lblock 8 mapped to illegal pblock 8 (length 8) [ 245.112135][T13449] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 245.124507][T13449] EXT4-fs (loop3): This should not happen!! Data will be lost [ 245.124507][T13449] [ 245.153416][T21106] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 245.296758][T22850] netlink: zone id is out of range [ 245.301889][T22850] netlink: zone id is out of range [ 245.330070][T22850] netlink: zone id is out of range [ 245.335931][T22850] netlink: zone id is out of range [ 245.341309][T22850] netlink: zone id is out of range [ 245.366132][T22850] netlink: set zone limit has 8 unknown bytes [ 245.534429][T22878] netem: change failed [ 246.012840][T22933] __nla_validate_parse: 5 callbacks suppressed [ 246.012855][T22933] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8087'. [ 246.053959][T22931] Falling back ldisc for ttyS3. [ 246.064514][T22935] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8088'. [ 246.083986][T22935] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8088'. [ 246.144559][T22945] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 246.154469][T22945] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 246.364988][T22957] loop3: detected capacity change from 0 to 512 [ 246.371449][T22957] msdos: Bad value for 'errors' [ 246.686928][T22986] netlink: 96 bytes leftover after parsing attributes in process `syz.3.8112'. [ 246.690503][T22988] netlink: 'syz.2.8113': attribute type 12 has an invalid length. [ 246.706771][T22991] loop8: detected capacity change from 0 to 1024 [ 246.736427][T22991] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 246.742276][T22999] sch_tbf: peakrate 7 is lower than or equals to rate 7 ! [ 246.766550][T22991] EXT4-fs error (device loop8): ext4_map_blocks:814: inode #15: comm syz.8.8111: lblock 0 mapped to illegal pblock 0 (length 6) [ 246.787355][T22991] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 246.799704][T22991] EXT4-fs (loop8): This should not happen!! Data will be lost [ 246.799704][T22991] [ 246.819557][T22991] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.8111: bg 0: block 112: padding at end of block bitmap is not set [ 246.844873][T22991] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 20 with max blocks 44 with error 117 [ 246.857379][T22991] EXT4-fs (loop8): This should not happen!! Data will be lost [ 246.857379][T22991] [ 246.889332][T13483] EXT4-fs error (device loop8): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:41: lblock 8 mapped to illegal pblock 8 (length 8) [ 246.912309][T13483] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 246.924625][T13483] EXT4-fs (loop8): This should not happen!! Data will be lost [ 246.924625][T13483] [ 246.946194][T14343] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 247.008177][T23022] loop2: detected capacity change from 0 to 2048 [ 247.050607][T23022] Alternate GPT is invalid, using primary GPT. [ 247.057004][T23022] loop2: p2 p3 p7 [ 247.137806][T23047] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8139'. [ 247.147013][T23047] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8139'. [ 247.305166][T23060] ref_ctr_offset mismatch. inode: 0x1db offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x20 [ 247.347802][T23064] netlink: 64 bytes leftover after parsing attributes in process `syz.8.8147'. [ 247.417224][T23068] loop8: detected capacity change from 0 to 1024 [ 247.451428][T23070] loop2: detected capacity change from 0 to 2048 [ 247.459360][T23068] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 247.634847][T23090] bridge0: entered promiscuous mode [ 247.640151][T23090] macsec1: entered promiscuous mode [ 247.646441][T23090] bridge0: port 3(macsec1) entered blocking state [ 247.652945][T23090] bridge0: port 3(macsec1) entered disabled state [ 247.659490][T23090] macsec1: entered allmulticast mode [ 247.664850][T23090] bridge0: entered allmulticast mode [ 247.671049][T23090] macsec1: left allmulticast mode [ 247.676086][T23090] bridge0: left allmulticast mode [ 247.681673][T23090] bridge0: left promiscuous mode [ 247.709021][T23092] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8158'. [ 247.743925][T23092] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8158'. [ 247.779627][T23094] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8159'. [ 247.832175][T23094] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 247.917558][T23106] hsr0: entered promiscuous mode [ 247.926491][T23106] macsec1: entered promiscuous mode [ 247.932014][T23106] macsec1: entered allmulticast mode [ 247.937803][T23106] hsr0: entered allmulticast mode [ 247.943336][T23106] hsr_slave_0: entered allmulticast mode [ 247.948962][T23106] hsr_slave_1: entered allmulticast mode [ 247.973707][T23106] hsr0: left allmulticast mode [ 247.978557][T23106] hsr_slave_0: left allmulticast mode [ 247.983936][T23106] hsr_slave_1: left allmulticast mode [ 248.007293][T23108] loop1: detected capacity change from 0 to 1024 [ 248.026540][T23108] EXT4-fs: Ignoring removed nobh option [ 248.032205][T23108] EXT4-fs: Ignoring removed bh option [ 248.193667][T23108] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 248.275303][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.315458][T23123] netlink: 'syz.1.8170': attribute type 83 has an invalid length. [ 248.334194][T23121] rdma_op ffff888127bc8980 conn xmit_rdma 0000000000000000 [ 248.373149][T14343] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.405811][T23127] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 248.715709][T23141] loop2: detected capacity change from 0 to 128 [ 248.756271][T23141] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 248.803958][T23141] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 248.844828][T13496] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 249.061168][T23176] loop2: detected capacity change from 0 to 512 [ 249.073260][T23176] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.8196: inode has both inline data and extents flags [ 249.200025][T23176] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.8196: couldn't read orphan inode 15 (err -117) [ 249.232338][T23176] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 249.283910][T21530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.325382][ T29] kauditd_printk_skb: 351 callbacks suppressed [ 249.325395][ T29] audit: type=1326 audit(263.327:11378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23185 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8685fdf749 code=0x7ffc0000 [ 249.381870][ T29] audit: type=1326 audit(263.357:11379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23185 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8685fdf749 code=0x7ffc0000 [ 249.404904][ T29] audit: type=1326 audit(263.357:11380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23185 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8685fdf749 code=0x7ffc0000 [ 249.427984][ T29] audit: type=1326 audit(263.357:11381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23185 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8685fdf749 code=0x7ffc0000 [ 249.450956][ T29] audit: type=1326 audit(263.357:11382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23185 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8685fdf749 code=0x7ffc0000 [ 249.474029][ T29] audit: type=1326 audit(263.357:11383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23185 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8685fdf749 code=0x7ffc0000 [ 249.496985][ T29] audit: type=1326 audit(263.357:11384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23185 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f8685fdf749 code=0x7ffc0000 [ 249.519948][ T29] audit: type=1326 audit(263.357:11385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23185 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8685fdf749 code=0x7ffc0000 [ 249.542887][ T29] audit: type=1326 audit(263.357:11386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23185 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f8685fdf749 code=0x7ffc0000 [ 249.565851][ T29] audit: type=1326 audit(263.357:11387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23185 comm="syz.2.8199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8685fd65e7 code=0x7ffc0000 [ 249.609261][T23195] loop2: detected capacity change from 0 to 1024 [ 249.616693][T23195] EXT4-fs (loop2): stripe (32769) is not aligned with cluster size (16), stripe is disabled [ 249.633940][T23195] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 249.665024][T23195] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: comm syz.2.8204: inode #357408251: comm syz.2.8204: iget: illegal inode # [ 249.693342][T23195] EXT4-fs (loop2): Remounting filesystem read-only [ 249.704088][T23195] EXT4-fs warning (device loop2): ext4_xattr_block_set:2195: inode #19: comm syz.2.8204: dec ref error=-30 [ 249.732179][T21530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.559657][T23298] sd 0:0:1:0: device reset [ 250.773748][T23326] loop1: detected capacity change from 0 to 128 [ 250.801868][T23326] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 250.857895][T23330] sg_write: data in/out 28/14 bytes for SCSI command 0x0-- guessing data in; [ 250.857895][T23330] program syz.2.8255 not setting count and/or reply_len properly [ 250.935794][T23341] loop1: detected capacity change from 0 to 1024 [ 250.975324][T23341] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 251.004077][T23352] SELinux: policydb version -101525057 does not match my version range 15-35 [ 251.046805][T23352] SELinux: failed to load policy [ 251.392262][T23376] netlink: 'syz.8.8273': attribute type 1 has an invalid length. [ 251.501429][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.527526][T23382] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 251.573625][T23392] __nla_validate_parse: 5 callbacks suppressed [ 251.573637][T23392] netlink: 131740 bytes leftover after parsing attributes in process `syz.4.8280'. [ 251.592004][T23392] netlink: zone id is out of range [ 251.597267][T23392] netlink: zone id is out of range [ 251.603902][T23392] netlink: zone id is out of range [ 251.609009][T23392] netlink: zone id is out of range [ 251.614561][T23392] netlink: del zone limit has 8 unknown bytes [ 252.045683][T23441] ALSA: seq fatal error: cannot create timer (-22) [ 252.135392][T23449] netlink: 96 bytes leftover after parsing attributes in process `syz.2.8308'. [ 252.331442][ T3404] hid-generic 0000:C1161:0000.0015: item fetching failed at offset 0/1 [ 252.354428][ T3404] hid-generic 0000:C1161:0000.0015: probe with driver hid-generic failed with error -22 [ 253.122441][T23533] loop8: detected capacity change from 0 to 512 [ 253.137921][T23533] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 253.139391][T23531] SELinux: ebitmap start bit (7340416) is beyond the end of the bitmap (1472) [ 253.192256][T23533] EXT4-fs (loop8): 1 truncate cleaned up [ 253.198290][T23533] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 253.215898][T23531] SELinux: failed to load policy [ 253.396000][T23554] batman_adv: batadv0: Adding interface: dummy0 [ 253.402288][T23554] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 253.445690][T23554] batman_adv: batadv0: Interface activated: dummy0 [ 253.459650][T14343] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 253.470908][T23555] batadv0: mtu less than device minimum [ 253.476936][T23555] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 253.487862][T23555] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 253.498501][T23555] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 253.509246][T23555] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 254.121015][T23629] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8389'. [ 254.130041][T23629] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8389'. [ 254.174121][T23635] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8392'. [ 254.274422][T23644] policy can only be matched on NF_INET_PRE_ROUTING [ 254.274435][T23644] unable to load match [ 254.478008][T23658] netlink: 96 bytes leftover after parsing attributes in process `syz.4.8403'. [ 254.515400][ T29] kauditd_printk_skb: 390 callbacks suppressed [ 254.515413][ T29] audit: type=1326 audit(268.509:11778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23661 comm="syz.4.8405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 254.545766][ T29] audit: type=1326 audit(268.509:11779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23661 comm="syz.4.8405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 254.568775][ T29] audit: type=1326 audit(268.549:11780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23661 comm="syz.4.8405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 254.591975][ T29] audit: type=1326 audit(268.549:11781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23661 comm="syz.4.8405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 254.615511][ T29] audit: type=1326 audit(268.549:11782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23661 comm="syz.4.8405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 254.639594][ T29] audit: type=1326 audit(268.569:11783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23661 comm="syz.4.8405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 254.691249][ T29] audit: type=1326 audit(268.639:11784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23661 comm="syz.4.8405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 254.714231][ T29] audit: type=1326 audit(268.639:11785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23661 comm="syz.4.8405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 254.737380][ T29] audit: type=1326 audit(268.669:11786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23669 comm="syz.4.8405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fda2a572005 code=0x7ffc0000 [ 254.760492][ T29] audit: type=1326 audit(268.669:11787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23661 comm="syz.4.8405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 254.856253][T23680] loop4: detected capacity change from 0 to 1024 [ 254.863126][T23680] EXT4-fs: inline encryption not supported [ 254.899891][T23680] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 254.957144][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.978338][T23686] netlink: 72 bytes leftover after parsing attributes in process `syz.4.8412'. [ 255.348646][T23712] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23712 comm=syz.8.8416 [ 255.977967][T23757] rdma_op ffff88811357dd80 conn xmit_rdma 0000000000000000 [ 256.296603][T23781] netlink: 24 bytes leftover after parsing attributes in process `syz.8.8449'. [ 256.428307][T23799] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23799 comm=syz.1.8458 [ 256.469774][T23801] ipip0: entered promiscuous mode [ 256.626424][T23825] netlink: 'syz.2.8470': attribute type 21 has an invalid length. [ 256.641274][T23825] netlink: 156 bytes leftover after parsing attributes in process `syz.2.8470'. [ 256.650503][T23825] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8470'. [ 257.000637][T23838] SELinux: failed to load policy [ 257.047308][T23842] smc: net device hsr0 applied user defined pnetid SYZ2 [ 257.055961][T23842] smc: net device hsr0 erased user defined pnetid SYZ2 [ 257.085931][T23844] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8479'. [ 257.098248][T23844] loop2: detected capacity change from 0 to 512 [ 257.104736][T23844] EXT4-fs: Ignoring removed bh option [ 257.111063][T23844] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 257.120114][T23844] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 257.129147][T23844] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 257.138555][T23844] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 257.146970][T23844] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 257.161899][T23844] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 257.191478][T21530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.580090][T23884] loop8: detected capacity change from 0 to 128 [ 258.080165][T23928] loop1: detected capacity change from 0 to 512 [ 258.101153][T23931] loop4: detected capacity change from 0 to 512 [ 258.108093][T23928] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 258.128656][T23931] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 258.150776][T23931] EXT4-fs (loop4): invalid journal inode [ 258.183024][T23931] EXT4-fs (loop4): can't get journal size [ 258.206774][T23934] loop1: detected capacity change from 0 to 128 [ 258.228309][T23934] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 258.249953][T23931] EXT4-fs (loop4): 1 truncate cleaned up [ 258.285928][T23931] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 258.298385][T23934] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 258.432417][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.460951][T23948] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8525'. [ 259.938887][ T29] kauditd_printk_skb: 662 callbacks suppressed [ 259.938899][ T29] audit: type=1400 audit(273.942:12450): avc: denied { read write } for pid=3317 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 259.968735][ T29] audit: type=1400 audit(273.942:12451): avc: denied { open } for pid=3317 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 260.053573][ T29] audit: type=1400 audit(274.002:12452): avc: denied { ioctl } for pid=3317 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 260.078636][ T29] audit: type=1400 audit(274.002:12453): avc: denied { recv } for pid=3317 comm="syz-executor" saddr=10.128.0.163 src=30036 daddr=10.128.0.76 dest=60186 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 260.166226][ T29] audit: type=1400 audit(274.162:12454): avc: denied { map_create } for pid=23998 comm="syz.4.8546" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 260.225342][ T29] audit: type=1400 audit(274.162:12455): avc: denied { bpf } for pid=23998 comm="syz.4.8546" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 260.245515][ T29] audit: type=1400 audit(274.162:12456): avc: denied { map_read map_write } for pid=23998 comm="syz.4.8546" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 260.264996][ T29] audit: type=1400 audit(274.192:12457): avc: denied { prog_load } for pid=23998 comm="syz.4.8546" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 260.283769][ T29] audit: type=1400 audit(274.192:12458): avc: denied { perfmon } for pid=23998 comm="syz.4.8546" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 260.304565][ T29] audit: type=1400 audit(274.192:12459): avc: denied { prog_run } for pid=23998 comm="syz.4.8546" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 261.141668][T24067] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8578'. [ 261.321198][T24083] netlink: 'syz.4.8585': attribute type 1 has an invalid length. [ 261.601081][T24092] loop8: detected capacity change from 0 to 512 [ 261.641461][T24092] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 261.747938][T14343] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.418735][T24127] chnl_net:caif_netlink_parms(): no params data found [ 262.463848][T24144] loop4: detected capacity change from 0 to 512 [ 262.471099][T24144] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 262.495603][T24144] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 159 vs 220 free clusters [ 262.514795][T24144] EXT4-fs (loop4): Remounting filesystem read-only [ 262.521642][T24144] EXT4-fs (loop4): 1 truncate cleaned up [ 262.528002][T24144] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 262.540577][T24127] bridge0: port 1(bridge_slave_0) entered blocking state [ 262.547671][T24127] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.564949][T24127] bridge_slave_0: entered allmulticast mode [ 262.577171][T24127] bridge_slave_0: entered promiscuous mode [ 262.584142][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.593695][T24127] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.600802][T24127] bridge0: port 2(bridge_slave_1) entered disabled state [ 262.608568][T24127] bridge_slave_1: entered allmulticast mode [ 262.615958][T24127] bridge_slave_1: entered promiscuous mode [ 262.638214][T24127] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 262.649373][T24127] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 262.670198][T24127] team0: Port device team_slave_0 added [ 262.677512][T24127] team0: Port device team_slave_1 added [ 262.694539][T24127] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 262.701603][T24127] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 262.727651][T24127] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 262.739071][T24127] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 262.746174][T24127] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 262.772067][T24127] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 262.871308][T24127] hsr_slave_0: entered promiscuous mode [ 262.877712][T24127] hsr_slave_1: entered promiscuous mode [ 262.883699][T24127] debugfs: 'hsr0' already exists in 'hsr' [ 262.889523][T24127] Cannot create hsr debugfs directory [ 263.025916][T24165] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8613'. [ 263.067261][T24170] netlink: 'syz.1.8615': attribute type 1 has an invalid length. [ 263.080386][T24170] bond0: entered promiscuous mode [ 263.085531][T24170] bond0: entered allmulticast mode [ 263.095128][T24170] batman_adv: batadv0: Interface deactivated: dummy0 [ 263.103497][T24170] batman_adv: batadv0: Removing interface: dummy0 [ 263.111955][T24170] bond0: (slave dummy0): making interface the new active one [ 263.119756][T24170] dummy0: entered promiscuous mode [ 263.125123][T24170] dummy0: entered allmulticast mode [ 263.130640][T24170] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 263.203248][T24127] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 263.217315][T24127] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 263.226125][T24127] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 263.234772][T24127] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 263.251799][T24127] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.258856][T24127] bridge0: port 2(bridge_slave_1) entered forwarding state [ 263.266181][T24127] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.273249][T24127] bridge0: port 1(bridge_slave_0) entered forwarding state [ 263.312839][T24127] 8021q: adding VLAN 0 to HW filter on device bond0 [ 263.334493][ T1708] bridge0: port 1(bridge_slave_0) entered disabled state [ 263.342888][ T1708] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.358925][T24127] 8021q: adding VLAN 0 to HW filter on device team0 [ 263.371317][T13462] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.378468][T13462] bridge0: port 1(bridge_slave_0) entered forwarding state [ 263.409680][ T1708] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.416845][ T1708] bridge0: port 2(bridge_slave_1) entered forwarding state [ 263.511450][T24127] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 263.664380][T24127] veth0_vlan: entered promiscuous mode [ 263.672291][T24127] veth1_vlan: entered promiscuous mode [ 263.686513][T24127] veth0_macvtap: entered promiscuous mode [ 263.694022][T24127] veth1_macvtap: entered promiscuous mode [ 263.704323][T24127] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 263.716615][T24127] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 263.728132][T13462] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.737523][T13462] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.749551][T13462] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.760032][T13462] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.204554][T24255] SELinux: ebitmap start bit (7340416) is beyond the end of the bitmap (1472) [ 264.214965][T24255] SELinux: failed to load policy [ 264.276800][T24264] netlink: 'syz.4.8644': attribute type 3 has an invalid length. [ 264.546726][T24279] xt_hashlimit: max too large, truncated to 1048576 [ 264.553998][T24279] xt_CT: You must specify a L4 protocol and not use inversions on it [ 264.582366][T24283] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8652'. [ 264.697310][T24287] SELinux: ebitmap start bit (7340416) is beyond the end of the bitmap (1472) [ 264.707382][T24287] SELinux: failed to load policy [ 264.721016][T24289] loop4: detected capacity change from 0 to 512 [ 264.729755][T24289] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 264.741192][T24289] EXT4-fs (loop4): 1 truncate cleaned up [ 264.747307][T24289] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 264.849563][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 264.865207][T24295] netlink: 'syz.4.8656': attribute type 3 has an invalid length. [ 264.873062][T24295] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8656'. [ 264.947553][T24307] loop4: detected capacity change from 0 to 512 [ 264.955400][T24307] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 264.973149][ T29] kauditd_printk_skb: 105 callbacks suppressed [ 264.973163][ T29] audit: type=1400 audit(278.974:12565): avc: denied { mount } for pid=24306 comm="syz.4.8661" name="/" dev="loop4" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 265.015392][ T29] audit: type=1400 audit(279.024:12566): avc: denied { unmount } for pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 265.071743][ T29] audit: type=1400 audit(279.074:12567): avc: denied { read } for pid=24319 comm="syz.1.8667" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 265.100047][T24324] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8668'. [ 265.120373][T24324] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8668'. [ 265.153251][T24332] 9pnet_fd: Insufficient options for proto=fd [ 265.187792][T24341] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8676'. [ 265.196948][T24341] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8676'. [ 265.206963][T24343] netlink: 60 bytes leftover after parsing attributes in process `syz.8.8670'. [ 265.216796][T24329] netlink: 60 bytes leftover after parsing attributes in process `syz.8.8670'. [ 265.254168][ T29] audit: type=1400 audit(279.255:12568): avc: denied { create } for pid=24345 comm="syz.1.8678" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 265.273172][ T29] audit: type=1400 audit(279.255:12569): avc: denied { ioctl } for pid=24345 comm="syz.1.8678" path="socket:[76213]" dev="sockfs" ino=76213 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 265.309972][ T29] audit: type=1400 audit(279.315:12570): avc: denied { bind } for pid=24345 comm="syz.1.8678" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 265.328794][ T29] audit: type=1326 audit(279.315:12571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24348 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4451d1f749 code=0x7ffc0000 [ 265.351764][ T29] audit: type=1326 audit(279.315:12572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24348 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4451d1f749 code=0x7ffc0000 [ 265.374743][ T29] audit: type=1326 audit(279.315:12573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24348 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f4451d1f749 code=0x7ffc0000 [ 265.397958][ T29] audit: type=1326 audit(279.315:12574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24348 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4451d1f749 code=0x7ffc0000 [ 265.646134][T24374] netlink: 28 bytes leftover after parsing attributes in process `syz.4.8689'. [ 265.687780][T24381] loop4: detected capacity change from 0 to 512 [ 265.712026][T24381] EXT4-fs (loop4): 1 truncate cleaned up [ 265.718405][T24381] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 265.777625][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.998028][T24415] loop4: detected capacity change from 0 to 512 [ 266.045977][T24415] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 266.080448][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.540855][T24470] SELinux: failed to load policy [ 266.658361][T24485] IPv6: NLM_F_CREATE should be specified when creating new route [ 266.672132][T24487] $Hÿ: (slave dummy0): Releasing backup interface [ 266.682053][T24487] dummy0: left promiscuous mode [ 266.689042][T24487] batman_adv: batadv0: Adding interface: dummy0 [ 266.695366][T24487] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 266.720645][T24487] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active [ 267.009088][T24514] random: crng reseeded on system resumption [ 267.388036][T24558] ipip2: entered promiscuous mode [ 267.402560][T24562] loop4: detected capacity change from 0 to 128 [ 267.417913][T24562] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 267.431424][T24562] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 267.460300][T13459] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 267.671180][T24591] loop2: detected capacity change from 0 to 512 [ 267.678130][T24591] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 267.689716][T24591] EXT4-fs (loop2): 1 truncate cleaned up [ 267.695775][T24591] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 267.822910][T21530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.017624][T24609] loop1: detected capacity change from 0 to 764 [ 268.028150][T24609] rock: directory entry would overflow storage [ 268.034404][T24609] rock: sig=0x4f50, size=4, remaining=3 [ 268.040036][T24609] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 268.065502][T24611] loop1: detected capacity change from 0 to 512 [ 268.084619][T24611] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 268.116908][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.134016][T24615] loop1: detected capacity change from 0 to 512 [ 268.141977][T24615] EXT4-fs (loop1): 1 truncate cleaned up [ 268.147973][T24615] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 268.193224][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.599560][T24667] __nla_validate_parse: 3 callbacks suppressed [ 268.599576][T24667] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8815'. [ 268.637807][T24667] 8021q: adding VLAN 0 to HW filter on device bond0 [ 268.666093][T24672] bond0: (slave gretap2): Enslaving as an active interface with an up link [ 268.686813][T24667] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8815'. [ 268.708602][T24667] bond0 (unregistering): (slave gretap2): Releasing backup interface [ 268.740264][T24667] bond0 (unregistering): Released all slaves [ 268.752462][T24677] netlink: 'syz.5.8818': attribute type 1 has an invalid length. [ 269.002077][T24711] x_tables: ip6_tables: quota.0 match: invalid size 24 (kernel) != (user) 144 [ 269.136900][T24737] netlink: 64 bytes leftover after parsing attributes in process `syz.2.8843'. [ 269.139964][T24730] ALSA: seq fatal error: cannot create timer (-19) [ 269.178198][T24743] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8846'. [ 269.187452][T24743] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8846'. [ 269.253805][T24751] loop5: detected capacity change from 0 to 128 [ 269.260518][T24751] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 269.272937][T24751] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 269.293142][T24754] loop8: detected capacity change from 0 to 128 [ 269.297228][T24755] loop2: detected capacity change from 0 to 1024 [ 269.301153][T24754] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 269.313829][T24755] EXT4-fs: inline encryption not supported [ 269.323971][T24755] EXT4-fs: Ignoring removed orlov option [ 269.330045][T13462] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 269.330129][T24755] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 269.367429][T24755] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002] [ 269.385748][T24755] System zones: 0-1, 3-12 [ 269.391961][T14343] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 269.406748][T24755] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 269.435314][T21530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 269.495274][T24773] netlink: 20 bytes leftover after parsing attributes in process `'. [ 269.504224][T24773] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 269.544169][T24779] loop8: detected capacity change from 0 to 128 [ 269.956689][T24837] loop8: detected capacity change from 0 to 128 [ 269.969609][T24837] msdos: Unknown parameter 'dos1xfl%›4?Ö…y' [ 270.003844][T24843] IPv6: NLM_F_CREATE should be specified when creating new route [ 270.118978][T24858] loop5: detected capacity change from 0 to 512 [ 270.136879][T24858] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 270.171894][ T29] kauditd_printk_skb: 478 callbacks suppressed [ 270.171918][ T29] audit: type=1400 audit(284.187:13053): avc: denied { create } for pid=24866 comm="syz.8.8898" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 270.198584][ T29] audit: type=1400 audit(284.187:13054): avc: denied { bind } for pid=24866 comm="syz.8.8898" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 270.220612][T24127] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.238098][T24870] loop8: detected capacity change from 0 to 512 [ 270.244778][T24870] EXT4-fs: Ignoring removed i_version option [ 270.250777][T24870] EXT4-fs: Ignoring removed bh option [ 270.257687][ T29] audit: type=1400 audit(284.267:13055): avc: denied { write } for pid=24871 comm="syz.2.8901" name="001" dev="devtmpfs" ino=150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 270.280435][ T29] audit: type=1400 audit(284.267:13056): avc: denied { getopt } for pid=24873 comm="syz.5.8899" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 270.299569][ T29] audit: type=1400 audit(284.267:13057): avc: denied { setopt } for pid=24873 comm="syz.5.8899" lport=57213 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 270.323344][ T29] audit: type=1400 audit(284.267:13058): avc: denied { connect } for pid=24873 comm="syz.5.8899" lport=57213 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 270.347151][ T29] audit: type=1400 audit(284.267:13059): avc: denied { name_connect } for pid=24873 comm="syz.5.8899" dest=20004 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 270.372183][T24870] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 270.399966][ T29] audit: type=1400 audit(284.407:13060): avc: denied { write } for pid=24869 comm="+}[@" name="file1" dev="loop8" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 270.422621][ T29] audit: type=1400 audit(284.437:13061): avc: denied { setattr } for pid=24869 comm="+}[@" path="/963/bus/file1" dev="loop8" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 270.423540][T24870] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #18: comm +}[@: corrupted inode contents [ 270.456681][T24870] EXT4-fs error (device loop8): ext4_dirty_inode:6517: inode #18: comm +}[@: mark_inode_dirty error [ 270.472013][T24870] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #18: comm +}[@: corrupted inode contents [ 270.483658][T24870] EXT4-fs error (device loop8): ext4_xattr_delete_inode:2996: inode #18: comm +}[@: mark_inode_dirty error [ 270.495252][T24870] EXT4-fs error (device loop8): ext4_xattr_delete_inode:2999: inode #18: comm +}[@: mark inode dirty (error -117) [ 270.508566][T24870] EXT4-fs warning (device loop8): ext4_evict_inode:274: xattr delete (err -117) [ 270.545234][ T29] audit: type=1326 audit(284.557:13062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24891 comm="syz.4.8907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 270.581676][T14343] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.599483][T24895] loop5: detected capacity change from 0 to 512 [ 270.607125][T24895] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 270.622084][T24895] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 270.630147][T24895] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002] [ 270.666012][T24895] System zones: 0-1, 15-15, 18-18, 34-34 [ 270.681982][T24895] EXT4-fs (loop5): orphan cleanup on readonly fs [ 270.701227][T24895] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 270.715786][T24895] EXT4-fs (loop5): Cannot turn on quotas: error -22 [ 270.723113][T24895] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.8909: bg 0: block 40: padding at end of block bitmap is not set [ 270.737532][T24895] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 270.746425][T24895] EXT4-fs (loop5): 1 truncate cleaned up [ 270.752470][T24895] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 270.780409][T24895] EXT4-fs error (device loop5): ext4_encrypted_get_link:46: inode #16: comm syz.5.8909: bad symlink. [ 270.811805][T24902] loop1: detected capacity change from 0 to 2048 [ 270.819613][T24127] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.829926][T24902] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 270.874378][T24893] loop4: detected capacity change from 0 to 32768 [ 270.911810][T24893] loop4: p1 p2 p3 < > p4 < p5 p6 > [ 270.917117][T24893] loop4: p1 start 460800 is beyond EOD, truncated [ 270.923564][T24893] loop4: p2 size 83886080 extends beyond EOD, truncated [ 270.931620][T24893] loop4: p5 start 460800 is beyond EOD, truncated [ 270.938071][T24893] loop4: p6 size 83886080 extends beyond EOD, truncated [ 270.993527][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.215391][T24931] loop4: detected capacity change from 0 to 164 [ 271.371785][T24963] loop8: detected capacity change from 0 to 164 [ 271.392109][T24966] loop4: detected capacity change from 0 to 1024 [ 271.408638][T24969] loop5: detected capacity change from 0 to 2048 [ 271.417255][T24966] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 271.434181][T24969] EXT4-fs (loop5): unsupported descriptor size 9 [ 271.456479][T24977] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8941'. [ 271.465456][T24977] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8941'. [ 271.515108][T24966] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 8: comm syz.4.8937: lblock 8 mapped to illegal pblock 8 (length 4) [ 271.530747][T24966] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 4 with error 117 [ 271.543121][T24966] EXT4-fs (loop4): This should not happen!! Data will be lost [ 271.543121][T24966] [ 271.619880][ T1708] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: comm kworker/u8:8: lblock 0 mapped to illegal pblock 0 (length 5) [ 271.641542][ T1708] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 5 with error 117 [ 271.653833][ T1708] EXT4-fs (loop4): This should not happen!! Data will be lost [ 271.653833][ T1708] [ 271.699384][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 271.761026][T25009] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=25009 comm=syz.1.8956 [ 271.922395][ T3404] IPVS: starting estimator thread 0... [ 271.928111][T25020] loop4: detected capacity change from 0 to 2048 [ 271.981063][T25020] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 272.008428][T25039] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 272.008428][T25039] program syz.2.8967 not setting count and/or reply_len properly [ 272.025180][T25024] IPVS: using max 2640 ests per chain, 132000 per kthread [ 272.065762][T25020] EXT4-fs: Ignoring removed orlov option [ 272.071526][T25020] EXT4-fs (loop4): stripe (18) is not aligned with cluster size (16), stripe is disabled [ 272.097777][T25020] EXT4-fs (loop4): can't enable nombcache during remount [ 272.115018][T25056] sd 0:0:1:0: device reset [ 272.157915][T25063] loop1: detected capacity change from 0 to 512 [ 272.164581][T25063] EXT4-fs: Ignoring removed i_version option [ 272.170658][T25063] EXT4-fs: Ignoring removed bh option [ 272.187941][T25065] loop8: detected capacity change from 0 to 256 [ 272.196189][T25063] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 272.217039][T25063] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #18: comm +}[@: corrupted inode contents [ 272.228887][T25063] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #18: comm +}[@: mark_inode_dirty error [ 272.240009][T25063] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #18: comm +}[@: corrupted inode contents [ 272.253522][T25063] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2996: inode #18: comm +}[@: mark_inode_dirty error [ 272.265516][T25063] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2999: inode #18: comm +}[@: mark inode dirty (error -117) [ 272.277732][T25063] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117) [ 272.296393][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.307998][T25069] netlink: 'syz.8.8982': attribute type 1 has an invalid length. [ 272.315755][T25069] netlink: 'syz.8.8982': attribute type 4 has an invalid length. [ 272.323485][T25069] netlink: 9462 bytes leftover after parsing attributes in process `syz.8.8982'. [ 272.502528][T25076] loop8: detected capacity change from 0 to 32768 [ 272.540579][T25076] loop8: p1 p2 p3 < > p4 < p5 p6 > [ 272.545814][T25076] loop8: p1 start 460800 is beyond EOD, truncated [ 272.552274][T25076] loop8: p2 size 83886080 extends beyond EOD, truncated [ 272.560290][T25076] loop8: p5 start 460800 is beyond EOD, truncated [ 272.566689][T25076] loop8: p6 size 83886080 extends beyond EOD, truncated [ 272.619156][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 272.633011][T25085] netlink: 'syz.8.8988': attribute type 7 has an invalid length. [ 272.662917][T25089] 0ªî{X¹¦: left allmulticast mode [ 272.674945][T25089] $Hÿ: left promiscuous mode [ 272.679772][T25089] bond_slave_0: left promiscuous mode [ 272.685257][T25089] bond_slave_1: left promiscuous mode [ 272.691988][T25089] 8021q: adding VLAN 0 to HW filter on device $Hÿ [ 272.702914][T25089] net_ratelimit: 15 callbacks suppressed [ 272.702921][T25089] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 272.738674][T25091] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8992'. [ 272.743369][T25093] loop8: detected capacity change from 0 to 1024 [ 272.762006][T25093] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 272.828002][T25093] EXT4-fs error (device loop8): ext4_map_blocks:814: inode #15: block 8: comm syz.8.8991: lblock 8 mapped to illegal pblock 8 (length 4) [ 272.842398][T25093] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 4 with error 117 [ 272.854720][T25093] EXT4-fs (loop8): This should not happen!! Data will be lost [ 272.854720][T25093] [ 272.886297][T13459] EXT4-fs error (device loop8): ext4_map_blocks:814: inode #15: comm kworker/u8:20: lblock 0 mapped to illegal pblock 0 (length 5) [ 272.900271][T13459] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 5 with error 117 [ 272.912650][T13459] EXT4-fs (loop8): This should not happen!! Data will be lost [ 272.912650][T13459] [ 272.934752][T14343] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 272.988752][T25113] bridge0: entered allmulticast mode [ 272.994429][T25113] bridge_slave_1: left allmulticast mode [ 273.000099][T25113] bridge_slave_1: left promiscuous mode [ 273.005727][T25113] bridge0: port 2(bridge_slave_1) entered disabled state [ 273.027473][T25113] bridge_slave_0: left allmulticast mode [ 273.033157][T25113] bridge_slave_0: left promiscuous mode [ 273.038857][T25113] bridge0: port 1(bridge_slave_0) entered disabled state [ 273.058450][T25113] bridge0 (unregistering): left allmulticast mode [ 273.145564][T25133] netlink: 'syz.4.9009': attribute type 3 has an invalid length. [ 273.368062][T25176] loop2: detected capacity change from 0 to 1024 [ 273.406797][T25176] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 273.483413][T21530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.526516][T25194] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=25194 comm=syz.2.9035 [ 273.539136][T25194] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=25194 comm=syz.2.9035 [ 273.593129][T25203] loop5: detected capacity change from 0 to 512 [ 273.624377][T25203] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 273.702886][T25203] EXT4-fs (loop5): mount failed [ 273.953525][T25236] __nla_validate_parse: 7 callbacks suppressed [ 273.953541][T25236] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9052'. [ 274.062404][T25240] loop1: detected capacity change from 0 to 256 [ 274.151135][T25251] netlink: 'syz.8.9059': attribute type 12 has an invalid length. [ 274.510189][T25266] loop4: detected capacity change from 0 to 128 [ 274.678410][T25287] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9073'. [ 274.813752][T25308] ref_ctr_offset mismatch. inode: 0x2534 offset: 0x0 ref_ctr_offset(old): 0x24 ref_ctr_offset(new): 0x0 [ 274.849121][T25311] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9086'. [ 274.873156][T25311] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9086'. [ 274.964664][T25326] netlink: 'syz.2.9093': attribute type 1 has an invalid length. [ 275.016975][T25326] bond1: (slave bridge1): making interface the new active one [ 275.080455][T25326] bond1: (slave bridge1): Enslaving as an active interface with an up link [ 275.107841][T25340] rdma_op ffff888116ed0980 conn xmit_rdma 0000000000000000 [ 275.200457][ T29] kauditd_printk_skb: 263 callbacks suppressed [ 275.200470][ T29] audit: type=1326 audit(289.210:13324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25355 comm="syz.8.9106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4451d1f749 code=0x7ffc0000 [ 275.241945][ T29] audit: type=1326 audit(289.240:13325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25355 comm="syz.8.9106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f4451d1f749 code=0x7ffc0000 [ 275.264955][ T29] audit: type=1326 audit(289.240:13326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25355 comm="syz.8.9106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4451d1f749 code=0x7ffc0000 [ 275.287950][ T29] audit: type=1326 audit(289.240:13327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25355 comm="syz.8.9106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4451d1f749 code=0x7ffc0000 [ 275.310914][ T29] audit: type=1326 audit(289.240:13328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25355 comm="syz.8.9106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f4451d1f749 code=0x7ffc0000 [ 275.333891][ T29] audit: type=1326 audit(289.240:13329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25355 comm="syz.8.9106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4451d1f749 code=0x7ffc0000 [ 275.356866][ T29] audit: type=1326 audit(289.240:13330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25355 comm="syz.8.9106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4451d1f749 code=0x7ffc0000 [ 275.379949][ T29] audit: type=1326 audit(289.250:13331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25355 comm="syz.8.9106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f4451d1f749 code=0x7ffc0000 [ 275.402905][ T29] audit: type=1326 audit(289.250:13332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25355 comm="syz.8.9106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4451d1f749 code=0x7ffc0000 [ 275.425862][ T29] audit: type=1326 audit(289.250:13333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25355 comm="syz.8.9106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4451d1f749 code=0x7ffc0000 [ 275.470569][T25362] netlink: 'syz.1.9109': attribute type 1 has an invalid length. [ 275.538211][T25371] netlink: 76 bytes leftover after parsing attributes in process `syz.2.9113'. [ 275.676303][T25385] loop4: detected capacity change from 0 to 256 [ 275.683236][T25385] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 275.695746][T25385] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 275.994851][T25400] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 276.003552][T25400] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 276.160856][T25417] sg_write: data in/out 49276/2 bytes for SCSI command 0x6-- guessing data in; [ 276.160856][T25417] program syz.8.9132 not setting count and/or reply_len properly [ 276.232196][T25423] netlink: 'syz.8.9135': attribute type 12 has an invalid length. [ 276.438508][T25454] loop8: detected capacity change from 0 to 164 [ 276.476673][T25457] loop1: detected capacity change from 0 to 512 [ 276.483356][T25457] EXT4-fs: dax option not supported [ 276.530228][T25463] loop1: detected capacity change from 0 to 128 [ 276.549457][T25463] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 276.604138][T25478] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9159'. [ 276.709901][ T3315] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 276.710830][T25491] SELinux: failed to load policy [ 276.759591][T25503] loop4: detected capacity change from 0 to 512 [ 276.769638][T25503] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 276.783076][T25501] usb usb4: usbfs: interface 0 claimed by hub while 'syz.1.9170' sets config #0 [ 276.807425][T25501] usb usb4: usbfs: interface 0 claimed by hub while 'syz.1.9170' sets config #1 [ 276.914076][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.945959][T25522] netlink: 332 bytes leftover after parsing attributes in process `syz.2.9180'. [ 276.994507][T25529] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9182'. [ 277.087653][T25539] netlink: 32 bytes leftover after parsing attributes in process `syz.2.9186'. [ 277.096708][T25539] netem: unknown loss type 13 [ 277.101569][T25539] netem: change failed [ 277.114433][T25537] loop4: detected capacity change from 0 to 8192 [ 277.132050][T25537] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 2074) [ 277.140950][T25537] FAT-fs (loop4): Filesystem has been set read-only [ 277.147669][T25537] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 2074) [ 277.156685][T25537] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 2074) [ 277.165644][T25537] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 2074) [ 277.264105][T25562] loop1: detected capacity change from 0 to 512 [ 277.280095][T25562] EXT4-fs: Ignoring removed nobh option [ 277.286223][T25562] EXT4-fs: old and new quota format mixing [ 277.320942][T25567] loop4: detected capacity change from 0 to 512 [ 277.327850][T25567] EXT4-fs (loop4): blocks per group (8192) and clusters per group (2304) inconsistent [ 277.444351][T25576] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 277.451868][T25576] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 277.484249][T25576] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 277.491718][T25576] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 277.920498][T25631] loop4: detected capacity change from 0 to 512 [ 277.927378][T25631] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 277.952591][T25631] EXT4-fs (loop4): 1 orphan inode deleted [ 277.958456][T25631] EXT4-fs (loop4): 1 truncate cleaned up [ 277.968948][T25631] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 278.039680][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.070503][T25642] loop4: detected capacity change from 0 to 1024 [ 278.078852][T25642] EXT4-fs: inline encryption not supported [ 278.084689][T25642] EXT4-fs: Ignoring removed orlov option [ 278.091158][T25642] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 278.108475][T25642] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002] [ 278.116918][T25642] System zones: 0-1, 3-12 [ 278.122095][T25642] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 278.124653][T25646] hub 9-0:1.0: USB hub found [ 278.139078][T25646] hub 9-0:1.0: 8 ports detected [ 278.140313][T25642] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 1 with error 28 [ 278.156219][T25642] EXT4-fs (loop4): This should not happen!! Data will be lost [ 278.156219][T25642] [ 278.165953][T25642] EXT4-fs (loop4): Total free blocks count 0 [ 278.171989][T25642] EXT4-fs (loop4): Free/Dirty block details [ 278.177892][T25642] EXT4-fs (loop4): free_blocks=0 [ 278.182873][T25642] EXT4-fs (loop4): dirty_blocks=0 [ 278.188022][T25642] EXT4-fs (loop4): Block reservation details [ 278.194033][T25642] EXT4-fs (loop4): i_reserved_data_blocks=0 [ 278.219678][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.340594][T25678] loop2: detected capacity change from 0 to 128 [ 278.348299][T25678] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 278.420266][T21530] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 279.128599][T25707] loop8: detected capacity change from 0 to 512 [ 279.129845][T25706] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9251'. [ 279.137325][T25707] EXT4-fs error (device loop8): ext4_iget_extra_inode:5075: inode #15: comm syz.8.9252: corrupted in-inode xattr: invalid ea_ino [ 279.158888][T25707] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.9252: couldn't read orphan inode 15 (err -117) [ 279.172406][T25707] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 279.199294][T14343] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.393971][T25723] sd 0:0:1:0: device reset [ 279.399811][T25725] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=25725 comm=syz.2.9264 [ 279.483880][T25730] netlink: 32 bytes leftover after parsing attributes in process `syz.8.9266'. [ 279.505331][T25734] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 279.513480][T25734] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 279.739200][T25762] netlink: 51 bytes leftover after parsing attributes in process `syz.1.9281'. [ 279.880780][T25776] loop2: detected capacity change from 0 to 512 [ 279.898854][T25776] EXT4-fs: Ignoring removed oldalloc option [ 279.906077][T25776] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 279.931262][T25776] EXT4-fs (loop2): 1 truncate cleaned up [ 279.946968][T25776] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 279.973984][T25782] loop8: detected capacity change from 0 to 1024 [ 279.998391][T25782] EXT4-fs: inline encryption not supported [ 280.004246][T25782] EXT4-fs: Ignoring removed orlov option [ 280.016389][T21530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.023968][T25782] EXT4-fs (loop8): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 280.059647][T25782] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002] [ 280.069587][T25782] System zones: 0-1, 3-12 [ 280.074879][T25790] bridge: RTM_NEWNEIGH with invalid ether address [ 280.077913][T25782] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.082592][T25792] netlink: 51 bytes leftover after parsing attributes in process `syz.5.9293'. [ 280.137412][T25782] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 1 with error 28 [ 280.149708][T25782] EXT4-fs (loop8): This should not happen!! Data will be lost [ 280.149708][T25782] [ 280.159354][T25782] EXT4-fs (loop8): Total free blocks count 0 [ 280.165316][T25782] EXT4-fs (loop8): Free/Dirty block details [ 280.171276][T25782] EXT4-fs (loop8): free_blocks=0 [ 280.176209][T25782] EXT4-fs (loop8): dirty_blocks=0 [ 280.181281][T25782] EXT4-fs (loop8): Block reservation details [ 280.187329][T25782] EXT4-fs (loop8): i_reserved_data_blocks=0 [ 280.203929][T25794] wg2: entered promiscuous mode [ 280.208822][T25794] wg2: entered allmulticast mode [ 280.225357][T25796] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9295'. [ 280.234409][T25796] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9295'. [ 280.265235][T25799] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9298'. [ 280.328417][T14343] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.351440][T25803] netlink: 20 bytes leftover after parsing attributes in process `syz.5.9299'. [ 280.455503][ T29] kauditd_printk_skb: 280 callbacks suppressed [ 280.455516][ T29] audit: type=1400 audit(294.462:13614): avc: denied { write } for pid=25818 comm="syz.5.9306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 280.489242][T25822] netlink: 'syz.2.9307': attribute type 3 has an invalid length. [ 280.559186][T25826] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 280.622501][T25835] loop1: detected capacity change from 0 to 1024 [ 280.646239][ T29] audit: type=1326 audit(294.652:13615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25836 comm="syz.4.9314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 280.669285][ T29] audit: type=1326 audit(294.652:13616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25836 comm="syz.4.9314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 280.692314][ T29] audit: type=1326 audit(294.652:13617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25836 comm="syz.4.9314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 280.698755][T25835] EXT4-fs: inline encryption not supported [ 280.715323][ T29] audit: type=1326 audit(294.652:13618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25836 comm="syz.4.9314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 280.715349][ T29] audit: type=1326 audit(294.652:13619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25836 comm="syz.4.9314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fda2a53df90 code=0x7ffc0000 [ 280.721289][T25835] EXT4-fs: Ignoring removed orlov option [ 280.744096][ T29] audit: type=1326 audit(294.652:13620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25836 comm="syz.4.9314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fda2a53df90 code=0x7ffc0000 [ 280.767818][T25835] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 280.772696][ T29] audit: type=1326 audit(294.652:13621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25836 comm="syz.4.9314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 280.772721][ T29] audit: type=1326 audit(294.652:13623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25836 comm="syz.4.9314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 280.851218][ T29] audit: type=1326 audit(294.652:13624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25836 comm="syz.4.9314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda2a53f749 code=0x7ffc0000 [ 280.884577][T25835] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002] [ 280.895196][T25835] System zones: 0-1, 3-12 [ 280.904461][T25835] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.970932][T25835] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 1 with error 28 [ 280.983418][T25835] EXT4-fs (loop1): This should not happen!! Data will be lost [ 280.983418][T25835] [ 280.993085][T25835] EXT4-fs (loop1): Total free blocks count 0 [ 280.999115][T25835] EXT4-fs (loop1): Free/Dirty block details [ 281.005133][T25835] EXT4-fs (loop1): free_blocks=0 [ 281.010204][T25835] EXT4-fs (loop1): dirty_blocks=0 [ 281.015248][T25835] EXT4-fs (loop1): Block reservation details [ 281.021262][T25835] EXT4-fs (loop1): i_reserved_data_blocks=0 [ 281.051605][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.086663][T25861] loop2: detected capacity change from 0 to 1024 [ 281.105227][T25861] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 281.149065][T25871] loop1: detected capacity change from 0 to 512 [ 281.155631][T25871] EXT4-fs: Ignoring removed oldalloc option [ 281.156362][T21530] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.163336][T25871] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 281.183401][T25871] EXT4-fs (loop1): 1 truncate cleaned up [ 281.189580][T25871] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 281.219163][T25877] netlink: 32 bytes leftover after parsing attributes in process `syz.2.9329'. [ 281.294022][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.335435][T25891] loop1: detected capacity change from 0 to 512 [ 281.354210][T25891] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 281.369724][T25891] EXT4-fs (loop1): mount failed [ 281.397364][T25901] loop2: detected capacity change from 0 to 2048 [ 281.412339][T25904] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=25904 comm=syz.1.9340 [ 281.424879][T25904] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=25904 comm=syz.1.9340 [ 281.477082][T25901] Alternate GPT is invalid, using primary GPT. [ 281.483390][T25901] loop2: p1 p2 p3 [ 281.487216][T25901] loop2: partition table partially beyond EOD, truncated [ 281.523598][T25915] netlink: 76 bytes leftover after parsing attributes in process `syz.4.9345'. [ 281.592607][T25924] loop4: detected capacity change from 0 to 128 [ 281.623598][T25927] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 281.667294][T25932] loop1: detected capacity change from 0 to 128 [ 281.731006][T25934] syz.4.9351: attempt to access beyond end of device [ 281.731006][T25934] loop4: rw=2049, sector=129, nr_sectors = 8 limit=128 [ 281.786469][T25924] syz.4.9351: attempt to access beyond end of device [ 281.786469][T25924] loop4: rw=2049, sector=137, nr_sectors = 1 limit=128 [ 281.800164][T25930] syz.4.9351: attempt to access beyond end of device [ 281.800164][T25930] loop4: rw=2049, sector=137, nr_sectors = 1 limit=128 [ 281.813957][T25930] syz.4.9351: attempt to access beyond end of device [ 281.813957][T25930] loop4: rw=2049, sector=137, nr_sectors = 1 limit=128 [ 281.837855][ T59] kworker/u8:4: attempt to access beyond end of device [ 281.837855][ T59] loop4: rw=1, sector=128, nr_sectors = 1 limit=128 [ 281.851229][ T59] Buffer I/O error on dev loop4, logical block 128, lost async page write [ 282.208964][T25955] syzkaller1: entered promiscuous mode [ 282.214452][T25955] syzkaller1: entered allmulticast mode [ 282.334014][T25976] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 282.392782][T25980] loop4: detected capacity change from 0 to 256 [ 282.478117][T25992] syzkaller1: entered promiscuous mode [ 282.483643][T25992] syzkaller1: entered allmulticast mode [ 282.631159][T25999] 8021q: adding VLAN 0 to HW filter on device $Hÿ [ 282.641910][T25999] batman_adv: batadv0: Interface activated: dummy0 [ 282.648480][T25999] batadv0: mtu less than device minimum [ 282.654504][T25999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 282.657794][T26010] loop5: detected capacity change from 0 to 256 [ 282.665152][T25999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 282.681925][T25999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 282.692565][T25999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 282.703241][T25999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 282.713987][T25999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 282.724688][T25999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 282.735447][T25999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 282.746161][T25999] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 282.762838][T26017] loop8: detected capacity change from 0 to 512 [ 282.816919][T26017] EXT4-fs warning (device loop8): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 282.849442][T26017] EXT4-fs (loop8): mount failed [ 283.001584][T26039] syzkaller1: entered promiscuous mode [ 283.007185][T26039] syzkaller1: entered allmulticast mode [ 283.195485][T26048] loop5: detected capacity change from 0 to 2048 [ 283.239494][T26046] loop4: detected capacity change from 0 to 2048 [ 283.259357][T26048] Alternate GPT is invalid, using primary GPT. [ 283.265679][T26048] loop5: p1 p2 p3 [ 283.269384][T26048] loop5: partition table partially beyond EOD, truncated [ 283.328090][T26046] Alternate GPT is invalid, using primary GPT. [ 283.334474][T26046] loop4: p2 p3 p7 [ 283.338684][T26058] ref_ctr_offset mismatch. inode: 0x288 offset: 0x0 ref_ctr_offset(old): 0x24 ref_ctr_offset(new): 0x0 [ 283.383641][T26062] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 283.473390][T26073] netlink: 'syz.2.9411': attribute type 29 has an invalid length. [ 283.483994][T26073] netlink: 'syz.2.9411': attribute type 29 has an invalid length. [ 283.523579][T26077] loop4: detected capacity change from 0 to 1024 [ 283.536224][T26077] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 283.561707][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.135278][T26091] loop8: detected capacity change from 0 to 2048 [ 284.260498][T26091] Alternate GPT is invalid, using primary GPT. [ 284.266788][T26091] loop8: p1 p2 p3 [ 284.270506][T26091] loop8: partition table partially beyond EOD, truncated [ 285.304141][T26151] loop8: detected capacity change from 0 to 2048 [ 285.315257][T26151] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 285.339816][T26151] EXT4-fs: Ignoring removed orlov option [ 285.354930][T26151] EXT4-fs (loop8): stripe (18) is not aligned with cluster size (16), stripe is disabled [ 285.376243][ T36] hid_parser_main: 22 callbacks suppressed [ 285.376338][ T36] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 285.389609][ T36] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 285.397125][ T36] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 285.415151][T26151] EXT4-fs (loop8): can't enable nombcache during remount [ 285.422337][ T36] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 285.429902][ T36] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 285.437477][ T36] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 285.445088][ T36] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 285.452459][ T36] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 285.459995][ T36] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 285.467419][ T36] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 285.478268][ T36] hid-generic 0000:0000:0000.0016: hidraw0: HID v8.00 Device [syz0] on syz0 [ 285.552145][ T29] kauditd_printk_skb: 64 callbacks suppressed [ 285.552161][ T29] audit: type=1400 audit(299.565:13686): avc: denied { setopt } for pid=26173 comm="syz.4.9451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 285.683370][T26188] loop5: detected capacity change from 0 to 2048 [ 285.709323][T26190] __nla_validate_parse: 8 callbacks suppressed [ 285.709408][T26190] netlink: 28 bytes leftover after parsing attributes in process `+}[@'. [ 285.724071][T26190] netlink: 32 bytes leftover after parsing attributes in process `+}[@'. [ 285.732583][T26190] netlink: 28 bytes leftover after parsing attributes in process `+}[@'. [ 285.766359][T26194] blktrace: Concurrent blktraces are not allowed on loop3 [ 285.774039][T26190] netlink: 32 bytes leftover after parsing attributes in process `+}[@'. [ 285.807298][T26188] Alternate GPT is invalid, using primary GPT. [ 285.813762][T26188] loop5: p2 p3 p7 [ 285.896667][ T29] audit: type=1326 audit(299.915:13687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26206 comm="syz.1.9464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5f86f749 code=0x7ffc0000 [ 285.919721][ T29] audit: type=1326 audit(299.915:13688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26206 comm="syz.1.9464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f2a5f86f749 code=0x7ffc0000 [ 285.945299][ T29] audit: type=1326 audit(299.915:13689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26206 comm="syz.1.9464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5f86f749 code=0x7ffc0000 [ 285.968341][ T29] audit: type=1326 audit(299.915:13690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26206 comm="syz.1.9464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f2a5f86f749 code=0x7ffc0000 [ 285.991204][ T29] audit: type=1326 audit(299.915:13691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26206 comm="syz.1.9464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5f86f749 code=0x7ffc0000 [ 286.014188][ T29] audit: type=1326 audit(299.915:13692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26206 comm="syz.1.9464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2a5f86f749 code=0x7ffc0000 [ 286.037166][ T29] audit: type=1326 audit(299.915:13693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26206 comm="syz.1.9464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5f86f749 code=0x7ffc0000 [ 286.060192][ T29] audit: type=1326 audit(299.935:13694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26206 comm="syz.1.9464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5f86f749 code=0x7ffc0000 [ 286.092293][T14343] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 286.186336][ T29] audit: type=1400 audit(300.205:13695): avc: denied { sqpoll } for pid=26221 comm="syz.1.9470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 286.367141][T26242] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 8 [ 286.393556][T26245] netlink: 96 bytes leftover after parsing attributes in process `syz.1.9481'. [ 286.529905][T26272] wg2: entered promiscuous mode [ 286.534814][T26272] wg2: entered allmulticast mode [ 286.646135][T26288] loop8: detected capacity change from 0 to 2048 [ 286.716876][T26288] Alternate GPT is invalid, using primary GPT. [ 286.723646][T26288] loop8: p2 p3 p7 [ 286.923520][T26316] loop8: detected capacity change from 0 to 128 [ 287.076758][T26330] syz.8.9510: attempt to access beyond end of device [ 287.076758][T26330] loop8: rw=2049, sector=129, nr_sectors = 8 limit=128 [ 287.198050][T26316] syz.8.9510: attempt to access beyond end of device [ 287.198050][T26316] loop8: rw=2049, sector=137, nr_sectors = 1 limit=128 [ 287.211701][T26322] syz.8.9510: attempt to access beyond end of device [ 287.211701][T26322] loop8: rw=2049, sector=137, nr_sectors = 1 limit=128 [ 287.225449][T26322] syz.8.9510: attempt to access beyond end of device [ 287.225449][T26322] loop8: rw=2049, sector=137, nr_sectors = 1 limit=128 [ 287.290545][ T1708] kworker/u8:8: attempt to access beyond end of device [ 287.290545][ T1708] loop8: rw=1, sector=128, nr_sectors = 1 limit=128 [ 287.303884][ T1708] Buffer I/O error on dev loop8, logical block 128, lost async page write [ 287.408855][T26366] loop5: detected capacity change from 0 to 128 [ 287.416072][T26366] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 287.429708][T26366] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 287.462362][T13469] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 287.582793][T26384] loop1: detected capacity change from 0 to 256 [ 287.613437][T26384] FAT-fs (loop1): bogus number of FAT sectors [ 287.619522][T26384] FAT-fs (loop1): Can't find a valid FAT filesystem [ 287.733347][T26397] xt_hashlimit: max too large, truncated to 1048576 [ 287.871885][T26401] loop1: detected capacity change from 0 to 128 [ 287.887187][T26401] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 287.912784][T26401] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 287.951849][ T59] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 287.986691][T26403] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9560'. [ 288.251597][T26422] loop1: detected capacity change from 0 to 1024 [ 288.258509][T26422] EXT4-fs: Ignoring removed orlov option [ 288.269800][T26422] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 288.419352][T26432] loop2: detected capacity change from 0 to 2048 [ 288.504387][T26432] Alternate GPT is invalid, using primary GPT. [ 288.510730][T26432] loop2: p2 p3 p7 [ 288.629899][T26421] net_ratelimit: 14 callbacks suppressed [ 288.629915][T26421] Set syz1 is full, maxelem 65536 reached [ 288.661872][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.821973][T26441] loop2: detected capacity change from 0 to 2048 [ 288.850276][T26441] EXT4-fs: Ignoring removed bh option [ 288.878504][T26450] tipc: Enabling of bearer <&b:v> rejected, media not registered [ 288.917267][T26441] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 288.932709][T26441] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 17 with error 28 [ 288.944988][T26441] EXT4-fs (loop2): This should not happen!! Data will be lost [ 288.944988][T26441] [ 288.954700][T26441] EXT4-fs (loop2): Total free blocks count 0 [ 288.960667][T26441] EXT4-fs (loop2): Free/Dirty block details [ 288.966606][T26441] EXT4-fs (loop2): free_blocks=2415919104 [ 288.972368][T26441] EXT4-fs (loop2): dirty_blocks=32 [ 288.977487][T26441] EXT4-fs (loop2): Block reservation details [ 288.983470][T26441] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 289.003347][T26465] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9573'. [ 289.035059][T26465] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9573'. [ 289.238333][T26488] loop5: detected capacity change from 0 to 512 [ 289.238728][T26489] netlink: 96 bytes leftover after parsing attributes in process `syz.4.9584'. [ 289.292799][T26488] ext4: Unknown parameter 'euid' [ 289.402724][T26495] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 289.685948][T26503] loop1: detected capacity change from 0 to 128 [ 289.902775][T26515] ================================================================== [ 289.908329][T26520] syz.1.9591: attempt to access beyond end of device [ 289.908329][T26520] loop1: rw=2049, sector=129, nr_sectors = 8 limit=128 [ 289.910862][T26515] BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked [ 289.931536][T26515] [ 289.933849][T26515] read-write to 0xffff8881195b3470 of 8 bytes by interrupt on cpu 1: [ 289.941897][T26515] __xa_clear_mark+0xf5/0x1e0 [ 289.946570][T26515] __folio_end_writeback+0xf7/0x3b0 [ 289.951761][T26515] folio_end_writeback_no_dropbehind+0x6d/0x1b0 [ 289.957998][T26515] folio_end_writeback+0x1c/0x70 [ 289.962924][T26515] end_buffer_async_write+0x156/0x1f0 [ 289.968282][T26515] end_bio_bh_io_sync+0x79/0xa0 [ 289.973165][T26515] bio_endio+0x37e/0x420 [ 289.977398][T26515] blk_update_request+0x336/0x730 [ 289.982411][T26515] blk_mq_end_request+0x26/0x50 [ 289.987252][T26515] lo_complete_rq+0x98/0x140 [ 289.991832][T26515] blk_done_softirq+0x77/0xb0 [ 289.996492][T26515] handle_softirqs+0xba/0x290 [ 290.001161][T26515] run_ksoftirqd+0x1c/0x30 [ 290.005563][T26515] smpboot_thread_fn+0x32b/0x530 [ 290.010481][T26515] kthread+0x489/0x510 [ 290.014532][T26515] ret_from_fork+0x122/0x1b0 [ 290.019108][T26515] ret_from_fork_asm+0x1a/0x30 [ 290.023855][T26515] [ 290.026163][T26515] read to 0xffff8881195b3470 of 8 bytes by task 26515 on cpu 0: [ 290.033773][T26515] xas_find_marked+0x218/0x620 [ 290.038519][T26515] find_get_entry+0x5d/0x380 [ 290.043100][T26515] filemap_get_folios_tag+0x13b/0x210 [ 290.048461][T26515] file_write_and_wait_range+0x1ea/0x2c0 [ 290.054080][T26515] __generic_file_fsync+0x46/0x140 [ 290.059174][T26515] fat_file_fsync+0x49/0x100 [ 290.063747][T26515] vfs_fsync_range+0x10d/0x130 [ 290.068497][T26515] generic_file_write_iter+0x1b8/0x2f0 [ 290.073938][T26515] iter_file_splice_write+0x666/0xa60 [ 290.079297][T26515] direct_splice_actor+0x156/0x2a0 [ 290.084391][T26515] splice_direct_to_actor+0x312/0x680 [ 290.089747][T26515] do_splice_direct+0xda/0x150 [ 290.094491][T26515] do_sendfile+0x380/0x650 [ 290.098921][T26515] __x64_sys_sendfile64+0x105/0x150 [ 290.104108][T26515] x64_sys_call+0x2bb4/0x3000 [ 290.108785][T26515] do_syscall_64+0xd2/0x200 [ 290.113273][T26515] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.119151][T26515] [ 290.121450][T26515] value changed: 0x0000000000000003 -> 0x0000000000000000 [ 290.128533][T26515] [ 290.130835][T26515] Reported by Kernel Concurrency Sanitizer on: [ 290.136974][T26515] CPU: 0 UID: 0 PID: 26515 Comm: syz.1.9591 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 290.148330][T26515] Tainted: [W]=WARN [ 290.152114][T26515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 290.162160][T26515] ================================================================== [ 290.237796][T26529] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 290.279972][T26529] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9596'. [ 290.304473][T26515] syz.1.9591: attempt to access beyond end of device [ 290.304473][T26515] loop1: rw=2049, sector=137, nr_sectors = 1 limit=128 [ 290.318339][T26503] syz.1.9591: attempt to access beyond end of device [ 290.318339][T26503] loop1: rw=2049, sector=137, nr_sectors = 1 limit=128 [ 290.343617][T26515] syz.1.9591: attempt to access beyond end of device [ 290.343617][T26515] loop1: rw=2049, sector=137, nr_sectors = 1 limit=128 [ 290.406902][T13459] kworker/u8:20: attempt to access beyond end of device [ 290.406902][T13459] loop1: rw=1, sector=128, nr_sectors = 1 limit=128 [ 290.420307][T13459] Buffer I/O error on dev loop1, logical block 128, lost async page write