last executing test programs: 13.803362219s ago: executing program 3 (id=1085): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r0, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_buf(r1, 0x0, 0x29, &(0x7f0000000000)="9d0caf7376dc9a7060b5c8b811344652", 0x10) 13.803186869s ago: executing program 3 (id=1086): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) 13.803045179s ago: executing program 3 (id=1087): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) rt_sigpending(0x0, 0x0) 13.794875219s ago: executing program 3 (id=1088): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080), 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}]}) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8}) umount2(&(0x7f0000000000)='./file0\x00', 0x3) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 13.480229415s ago: executing program 3 (id=1089): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) socket$packet(0x11, 0xa, 0x300) sendto$packet(r0, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) syz_emit_ethernet(0x82, &(0x7f00000000c0)={@local, @empty, @val, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "5f1060", 0x44, 0x2f, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x8100}, {0x0, 0x0, 0x0, 0x0, 0x100}, {}, {0x8, 0x88be, 0x86ddffff}, {0x8, 0x22eb, 0x0, {{}, 0x2, {0x0, 0x4}}}}}}}}}, 0x0) 13.215905377s ago: executing program 3 (id=1092): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x6}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4) sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000) 13.215813997s ago: executing program 32 (id=1092): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x6}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4) sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000) 3.405806126s ago: executing program 0 (id=1269): syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2800000, 0x0, 0x0, 0x0, &(0x7f00000003c0)) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, &(0x7f0000000240)='nolazytime') 3.395084087s ago: executing program 0 (id=1270): r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x17ef, 0x6047, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc}}}}}]}}]}}, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f0000000080)={0x20, 0x4, 0x5, {0x5, 0xa, "a7ea31"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 818.015054ms ago: executing program 2 (id=1327): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r0}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 807.316075ms ago: executing program 1 (id=1338): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000140)=@md0, 0x0, &(0x7f0000000100)='./file0\x00') 794.427056ms ago: executing program 2 (id=1329): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) sendmsg$inet(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0) sendmsg$tipc(r1, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0) recvmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0) 749.77159ms ago: executing program 2 (id=1330): socket$key(0xf, 0x3, 0x2) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d10bfe150a7487535f7866907dc6751dfb261a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a7f9105f82317874b33d96b39fa4e045469989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1623ed38ae89d24e14b40234756ddcebfba2f87925bfacba83109753f543ad027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70900000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbf83a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d6209000000c773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed208ada12f7a1525320e71666f472a972d5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff080000ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500000000000000000000000000000000000000002fdf0193ec79c90ed210ebc2fbed6d4216770c1b0dec886b388d138c2b69c6aacb714e7264093061c660a5100b7cc165889eb94c8d7c77b6fa06f1a4d8e4a6b6cb37e319c5c22f276b03cae853f42b07ca0b03b1eb32a6b1a81cd511fd0b59d57a11c6a3ebf9731464ad21f07f618efc31023ac60007426162b57e803519954d7c952197b0a508c0e16fda392fa84be38e937d36af1c35138e05a9e8d6dc0272de72c41500000000304402e22af23437126f330f8eb4075daaeae3134ece35cd86d95bd9836bd186c4b6565e967a4e3e86f299b7400994ba136b4eccf3b0f001a266c0d160b3ce1182001d64b52a5ce7f506295d59eea6903b84ffbabf5a5b91c1d6ecce8728a224aec66c610e3becd60a35e848c224f8251947eed20e2b612cb099bfe8924d33ba7f0691fed04a43e9c64b7a1e3165e86cdb9871c678a6bbb14821f441c6c14d1bd78d8ffdfea12c19ea04264335d60b6b7a7da6fb83f33101db32f6ab137d943dd3c1e8db9f3e1263573dc721ae82fe0bc63598751a5092c9f7dbfc39d564834e3703492c2a651643d8ce5c36d97a4812cf73fc8ea0d6"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0xb) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=@newsa={0x104, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2, 0x0, 0x10000000}, {0x0, 0x200000, 0x7}, {0x40000, 0xfffffffd, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0) 724.030932ms ago: executing program 1 (id=1332): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) io_setup(0x2007, &(0x7f0000000200)=0x0) r2 = eventfd2(0x0, 0x1) io_submit(r1, 0x2, &(0x7f0000000280)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r2}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f00000001c0)="5f18ab32505b5506", 0x8}]) shutdown(r0, 0x0) 703.973323ms ago: executing program 2 (id=1334): syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3f7, &(0x7f00000004c0)="$eJzs281rXFUbAPDn3nyUt2nfxFq/2qrTBjGgJk2iQsBNRUVBcKE7FxKaaSlOmtKM2BYXKoKr4saVrlzpH+DGhSDuXQmudC+FIMW1jNyZe5txMhMzyYyjvb8fTHLO3DOc88yZZ+bcc2cCKK1K9ieJOBIRP0fEdKv61waV1r/fb793Prsl0Wi8/lvSbJfVi6bF46byylwakX6UxMku/W5ev/H2aq1WvZrXF+rrVxY2r9946tL66sXqxerl5ZVnzi4trzy7sjywWG/ePvXTxuev/fHJmV+mnr/51gvZeI/kx9rjGJRKVKKR6zz22KA7G7GjbeVkfIQDoS9jEZFN10Qz/6djLLYnbzpe/HCkgwOGKvtsOtT78PsN4C6WxKhHAIxG8UFfnNsP4zz432zrXOsEaGf845HmbSY6zm8HKTvbuvbmx99mtxjSPgQAQLvvsvXPk93WP2nc39bu//m1oZmIuCcijkXEvRFxPCLui2i2fSAiHuyz/0pHfef6J721r8D2KFv/Pdd1/Vus/mJmLK8dbcY/kVy4VKuezZ+TuZg4lNUXd+njx1e++rLXsUrb+i+7Zf0Xa8F8HLfGOzbo1lbrqweJud3WBxEnuq5/kztXApKIeCgiTuyzj2/ONT7rdezv4x+uxhcRj3ed/+2roMnu1ycXmq+HheJVsdOpd6+s9ep/1PFn83949/hnkvbrtZv99/H1zOmtXsf2+/qfTN5olifz+66t1utXFyMmk1d33r+0/diiXrTP4p+b7Z7/x2L7mTiZzWNEPBwRj0TEo/nYT0fEmYiY3SX+l2Zfru4//uHK4l/ra/77L6wvff9Dr/73Nv9PN0tz+T17ef/b6wAP8twBAADAf0Xa/A58ks7fKafp/HzrO/zH43Ba29isP3Fh453La63vys/ERFrsdE237Ycu5nvDRX2po76c7xt/Ova/Zn3+/Eat56YY8I+Y6pH/mV/HRj06YOj8XgvKS/5Decl/KC/5D+Ul/6G85D+Ul/yH8pL/UF7yH8pL/kMpHeR3/QoKCndrYdTvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIPxZwAAAP//jYTnFQ==") r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x14, 0x0, 0x4, 0x70bd29}, 0x14}}, 0x40000) syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r0) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000580)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000eeff12"], 0x30}}, 0x0) 573.783844ms ago: executing program 4 (id=1340): r0 = gettid() timer_create(0x1, &(0x7f0000000800)={0x0, 0x14, 0x4, @tid=r0}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x6) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000800)=ANY=[@ANYBLOB="01000000000100009a000040"]) 573.279094ms ago: executing program 1 (id=1341): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000080)={[{@errors_remount}, {@mblk_io_submit}, {@inlinecrypt}, {@test_dummy_encryption_v1}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) 531.980497ms ago: executing program 2 (id=1342): mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) renameat2(r0, &(0x7f0000000140)='./file0\x00', r0, &(0x7f0000000200)='./bus/file0\x00', 0x0) 408.019807ms ago: executing program 4 (id=1344): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000027c0)=@base={0x12, 0x4, 0x4, 0x10001, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1700}, 0x50) 407.851397ms ago: executing program 5 (id=1345): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000001c0)={0x1ff, 0x1, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0x4b564d03, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 407.745857ms ago: executing program 2 (id=1346): r0 = syz_open_procfs(0x0, &(0x7f0000000300)='oom_adj\x00') r1 = timerfd_create(0x0, 0x0) creat(&(0x7f00000001c0)='./file0\x00', 0x8) mount$9p_fd(0x0, &(0x7f0000000700)='./file0\x00', &(0x7f0000000740), 0x400, &(0x7f0000000a00)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) timerfd_settime(r1, 0x3, &(0x7f0000000380)={{0x0, 0x989680}}, 0x0) clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x100000000000, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x1000, 0x8, 0x2, 0x3, 0x0, 0x3}) 374.69359ms ago: executing program 1 (id=1347): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10002, 0x9, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 369.02439ms ago: executing program 0 (id=1348): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000004, 0x28011, r2, 0x0) quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000800)=@rnullb, 0x0, 0x0) 262.842009ms ago: executing program 5 (id=1349): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) 262.563719ms ago: executing program 4 (id=1350): bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10) syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) 262.441059ms ago: executing program 0 (id=1351): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) rt_sigpending(0x0, 0x0) 262.272529ms ago: executing program 1 (id=1352): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x2c, r3, 0x301, 0x0, 0x25dfdbfb, {0x1c}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}]}]}, 0x2c}}, 0x40006) 246.03859ms ago: executing program 5 (id=1353): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f0000000200)={0xa8, 0x0, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x2710, 0x1, 0x8080000, 0x1000, &(0x7f0000ff5000/0x1000)=nil}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000140)={0x2710, 0x0, &(0x7f0000ffe000/0x1000)=nil}) 244.956281ms ago: executing program 0 (id=1354): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='hrtimer_start\x00', r0}, 0x18) timer_create(0x0, 0x0, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) 198.506964ms ago: executing program 4 (id=1355): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r2, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 177.099785ms ago: executing program 4 (id=1356): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x18) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000007b00000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='netlink_extack\x00', r1}, 0x18) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x14, 0x15, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x0) 172.776076ms ago: executing program 5 (id=1357): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) r1 = inotify_init() inotify_add_watch(r1, &(0x7f0000000000)='./file1\x00', 0x7a8) write$binfmt_elf64(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c460d04000c028000000000000003003e00ecffffff940200000000000040000000000000004d020000000000000000000000003800010001017f000800030000006400000005000000000000000a000000000000000101000000000000a1"], 0x78) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) 153.576748ms ago: executing program 5 (id=1358): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)=r1}, 0x20) mkdir(&(0x7f00000004c0)='./bus\x00', 0x81) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 153.041428ms ago: executing program 1 (id=1368): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) syz_clone3(&(0x7f0000000680)={0x40004000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) 142.559919ms ago: executing program 0 (id=1359): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000480)={[{@max_batch_time={'max_batch_time', 0x3d, 0x55e}}, {@delalloc}, {@abort}, {@nodelalloc}]}, 0x3, 0x57e, &(0x7f0000001280)="$eJzs3V1rHFUYAOB3Nh/91KZQiopIoBdWajdN4kcFwXopWizofV2SbajZdEt2U5pYaHthb7yRIohYEH+A914W/4C/oqCFIiXohTeR2cw202Q3n6tJneeBbc+Zmc2Zs2fes+/M7LIBFNZw+k8p4sW4FV8nEUdy6/ojWzm8vN3i4xsT6SOJpaVP/kgiyZa1t0+y/w9llRci4pcvI06V1rbbmF+YrtRq1dmsPtKcuTrSmF84fXmmMlWdql4ZGx8/++b42Dtvv9Wzvr524a/vPr7/wdmvTix++9PDo3eTOBeHs3X5fuzArXxlOIaz12Qgzq3acLQHje0lyW7vANvSl8X5QKRzwJHoy6Ie+P+7GRFLQEEl4h8Kqp0HtM/te3Qe/Mx49P7yCVC774NP+t+/fG0k9rfOjQ4uJk+dGaXnu0M9aD9t4+ff791NH7HBdYibPWgPoO3W7Yg409+/dv5Psvlv+85ElDpeF8xdD17dRtHef2A33U/zn9c75X+lJ/lPdMh/DnWI3e3YOP5LD3vQTFdp/vdux/z3ySQ11JfVnmvlfAPJpcu16pmIeD4iTsbAvrS+3v2cs4sPlrqty+d/6SNtv50LZvvxsH/f08+ZrDQrO+lz3qPbES+t5L9JrJn/97dy3dXjn74eFzbZxvHqvVe6rdu4/3m9z4CXfox4teP4r7xzJevfnxxpHQ8j7aNirT/vHP+1W/tb63/vpeN/cP3+DyX5+7WNrbfxw/6/q93Wbff4H0w+bZUHs2XXK83m7GjEYPLR2uVjK89t19vbp/0/eWL9+a/T8X8gIj7bZP/vHLvTddO9MP6TWxr/rRcefPjF993a39z4v9EqncyWbGb+2+wO7uS1AwAAAAAAgL2mFBGHIymVI+J2q1wqlcvLn+84FgdLtXqjeepSfe7KZLS+KzsUA6X2ne4juc9DjGafh23Xx1bVxyPiaER803egVS9P1GuTu915AAAAAAAAAAAAAAAAAAAA2CMO5b7/X8p9/z/1W99u7x3wr/OT31BcG8Z/L37pCdiTvP9DcXWJf9MCFIBAh+IS/1Bc4h+KS/xDcYl/KC7xDwAAAAAAAAAAAAAAAAAAAAAAAAAAAD114fz59LG0+PjGRFqfvDY/N12/dnqy2pguz8xNlCfqs1fLU/X6VK1anqjPbPT3avX61dGxmLs+0qw2miON+YWLM/W5K82Ll2cqU9WL1YH/pFcAAAAAAAAAAAAAAAAAAADwbGnML0xXarXqrELXwnux27vx+cs7eXrSeZSTXAeXbauJ/r0yTAo9LezyxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOf8EAAD//25+Mxc=") rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00') 131.968589ms ago: executing program 4 (id=1360): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000340)="0f017a0066b9800000c00f326635001000000f300f564100f30fc7b400480f0866b9800000c00f326635000800000f306635100000000f22c066b9400101c00f320f798a0000f30f300f2a830000", 0x4e}], 0x1, 0x12, 0x0, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000000)={0x1, 0x0, [{0x80000001, 0x9, 0x4, 0xb, 0xe}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 5 (id=1361): ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x1010040, &(0x7f00000003c0)={[{@noquota}, {@debug}, {@jqfmt_vfsv0}, {@noauto_da_alloc}, {@resgid}]}, 0x3, 0x4eb, &(0x7f0000001fc0)="$eJzs3d9rW20dAPDvSX9u62ynXsyBc+ikG7ikXd1WvJgVRK8Gznlfa5uW0rQpbbqtZUiHf4Ag/kKvvPJG8FoE2Z8gwkDvRUQZus0LL973zUuSk3ddlrYpa5q2+Xzg6XnOj57v90k4T/LkHM4JoGtdiYipiOiJiOsRMZwuz6Qltmulst2rl09mKyWJcvnBf5JI0mX1fSXp9Fz6b4MR8d1vR/wgeTfu+ubW0kyhkF9L53Ol5dXc+ubWjcXlmYX8Qn5lamL89uSdyVuTY4fW1rvf/OfPf/zbb93901ce/X3639d+WElrKF23sx2t2G5xu1rT+6qvRV1vRKwdJNgx1pO2p6/TiQAA0JLKd/xPR8QXI+L1rzqdDQAAANAO5a8PxQdJRBkAAAA4tTLVa2CTTDa9FmAoMplstnYN72fjbKbQHxHzxY2Vudq1siPRl5lfLOTH0muFR6IvqcyPV+tv5m82zE9ExIWI+Onwmep8drZYmOv0jx8AAADQJc41jP//N1wb/wMAAACnzMgBtm1yLy8AAADgBDjI+B8AAAA4mXYd/ye9R5sIAAAA0A7fuXevUsr151/PPdzcWCo+vDGXX1/KLm/MZmeLa6vZhWJxoXrPvuX99lcoFle/Gisbj3Ol/Hopt765Nb1c3FgpTVef6z2d95xoAAAAOHoXvvDsb0lEbH/tTLVU9KfrWhirT7U3O6CdMgfb3N0/4BTp6XQCQMc0XODb36k8gKPnfDywz8D+Zw3zB/zZAAAAOA5GP/de5/+dD4QTzEAeupfz/9C93OALupfz/9DlBvbfZHC3FX8+5FwAAIC2GaqWJJNNzwUORSaTzUacrz4WoC+ZXyzkxyLiUxHx1+G+gcr8eKeTBgAAAAAAAAAAAAAAAAAAAAAAAIATplxOogwAAACcahGZfyXpg/xHh68ONf4+0J/8f7g6jYhHv37wi8czpdLaeGX5fz9ZXvpluvxmfQkAAADQSfVxen0cDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH6dXLJ7P1cpRxX3wjIkaaxe+Nwep08A/DEXH2dRK9O/4viYieQ4i//TQiLr4dvyeNMFJNrZZFY/xMRJxpU/xoMf65Q4gP3exZpf+Zqhx/fQ3HXyauVKfNj7/etLyvF1d26/8y9f6v2s816//O773rwXrl0vPf53aN/zTiUm/z/qceP3nP/vf739va2m1d+TcRo/t8/lRi5UrLq7n1za0bi8szC/mF/MrExPjtyTuTtybHcvOLhXz6t2mMn3z+jx/t1f6zTePX+t+92n/13d0NNIvx4fPHLz+zR/xrX2r+/l/cI37ltf9y+jlQWT9ar2/X6jtd/t1fLu/V/rld2r/f+39tt502uH7/R/9ocVMA4Aisb24tzRQK+bWTUYmofSs/Lvl0tnI+jkUaKq1VhtJjbseqnrYHvf9u0NYqneuTAACA9njzpb/TmQAAAAAAAAAAAAAAAAAAAED3avudzwbevrPAYOeaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwp48DAAD//85EyV0=") bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000004000000000000008100d00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10) listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x26) kernel console output (not intermixed with test programs): ller syzkaller login: [ 7.533119][ T109] udevd (109) used greatest stack depth: 22912 bytes left [ 18.826652][ T30] kauditd_printk_skb: 48 callbacks suppressed [ 18.826665][ T30] audit: type=1400 audit(1756460254.874:59): avc: denied { transition } for pid=265 comm="sshd-session" path="/bin/sh" dev="sda1" ino=90 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 18.831791][ T30] audit: type=1400 audit(1756460254.874:60): avc: denied { noatsecure } for pid=265 comm="sshd-session" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 18.834695][ T30] audit: type=1400 audit(1756460254.874:61): avc: denied { write } for pid=265 comm="sh" path="pipe:[14909]" dev="pipefs" ino=14909 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 18.838032][ T30] audit: type=1400 audit(1756460254.874:62): avc: denied { rlimitinh } for pid=265 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 18.841194][ T30] audit: type=1400 audit(1756460254.874:63): avc: denied { siginh } for pid=265 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.0.233' (ED25519) to the list of known hosts. [ 25.355389][ T30] audit: type=1400 audit(1756460261.404:64): avc: denied { mounton } for pid=273 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 25.356476][ T273] cgroup: Unknown subsys name 'net' [ 25.378114][ T30] audit: type=1400 audit(1756460261.404:65): avc: denied { mount } for pid=273 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 25.405673][ T30] audit: type=1400 audit(1756460261.434:66): avc: denied { unmount } for pid=273 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 25.405843][ T273] cgroup: Unknown subsys name 'devices' [ 25.583389][ T273] cgroup: Unknown subsys name 'hugetlb' [ 25.589007][ T273] cgroup: Unknown subsys name 'rlimit' [ 25.755479][ T30] audit: type=1400 audit(1756460261.804:67): avc: denied { setattr } for pid=273 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 25.778681][ T30] audit: type=1400 audit(1756460261.804:68): avc: denied { mounton } for pid=273 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 25.803479][ T30] audit: type=1400 audit(1756460261.804:69): avc: denied { mount } for pid=273 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 25.809037][ T275] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 25.835519][ T30] audit: type=1400 audit(1756460261.884:70): avc: denied { relabelto } for pid=275 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 25.861046][ T30] audit: type=1400 audit(1756460261.884:71): avc: denied { write } for pid=275 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 25.891801][ T30] audit: type=1400 audit(1756460261.944:72): avc: denied { read } for pid=273 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 25.892251][ T273] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 25.917279][ T30] audit: type=1400 audit(1756460261.944:73): avc: denied { open } for pid=273 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 26.362341][ T281] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.369396][ T281] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.377165][ T281] device bridge_slave_0 entered promiscuous mode [ 26.385095][ T281] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.392149][ T281] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.399536][ T281] device bridge_slave_1 entered promiscuous mode [ 26.464760][ T282] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.471849][ T282] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.479400][ T282] device bridge_slave_0 entered promiscuous mode [ 26.508804][ T282] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.515966][ T282] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.523447][ T282] device bridge_slave_1 entered promiscuous mode [ 26.551938][ T285] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.558990][ T285] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.566392][ T285] device bridge_slave_0 entered promiscuous mode [ 26.580825][ T285] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.588290][ T285] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.595655][ T285] device bridge_slave_1 entered promiscuous mode [ 26.642719][ T283] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.649855][ T283] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.657352][ T283] device bridge_slave_0 entered promiscuous mode [ 26.674416][ T283] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.681550][ T283] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.688996][ T283] device bridge_slave_1 entered promiscuous mode [ 26.720250][ T286] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.727354][ T286] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.734878][ T286] device bridge_slave_0 entered promiscuous mode [ 26.755377][ T286] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.762434][ T286] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.769913][ T286] device bridge_slave_1 entered promiscuous mode [ 26.776780][ T281] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.783849][ T281] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.791082][ T281] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.798108][ T281] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.891005][ T285] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.898082][ T285] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.905363][ T285] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.912397][ T285] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.935589][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 26.944030][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.951656][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.958794][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.967829][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 26.975433][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 26.998116][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.006307][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.013528][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.021137][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 27.029467][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 27.045820][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 27.065914][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 27.093100][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 27.100888][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.109561][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.116598][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.124240][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.132523][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.139549][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.147020][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.155221][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.162267][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.169700][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 27.186798][ T281] device veth0_vlan entered promiscuous mode [ 27.195687][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 27.203822][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 27.211216][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 27.219608][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 27.227795][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.236168][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.243241][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.250774][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 27.259155][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.267448][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.274478][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.281912][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 27.289845][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 27.315765][ T283] device veth0_vlan entered promiscuous mode [ 27.322912][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 27.331796][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 27.340073][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 27.348288][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 27.356254][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 27.363931][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.372307][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.379334][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.386794][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 27.394713][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 27.408813][ T281] device veth1_macvtap entered promiscuous mode [ 27.418239][ T285] device veth0_vlan entered promiscuous mode [ 27.429900][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 27.438081][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 27.446417][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 27.454075][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 27.462384][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 27.472377][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 27.479886][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 27.487406][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 27.495600][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 27.503689][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 27.511831][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 27.525853][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 27.533365][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 27.544923][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 27.553564][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 27.569681][ T285] device veth1_macvtap entered promiscuous mode [ 27.576621][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 27.584915][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 27.593683][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 27.601976][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 27.610190][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 27.618670][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.627000][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.634024][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.641521][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 27.649700][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 27.658088][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 27.665696][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 27.673876][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 27.682096][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 27.690105][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 27.698468][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.706768][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.713811][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.721949][ T283] device veth1_macvtap entered promiscuous mode [ 27.734933][ T282] device veth0_vlan entered promiscuous mode [ 27.749593][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 27.757510][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 27.765470][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 27.774277][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 27.782577][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 27.790822][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 27.799273][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 27.807591][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 27.815907][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 27.824440][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 27.832661][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 27.840886][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 27.849040][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 27.857827][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 27.866240][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 27.874282][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 27.881779][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 27.901074][ T283] request_module fs-gadgetfs succeeded, but still no fs? [ 27.921139][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 27.936964][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 27.945627][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 27.954027][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 27.962431][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 27.969940][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 27.981220][ T286] device veth0_vlan entered promiscuous mode [ 27.993190][ T282] device veth1_macvtap entered promiscuous mode [ 28.000907][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 28.017890][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 28.026854][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 28.061129][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 28.070088][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 28.078721][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 28.088297][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 28.097333][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 28.107292][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 28.117657][ T286] device veth1_macvtap entered promiscuous mode [ 28.148749][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 28.156938][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 28.175318][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 28.196491][ T343] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2'. [ 28.212886][ T343] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 28.220131][ T343] IPv6: NLM_F_CREATE should be set when creating new route [ 28.227396][ T343] IPv6: NLM_F_CREATE should be set when creating new route [ 28.239567][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 28.255553][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 28.386699][ T338] loop0: detected capacity change from 0 to 40427 [ 29.404259][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 29.421716][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 29.429980][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 29.439026][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 29.447899][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 29.456739][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 29.464942][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 29.473167][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 29.535060][ T451] syz.1.53 (451) used greatest stack depth: 22336 bytes left [ 29.654665][ T467] netlink: 152 bytes leftover after parsing attributes in process `syz.4.57'. [ 30.363628][ T30] kauditd_printk_skb: 254 callbacks suppressed [ 30.363642][ T30] audit: type=1400 audit(1756460266.414:328): avc: denied { read write } for pid=496 comm="syz.0.72" name="loop0" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 30.428690][ T30] audit: type=1400 audit(1756460266.474:329): avc: denied { read write } for pid=283 comm="syz-executor" name="loop0" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 30.468380][ T30] audit: type=1400 audit(1756460266.484:330): avc: denied { read write } for pid=281 comm="syz-executor" name="loop3" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 30.495137][ T30] audit: type=1400 audit(1756460266.504:331): avc: denied { create } for pid=503 comm="syz.0.75" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0 [ 30.522941][ T30] audit: type=1400 audit(1756460266.504:332): avc: denied { read write } for pid=285 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 30.562703][ T30] audit: type=1400 audit(1756460266.504:333): avc: denied { read write } for pid=283 comm="syz-executor" name="loop0" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 30.622460][ T30] audit: type=1400 audit(1756460266.514:334): avc: denied { prog_load } for pid=509 comm="syz.0.78" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 30.663628][ T30] audit: type=1400 audit(1756460266.514:335): avc: denied { read write } for pid=281 comm="syz-executor" name="loop3" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 30.701449][ T30] audit: type=1400 audit(1756460266.524:336): avc: denied { create } for pid=511 comm="syz.3.79" dev="anon_inodefs" ino=15914 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=0 [ 30.747973][ T30] audit: type=1400 audit(1756460266.564:337): avc: denied { read write } for pid=285 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 30.871511][ T550] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 30.959588][ T560] bridge0: port 3(syz_tun) entered blocking state [ 30.981556][ T560] bridge0: port 3(syz_tun) entered disabled state [ 30.988744][ T560] device syz_tun entered promiscuous mode [ 31.010283][ T560] bridge0: port 3(syz_tun) entered blocking state [ 31.016787][ T560] bridge0: port 3(syz_tun) entered forwarding state [ 31.654543][ T596] device bridge1 entered promiscuous mode [ 32.592434][ T706] syz.1.170 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 33.031950][ T781] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=781 comm=syz.0.206 [ 33.170277][ T805] netlink: 'syz.3.217': attribute type 6 has an invalid length. [ 33.410639][ T850] netlink: 4 bytes leftover after parsing attributes in process `syz.2.238'. [ 33.482831][ T874] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 33.578390][ T899] syz.4.263 (899) used greatest stack depth: 22304 bytes left [ 33.598570][ T910] Zero length message leads to an empty skb [ 33.681569][ T938] process 'syz.4.282' launched '/dev/fd/3' with NULL argv: empty string added [ 34.046410][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 34.751827][ T1092] pimreg: tun_chr_ioctl cmd 1074812117 [ 34.757528][ T1092] pimreg: tun_chr_ioctl cmd 1074025678 [ 34.763343][ T1092] pimreg: group set to 0 [ 34.861494][ T1108] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=1108 comm=syz.3.362 [ 35.157932][ T1177] netlink: 4 bytes leftover after parsing attributes in process `syz.0.395'. [ 35.176317][ T1171] syz.3.393 (1171) used greatest stack depth: 22144 bytes left [ 35.438540][ T30] kauditd_printk_skb: 1047 callbacks suppressed [ 35.438556][ T30] audit: type=1400 audit(1756460271.484:1385): avc: denied { read write } for pid=285 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 35.469414][ T30] audit: type=1400 audit(1756460271.484:1386): avc: denied { map_create } for pid=1230 comm="syz.4.421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 35.488855][ T30] audit: type=1400 audit(1756460271.484:1387): avc: denied { prog_load } for pid=1230 comm="syz.4.421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 35.508976][ T30] audit: type=1400 audit(1756460271.534:1388): avc: denied { read write } for pid=285 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 35.533600][ T30] audit: type=1400 audit(1756460271.534:1389): avc: denied { map_create } for pid=1232 comm="syz.4.422" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 35.541042][ T1243] netlink: 'syz.4.427': attribute type 4 has an invalid length. [ 35.553150][ T30] audit: type=1400 audit(1756460271.534:1390): avc: denied { prog_load } for pid=1232 comm="syz.4.422" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 35.579465][ T30] audit: type=1400 audit(1756460271.534:1391): avc: denied { create } for pid=1232 comm="syz.4.422" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=0 [ 35.594074][ T1243] syz.4.427 (1243) used greatest stack depth: 21344 bytes left [ 35.600260][ T30] audit: type=1400 audit(1756460271.544:1392): avc: denied { read write } for pid=285 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 35.630844][ T30] audit: type=1400 audit(1756460271.544:1393): avc: denied { mounton } for pid=1234 comm="syz.4.423" path="/76/file0" dev="tmpfs" ino=414 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0 [ 35.653710][ T30] audit: type=1400 audit(1756460271.554:1394): avc: denied { read write } for pid=285 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 36.091349][ T287] Bluetooth: hci0: command 0x1003 tx timeout [ 36.097432][ T1029] Bluetooth: hci0: sending frame failed (-49) [ 36.157745][ T1266] sit: Src spoofed 0.0.0.224/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:0:5efe:253.127.26.154 [ 36.281716][ T1302] xt_hashlimit: max too large, truncated to 1048576 [ 37.048767][ T1405] pimreg: tun_chr_ioctl cmd 1074025681 [ 37.369991][ T1495] netlink: 16 bytes leftover after parsing attributes in process `syz.4.548'. [ 37.438822][ T1504] loop3: detected capacity change from 0 to 2048 [ 37.477731][ T1511] loop0: detected capacity change from 0 to 512 [ 37.502382][ T1489] Alternate GPT is invalid, using primary GPT. [ 37.518950][ T1489] loop3: p1 p2 p3 [ 37.548180][ T1504] Alternate GPT is invalid, using primary GPT. [ 37.555607][ T1494] loop1: detected capacity change from 0 to 40427 [ 37.562125][ T1504] loop3: p1 p2 p3 [ 37.566756][ T1511] SELinux: security_context_str_to_sid(root) failed for (dev ?, type ?) errno=-22 [ 37.576711][ T1511] EXT4-fs (loop0): Unrecognized mount option "obj_role=noauto_da_alloc" or missing value [ 37.602529][ T1519] loop4: detected capacity change from 0 to 256 [ 37.646578][ T1494] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 37.660301][ T1494] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 37.674057][ T1521] binder: 1520:1521 ioctl 8010661b 0 returned -22 [ 37.677799][ T1523] loop3: detected capacity change from 0 to 512 [ 37.687312][ T1494] F2FS-fs (loop1): invalid crc value [ 37.699253][ T1494] F2FS-fs (loop1): Found nat_bits in checkpoint [ 37.722640][ T1484] udevd[1484]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 37.729601][ T1523] EXT4-fs (loop3): Test dummy encryption mode enabled [ 37.733824][ T1487] udevd[1487]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 37.740567][ T1489] udevd[1489]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 37.768529][ T1523] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 37.789170][ T1523] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 37.801714][ T1523] EXT4-fs error (device loop3): ext4_orphan_get:1427: comm syz.3.559: bad orphan inode 131083 [ 37.806751][ T1489] udevd[1489]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 37.815400][ T1538] udevd[1538]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 37.823090][ T1531] udevd[1531]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 37.833092][ T1523] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,noload,,errors=continue. Quota mode: none. [ 37.844379][ T1494] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 37.869980][ T1523] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 37.887074][ T1494] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 37.960993][ T1550] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 38.030424][ T1555] loop1: detected capacity change from 0 to 512 [ 38.074175][ T1555] EXT4-fs (loop1): Ignoring removed nobh option [ 38.084892][ T1555] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.572: iget: bad i_size value: 38620345925642 [ 38.097753][ T1555] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.572: couldn't read orphan inode 15 (err -117) [ 38.110219][ T1555] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback. [ 38.126608][ T1555] EXT4-fs (loop1): shut down requested (0) [ 38.171388][ T39] Bluetooth: hci0: command 0x1001 tx timeout [ 38.177598][ T1029] Bluetooth: hci0: sending frame failed (-49) [ 38.351387][ T1505] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 38.368094][ T1596] loop0: detected capacity change from 0 to 512 [ 38.424777][ T1596] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000080000,quota,,errors=continue. Quota mode: writeback. [ 38.441619][ T1596] ext4 filesystem being mounted at /94/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 38.591347][ T1505] usb 4-1: Using ep0 maxpacket: 16 [ 38.711411][ T1505] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 38.728919][ T1505] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 38.740990][ T1505] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 38.754640][ T1505] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 38.763919][ T1505] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 38.778542][ T1505] usb 4-1: config 0 descriptor?? [ 38.782457][ T1609] loop1: detected capacity change from 0 to 131072 [ 38.805513][ T1609] ======================================================= [ 38.805513][ T1609] WARNING: The mand mount option has been deprecated and [ 38.805513][ T1609] and is ignored by this kernel. Remove the mand [ 38.805513][ T1609] option from the mount to silence this warning. [ 38.805513][ T1609] ======================================================= [ 38.842980][ T1609] F2FS-fs (loop1): invalid crc value [ 38.857575][ T1609] F2FS-fs (loop1): Found nat_bits in checkpoint [ 38.893773][ T1609] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 38.917080][ T1609] F2FS-fs (loop1): Corrupted max_depth of 3: 16842753 [ 38.932645][ T282] F2FS-fs (loop1): dec_valid_node_count: inconsistent i_blocks, ino:7, iblocks:0 [ 38.963588][ T1630] mmap: syz.4.601 (1630) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 39.108292][ T1638] loop1: detected capacity change from 0 to 512 [ 39.156670][ T1638] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 39.165234][ T1638] EXT4-fs (loop1): orphan cleanup on readonly fs [ 39.172657][ T1638] EXT4-fs warning (device loop1): ext4_enable_quotas:6450: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 39.187510][ T1638] EXT4-fs (loop1): Cannot turn on quotas: error -117 [ 39.194844][ T1638] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.605: bg 0: block 40: padding at end of block bitmap is not set [ 39.209387][ T1638] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6183: Corrupt filesystem [ 39.218952][ T1638] EXT4-fs (loop1): 1 truncate cleaned up [ 39.224710][ T1638] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 39.262209][ T1505] microsoft 0003:045E:07DA.0001: ignoring exceeding usage max [ 39.270695][ T1505] microsoft 0003:045E:07DA.0001: unsupported Resolution Multiplier 0 [ 39.281764][ T1505] microsoft 0003:045E:07DA.0001: implement() called with n (152) > 32! (kworker/1:3) [ 39.481503][ T1505] microsoft 0003:045E:07DA.0001: unsupported Resolution Multiplier 0 [ 39.492230][ T1505] microsoft 0003:045E:07DA.0001: No inputs registered, leaving [ 39.508936][ T1505] microsoft 0003:045E:07DA.0001: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 39.532593][ T1505] microsoft 0003:045E:07DA.0001: no inputs found [ 39.549653][ T1505] microsoft 0003:045E:07DA.0001: could not initialize ff, continuing anyway [ 39.625814][ T1656] loop4: detected capacity change from 0 to 40427 [ 39.651864][ T1656] F2FS-fs (loop4): invalid crc value [ 39.681225][ T1656] F2FS-fs (loop4): Found nat_bits in checkpoint [ 39.693433][ T39] usb 4-1: USB disconnect, device number 2 [ 39.731935][ T1656] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 39.740227][ T1680] syz.0.622[1680] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 39.740297][ T1680] syz.0.622[1680] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 39.753490][ T1680] syz.0.622[1680] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 39.764782][ T1656] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 39.783657][ T1680] syz.0.622[1680] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 39.832610][ T1683] loop0: detected capacity change from 0 to 512 [ 39.932928][ T1683] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback. [ 39.955604][ T285] attempt to access beyond end of device [ 39.955604][ T285] loop4: rw=2049, want=45104, limit=40427 [ 39.971439][ T1683] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 40.177388][ T1700] loop1: detected capacity change from 0 to 512 [ 40.244694][ T1700] EXT4-fs (loop1): Test dummy encryption mode enabled [ 40.251703][ T1505] Bluetooth: hci0: command 0x1009 tx timeout [ 40.260435][ T1700] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 40.296024][ T1700] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2825: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 40.309419][ T1700] EXT4-fs (loop1): 1 truncate cleaned up [ 40.316928][ T1700] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption=v1,grpid,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 40.340641][ T1700] EXT4-fs (loop1): shut down requested (2) [ 40.378257][ T10] Bluetooth: hci1: received HCILL_GO_TO_SLEEP_ACK in state 0 [ 40.387794][ T8] Bluetooth: hci1: Frame reassembly failed (-84) [ 40.554465][ T1743] kvm [1742]: vcpu2, guest rIP: 0x9114 disabled perfctr wrmsr: 0xc2 data 0x7 [ 40.566009][ T1743] kvm [1742]: vcpu2, guest rIP: 0x9114 disabled perfctr wrmsr: 0xc1 data 0x7 [ 40.581805][ T1748] netlink: 4 bytes leftover after parsing attributes in process `syz.1.651'. [ 40.672988][ T1754] loop3: detected capacity change from 0 to 256 [ 40.724843][ T1754] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 40.753634][ T30] kauditd_printk_skb: 536 callbacks suppressed [ 40.753648][ T30] audit: type=1400 audit(1756460276.803:1930): avc: denied { write open } for pid=1753 comm="syz.3.654" path="/161/bus/bus" dev="loop3" ino=1048598 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 40.811339][ T30] audit: type=1400 audit(1756460276.803:1931): avc: denied { read } for pid=1753 comm="syz.3.654" path="/161/bus/file1" dev="loop3" ino=1048599 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 40.834818][ T30] audit: type=1400 audit(1756460276.803:1932): avc: denied { ioctl } for pid=1753 comm="syz.3.654" path="/161/bus/file1" dev="loop3" ino=1048599 ioctlcmd=0x5879 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 40.867471][ T30] audit: type=1400 audit(1756460276.913:1933): avc: denied { create } for pid=1759 comm="syz.3.657" dev="anon_inodefs" ino=20511 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 40.911638][ T30] audit: type=1400 audit(1756460276.913:1934): avc: denied { ioctl } for pid=1759 comm="syz.3.657" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=20511 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 40.958194][ T30] audit: type=1400 audit(1756460276.943:1935): avc: denied { create } for pid=1761 comm="syz.3.658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 40.979709][ T30] audit: type=1400 audit(1756460276.943:1936): avc: denied { write } for pid=1761 comm="syz.3.658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 40.982487][ T1505] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 41.241330][ T1505] usb 2-1: Using ep0 maxpacket: 32 [ 41.362977][ T1505] usb 2-1: config 0 has an invalid interface number: 184 but max is 0 [ 41.371535][ T1505] usb 2-1: config 0 has no interface number 0 [ 41.377890][ T1505] usb 2-1: config 0 interface 184 has no altsetting 0 [ 41.489503][ T1783] loop3: detected capacity change from 0 to 128 [ 41.544280][ T1783] FAT-fs (loop3): Directory bread(block 32) failed [ 41.551068][ T1783] FAT-fs (loop3): Directory bread(block 33) failed [ 41.551470][ T1505] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 41.557903][ T1783] FAT-fs (loop3): Directory bread(block 34) failed [ 41.566821][ T1505] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 41.573418][ T1783] FAT-fs (loop3): Directory bread(block 35) failed [ 41.581783][ T1505] usb 2-1: Product: syz [ 41.588222][ T1783] FAT-fs (loop3): Directory bread(block 36) failed [ 41.592224][ T1505] usb 2-1: Manufacturer: syz [ 41.598900][ T1783] FAT-fs (loop3): Directory bread(block 37) failed [ 41.603308][ T1505] usb 2-1: SerialNumber: syz [ 41.609899][ T20] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 41.615876][ T1783] FAT-fs (loop3): Directory bread(block 38) failed [ 41.629247][ T1783] FAT-fs (loop3): Directory bread(block 39) failed [ 41.633438][ T1505] usb 2-1: config 0 descriptor?? [ 41.636032][ T1783] FAT-fs (loop3): Directory bread(block 40) failed [ 41.647354][ T1783] FAT-fs (loop3): Directory bread(block 41) failed [ 41.666691][ T30] audit: type=1400 audit(1756460277.713:1937): avc: denied { remount } for pid=1782 comm="syz.3.667" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 41.686933][ T1505] smsc75xx v1.0.0 [ 41.757487][ T30] audit: type=1400 audit(1756460277.803:1938): avc: denied { create } for pid=1784 comm="syz.3.668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 41.778505][ T30] audit: type=1400 audit(1756460277.803:1939): avc: denied { getopt } for pid=1784 comm="syz.3.668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 41.943761][ T1799] loop3: detected capacity change from 0 to 40427 [ 41.991507][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 41.993404][ T1799] F2FS-fs (loop3): fault_injection options not supported [ 42.003470][ T20] usb 5-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 42.008542][ T1799] F2FS-fs (loop3): fault_type options not supported [ 42.017856][ T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 42.025390][ T1799] F2FS-fs (loop3): invalid crc value [ 42.035864][ T20] usb 5-1: config 0 descriptor?? [ 42.047657][ T1799] F2FS-fs (loop3): Found nat_bits in checkpoint [ 42.068691][ T1799] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 42.239356][ T1804] loop3: detected capacity change from 0 to 40427 [ 42.283164][ T1804] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 42.290980][ T1804] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 42.301551][ T1804] F2FS-fs (loop3): Found nat_bits in checkpoint [ 42.320458][ T1804] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 42.332485][ T1804] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 42.339528][ T1804] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 42.411367][ T287] Bluetooth: hci1: command 0x1003 tx timeout [ 42.417548][ T1731] Bluetooth: hci1: sending frame failed (-49) [ 42.522227][ T20] lenovo 0003:17EF:6047.0002: item fetching failed at offset 2/5 [ 42.530162][ T20] lenovo 0003:17EF:6047.0002: hid_parse failed [ 42.536993][ T20] lenovo: probe of 0003:17EF:6047.0002 failed with error -22 [ 42.551410][ T1505] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71 [ 42.562845][ T1505] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 42.591443][ T1505] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 42.602371][ T1505] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 42.612241][ T1505] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 42.622690][ T1505] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 42.632511][ T1505] smsc75xx: probe of 2-1:0.184 failed with error -71 [ 42.645042][ T1505] usb 2-1: USB disconnect, device number 2 [ 42.729100][ T60] usb 5-1: USB disconnect, device number 2 [ 42.739933][ T1810] loop3: detected capacity change from 0 to 131072 [ 42.786178][ T1810] F2FS-fs (loop3): Test dummy encryption mode enabled [ 42.794045][ T1810] F2FS-fs (loop3): invalid crc value [ 42.800941][ T1810] F2FS-fs (loop3): Found nat_bits in checkpoint [ 42.823588][ T1810] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 42.838511][ T1810] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 43.315191][ T1817] loop3: detected capacity change from 0 to 131072 [ 43.351925][ T1817] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0) [ 43.361432][ T20] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 43.371596][ T1817] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 43.391998][ T1817] F2FS-fs (loop3): invalid crc value [ 43.407888][ T1817] F2FS-fs (loop3): Found nat_bits in checkpoint [ 43.448134][ T1817] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 43.455517][ T1817] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 43.472240][ T1817] F2FS-fs (loop3): checksum invalid, nid = 4, ino_of_node = 4, 8e2acc4a vs. 159afe7 [ 43.482588][ T1817] F2FS-fs (loop3): checksum invalid, nid = 4, ino_of_node = 4, 8e2acc4a vs. 159afe7 [ 43.721502][ T20] usb 2-1: config 1 interface 0 altsetting 127 bulk endpoint 0x81 has invalid maxpacket 64 [ 43.731757][ T20] usb 2-1: config 1 interface 0 altsetting 127 bulk endpoint 0x2 has invalid maxpacket 32 [ 43.741693][ T20] usb 2-1: config 1 interface 0 has no altsetting 0 [ 43.901499][ T20] usb 2-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40 [ 43.910591][ T20] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 43.918611][ T20] usb 2-1: Product: syz [ 43.922805][ T20] usb 2-1: Manufacturer: syz [ 43.927374][ T20] usb 2-1: SerialNumber: syz [ 43.951470][ T1821] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 43.958453][ T1821] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 44.491400][ T287] Bluetooth: hci1: command 0x1001 tx timeout [ 44.497471][ T1731] Bluetooth: hci1: sending frame failed (-49) [ 45.081410][ T20] (unnamed net_device) (uninitialized): Assigned a random MAC address: fe:2d:4c:fe:0c:40 [ 45.092912][ T20] rtl8150 2-1:1.0: eth1: rtl8150 is detected [ 45.101691][ T20] usb 2-1: USB disconnect, device number 3 [ 45.883842][ T30] kauditd_printk_skb: 49 callbacks suppressed [ 45.883857][ T30] audit: type=1400 audit(1756460281.933:1989): avc: denied { create } for pid=1894 comm="syz.1.714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 45.886860][ T1895] loop1: detected capacity change from 0 to 512 [ 45.898757][ T30] audit: type=1400 audit(1756460281.943:1990): avc: denied { create } for pid=1896 comm="syz.4.716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 45.940194][ T30] audit: type=1400 audit(1756460281.993:1991): avc: denied { getopt } for pid=1896 comm="syz.4.716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 45.965452][ T1895] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 45.975690][ T1895] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 45.995480][ T1895] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 46.006665][ T1895] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 46.015930][ T1895] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c041e01c, mo2=0100] [ 46.024399][ T1895] EXT4-fs (loop1): orphan cleanup on readonly fs [ 46.032836][ T1895] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.714: bg 0: block 34: padding at end of block bitmap is not set [ 46.047490][ T1895] Quota error (device loop1): write_blk: dquota write failed [ 46.055255][ T1895] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 46.065176][ T1895] EXT4-fs error (device loop1): ext4_acquire_dquot:6198: comm syz.1.714: Failed to acquire dquot type 1 [ 46.077084][ T1895] EXT4-fs (loop1): 1 truncate cleaned up [ 46.083155][ T1895] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,noblock_validity,commit=0x0000000000000000,abort,,errors=continue. Quota mode: writeback. [ 46.100946][ T1909] syz.3.721[1909] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 46.101011][ T1909] syz.3.721[1909] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 46.103714][ T1907] loop4: detected capacity change from 0 to 2048 [ 46.133526][ T1907] FAT-fs (loop4): Unrecognized mount option "fowner<00000000003870983186" or missing value [ 46.144927][ T1909] xt_hashlimit: max too large, truncated to 1048576 [ 46.194865][ T1913] loop3: detected capacity change from 0 to 128 [ 46.251400][ T6] Bluetooth: hci0: command 0x1003 tx timeout [ 46.257525][ T1731] Bluetooth: hci0: sending frame failed (-49) [ 46.283840][ T30] audit: type=1400 audit(1756460282.333:1992): avc: denied { mount } for pid=1915 comm="syz.3.724" name="/" dev="configfs" ino=14553 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 46.342386][ T30] audit: type=1400 audit(1756460282.333:1993): avc: denied { search } for pid=1915 comm="syz.3.724" name="/" dev="configfs" ino=14553 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 46.367405][ T30] audit: type=1400 audit(1756460282.333:1994): avc: denied { read } for pid=1915 comm="syz.3.724" name="/" dev="configfs" ino=14553 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 46.389903][ T30] audit: type=1400 audit(1756460282.333:1995): avc: denied { open } for pid=1915 comm="syz.3.724" path="/" dev="configfs" ino=14553 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 46.420285][ T1920] loop3: detected capacity change from 0 to 512 [ 46.534453][ T1928] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 46.535408][ T10] tipc: Subscription rejected, illegal request [ 46.540722][ T30] audit: type=1400 audit(1756460282.583:1996): avc: denied { connect } for pid=1929 comm="syz.3.730" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 46.571414][ T20] Bluetooth: hci1: command 0x1009 tx timeout [ 46.604863][ T1933] device bridge2 entered promiscuous mode [ 46.628446][ T1938] loop3: detected capacity change from 0 to 128 [ 46.668812][ T1938] attempt to access beyond end of device [ 46.668812][ T1938] loop3: rw=2049, want=250, limit=128 [ 46.852684][ T1940] syz.4.735[1940] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 46.852731][ T1940] syz.4.735[1940] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 46.915712][ T1950] loop1: detected capacity change from 0 to 512 [ 46.980355][ T8] tipc: Subscription rejected, illegal request [ 46.987502][ T1950] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 46.996109][ T1950] EXT4-fs (loop1): Test dummy encryption mode enabled [ 47.003713][ T1950] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 47.011256][ T1950] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 47.023571][ T1950] EXT4-fs (loop1): 1 truncate cleaned up [ 47.029323][ T1950] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobarrier,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,,errors=continue. Quota mode: none. [ 47.255930][ T1962] loop3: detected capacity change from 0 to 512 [ 47.267461][ T1962] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 47.277656][ T1962] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 47.291440][ T1962] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 47.321593][ T1962] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 47.329855][ T1962] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c041e01c, mo2=0100] [ 47.338586][ T1962] EXT4-fs (loop3): orphan cleanup on readonly fs [ 47.345801][ T1962] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.744: bg 0: block 34: padding at end of block bitmap is not set [ 47.360422][ T1962] EXT4-fs error (device loop3): ext4_acquire_dquot:6198: comm syz.3.744: Failed to acquire dquot type 1 [ 47.372774][ T1962] EXT4-fs (loop3): 1 truncate cleaned up [ 47.391713][ T1962] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,noblock_validity,commit=0x0000000000000000,abort,,errors=continue. Quota mode: writeback. [ 47.590174][ T1962] syz.3.744 (1962) used greatest stack depth: 21120 bytes left [ 47.668689][ T1968] incfs: Options parsing error. -22 [ 47.674120][ T1968] incfs: mount failed -22 [ 47.735963][ T1970] SELinux: unknown common ocket [ 47.746634][ T1970] SELinux: failed to load policy [ 47.849609][ T1982] SELinux: unknown common ocket [ 47.857515][ T1984] loop1: detected capacity change from 0 to 128 [ 47.864719][ T1982] SELinux: failed to load policy [ 47.876874][ T1984] attempt to access beyond end of device [ 47.876874][ T1984] loop1: rw=2049, want=250, limit=128 [ 48.331389][ T20] Bluetooth: hci0: command 0x1001 tx timeout [ 48.337539][ T1731] Bluetooth: hci0: sending frame failed (-49) [ 50.411400][ T20] Bluetooth: hci0: command 0x1009 tx timeout [ 50.601201][ T1997] loop0: detected capacity change from 0 to 512 [ 50.628149][ T1997] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 50.654034][ T1997] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 50.663935][ T1997] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 50.664277][ T1999] incfs: Options parsing error. -22 [ 50.679202][ T1999] incfs: mount failed -22 [ 50.683926][ T1997] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 50.697821][ T1997] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c041e01c, mo2=0100] [ 50.713103][ T1997] EXT4-fs (loop0): orphan cleanup on readonly fs [ 50.735197][ T1997] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.757: bg 0: block 34: padding at end of block bitmap is not set [ 50.774354][ T1997] EXT4-fs error (device loop0): ext4_acquire_dquot:6198: comm syz.0.757: Failed to acquire dquot type 1 [ 50.835024][ T1997] EXT4-fs (loop0): 1 truncate cleaned up [ 50.877543][ T1997] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,noblock_validity,commit=0x0000000000000000,abort,,errors=continue. Quota mode: writeback. [ 50.915534][ T2015] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 50.951892][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 50.963732][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 50.980740][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 50.996599][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 51.013570][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 51.030387][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 51.052383][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 51.069408][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 51.131772][ T2015] syz.4.770 (2015) used greatest stack depth: 20608 bytes left [ 51.235510][ T30] kauditd_printk_skb: 69 callbacks suppressed [ 51.235524][ T30] audit: type=1326 audit(1756460287.283:2062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2026 comm="syz.4.775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53e3cbbe9 code=0x7ffc0000 [ 51.310347][ T30] audit: type=1326 audit(1756460287.283:2063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2026 comm="syz.4.775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe53e3cbbe9 code=0x7ffc0000 [ 51.359508][ T30] audit: type=1326 audit(1756460287.323:2064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2026 comm="syz.4.775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53e3cbbe9 code=0x7ffc0000 [ 51.386224][ T30] audit: type=1326 audit(1756460287.323:2065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2026 comm="syz.4.775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53e3cbbe9 code=0x7ffc0000 [ 51.415755][ T30] audit: type=1326 audit(1756460287.333:2066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2026 comm="syz.4.775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fe53e3cbbe9 code=0x7ffc0000 [ 51.446860][ T30] audit: type=1326 audit(1756460287.333:2067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2028 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 51.471759][ T30] audit: type=1326 audit(1756460287.333:2068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2028 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 51.495276][ T30] audit: type=1326 audit(1756460287.333:2069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2028 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 51.526476][ T30] audit: type=1326 audit(1756460287.333:2070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2028 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 51.557706][ T30] audit: type=1326 audit(1756460287.333:2071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2028 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 51.603462][ T2041] loop0: detected capacity change from 0 to 512 [ 51.666522][ T2041] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,delalloc,bsdgroups,. Quota mode: writeback. [ 51.673089][ T2039] loop3: detected capacity change from 0 to 40427 [ 51.679477][ T2041] ext4 filesystem being mounted at /119/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 51.697968][ T2039] F2FS-fs (loop3): invalid crc value [ 51.728937][ T2041] EXT4-fs error (device loop0): ext4_readdir:263: inode #2: block 3: comm syz.0.778: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1 [ 51.733189][ T2039] F2FS-fs (loop3): Found nat_bits in checkpoint [ 51.749130][ T2041] EXT4-fs (loop0): Remounting filesystem read-only [ 51.781269][ T2039] F2FS-fs (loop3): Start checkpoint disabled! [ 51.788163][ T2039] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 51.852645][ T2049] netlink: 152 bytes leftover after parsing attributes in process `syz.0.780'. [ 51.935685][ T2057] loop1: detected capacity change from 0 to 512 [ 51.984313][ T2057] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.783: casefold flag without casefold feature [ 52.004465][ T2057] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.783: couldn't read orphan inode 15 (err -117) [ 52.016927][ T2057] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 52.113371][ T2064] bridge0: port 3(syz_tun) entered blocking state [ 52.119830][ T2064] bridge0: port 3(syz_tun) entered disabled state [ 52.126687][ T2064] device syz_tun entered promiscuous mode [ 52.132555][ T2064] bridge0: port 3(syz_tun) entered blocking state [ 52.139003][ T2064] bridge0: port 3(syz_tun) entered forwarding state [ 52.647015][ T2079] loop0: detected capacity change from 0 to 512 [ 52.729610][ T2079] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.791: casefold flag without casefold feature [ 52.742586][ T2079] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.791: couldn't read orphan inode 15 (err -117) [ 52.756594][ T2079] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 52.866861][ T2082] loop4: detected capacity change from 0 to 40427 [ 52.923063][ T2082] F2FS-fs (loop4): Unrecognized mount option "nodisc_rd" or missing value [ 53.053817][ T2088] loop0: detected capacity change from 0 to 40427 [ 53.074558][ T2088] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 53.091343][ T2088] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 53.138454][ T2088] F2FS-fs (loop0): Found nat_bits in checkpoint [ 53.171512][ T2092] loop4: detected capacity change from 0 to 40427 [ 53.179003][ T2088] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 53.186167][ T2088] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 53.241760][ T2092] F2FS-fs (loop4): Invalid log blocks per segment (83886089) [ 53.251029][ T2092] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 53.276237][ T2092] F2FS-fs (loop4): invalid crc value [ 53.282864][ T2092] F2FS-fs (loop4): Found nat_bits in checkpoint [ 53.332285][ T2092] F2FS-fs (loop4): Start checkpoint disabled! [ 53.361551][ T2092] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 53.369959][ T2092] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 53.372043][ T2110] loop0: detected capacity change from 0 to 512 [ 53.412898][ T2092] attempt to access beyond end of device [ 53.412898][ T2092] loop4: rw=2049, want=45104, limit=40427 [ 53.437411][ T2092] attempt to access beyond end of device [ 53.437411][ T2092] loop4: rw=0, want=45104, limit=40427 [ 53.472071][ T2110] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.798: casefold flag without casefold feature [ 53.492183][ T2110] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.798: couldn't read orphan inode 15 (err -117) [ 53.521395][ T8] attempt to access beyond end of device [ 53.521395][ T8] loop4: rw=2049, want=40984, limit=40427 [ 53.522357][ T2107] loop1: detected capacity change from 0 to 40427 [ 53.532914][ T2110] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 53.552887][ T2107] F2FS-fs (loop1): invalid crc value [ 53.566710][ T2116] netlink: 152 bytes leftover after parsing attributes in process `syz.3.803'. [ 53.578821][ T2107] F2FS-fs (loop1): Found nat_bits in checkpoint [ 53.610585][ T2107] F2FS-fs (loop1): Start checkpoint disabled! [ 53.617483][ T2107] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 53.774725][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 53.793928][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 53.806319][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 53.814633][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 53.816830][ T2121] loop4: detected capacity change from 0 to 512 [ 53.823601][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 53.837227][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 53.845635][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 53.853936][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 53.874090][ T2121] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,delalloc,bsdgroups,. Quota mode: writeback. [ 53.887376][ T2121] ext4 filesystem being mounted at /201/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 53.943616][ T2121] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 3: comm syz.4.802: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1 [ 53.963718][ T2121] EXT4-fs (loop4): Remounting filesystem read-only [ 54.062838][ T2132] loop4: detected capacity change from 0 to 512 [ 54.081368][ T2132] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 54.089693][ T2132] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 54.098954][ T2132] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 54.109910][ T2132] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c11c, mo2=0002] [ 54.118107][ T2132] System zones: 1-12 [ 54.122698][ T2132] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2228: inode #15: comm syz.4.818: corrupted in-inode xattr [ 54.136463][ T2136] bridge0: port 3(syz_tun) entered blocking state [ 54.137055][ T2132] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.818: couldn't read orphan inode 15 (err -117) [ 54.151656][ T2136] bridge0: port 3(syz_tun) entered disabled state [ 54.155154][ T2132] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,grpid,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000009,debug,usrjquota=,nolazytime,mblk_io_submit,,errors=continue. Quota mode: none. [ 54.196476][ T2136] device syz_tun entered promiscuous mode [ 54.206360][ T2136] bridge0: port 3(syz_tun) entered blocking state [ 54.212874][ T2136] bridge0: port 3(syz_tun) entered forwarding state [ 54.438022][ T2143] loop3: detected capacity change from 0 to 512 [ 54.451122][ T2145] loop2: detected capacity change from 0 to 512 [ 54.482195][ T2141] loop4: detected capacity change from 0 to 40427 [ 54.482995][ T2143] EXT4-fs error (device loop3): ext4_acquire_dquot:6198: comm syz.3.812: Failed to acquire dquot type 1 [ 54.502005][ T2143] EXT4-fs (loop3): 1 truncate cleaned up [ 54.507702][ T2143] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpid,auto_da_alloc,minixdf,noinit_itable,init_itable,,errors=continue. Quota mode: writeback. [ 54.527287][ T2145] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 54.534646][ T2143] ext4 filesystem being mounted at /225/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.540180][ T2145] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 54.557326][ T2141] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 54.557414][ T2145] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 54.585967][ T2145] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 54.598712][ T2141] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 54.607839][ T2145] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c041e01c, mo2=0100] [ 54.616321][ T2145] EXT4-fs (loop2): orphan cleanup on readonly fs [ 54.624262][ T2145] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.811: bg 0: block 34: padding at end of block bitmap is not set [ 54.639904][ T2145] EXT4-fs error (device loop2): ext4_acquire_dquot:6198: comm syz.2.811: Failed to acquire dquot type 1 [ 54.644310][ T2141] F2FS-fs (loop4): Found nat_bits in checkpoint [ 54.663498][ T2145] EXT4-fs (loop2): 1 truncate cleaned up [ 54.669554][ T2145] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,noblock_validity,commit=0x0000000000000000,abort,,errors=continue. Quota mode: writeback. [ 54.683074][ T2141] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 54.700250][ T2141] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 54.879427][ T2157] loop3: detected capacity change from 0 to 40427 [ 54.889069][ T2157] F2FS-fs (loop3): Invalid log blocks per segment (83886089) [ 54.897425][ T2157] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 54.916887][ T2157] F2FS-fs (loop3): invalid crc value [ 54.942453][ T2157] F2FS-fs (loop3): Found nat_bits in checkpoint [ 54.979426][ T2162] loop1: detected capacity change from 0 to 512 [ 55.011111][ T2162] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.815: casefold flag without casefold feature [ 55.029953][ T2157] F2FS-fs (loop3): Start checkpoint disabled! [ 55.034175][ T2162] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.815: couldn't read orphan inode 15 (err -117) [ 55.048111][ T2162] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 55.057013][ T2157] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 55.071366][ T2157] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 55.108431][ T2157] attempt to access beyond end of device [ 55.108431][ T2157] loop3: rw=2049, want=45104, limit=40427 [ 55.165429][ T2157] attempt to access beyond end of device [ 55.165429][ T2157] loop3: rw=0, want=45104, limit=40427 [ 55.221898][ T2172] loop2: detected capacity change from 0 to 128 [ 55.258289][ T2150] attempt to access beyond end of device [ 55.258289][ T2150] loop3: rw=2049, want=40984, limit=40427 [ 55.338686][ T2172] attempt to access beyond end of device [ 55.338686][ T2172] loop2: rw=2049, want=250, limit=128 [ 55.388149][ T2178] loop4: detected capacity change from 0 to 512 [ 55.396875][ T2182] incfs: Options parsing error. -22 [ 55.403631][ T2182] incfs: mount failed -22 [ 55.424262][ T2178] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.834: casefold flag without casefold feature [ 55.444223][ T2178] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.834: couldn't read orphan inode 15 (err -117) [ 55.456424][ T2178] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 55.594184][ T2194] loop4: detected capacity change from 0 to 512 [ 55.684343][ T2198] loop2: detected capacity change from 0 to 512 [ 55.723406][ T2198] EXT4-fs (loop2): Ignoring removed oldalloc option [ 55.737853][ T2198] EXT4-fs error (device loop2): ext4_xattr_inode_iget:400: comm syz.2.842: Parent and EA inode have the same ino 15 [ 55.750365][ T2198] EXT4-fs (loop2): Remounting filesystem read-only [ 55.757224][ T2198] EXT4-fs (loop2): 1 orphan inode deleted [ 55.764186][ T2198] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,bsdgroups,debug_want_extra_isize=0x0000000000000040,noauto_da_alloc,bsdgroups,oldalloc,resuid=0x0000000000000000,. Quota mode: none. [ 55.802678][ T2198] EXT4-fs (loop2): shut down requested (2) [ 56.258007][ T2216] netlink: 96 bytes leftover after parsing attributes in process `syz.4.838'. [ 56.278382][ T30] kauditd_printk_skb: 82 callbacks suppressed [ 56.278396][ T30] audit: type=1400 audit(1756460292.323:2150): avc: denied { read } for pid=2217 comm="syz.4.839" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 56.309264][ T30] audit: type=1400 audit(1756460292.363:2151): avc: denied { open } for pid=2217 comm="syz.4.839" path="/dev/kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 56.361361][ T30] audit: type=1400 audit(1756460292.363:2152): avc: denied { ioctl } for pid=2217 comm="syz.4.839" path="/dev/kvm" dev="devtmpfs" ino=82 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 56.392125][ T2214] loop1: detected capacity change from 0 to 40427 [ 56.443202][ T2214] F2FS-fs (loop1): Invalid log blocks per segment (83886089) [ 56.450963][ T2214] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 56.462229][ T2214] F2FS-fs (loop1): invalid crc value [ 56.469573][ T2214] F2FS-fs (loop1): Found nat_bits in checkpoint [ 56.495009][ T2214] F2FS-fs (loop1): Start checkpoint disabled! [ 56.502279][ T2214] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 56.509704][ T2214] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 56.535437][ T2214] attempt to access beyond end of device [ 56.535437][ T2214] loop1: rw=2049, want=45104, limit=40427 [ 56.553807][ T2214] attempt to access beyond end of device [ 56.553807][ T2214] loop1: rw=0, want=45104, limit=40427 [ 56.590166][ T10] attempt to access beyond end of device [ 56.590166][ T10] loop1: rw=2049, want=45112, limit=40427 [ 56.746662][ T30] audit: type=1400 audit(1756460292.793:2153): avc: denied { audit_write } for pid=2225 comm="syz.3.841" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 56.791015][ T30] audit: type=1107 audit(1756460292.793:2154): pid=2225 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 56.881985][ T30] audit: type=1326 audit(1756460292.933:2155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2243 comm="syz.3.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebe2b9be9 code=0x7ffc0000 [ 56.907755][ T30] audit: type=1400 audit(1756460292.953:2156): avc: denied { mount } for pid=2236 comm="syz.4.849" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 56.985999][ T30] audit: type=1326 audit(1756460292.953:2157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2243 comm="syz.3.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ebe2b9be9 code=0x7ffc0000 [ 57.030333][ T30] audit: type=1326 audit(1756460292.953:2158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2243 comm="syz.3.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebe2b9be9 code=0x7ffc0000 [ 57.078494][ T30] audit: type=1326 audit(1756460292.953:2159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2243 comm="syz.3.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ebe2b9be9 code=0x7ffc0000 [ 57.346362][ T2270] loop2: detected capacity change from 0 to 40427 [ 57.395045][ T2270] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 57.402894][ T2270] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 57.413189][ T2270] F2FS-fs (loop2): Found nat_bits in checkpoint [ 57.440253][ T2270] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 57.447740][ T2270] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 58.845871][ T2294] loop0: detected capacity change from 0 to 40427 [ 58.865820][ T2294] F2FS-fs (loop0): Invalid log blocks per segment (83886089) [ 58.876871][ T2293] loop3: detected capacity change from 0 to 40427 [ 58.896705][ T2294] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 58.908198][ T2294] F2FS-fs (loop0): invalid crc value [ 58.915713][ T2293] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 58.923882][ T2293] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 58.939057][ T2294] F2FS-fs (loop0): Found nat_bits in checkpoint [ 58.946321][ T2293] F2FS-fs (loop3): Found nat_bits in checkpoint [ 59.006267][ T2293] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 59.016311][ T2294] F2FS-fs (loop0): Start checkpoint disabled! [ 59.022545][ T2293] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 59.041605][ T2294] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 59.048688][ T2294] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 59.099825][ T2294] attempt to access beyond end of device [ 59.099825][ T2294] loop0: rw=2049, want=45104, limit=40427 [ 59.123514][ T2294] attempt to access beyond end of device [ 59.123514][ T2294] loop0: rw=0, want=45104, limit=40427 [ 59.201988][ T2150] attempt to access beyond end of device [ 59.201988][ T2150] loop0: rw=2049, want=40984, limit=40427 [ 59.404969][ T2337] binder: 2336:2337 ioctl c0306201 200000000380 returned -22 [ 59.692264][ T2345] loop1: detected capacity change from 0 to 40427 [ 59.772727][ T2345] F2FS-fs (loop1): Invalid log blocks per segment (83886089) [ 59.781746][ T2345] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 59.802920][ T2345] F2FS-fs (loop1): invalid crc value [ 59.817802][ T2345] F2FS-fs (loop1): Found nat_bits in checkpoint [ 59.852379][ T2345] F2FS-fs (loop1): Start checkpoint disabled! [ 59.859406][ T2345] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 59.866776][ T2345] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 59.907964][ T2345] attempt to access beyond end of device [ 59.907964][ T2345] loop1: rw=2049, want=45104, limit=40427 [ 59.932301][ T2345] attempt to access beyond end of device [ 59.932301][ T2345] loop1: rw=0, want=45104, limit=40427 [ 59.986607][ T2150] attempt to access beyond end of device [ 59.986607][ T2150] loop1: rw=2049, want=40984, limit=40427 [ 60.194517][ T2375] loop1: detected capacity change from 0 to 512 [ 60.272128][ T2375] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 60.321462][ T2375] ext4 filesystem being mounted at /198/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 60.361824][ T2375] EXT4-fs error (device loop1): ext4_do_update_inode:5235: inode #2: comm syz.1.897: corrupted inode contents [ 60.387024][ T2375] EXT4-fs error (device loop1): ext4_dirty_inode:6071: inode #2: comm syz.1.897: mark_inode_dirty error [ 60.429793][ T2375] EXT4-fs error (device loop1): ext4_do_update_inode:5235: inode #2: comm syz.1.897: corrupted inode contents [ 60.501841][ T2375] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #2: comm syz.1.897: mark_inode_dirty error [ 60.667266][ T2406] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2406 comm=syz.1.909 [ 61.048731][ T2401] loop3: detected capacity change from 0 to 40427 [ 61.143811][ T2401] F2FS-fs (loop3): Invalid log blocks per segment (83886089) [ 61.180697][ T2401] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 61.208026][ T2401] F2FS-fs (loop3): invalid crc value [ 61.229603][ T2401] F2FS-fs (loop3): Found nat_bits in checkpoint [ 61.274102][ T2401] F2FS-fs (loop3): Start checkpoint disabled! [ 61.291630][ T2401] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 61.298779][ T2401] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 61.339173][ T2401] attempt to access beyond end of device [ 61.339173][ T2401] loop3: rw=2049, want=45104, limit=40427 [ 61.363053][ T2401] attempt to access beyond end of device [ 61.363053][ T2401] loop3: rw=0, want=45104, limit=40427 [ 61.424938][ T2150] attempt to access beyond end of device [ 61.424938][ T2150] loop3: rw=2049, want=40984, limit=40427 [ 61.447962][ T2443] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.455391][ T2443] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.465765][ T2443] device bridge_slave_1 left promiscuous mode [ 61.472306][ T2443] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.480035][ T2443] device bridge_slave_0 left promiscuous mode [ 61.486507][ T2443] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.552264][ T30] kauditd_printk_skb: 113 callbacks suppressed [ 61.552278][ T30] audit: type=1400 audit(1756460297.603:2273): avc: denied { write } for pid=2446 comm="syz.3.925" name="001" dev="devtmpfs" ino=184 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 61.604014][ T2449] netlink: 8 bytes leftover after parsing attributes in process `syz.2.926'. [ 61.606723][ T30] audit: type=1400 audit(1756460297.653:2274): avc: denied { name_bind } for pid=2450 comm="syz.3.927" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 61.637010][ T30] audit: type=1400 audit(1756460297.693:2275): avc: denied { node_bind } for pid=2450 comm="syz.3.927" saddr=::ffff:172.20.20.13 src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 61.686062][ T30] audit: type=1400 audit(1756460297.733:2276): avc: denied { read } for pid=2454 comm="syz.4.928" name="usbmon0" dev="devtmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 61.717192][ T30] audit: type=1400 audit(1756460297.763:2277): avc: denied { open } for pid=2454 comm="syz.4.928" path="/dev/usbmon0" dev="devtmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 61.741210][ T30] audit: type=1400 audit(1756460297.763:2278): avc: denied { ioctl } for pid=2454 comm="syz.4.928" path="/dev/usbmon0" dev="devtmpfs" ino=155 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 61.965321][ T30] audit: type=1326 audit(1756460298.013:2279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2472 comm="syz.1.936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fac7f4be9 code=0x7ffc0000 [ 61.988884][ T30] audit: type=1326 audit(1756460298.013:2280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2472 comm="syz.1.936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6fac7f4be9 code=0x7ffc0000 [ 62.012836][ T30] audit: type=1326 audit(1756460298.033:2281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2472 comm="syz.1.936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fac7f4be9 code=0x7ffc0000 [ 62.036684][ T30] audit: type=1326 audit(1756460298.043:2282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2472 comm="syz.1.936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6fac7f4be9 code=0x7ffc0000 [ 62.791805][ T2519] netlink: 28 bytes leftover after parsing attributes in process `syz.3.957'. [ 62.800733][ T2519] netlink: 28 bytes leftover after parsing attributes in process `syz.3.957'. [ 62.850657][ T2530] loop4: detected capacity change from 0 to 512 [ 62.872911][ T2530] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 62.897741][ T2530] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz.4.959: invalid indirect mapped block 4294967295 (level 0) [ 62.907593][ T2528] loop3: detected capacity change from 0 to 8192 [ 62.912052][ T2530] EXT4-fs (loop4): Remounting filesystem read-only [ 62.924739][ T2530] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz.4.959: invalid indirect mapped block 4294967295 (level 1) [ 62.939034][ T2530] EXT4-fs (loop4): Remounting filesystem read-only [ 62.946599][ T2530] EXT4-fs (loop4): 1 orphan inode deleted [ 62.952594][ T2530] EXT4-fs (loop4): 1 truncate cleaned up [ 62.971423][ T2530] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,lazytime,block_validity,block_validity,block_validity,quota,jqfmt=vfsv0,. Quota mode: writeback. [ 62.993056][ T2530] EXT4-fs error (device loop4): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.4.959: bad entry in directory: rec_len is too small for name_len - offset=12, inode=2, rec_len=12, size=1024 fake=0 [ 63.032760][ T2530] EXT4-fs (loop4): Remounting filesystem read-only [ 63.106420][ T2538] fuse: Unknown parameter '0x0000000000000003' [ 63.274270][ T2563] syz.3.976[2563] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 63.274339][ T2563] syz.3.976[2563] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 63.348371][ T2570] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 63.377418][ T2570] FAT-fs (loop9): unable to read boot sector [ 63.458258][ T2585] loop3: detected capacity change from 0 to 256 [ 63.461377][ T60] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 63.695906][ T2612] loop3: detected capacity change from 0 to 1024 [ 63.752583][ T2612] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_batch_time=0x000000000000055e,delalloc,abort,nodelalloc,,errors=continue. Quota mode: none. [ 63.771412][ T2612] EXT4-fs error (device loop3): ext4_generic_delete_entry:2729: inode #2: block 16: comm syz.3.998: bad entry in directory: inode out of bounds - offset=12, inode=129, rec_len=12, size=1024 fake=1 [ 63.792128][ T2612] EXT4-fs error (device loop3) in ext4_delete_entry:2800: Corrupt filesystem [ 63.801151][ T2612] EXT4-fs warning (device loop3): ext4_rename_delete:3792: inode #2: comm syz.3.998: Deleting old file: nlink 4, error=-117 [ 63.851787][ T60] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 63.863768][ T2616] loop3: detected capacity change from 0 to 512 [ 63.871133][ T60] usb 2-1: config 0 interface 0 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 7 [ 63.884470][ T60] usb 2-1: config 0 interface 0 has no altsetting 0 [ 63.885198][ T2616] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 63.891127][ T60] usb 2-1: New USB device found, idVendor=047f, idProduct=c055, bcdDevice= 0.00 [ 63.910873][ T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.919572][ T60] usb 2-1: config 0 descriptor?? [ 63.924391][ T2616] netlink: 28 bytes leftover after parsing attributes in process `syz.3.999'. [ 63.941441][ T2551] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 64.021903][ T2625] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 64.162315][ T2551] UDC core: couldn't find an available UDC or it's busy: -16 [ 64.169926][ T2551] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 64.241990][ T2643] loop0: detected capacity change from 0 to 1024 [ 64.261436][ T60] usbhid 2-1:0.0: can't add hid device: -71 [ 64.267518][ T60] usbhid: probe of 2-1:0.0 failed with error -71 [ 64.280360][ T60] usb 2-1: USB disconnect, device number 4 [ 64.292193][ T2643] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 64.303472][ T2643] ext4 filesystem being mounted at /146/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 64.316991][ T2643] EXT4-fs error (device loop0): ext4_free_blocks:6223: comm syz.0.1010: Freeing blocks not in datazone - block = 0, count = 16 [ 64.335716][ T2150] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 64.350592][ T2150] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 64.365488][ T2150] EXT4-fs (loop0): This should not happen!! Data will be lost [ 64.365488][ T2150] [ 64.375649][ T2150] EXT4-fs (loop0): Total free blocks count 0 [ 64.387942][ T2150] EXT4-fs (loop0): Free/Dirty block details [ 64.394261][ T2150] EXT4-fs (loop0): free_blocks=4293918736 [ 64.401022][ T2150] EXT4-fs (loop0): dirty_blocks=16 [ 64.408591][ T2150] EXT4-fs (loop0): Block reservation details [ 64.414728][ T2150] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 64.530093][ T2658] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1016'. [ 64.599185][ T2670] netlink: 'syz.0.1022': attribute type 1 has an invalid length. [ 64.614510][ T332] Bluetooth: hci1: Frame reassembly failed (-84) [ 64.627319][ T2672] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 64.697580][ T2678] kvm [2677]: vcpu0, guest rIP: 0x9114 disabled perfctr wrmsr: 0xc2 data 0x5407 [ 64.707091][ T2678] kvm [2677]: vcpu0, guest rIP: 0x9114 disabled perfctr wrmsr: 0xc1 data 0x5b07 [ 64.741359][ T60] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 64.981464][ T60] usb 2-1: Using ep0 maxpacket: 32 [ 65.007764][ T2698] binfmt_misc: register: failed to install interpreter file ./file1 [ 65.101415][ T60] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x2 has an invalid bInterval 129, changing to 11 [ 65.112652][ T60] usb 2-1: config 0 interface 0 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 7 [ 65.129957][ T60] usb 2-1: config 0 interface 0 has no altsetting 0 [ 65.137062][ T60] usb 2-1: New USB device found, idVendor=047f, idProduct=c055, bcdDevice= 0.00 [ 65.146265][ T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.157965][ T60] usb 2-1: config 0 descriptor?? [ 65.202685][ T60] hub 2-1:0.0: bad descriptor, ignoring hub [ 65.208848][ T60] hub: probe of 2-1:0.0 failed with error -5 [ 65.373674][ T2722] loop3: detected capacity change from 0 to 40427 [ 65.413818][ T2722] F2FS-fs (loop3): Invalid log blocks per segment (83886089) [ 65.421517][ T2722] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 65.430916][ T2722] F2FS-fs (loop3): invalid crc value [ 65.437741][ T2722] F2FS-fs (loop3): Found nat_bits in checkpoint [ 65.458533][ T2722] F2FS-fs (loop3): Start checkpoint disabled! [ 65.465507][ T2722] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 65.472649][ T2722] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 65.490283][ T2722] attempt to access beyond end of device [ 65.490283][ T2722] loop3: rw=2049, want=45104, limit=40427 [ 65.507456][ T2722] attempt to access beyond end of device [ 65.507456][ T2722] loop3: rw=0, want=45104, limit=40427 [ 65.532223][ T332] attempt to access beyond end of device [ 65.532223][ T332] loop3: rw=2049, want=40984, limit=40427 [ 65.541382][ T6] Bluetooth: hci0: command 0x1003 tx timeout [ 65.549899][ T1731] Bluetooth: hci0: sending frame failed (-49) [ 65.632811][ T60] plantronics 0003:047F:C055.0003: No inputs registered, leaving [ 65.648498][ T60] plantronics 0003:047F:C055.0003: hiddev96,hidraw0: USB HID v0.00 Device [HID 047f:c055] on usb-dummy_hcd.1-1/input0 [ 65.728020][ T2736] loop3: detected capacity change from 0 to 512 [ 65.752245][ T2736] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 65.763807][ T2736] EXT4-fs (loop3): 1 truncate cleaned up [ 65.769468][ T2736] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nobarrier,debug_want_extra_isize=0x0000000000000068,mb_optimize_scan=0x0000000000000001,block_validity,dioread_lock,. Quota mode: none. [ 65.951498][ T287] usb 2-1: USB disconnect, device number 5 [ 66.118686][ T2768] loop3: detected capacity change from 0 to 512 [ 66.144638][ T2768] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 66.157531][ T2768] EXT4-fs (loop3): 1 truncate cleaned up [ 66.163323][ T2768] EXT4-fs (loop3): mounted filesystem without journal. Opts: nolazytime,lazytime,journal_path=./bus,bsdgroups,lazytime,noload,,errors=continue. Quota mode: none. [ 66.270068][ T2771] netlink: 88 bytes leftover after parsing attributes in process `syz.3.1064'. [ 66.279115][ T2771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1064'. [ 66.314838][ T2777] loop3: detected capacity change from 0 to 512 [ 66.343076][ T2779] overlayfs: failed to resolve './file1': -2 [ 66.355643][ T2777] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled [ 66.383213][ T2777] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 66.391271][ T2777] System zones: 0-2, 18-18, 34-34 [ 66.398390][ T2777] EXT4-fs (loop3): mounted filesystem without journal. Opts: noquota,debug,jqfmt=vfsv0,noauto_da_alloc,resgid=0x0000000000000000,,errors=continue. Quota mode: writeback. [ 66.415666][ T2777] ext4 filesystem being mounted at /331/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 66.580607][ T2809] syz.1.1081[2809] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.580691][ T2809] syz.1.1081[2809] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.651340][ T20] Bluetooth: hci1: command 0x1003 tx timeout [ 66.668812][ T1731] Bluetooth: hci1: sending frame failed (-49) [ 66.732657][ T30] kauditd_printk_skb: 159 callbacks suppressed [ 66.732672][ T30] audit: type=1326 audit(1756460302.783:2442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2820 comm="syz.3.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebe2b9be9 code=0x7ffc0000 [ 66.744513][ T2811] loop1: detected capacity change from 0 to 40427 [ 66.781528][ T30] audit: type=1326 audit(1756460302.813:2443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2820 comm="syz.3.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ebe2b9be9 code=0x7ffc0000 [ 66.805197][ T30] audit: type=1326 audit(1756460302.813:2444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2820 comm="syz.3.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebe2b9be9 code=0x7ffc0000 [ 66.807393][ T2823] loop3: detected capacity change from 0 to 512 [ 66.829162][ T30] audit: type=1326 audit(1756460302.813:2445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2820 comm="syz.3.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ebe2b9be9 code=0x7ffc0000 [ 66.858461][ T30] audit: type=1326 audit(1756460302.813:2446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2820 comm="syz.3.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebe2b9be9 code=0x7ffc0000 [ 66.882090][ T30] audit: type=1326 audit(1756460302.813:2447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2820 comm="syz.3.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ebe2b9be9 code=0x7ffc0000 [ 66.905769][ T30] audit: type=1326 audit(1756460302.823:2448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2820 comm="syz.3.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebe2b9be9 code=0x7ffc0000 [ 66.909492][ T2811] F2FS-fs (loop1): invalid crc value [ 66.930535][ T30] audit: type=1326 audit(1756460302.823:2449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2820 comm="syz.3.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ebe2b9be9 code=0x7ffc0000 [ 66.945784][ T2811] F2FS-fs (loop1): Found nat_bits in checkpoint [ 66.958444][ T30] audit: type=1326 audit(1756460302.823:2450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2820 comm="syz.3.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ebe2b9be9 code=0x7ffc0000 [ 66.989479][ T2823] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 66.989547][ T30] audit: type=1326 audit(1756460302.823:2451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2820 comm="syz.3.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f6ebe2b9be9 code=0x7ffc0000 [ 67.024312][ T2823] ext4 filesystem being mounted at /338/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 67.033627][ T2811] F2FS-fs (loop1): Start checkpoint disabled! [ 67.048041][ T2811] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 67.055398][ T2823] capability: warning: `syz.3.1088' uses deprecated v2 capabilities in a way that may be insecure [ 67.067538][ T2823] overlayfs: failed to create directory ./bus/work (errno: 17); mounting read-only [ 67.084076][ T281] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size [ 67.095376][ T281] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size [ 67.106239][ T281] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size [ 67.117191][ T281] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size [ 67.128526][ T281] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size [ 67.139370][ T281] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size [ 67.150262][ T281] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size [ 67.153238][ T8] attempt to access beyond end of device [ 67.153238][ T8] loop1: rw=2049, want=40968, limit=40427 [ 67.161062][ T281] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size [ 67.172266][ T8] attempt to access beyond end of device [ 67.172266][ T8] loop1: rw=2049, want=41008, limit=40427 [ 67.182816][ T281] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size [ 67.204440][ T281] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size [ 67.422773][ T2840] loop1: detected capacity change from 0 to 2048 [ 67.443913][ T2833] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.451027][ T2833] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.458708][ T2833] device bridge_slave_0 entered promiscuous mode [ 67.462828][ T2840] EXT4-fs (loop1): mounted filesystem without journal. Opts: barrier=0x0000000000000007,,errors=continue. Quota mode: none. [ 67.466092][ T2833] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.485154][ T2833] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.492908][ T2833] device bridge_slave_1 entered promiscuous mode [ 67.494877][ T2840] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 67.514971][ T2840] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 67.527254][ T2840] EXT4-fs (loop1): This should not happen!! Data will be lost [ 67.527254][ T2840] [ 67.537070][ T2840] EXT4-fs (loop1): Total free blocks count 0 [ 67.543124][ T2840] EXT4-fs (loop1): Free/Dirty block details [ 67.549083][ T2840] EXT4-fs (loop1): free_blocks=2415919104 [ 67.554944][ T2840] EXT4-fs (loop1): dirty_blocks=16 [ 67.560060][ T2840] EXT4-fs (loop1): Block reservation details [ 67.566162][ T2840] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 67.572229][ T2840] loop2: detected capacity change from 0 to 7 [ 67.611377][ T60] Bluetooth: hci0: command 0x1001 tx timeout [ 67.617633][ T1731] Bluetooth: hci0: sending frame failed (-49) [ 67.637542][ T2849] loop1: detected capacity change from 0 to 2048 [ 67.644813][ T2833] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.651948][ T2833] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.659212][ T2833] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.666252][ T2833] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.684523][ T2265] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 67.692143][ T2265] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.699457][ T2265] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.707490][ T2849] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 67.720113][ T2265] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 67.728962][ T2265] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.736044][ T2265] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.752632][ T2849] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,barrier=0x0000000000000008,mblk_io_submit,minixdf,resuid=0x0000000000000000,barrier=0x0000000000000007,bsddf,. Quota mode: none. [ 67.753123][ T2265] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 67.811611][ T2265] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.818682][ T2265] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.829255][ T2265] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 67.837562][ T2265] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 67.873844][ T2150] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 67.902298][ T2150] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 67.911079][ T2861] loop1: detected capacity change from 0 to 4096 [ 67.925914][ T2861] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 67.926016][ T2150] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 67.939197][ T2861] EXT4-fs (loop1): shut down requested (1) [ 67.952412][ T2150] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 67.955199][ T2861] fs-verity: sha256 using implementation "sha256-avx2" [ 67.960875][ T2833] device veth0_vlan entered promiscuous mode [ 67.986875][ T2150] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 67.996959][ T2833] device veth1_macvtap entered promiscuous mode [ 68.024393][ T2265] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 68.042946][ T2265] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 68.071354][ T2878] Illegal XDP return value 3635569962, expect packet loss! [ 68.124178][ T2884] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1110'. [ 68.165370][ T2893] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 68.202393][ T2898] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 68.214456][ T332] device bridge_slave_1 left promiscuous mode [ 68.220823][ T332] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.228999][ T332] device bridge_slave_0 left promiscuous mode [ 68.235448][ T332] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.243649][ T332] device veth1_macvtap left promiscuous mode [ 68.249765][ T332] device veth0_vlan left promiscuous mode [ 68.436018][ T2913] kvm [2912]: vcpu2, guest rIP: 0x9133 ignored wrmsr: 0x11e data 0xbe702111 [ 68.731574][ T26] Bluetooth: hci1: command 0x1001 tx timeout [ 68.737724][ T1028] Bluetooth: hci1: sending frame failed (-49) [ 69.067872][ T2924] loop5: detected capacity change from 0 to 40427 [ 69.112694][ T2924] F2FS-fs (loop5): Found nat_bits in checkpoint [ 69.139362][ T2924] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 69.215508][ T2929] attempt to access beyond end of device [ 69.215508][ T2929] loop5: rw=2049, want=81376, limit=40427 [ 69.228857][ T2929] attempt to access beyond end of device [ 69.228857][ T2929] loop5: rw=2049, want=81920, limit=40427 [ 69.249135][ T2929] attempt to access beyond end of device [ 69.249135][ T2929] loop5: rw=2049, want=53248, limit=40427 [ 69.286888][ T2929] attempt to access beyond end of device [ 69.286888][ T2929] loop5: rw=2049, want=77824, limit=40427 [ 69.302702][ T2929] attempt to access beyond end of device [ 69.302702][ T2929] loop5: rw=2049, want=82320, limit=40427 [ 69.482956][ T2939] loop0: detected capacity change from 0 to 512 [ 69.514797][ T2939] EXT4-fs (loop0): Test dummy encryption mode enabled [ 69.521978][ T2939] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 69.534024][ T2939] EXT4-fs (loop0): 1 truncate cleaned up [ 69.539989][ T2939] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption=v1,grpid,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 69.569091][ T2939] EXT4-fs (loop0): shut down requested (2) [ 69.669271][ T2962] loop0: detected capacity change from 0 to 256 [ 69.691333][ T60] Bluetooth: hci0: command 0x1009 tx timeout [ 69.727438][ T2962] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 69.989828][ T2966] loop5: detected capacity change from 0 to 131072 [ 70.025338][ T2966] F2FS-fs (loop5): Test dummy encryption mode enabled [ 70.033549][ T2966] F2FS-fs (loop5): invalid crc value [ 70.040446][ T2966] F2FS-fs (loop5): Found nat_bits in checkpoint [ 70.063924][ T2966] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 70.251436][ T26] Bluetooth: hci2: command 0x1003 tx timeout [ 70.257816][ T1028] Bluetooth: hci2: sending frame failed (-49) [ 70.551403][ T26] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 70.811431][ T60] Bluetooth: hci1: command 0x1009 tx timeout [ 70.889898][ T3017] loop0: detected capacity change from 0 to 128 [ 70.911414][ T26] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 70.921777][ T26] usb 6-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 70.946570][ T3017] handle_bad_sector: 1 callbacks suppressed [ 70.946587][ T3017] attempt to access beyond end of device [ 70.946587][ T3017] loop0: rw=2049, want=250, limit=128 [ 71.091432][ T26] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 71.100506][ T26] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 71.108571][ T26] usb 6-1: Product: syz [ 71.112799][ T26] usb 6-1: Manufacturer: syz [ 71.117417][ T26] usb 6-1: SerialNumber: syz [ 71.251369][ T3019] serio: Serial port ptm2 [ 71.790083][ T30] kauditd_printk_skb: 72 callbacks suppressed [ 71.790098][ T30] audit: type=1400 audit(1756460307.833:2524): avc: denied { getopt } for pid=3023 comm="syz.0.1160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 72.251819][ T26] cdc_ncm 6-1:1.0: bind() failure [ 72.257563][ T26] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found [ 72.264475][ T26] cdc_ncm 6-1:1.1: bind() failure [ 72.331474][ T26] Bluetooth: hci2: command 0x1001 tx timeout [ 72.337627][ T1028] Bluetooth: hci2: sending frame failed (-49) [ 72.453500][ T26] usb 6-1: USB disconnect, device number 2 [ 73.026988][ T3033] kvm [3032]: vcpu2, guest rIP: 0x9114 disabled perfctr wrmsr: 0xc2 data 0x7 [ 73.036533][ T3033] kvm [3032]: vcpu2, guest rIP: 0x9114 disabled perfctr wrmsr: 0xc1 data 0x7 [ 73.094633][ T3044] loop0: detected capacity change from 0 to 512 [ 73.102178][ T3046] loop5: detected capacity change from 0 to 128 [ 73.109506][ T3044] EXT4-fs (loop0): Ignoring removed nobh option [ 73.118154][ T3044] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.1170: iget: bad i_size value: 38620345925642 [ 73.127886][ T3046] attempt to access beyond end of device [ 73.127886][ T3046] loop5: rw=2049, want=250, limit=128 [ 73.132460][ T3044] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.1170: couldn't read orphan inode 15 (err -117) [ 73.154262][ T3044] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback. [ 73.181058][ T3044] EXT4-fs (loop0): shut down requested (0) [ 73.346083][ T3050] loop0: detected capacity change from 0 to 40427 [ 73.446261][ T3050] F2FS-fs (loop0): invalid crc value [ 73.463225][ T3050] F2FS-fs (loop0): Found nat_bits in checkpoint [ 73.496372][ T3050] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 73.503689][ T3050] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 73.845540][ T283] attempt to access beyond end of device [ 73.845540][ T283] loop0: rw=2049, want=45104, limit=40427 [ 74.152031][ T30] audit: type=1107 audit(1756460310.203:2525): pid=3067 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 74.302079][ T30] audit: type=1326 audit(1756460310.353:2526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3075 comm="syz.0.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 74.341636][ T30] audit: type=1326 audit(1756460310.383:2527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3075 comm="syz.0.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 74.378442][ T30] audit: type=1326 audit(1756460310.383:2528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3075 comm="syz.0.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 74.402207][ T30] audit: type=1326 audit(1756460310.383:2529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3075 comm="syz.0.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 74.425987][ T30] audit: type=1326 audit(1756460310.423:2530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3075 comm="syz.0.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 74.449512][ T26] Bluetooth: hci2: command 0x1009 tx timeout [ 74.456248][ T30] audit: type=1326 audit(1756460310.423:2531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3075 comm="syz.0.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 74.479947][ T30] audit: type=1326 audit(1756460310.423:2532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3075 comm="syz.0.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 74.505402][ T30] audit: type=1326 audit(1756460310.423:2533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3075 comm="syz.0.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f479e059550 code=0x7ffc0000 [ 74.550511][ T3087] loop2: detected capacity change from 0 to 128 [ 74.572898][ T3081] loop5: detected capacity change from 0 to 8192 [ 74.626231][ T3087] attempt to access beyond end of device [ 74.626231][ T3087] loop2: rw=2049, want=250, limit=128 [ 74.668454][ T3094] loop0: detected capacity change from 0 to 512 [ 74.693740][ T3094] EXT4-fs (loop0): Ignoring removed oldalloc option [ 74.708745][ T3094] EXT4-fs (loop0): 1 truncate cleaned up [ 74.715391][ T3094] EXT4-fs (loop0): mounted filesystem without journal. Opts: quota,bsdgroups,nouid32,errors=remount-ro,jqfmt=vfsv1,oldalloc,stripe=0x0000000000000005,. Quota mode: writeback. [ 74.736456][ T3094] EXT4-fs (loop0): shut down requested (2) [ 74.743066][ T3094] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 74.752052][ T3094] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 74.761115][ T3094] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=13 [ 74.770518][ T3094] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 74.779415][ T3094] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 74.788327][ T3094] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=13 [ 74.842033][ T3113] pimreg: tun_chr_ioctl cmd 1074812117 [ 74.847955][ T3113] pimreg: tun_chr_ioctl cmd 1074025678 [ 74.854050][ T3113] pimreg: group set to 0 [ 74.954927][ T3132] loop2: detected capacity change from 0 to 4096 [ 75.034488][ T3132] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 75.042698][ T3132] EXT4-fs (loop2): Test dummy encryption mode enabled [ 75.052229][ T3132] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,mblk_io_submit,nodioread_nolock,test_dummy_encryption,nombcache,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback. [ 75.848052][ T3170] loop4: detected capacity change from 0 to 512 [ 75.857355][ T3172] loop0: detected capacity change from 0 to 512 [ 75.872668][ T3170] EXT4-fs (loop4): Ignoring removed oldalloc option [ 75.881431][ T3170] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz.4.1221: Parent and EA inode have the same ino 15 [ 75.904236][ T3170] EXT4-fs (loop4): Remounting filesystem read-only [ 75.911721][ T3170] EXT4-fs (loop4): 1 orphan inode deleted [ 75.917896][ T3170] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,bsdgroups,debug_want_extra_isize=0x0000000000000040,noauto_da_alloc,bsdgroups,oldalloc,resuid=0x0000000000000000,. Quota mode: none. [ 75.945942][ T3170] EXT4-fs (loop4): shut down requested (2) [ 76.062892][ T3192] loop0: detected capacity change from 0 to 8192 [ 76.111344][ T26] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 76.159864][ T3204] binder: 3203:3204 ioctl 8010661b 0 returned -22 [ 76.192478][ T3208] loop2: detected capacity change from 0 to 512 [ 76.201458][ T3208] SELinux: security_context_str_to_sid(root) failed for (dev ?, type ?) errno=-22 [ 76.229693][ T3208] EXT4-fs (loop2): Unrecognized mount option "obj_role=noauto_da_alloc" or missing value [ 76.256344][ T3218] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1240'. [ 76.282044][ T3220] loop4: detected capacity change from 0 to 512 [ 76.305662][ T3220] EXT4-fs (loop4): Ignoring removed nobh option [ 76.327931][ T3220] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.1244: iget: bad i_size value: 38620345925642 [ 76.344066][ T3220] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.1244: couldn't read orphan inode 15 (err -117) [ 76.356721][ T3220] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback. [ 76.371381][ T26] usb 6-1: Using ep0 maxpacket: 8 [ 76.387352][ T3220] EXT4-fs (loop4): shut down requested (0) [ 76.394341][ T3229] loop2: detected capacity change from 0 to 8192 [ 76.449349][ T3235] loop4: detected capacity change from 0 to 512 [ 76.491397][ T26] usb 6-1: config 0 has an invalid interface number: 186 but max is 0 [ 76.499655][ T26] usb 6-1: config 0 has no interface number 0 [ 76.505774][ T26] usb 6-1: config 0 interface 186 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 76.516439][ T26] usb 6-1: config 0 interface 186 altsetting 0 has an invalid endpoint with address 0x9A, skipping [ 76.527777][ T26] usb 6-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 76.562177][ T3235] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000080000,quota,,errors=continue. Quota mode: writeback. [ 76.605732][ T3235] ext4 filesystem being mounted at /269/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 76.711431][ T26] usb 6-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 76.720547][ T26] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 76.730117][ T26] usb 6-1: Product: syz [ 76.738727][ T3256] loop4: detected capacity change from 0 to 512 [ 76.745265][ T26] usb 6-1: Manufacturer: syz [ 76.749875][ T26] usb 6-1: SerialNumber: syz [ 76.766063][ T26] usb 6-1: config 0 descriptor?? [ 76.791944][ T3254] loop2: detected capacity change from 0 to 40427 [ 76.805842][ T3254] F2FS-fs (loop2): invalid crc value [ 76.818119][ T3254] F2FS-fs (loop2): Found nat_bits in checkpoint [ 76.840516][ T3256] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 76.856174][ T3256] EXT4-fs (loop4): orphan cleanup on readonly fs [ 76.864013][ T3254] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 76.873736][ T3254] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 76.881407][ T3256] __quota_error: 34 callbacks suppressed [ 76.881423][ T3256] Quota error (device loop4): v2_read_file_info: Free block number too big (0 >= 0). [ 76.896698][ T3256] EXT4-fs warning (device loop4): ext4_enable_quotas:6450: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 76.911939][ T3256] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 76.919210][ T3256] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1259: bg 0: block 40: padding at end of block bitmap is not set [ 76.934622][ T3256] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6183: Corrupt filesystem [ 76.943899][ T3256] EXT4-fs (loop4): 1 truncate cleaned up [ 76.949625][ T3256] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 77.053642][ T286] attempt to access beyond end of device [ 77.053642][ T286] loop2: rw=2049, want=45104, limit=40427 [ 77.123183][ T3274] loop4: detected capacity change from 0 to 512 [ 77.138025][ T30] audit: type=1326 audit(1756460313.184:2568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.0.1267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 77.179533][ T30] audit: type=1326 audit(1756460313.184:2569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.0.1267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=86 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 77.203074][ T30] audit: type=1326 audit(1756460313.184:2570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.0.1267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 77.226803][ T30] audit: type=1326 audit(1756460313.214:2571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.0.1267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479e05abe9 code=0x7ffc0000 [ 77.227659][ T3274] SELinux: security_context_str_to_sid(root) failed for (dev ?, type ?) errno=-22 [ 77.261530][ T3274] EXT4-fs (loop4): Unrecognized mount option "obj_role=noauto_da_alloc" or missing value [ 77.302770][ T3282] loop2: detected capacity change from 0 to 512 [ 77.330991][ T3282] EXT4-fs (loop2): Ignoring removed nobh option [ 77.350898][ T3282] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.1262: iget: bad i_size value: 38620345925642 [ 77.364590][ T3282] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.1262: couldn't read orphan inode 15 (err -117) [ 77.376755][ T3282] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback. [ 77.397098][ T3282] EXT4-fs (loop2): shut down requested (0) [ 77.410085][ T30] audit: type=1400 audit(1756460313.454:2572): avc: denied { write } for pid=3285 comm="syz.4.1272" name="rtc0" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 77.445482][ T30] audit: type=1400 audit(1756460313.494:2573): avc: denied { ioctl } for pid=3285 comm="syz.4.1272" path="/dev/rtc0" dev="devtmpfs" ino=259 ioctlcmd=0x7003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 77.488429][ T30] audit: type=1326 audit(1756460313.534:2574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3287 comm="syz.2.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdb88e5be9 code=0x7ffc0000 [ 77.512127][ T30] audit: type=1326 audit(1756460313.534:2575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3287 comm="syz.2.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdb88e5be9 code=0x7ffc0000 [ 77.536151][ T30] audit: type=1326 audit(1756460313.534:2576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3287 comm="syz.2.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=234 compat=0 ip=0x7efdb88e5be9 code=0x7ffc0000 [ 77.576552][ T3291] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1273'. [ 78.844371][ T26] usb 6-1: USB disconnect, device number 3 [ 78.860672][ T3314] loop2: detected capacity change from 0 to 512 [ 78.912091][ T3314] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000080000,quota,,errors=continue. Quota mode: writeback. [ 78.916439][ T3301] loop1: detected capacity change from 0 to 40427 [ 78.928084][ T3314] ext4 filesystem being mounted at /138/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 78.945868][ T3301] F2FS-fs (loop1): invalid crc value [ 78.957113][ T3301] F2FS-fs (loop1): Found nat_bits in checkpoint [ 78.992507][ T3301] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 79.000212][ T3301] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 79.074970][ T3334] loop2: detected capacity change from 0 to 2048 [ 79.114940][ T3334] Alternate GPT is invalid, using primary GPT. [ 79.123700][ T3340] binfmt_misc: register: failed to install interpreter file ./file1 [ 79.131929][ T3334] loop2: p1 p2 p3 [ 79.200791][ T282] attempt to access beyond end of device [ 79.200791][ T282] loop1: rw=2049, want=45104, limit=40427 [ 79.224359][ T1531] udevd[1531]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 79.224360][ T1489] udevd[1489]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 79.225426][ T1538] udevd[1538]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 79.386579][ T3352] Dead loop on virtual device ip6_vti0, fix it urgently! [ 79.397177][ T3352] Dead loop on virtual device ip6_vti0, fix it urgently! [ 79.404936][ T3352] Dead loop on virtual device ip6_vti0, fix it urgently! [ 79.412542][ T3352] Dead loop on virtual device ip6_vti0, fix it urgently! [ 79.424546][ T3352] Dead loop on virtual device ip6_vti0, fix it urgently! [ 79.432008][ T3352] Dead loop on virtual device ip6_vti0, fix it urgently! [ 79.573252][ T3379] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1311'. [ 79.696348][ T3397] loop4: detected capacity change from 0 to 512 [ 79.742835][ T3397] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 79.784218][ T3397] EXT4-fs (loop4): 1 truncate cleaned up [ 79.790369][ T3397] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nobarrier,debug_want_extra_isize=0x0000000000000068,mb_optimize_scan=0x0000000000000001,block_validity,dioread_lock,. Quota mode: none. [ 79.878193][ T3429] loop2: detected capacity change from 0 to 512 [ 79.928365][ T3438] netlink: 'syz.4.1339': attribute type 12 has an invalid length. [ 79.936285][ T3438] netlink: 'syz.4.1339': attribute type 29 has an invalid length. [ 79.944516][ T3438] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1339'. [ 79.958252][ T3438] netlink: 'syz.4.1339': attribute type 2 has an invalid length. [ 79.961058][ T3429] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 79.966071][ T3438] netlink: 43 bytes leftover after parsing attributes in process `syz.4.1339'. [ 80.011190][ T3444] loop1: detected capacity change from 0 to 512 [ 80.012225][ T3429] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1334'. [ 80.041899][ T3444] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 80.049086][ T3444] EXT4-fs (loop1): Test dummy encryption mode enabled [ 80.055975][ T3444] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 80.063328][ T3444] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 80.076433][ T3444] EXT4-fs (loop1): 1 truncate cleaned up [ 80.082391][ T3444] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none. [ 80.155588][ T286] ------------[ cut here ]------------ [ 80.161117][ T286] WARNING: CPU: 0 PID: 286 at fs/inode.c:335 drop_nlink+0xc5/0x110 [ 80.171389][ T286] Modules linked in: [ 80.175623][ T286] CPU: 1 PID: 286 Comm: syz-executor Not tainted 5.15.189-syzkaller-android13-5.15.189_r00 #0 [ 80.186017][ T286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 80.196570][ T286] RIP: 0010:drop_nlink+0xc5/0x110 [ 80.202605][ T286] Code: 1b 48 8d bb b8 04 00 00 be 08 00 00 00 e8 43 3b f2 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 4b be b3 ff <0f> 0b eb 86 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 5e ff ff ff 4c [ 80.222442][ T286] RSP: 0018:ffffc90000a67ca8 EFLAGS: 00010293 [ 80.230764][ T286] RAX: ffffffff81b4f185 RBX: ffff888120f75b50 RCX: ffff888125ed2780 [ 80.239568][ T286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 80.247675][ T286] RBP: ffffc90000a67cd0 R08: 0000000000000004 R09: 0000000000000003 [ 80.255761][ T286] R10: fffff5200014cf84 R11: 1ffff9200014cf84 R12: dffffc0000000000 [ 80.299825][ T286] R13: 1ffff110241eeb73 R14: ffff888120f75b98 R15: 0000000000000000 [ 80.308354][ T286] FS: 0000555566807500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 80.327681][ T286] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.347796][ T286] CR2: 0000001b2e61fff8 CR3: 00000001267b4000 CR4: 00000000003506a0 [ 80.376155][ T286] Call Trace: [ 80.383033][ T286] [ 80.392864][ T286] shmem_rmdir+0x5b/0x90 [ 80.397153][ T286] vfs_rmdir+0x313/0x460 [ 80.416560][ T286] incfs_kill_sb+0x105/0x220 [ 80.445173][ T286] deactivate_locked_super+0xa0/0x100 [ 80.451110][ T286] deactivate_super+0xaf/0xe0 [ 80.456331][ T286] cleanup_mnt+0x446/0x500 [ 80.460777][ T286] __cleanup_mnt+0x19/0x20 [ 80.468295][ T286] task_work_run+0x127/0x190 [ 80.478537][ T3488] loop0: detected capacity change from 0 to 1024 [ 80.485277][ T286] exit_to_user_mode_loop+0xd0/0xe0 [ 80.486892][ T3484] overlayfs: failed to resolve './file1': -2 [ 80.490609][ T286] exit_to_user_mode_prepare+0x5a/0xa0 [ 80.514225][ T286] syscall_exit_to_user_mode+0x1a/0x30 [ 80.520221][ T286] do_syscall_64+0x58/0xa0 [ 80.522433][ T3488] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_batch_time=0x000000000000055e,delalloc,abort,nodelalloc,,errors=continue. Quota mode: none. [ 80.525091][ T286] ? clear_bhb_loop+0x50/0xa0 [ 80.545339][ T286] ? clear_bhb_loop+0x50/0xa0 [ 80.550383][ T286] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 80.576539][ T286] RIP: 0033:0x7efdb88e6f17 [ 80.580997][ T286] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 80.595304][ T3488] EXT4-fs error (device loop0): ext4_generic_delete_entry:2729: inode #2: block 16: comm syz.0.1359: bad entry in directory: inode out of bounds - offset=12, inode=129, rec_len=12, size=1024 fake=1 [ 80.620215][ T286] RSP: 002b:00007fff1b0fda38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 80.620246][ T286] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007efdb88e6f17 [ 80.620264][ T286] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff1b0fdaf0 [ 80.644906][ T286] RBP: 00007fff1b0fdaf0 R08: 0000000000000000 R09: 0000000000000000 [ 80.653411][ T286] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff1b0feb80 [ 80.661493][ T286] R13: 00007efdb8968c05 R14: 00000000000138fc R15: 00007fff1b0febc0 [ 80.661933][ T3496] loop5: detected capacity change from 0 to 512 [ 80.669559][ T286] [ 80.678824][ T286] ---[ end trace 9e23926fdecfb2df ]--- [ 80.684428][ T286] ================================================================== [ 80.692492][ T286] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60 [ 80.698732][ T286] Write of size 4 at addr 0000000000000170 by task syz-executor/286 [ 80.706687][ T286] [ 80.708998][ T286] CPU: 1 PID: 286 Comm: syz-executor Tainted: G W 5.15.189-syzkaller-android13-5.15.189_r00 #0 [ 80.720601][ T286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 80.730641][ T286] Call Trace: [ 80.733986][ T286] [ 80.736931][ T286] __dump_stack+0x21/0x30 [ 80.741249][ T286] dump_stack_lvl+0xee/0x150 [ 80.745825][ T286] ? show_regs_print_info+0x20/0x20 [ 80.751002][ T286] ? _raw_spin_lock+0x8e/0xe0 [ 80.755663][ T286] ? _raw_spin_trylock_bh+0x130/0x130 [ 80.761013][ T286] ? ihold+0x20/0x60 [ 80.764889][ T286] kasan_report+0xe7/0x140 [ 80.769307][ T286] ? ihold+0x20/0x60 [ 80.773370][ T286] kasan_check_range+0x280/0x290 [ 80.778337][ T286] __kasan_check_write+0x14/0x20 [ 80.783256][ T286] ihold+0x20/0x60 [ 80.787391][ T286] vfs_rmdir+0x1f0/0x460 [ 80.792053][ T286] incfs_kill_sb+0x105/0x220 [ 80.796625][ T286] deactivate_locked_super+0xa0/0x100 [ 80.801983][ T286] deactivate_super+0xaf/0xe0 [ 80.806648][ T286] cleanup_mnt+0x446/0x500 [ 80.811062][ T286] __cleanup_mnt+0x19/0x20 [ 80.815458][ T286] task_work_run+0x127/0x190 [ 80.820039][ T286] exit_to_user_mode_loop+0xd0/0xe0 [ 80.825225][ T286] exit_to_user_mode_prepare+0x5a/0xa0 [ 80.830723][ T286] syscall_exit_to_user_mode+0x1a/0x30 [ 80.836455][ T286] do_syscall_64+0x58/0xa0 [ 80.840874][ T286] ? clear_bhb_loop+0x50/0xa0 [ 80.845630][ T286] ? clear_bhb_loop+0x50/0xa0 [ 80.850309][ T286] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 80.856197][ T286] RIP: 0033:0x7efdb88e6f17 [ 80.860618][ T286] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 80.880203][ T286] RSP: 002b:00007fff1b0fda38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 80.888603][ T286] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007efdb88e6f17 [ 80.896575][ T286] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff1b0fdaf0 [ 80.904543][ T286] RBP: 00007fff1b0fdaf0 R08: 0000000000000000 R09: 0000000000000000 [ 80.912528][ T286] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff1b0feb80 [ 80.920485][ T286] R13: 00007efdb8968c05 R14: 00000000000138fc R15: 00007fff1b0febc0 [ 80.928444][ T286] [ 80.931450][ T286] ================================================================== [ 80.939573][ T286] Disabling lock debugging due to kernel taint [ 80.953855][ T286] BUG: kernel NULL pointer dereference, address: 0000000000000170 [ 80.958485][ T3488] EXT4-fs error (device loop0) in ext4_delete_entry:2800: Corrupt filesystem [ 80.961687][ T286] #PF: supervisor write access in kernel mode [ 80.961699][ T286] #PF: error_code(0x0002) - not-present page [ 80.961717][ T286] PGD 129a27067 P4D 129a27067 PUD 0 [ 80.961738][ T286] Oops: 0002 [#1] PREEMPT SMP KASAN [ 80.961754][ T286] CPU: 0 PID: 286 Comm: syz-executor Tainted: G B W 5.15.189-syzkaller-android13-5.15.189_r00 #0 [ 81.004663][ T286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 81.015888][ T286] RIP: 0010:ihold+0x26/0x60 [ 81.020503][ T286] Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 61 b6 b3 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 30 33 f2 ff 41 be 01 00 00 00 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 e1 [ 81.040093][ T286] RSP: 0018:ffffc90000a67ce8 EFLAGS: 00010246 [ 81.046230][ T286] RAX: ffff888125ed2700 RBX: 0000000000000000 RCX: ffff888125ed2780 [ 81.054189][ T286] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff [ 81.062142][ T286] RBP: ffffc90000a67cf8 R08: 0000000000000004 R09: 0000000000000003 [ 81.070158][ T286] R10: fffffbfff0e1804c R11: 1ffffffff0e1804c R12: 1ffff11021986d9e [ 81.078121][ T286] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000000 [ 81.086175][ T286] FS: 0000555566807500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 81.095266][ T286] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.101836][ T286] CR2: 0000000000000170 CR3: 00000001267b4000 CR4: 00000000003526b0 [ 81.109791][ T286] Call Trace: [ 81.113063][ T286] [ 81.115993][ T286] vfs_rmdir+0x1f0/0x460 [ 81.120235][ T286] incfs_kill_sb+0x105/0x220 [ 81.124846][ T286] deactivate_locked_super+0xa0/0x100 [ 81.130202][ T286] deactivate_super+0xaf/0xe0 [ 81.134856][ T286] cleanup_mnt+0x446/0x500 [ 81.139262][ T286] __cleanup_mnt+0x19/0x20 [ 81.143657][ T286] task_work_run+0x127/0x190 [ 81.148225][ T286] exit_to_user_mode_loop+0xd0/0xe0 [ 81.153573][ T286] exit_to_user_mode_prepare+0x5a/0xa0 [ 81.159014][ T286] syscall_exit_to_user_mode+0x1a/0x30 [ 81.164540][ T286] do_syscall_64+0x58/0xa0 [ 81.168936][ T286] ? clear_bhb_loop+0x50/0xa0 [ 81.173688][ T286] ? clear_bhb_loop+0x50/0xa0 [ 81.178343][ T286] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 81.184224][ T286] RIP: 0033:0x7efdb88e6f17 [ 81.188629][ T286] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 81.208500][ T286] RSP: 002b:00007fff1b0fda38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 81.217592][ T286] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007efdb88e6f17 [ 81.225577][ T286] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff1b0fdaf0 [ 81.233529][ T286] RBP: 00007fff1b0fdaf0 R08: 0000000000000000 R09: 0000000000000000 [ 81.241495][ T286] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff1b0feb80 [ 81.249550][ T286] R13: 00007efdb8968c05 R14: 00000000000138fc R15: 00007fff1b0febc0 [ 81.257523][ T286] [ 81.260525][ T286] Modules linked in: [ 81.264496][ T286] CR2: 0000000000000170 [ 81.268632][ T286] ---[ end trace 9e23926fdecfb2e0 ]--- [ 81.274083][ T286] RIP: 0010:ihold+0x26/0x60 [ 81.278576][ T286] Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 61 b6 b3 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 30 33 f2 ff 41 be 01 00 00 00 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 e1 [ 81.298263][ T286] RSP: 0018:ffffc90000a67ce8 EFLAGS: 00010246 [ 81.304330][ T286] RAX: ffff888125ed2700 RBX: 0000000000000000 RCX: ffff888125ed2780 [ 81.312292][ T286] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff [ 81.320244][ T286] RBP: ffffc90000a67cf8 R08: 0000000000000004 R09: 0000000000000003 [ 81.328193][ T286] R10: fffffbfff0e1804c R11: 1ffffffff0e1804c R12: 1ffff11021986d9e [ 81.336145][ T286] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000000 [ 81.344193][ T286] FS: 0000555566807500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 81.353102][ T286] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.359664][ T286] CR2: 0000000000000170 CR3: 00000001267b4000 CR4: 00000000003526b0 [ 81.367630][ T286] Kernel panic - not syncing: Fatal exception [ 81.373977][ T286] Kernel Offset: disabled [ 81.378404][ T286] Rebooting in 86400 seconds..