last executing test programs: 40.381722627s ago: executing program 1 (id=400): r0 = gettid() r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000300)='sys_enter\x00', r2, 0x0, 0x80000000000}, 0x18) rt_sigtimedwait(&(0x7f0000000100)={[0x3ff]}, 0x0, 0x0, 0x8) tkill(r0, 0x7) 40.290269159s ago: executing program 1 (id=405): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000080), &(0x7f00000006c0)='%-010d \x00'}, 0x20) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bind$inet(0xffffffffffffffff, 0x0, 0x0) 40.24909003s ago: executing program 1 (id=407): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]}) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18) getgid() fdatasync(0xffffffffffffffff) 40.197511981s ago: executing program 1 (id=410): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) chroot(&(0x7f0000000140)='./file0/../file0\x00') pivot_root(&(0x7f0000007b00)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00') 40.143821862s ago: executing program 1 (id=413): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x21880, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000140)='rxrpc_client\x00', r1, 0x0, 0x5}, 0x18) r2 = socket$kcm(0x21, 0x2, 0xa) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in6={0x21, 0xfffc, 0x2, 0x1c, {0xa, 0x0, 0x4, @dev}}, 0x80, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0xfc00) 39.897105247s ago: executing program 1 (id=423): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x10) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0xa86, 0x0) 39.896859137s ago: executing program 32 (id=423): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x10) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0xa86, 0x0) 902.361292ms ago: executing program 5 (id=1972): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r0, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000180)={0x1, [0x0]}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f00000001c0)={r2, @in={{0x2, 0x4e21, @private=0xa010101}}}, 0x84) 826.368724ms ago: executing program 5 (id=1974): fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18) r2 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x4}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='cpu<=0||!') 810.999524ms ago: executing program 4 (id=1975): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x14, &(0x7f0000000940)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r2, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000840)="734ec73ec51021aa9b0323af7cb1104dc7f90e3fa011bef2298db136b3d9c50f264ad883ee85dc4b5136c1591b9626c8e7cd0b9635bc73299a2d3a8ff91e4779b297e7fd985913f003e2ff36c7f8ebed6c32cc8fff5c8961ecf93ef79eaca1af94c6f2bdf4eab5845438223b4673a60ee3bd0c2da13caf8abf102aea3103eb27194f956b905ff3a7416cc343ea7e3468d78e25802362fda971", 0x99}, {0x0}], 0x2, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0xc800) recvmmsg(r3, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0}, 0xe2d}], 0x1, 0x2, 0x0) 736.753415ms ago: executing program 4 (id=1978): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8000) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) 736.324435ms ago: executing program 4 (id=1980): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000001880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000200000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = syz_io_uring_setup(0x1e1e, &(0x7f0000000580)={0x0, 0x86f7, 0x10100, 0x3, 0x38a}, &(0x7f0000002000)=0x0, &(0x7f0000000440)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_SYMLINKAT={0x26, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}) syz_read_part_table(0x106a, &(0x7f0000000000)="$eJzsz7FJxVAUBuD/5ibxpnUB17C0EGwsFXexUcERnECwsbLWDdzCFbJAxECEt8B7r/i+6pyfHw4nHNTUtdOP5Py5vqQleUxyNySp45ik/Be/vq//luF1bicpNRf9Gi+fb/dbqSb91XyTYXkoP0u3ZuVyajsHu6ezus319n0/XwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAcfsNAAD//3OqEK8=") io_uring_enter(r1, 0x48e9, 0xed60, 0x2, 0x0, 0x0) 656.795787ms ago: executing program 5 (id=1981): r0 = socket(0x200000100000011, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000240)={'batadv0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4) sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="34000000020000010000000000000000d96e6c8d5e85080045f00d80724e11d569116e3a1ce41e2a560254ea0043"], 0x34}], 0x1}, 0x0) 646.589438ms ago: executing program 5 (id=1982): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x81362000) 599.881128ms ago: executing program 5 (id=1984): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000440)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000240), 0x3) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "9806d1267c49cd76", "c442e6adcb511ad19648396c5352e18f", "6086c2ca", "b973738a82366fb2"}, 0x28) setsockopt$inet6_tcp_int(r0, 0x11a, 0x4, &(0x7f0000000040), 0x44) 577.749498ms ago: executing program 5 (id=1986): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0) write$nci(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="610302090106050601cb8038dc9139cd0802"], 0x12) 509.68614ms ago: executing program 0 (id=1988): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000400)='kfree\x00', r0, 0x0, 0x800}, 0x18) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={0xffffffffffffffff}, 0x111, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x802, @empty, 0xc}, {0xa, 0x4e20, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x1d}, 0xffffffff}, r2, 0xb}}, 0x48) write$RDMA_USER_CM_CMD_DESTROY_ID(r1, &(0x7f0000000f80)={0x1, 0xe, 0xfa00, {&(0x7f0000000300), r2}}, 0x18) 508.9273ms ago: executing program 4 (id=1989): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003500)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4e0664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa7666b5ded16ee7025f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b3a2327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6cd28cf28fe2ee593e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c191355391771f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde34ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f2708e09ae8268dcc15411483b8506386aa0ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae4c697bfc674e03231c42f7eaaf5166bbc4653c71805f9448416e379cc1c40f8f866c9b319a849dd00ff9b84857436ed362c4632bfc3fa7357c24f15bbb07bd91893e61df7eb6dc5e071a9cc2faa7a32a91c4d982f5cfb725dca80b23874877a4980dbd70cda040b1ce527e7188159df77b493efbbd7bfe2680bf44e49eb68e5e33a0a5726072b2699d6244cd5c4a82bf18c668a3d43cec78c5fe1f12283d5dde6d0ea0b1b81ee7c065c938577e4ec93f22f1e6106f337625b7f7798011a6"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd4d}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='tlb_flush\x00', r0, 0x0, 0x2}, 0x18) mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) 466.809011ms ago: executing program 2 (id=1991): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) sendto$inet6(r0, &(0x7f0000000000)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c) 442.605481ms ago: executing program 0 (id=1992): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000000)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r0, 0x0, 0x1000000000000}, 0x18) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}, 0x1, 0x0, 0x0, 0x800}, 0x0) 378.945442ms ago: executing program 3 (id=1993): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x6, 0x7fe2, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) r2 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x6, 0x40, 0x3, 0x0, 0x4000000000, 0xd4, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x8}, 0x100882, 0x7ff, 0x6, 0x3, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12011, r2, 0x0) 378.482003ms ago: executing program 2 (id=1994): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) r2 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x18}}, 0x2, 0x1}}, 0x2e) getsockopt(r2, 0x111, 0x5, 0x0, &(0x7f0000000080)=0x5a) 378.189202ms ago: executing program 2 (id=1995): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020047b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18) r2 = inotify_init1(0x0) inotify_add_watch(r2, &(0x7f0000000400)='.\x00', 0xa4000021) close(r2) 360.513123ms ago: executing program 3 (id=1996): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 353.768993ms ago: executing program 0 (id=1997): madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0) close(r0) setxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x835, 0x0) 331.505953ms ago: executing program 2 (id=1998): openat$binderfs(0xffffffffffffff9c, 0x0, 0x1802, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x1a, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x81, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10) open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000680)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x473, &(0x7f0000000bc0)="$eJzs281rHGUYAPBnJh9t7UdirR+tVaNFCIpJk1btwYuiIFJR0EM9xiQtodtGmii2FpuK1IsgBT2LR9G/wJsIop4Er3rxJIWivbT1FJnZmXSzzabGbDKx+/vBZt93592d58l8vfO+uwF0rIHsTxKxLSJ+jYi+enVxg4H607UrZ8evXzk7nsT8/Gt/Jnm7q1fOjpdNy/dtLSqDaUT6YVKsZLGZ02eOj9Vqk6eK+vDsibeGZ06feeKdE2PHJo9Nnhw9dOjggZGnnxp9si15Znld3fP+9N7dL75x8eXxIxff/PHrLN5txfLGPNplIEv8r/lc87JH272yim1vKCfdFQbCinRFRLa5evLjvy+64sbG64sXPqg0OGBNZdemTa0Xz80Dt7Ekqo4AqEZ5oc/uf8vHOnU9NoTLz9ZvgLK8rxWP+pLuSIs2PU33t+00EBFH5v7+PHvEGo1DAAA0+nj8s8PdEfHe9a9eyvoefQtL0rgnf/49/7ujmEPpj4g7I2JnRNwVEbsi4u6IvO29EXHfKuO5uf+TXlrlRy4r6/89U8xtLe7/lb2/6O8qatvz/HuSo1O1yf3F/2QwejZl9ZFl1vHt87980mpZY/8ve2TrL/uCRRyXupsG6CbGZsfyTmkbXD4fsad7qfyThZmAJCJ2R8SelX30jrIw9diXe1s1unX+y2jDPNP8F1l6c1n+c9GUfylpnJ+cuml+cnhz1Cb3D5d7xc1++vnCq63Wv6r82+DyZP25Yfs3N+lPGudrZ1a+jgu/fdTynuY/7v9pb/J6Ps/cW7z27tjs7KmRiN7kcF5f9ProjfeW9bJ9tv8P7lv6+N9ZvCfL//6IyHbiByLiwYh4qIj94Yh4JCL2LZP/D8+1XlbmH2lF2/98xMSS57+F/b9p+6+80HX8+29arf/fbf+DeWmweCU//93CUuFkp4vmAFfzvwMAAID/izT/DnySDi2U03RoqP4d/l1xR1qbnpl9/Oj02ycn6t+V74+etBzp6ivGQ2tTtcmRZK74xPr46GgxVlyOlx4oxo0/7dqS14fGp2sTFecOnW5ri+M/80dX1dEBa2zLkq+O9q57IEAFmufR08XVc6+EkwHcrvxeGzrXLY7/dL3iANaf6z90rqWO/3NNdXMBcHty/YfO5fiHDpV+V3UEQIVc/6EjreZ3/WtY2LwxwqimsFE3Sl6IKAvphohHYY0KVZ+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2uOfAAAA///GL+jM") 306.192154ms ago: executing program 0 (id=1999): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @tracing=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000080)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) membarrier(0x40, 0x0) 305.693414ms ago: executing program 2 (id=2000): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0xf3a, 0x0) close(r2) write$binfmt_script(r3, 0x0, 0xd9) write(r0, 0x0, 0x0) 237.103415ms ago: executing program 0 (id=2001): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x4098, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'}) 236.761015ms ago: executing program 0 (id=2002): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="5953fdfffffffddbdf256b000000080043"], 0x28}}, 0x50) 194.051986ms ago: executing program 4 (id=2003): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000001c0)={'batadv0\x00', 0x0}) sendto$packet(r2, &(0x7f0000001540)="028988a8", 0x4, 0x8000050, &(0x7f0000000080)={0x11, 0x8100, r3, 0x1, 0xfb}, 0x14) 163.735667ms ago: executing program 4 (id=2004): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12) write(r1, &(0x7f0000000a00)="c788", 0x2) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7ffff000) 145.133737ms ago: executing program 3 (id=2005): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000008000000000000000000910095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x18) r2 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r0, r0, 0x2f, 0x0, @void}, 0x10) bpf$LINK_DETACH(0x22, &(0x7f0000000340)=r2, 0x4) 122.975567ms ago: executing program 2 (id=2006): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0xfffffffffffff001}, 0x18) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001640)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="8b33000000000000000005000000080003"], 0x2c}}, 0x4c002) 83.268478ms ago: executing program 3 (id=2007): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x42, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) socketpair$unix(0x1, 0x2, 0x0, 0x0) setgid(0xee00) 82.847278ms ago: executing program 3 (id=2008): r0 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0x99, 0x0, 0x0, 0x0, 0x0, 0x2, 0x80040, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xa, 0x4000000007}, 0x8781, 0x2000000, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000b00)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6493790710000000000080000b2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249f21c6eee84309e7a23c19a394830f2539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bfb1c0e6b1244d35b213bda84cc172afcc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbb888b0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab2e4b380a00d72bc0480f94479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b844139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647323478a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526894aa7fe5e68949a3b304723177d356c4604bca492ecec37e83efceefd78a2533659edc8bef9cb85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e5a61561a9845e4ff29e2bd43b5b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebcef5af469abe753314fae31a09c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a0600adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa7000008000000000000117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cd50feeb7bfad9b7be3283b6450d34264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5a71e0d7696caba172745c7dd919ffb631820420b75b6522c0e21c882c66f4f25ffb6d95e07e068000000000000eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff201000000000000002e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa66237e0dacc107f532348cc2116473381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6f0100000000000000f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282b6caa2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae0533496b6d58da50ee80a6b9a7438978c5465113f668eb4484350048289d07dbef325d3221a7cb35f812f257941a9781e3214c2a3dcf89d99844b762a9cf17548c54fccad2c7ae8072b82e0880815daf966bd5343c1635e123f868a7167cfcff33320253af570f4ef9c0254afdd89ac3943562b530dd88da8a94013bbaf204bebc38055adc39f07f7c22711f4d1f6dcc928d1578a093c072e0b92babc76f47ee367e745a024a2278319d9a4d1378482b74c516647652bfb6e93002494a5cd74e2a9a4734487062437da23e1efa6ef7674108aaa3ffac859c3577c2637bb3bdc69bc365b1f20dba96b8acca62f3f80045318de0facf2ed44b814e842c2a520159bb6c320cec0910c0b8bd3d547bdfba2e09d24d117ed0388afd37affbad2f9c77c9c1314a16ffe64f5e3744a2fffd7039670f5706e589a4c3868db06fd892d68a547477f8ef686ff0dba7b8c18c94d5a89b0567a851750a35d9cc2217db890d89385fcaa00f0f2e524672e6f4c8bedfd5da5b157709b8265cf511dc5846ab1d85916c4a6b2d1b408575982e11230cbac0a9c6eaa03c945645581f678403c2a936c53ae72940aa92bcf22b82c6bc028e0acdddf9fef595f0f7a9f80c0e4c659ced769ec463d26a81e468846761a8e1efd6a031ab7adc8665e267be0065cc315aa23012423ec8b8492d9b50fa4d8c5891959b761eec6dc988532782fda13239c948e27853606e26225c796b79cc04f3d1a5a13000000001e301d82a27010d3ac6119d2b12caf282413672d20c852c50084d7b2d50754775ed63bc18023c31351af76e24788d96103455693b34e09a163a9f613a7e5530222cebd7fa0fbff32dc98088f9fab33648cc38e87dd2dd6ee157f5f018702696915661715c979b7796d4f101a257688af7c148e8615c938c4ca8a69f6fc585ec1dd1857a501f90b161eff23181a11a2b0da4c58d459cbf9db"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = getpid() r3 = getpgrp(0xffffffffffffffff) kcmp(r2, r3, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) 0s ago: executing program 3 (id=2009): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_DEL(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x14, r2, 0x1, 0x0, 0x25dfdbfd, {0x54}}, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x8000) close_range(r0, 0xffffffffffffffff, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x40, 0x4, 0x0) kernel console output (not intermixed with test programs): : avc: denied { ioctl } for pid=3791 comm="syz.3.133" path="socket:[5034]" dev="sockfs" ino=5034 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 45.981189][ T3793] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 46.032320][ T29] audit: type=1400 audit(1759019396.637:279): avc: denied { write } for pid=3791 comm="syz.3.133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 46.051961][ T29] audit: type=1400 audit(1759019396.637:280): avc: denied { write } for pid=3794 comm="syz.2.135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 46.132883][ T3803] netlink: 68 bytes leftover after parsing attributes in process `syz.2.138'. [ 46.213331][ T29] audit: type=1326 audit(1759019396.847:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3805 comm="syz.3.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 46.287697][ T29] audit: type=1326 audit(1759019396.847:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3805 comm="syz.3.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 46.311588][ T29] audit: type=1326 audit(1759019396.847:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3805 comm="syz.3.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 46.335368][ T29] audit: type=1326 audit(1759019396.847:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3805 comm="syz.3.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 46.359470][ T29] audit: type=1326 audit(1759019396.847:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3805 comm="syz.3.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 46.383161][ T29] audit: type=1326 audit(1759019396.847:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3805 comm="syz.3.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 46.406469][ T29] audit: type=1326 audit(1759019396.847:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3805 comm="syz.3.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 46.456002][ T3816] process 'syz.4.143' launched '/dev/fd/6' with NULL argv: empty string added [ 46.505901][ T3820] loop3: detected capacity change from 0 to 512 [ 46.561565][ T3829] netlink: 8 bytes leftover after parsing attributes in process `syz.0.148'. [ 46.570545][ T3829] netlink: 120 bytes leftover after parsing attributes in process `syz.0.148'. [ 46.577832][ T3820] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.594094][ T3820] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 46.609705][ T3829] netlink: 8 bytes leftover after parsing attributes in process `syz.0.148'. [ 46.643777][ T3832] IPv6: NLM_F_CREATE should be specified when creating new route [ 46.655280][ T3835] loop0: detected capacity change from 0 to 512 [ 46.666479][ T3835] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 46.713396][ T3835] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.768792][ T3835] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 46.936352][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.014261][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.042690][ T3860] loop1: detected capacity change from 0 to 164 [ 47.097107][ T3860] isofs_fill_super: root inode is not a directory. Corrupted media? [ 47.323001][ T3883] vhci_hcd: invalid port number 96 [ 47.328242][ T3883] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 47.356409][ T3889] netlink: 28 bytes leftover after parsing attributes in process `syz.2.176'. [ 47.470983][ T3900] vlan2: entered promiscuous mode [ 47.476115][ T3900] gretap0: entered promiscuous mode [ 47.535960][ T3907] loop0: detected capacity change from 0 to 512 [ 47.596331][ T3907] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.633375][ T3907] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 47.776679][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.824665][ T3942] loop4: detected capacity change from 0 to 512 [ 47.870547][ T3942] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 47.912959][ T3942] EXT4-fs (loop4): 1 truncate cleaned up [ 47.925294][ T3950] __nla_validate_parse: 2 callbacks suppressed [ 47.925315][ T3950] netlink: 12 bytes leftover after parsing attributes in process `syz.3.203'. [ 47.941645][ T3942] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.982697][ T3950] vlan2: entered promiscuous mode [ 48.021500][ T3950] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 48.039938][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.234111][ T3147] IPVS: starting estimator thread 0... [ 48.337849][ T3975] IPVS: using max 2304 ests per chain, 115200 per kthread [ 48.493869][ T3992] netlink: 8 bytes leftover after parsing attributes in process `syz.3.221'. [ 48.512851][ T3992] netlink: 8 bytes leftover after parsing attributes in process `syz.3.221'. [ 48.611188][ T4004] syzkaller1: entered promiscuous mode [ 48.616918][ T4004] syzkaller1: entered allmulticast mode [ 48.707599][ T4013] macvlan0: entered allmulticast mode [ 48.742580][ T4013] veth1_vlan: entered allmulticast mode [ 48.750655][ T4013] team0: Port device macvlan0 added [ 48.809606][ T4013] syz.1.232 (4013) used greatest stack depth: 10640 bytes left [ 48.842093][ T4027] syz.4.238 uses obsolete (PF_INET,SOCK_PACKET) [ 48.868614][ T4029] loop1: detected capacity change from 0 to 1024 [ 48.888230][ T4029] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 48.903743][ T4029] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 48.992441][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 49.006492][ T4037] netlink: 12 bytes leftover after parsing attributes in process `syz.3.242'. [ 49.015991][ T4040] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 49.065226][ T4042] loop4: detected capacity change from 0 to 136 [ 49.099956][ T4048] loop3: detected capacity change from 0 to 1024 [ 49.107012][ T4048] EXT4-fs: Ignoring removed oldalloc option [ 49.121784][ T4042] rock: directory entry would overflow storage [ 49.128164][ T4042] rock: sig=0x4f50, size=4, remaining=3 [ 49.133800][ T4042] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 49.164394][ T4050] netlink: 4 bytes leftover after parsing attributes in process `syz.1.248'. [ 49.184397][ T4048] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 49.197251][ T4050] veth1_macvtap: left promiscuous mode [ 49.199379][ T4048] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 49.255118][ T4048] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.247: lblock 3 mapped to illegal pblock 3 (length 3) [ 49.276515][ T3147] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 49.316535][ T3147] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 49.332270][ T4048] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 49.344710][ T4048] EXT4-fs (loop3): This should not happen!! Data will be lost [ 49.344710][ T4048] [ 49.369126][ T4065] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4065 comm=syz.1.254 [ 49.432612][ T1460] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:5: lblock 8 mapped to illegal pblock 8 (length 8) [ 49.450457][ T4069] loop4: detected capacity change from 0 to 512 [ 49.466103][ T1460] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 49.478622][ T1460] EXT4-fs (loop3): This should not happen!! Data will be lost [ 49.478622][ T1460] [ 49.494630][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 49.505566][ T4069] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 49.548077][ T4069] EXT4-fs (loop4): mount failed [ 49.585993][ T4076] bridge0: entered promiscuous mode [ 49.603837][ T4076] macsec0: entered promiscuous mode [ 49.618792][ T4076] bridge0: port 3(macsec0) entered blocking state [ 49.625286][ T4076] bridge0: port 3(macsec0) entered disabled state [ 49.646878][ T4076] macsec0: entered allmulticast mode [ 49.652584][ T4076] bridge0: entered allmulticast mode [ 49.662924][ T4076] macsec0: left allmulticast mode [ 49.668063][ T4076] bridge0: left allmulticast mode [ 49.687035][ T4076] bridge0: left promiscuous mode [ 49.769991][ T4090] netlink: 'syz.2.264': attribute type 16 has an invalid length. [ 49.778002][ T4090] netlink: 'syz.2.264': attribute type 17 has an invalid length. [ 49.798651][ T4092] loop0: detected capacity change from 0 to 512 [ 49.825366][ T4092] EXT4-fs error (device loop0): ext4_init_orphan_info:585: comm syz.0.265: inode #0: comm syz.0.265: iget: illegal inode # [ 49.838656][ T4090] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 49.858710][ T4092] EXT4-fs (loop0): get orphan inode failed [ 49.864693][ T4092] EXT4-fs (loop0): mount failed [ 50.012625][ T4108] team_slave_0: entered promiscuous mode [ 50.018413][ T4108] team_slave_1: entered promiscuous mode [ 50.042231][ T4111] loop0: detected capacity change from 0 to 512 [ 50.046843][ T4108] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 50.070646][ T4111] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.090561][ T4111] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 50.107259][ T4108] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 50.155419][ T4120] netlink: 180 bytes leftover after parsing attributes in process `syz.4.277'. [ 50.167858][ T4111] EXT4-fs (loop0): shut down requested (0) [ 50.177080][ T4111] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=15 [ 50.188107][ T4111] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=15 [ 50.197139][ T4111] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=15 [ 50.208281][ T4111] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 50.219937][ T4124] netlink: 24 bytes leftover after parsing attributes in process `syz.2.279'. [ 50.249199][ T4124] netlink: 'syz.2.279': attribute type 1 has an invalid length. [ 50.257317][ T4124] netlink: 32 bytes leftover after parsing attributes in process `syz.2.279'. [ 50.268362][ T4111] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 50.328589][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.518744][ T4150] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4150 comm=syz.0.288 [ 50.670250][ T4156] loop3: detected capacity change from 0 to 128 [ 50.687420][ T4156] syz.3.293: attempt to access beyond end of device [ 50.687420][ T4156] loop3: rw=2049, sector=154, nr_sectors = 8 limit=128 [ 50.706412][ T4156] syz.3.293: attempt to access beyond end of device [ 50.706412][ T4156] loop3: rw=2049, sector=160, nr_sectors = 2 limit=128 [ 50.720062][ T4156] Buffer I/O error on dev loop3, logical block 80, lost async page write [ 50.729675][ T4156] syz.3.293: attempt to access beyond end of device [ 50.729675][ T4156] loop3: rw=2049, sector=162, nr_sectors = 8 limit=128 [ 50.744257][ T4156] syz.3.293: attempt to access beyond end of device [ 50.744257][ T4156] loop3: rw=2049, sector=168, nr_sectors = 2 limit=128 [ 50.758196][ T4156] Buffer I/O error on dev loop3, logical block 84, lost async page write [ 51.012781][ T29] kauditd_printk_skb: 239 callbacks suppressed [ 51.012800][ T29] audit: type=1400 audit(1759019401.647:526): avc: denied { create } for pid=4182 comm="syz.3.304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 51.041845][ T4184] netlink: 28 bytes leftover after parsing attributes in process `syz.2.305'. [ 51.061560][ T29] audit: type=1400 audit(1759019401.687:527): avc: denied { connect } for pid=4182 comm="syz.3.304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 51.157091][ T4190] loop2: detected capacity change from 0 to 2048 [ 51.180380][ T29] audit: type=1326 audit(1759019401.817:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4191 comm="syz.4.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 51.229492][ T29] audit: type=1326 audit(1759019401.817:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4191 comm="syz.4.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 51.253003][ T29] audit: type=1326 audit(1759019401.847:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4191 comm="syz.4.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 51.276373][ T29] audit: type=1326 audit(1759019401.847:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4191 comm="syz.4.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 51.299825][ T29] audit: type=1326 audit(1759019401.847:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4191 comm="syz.4.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 51.323299][ T29] audit: type=1326 audit(1759019401.847:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4191 comm="syz.4.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 51.346575][ T29] audit: type=1326 audit(1759019401.847:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4191 comm="syz.4.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 51.369963][ T29] audit: type=1326 audit(1759019401.847:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4191 comm="syz.4.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 51.525178][ T4208] Zero length message leads to an empty skb [ 51.650153][ T4220] ALSA: seq fatal error: cannot create timer (-19) [ 51.657442][ T4218] IPv6: Can't replace route, no match found [ 51.691789][ T4222] loop2: detected capacity change from 0 to 128 [ 51.728389][ T4222] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 51.752294][ T4226] loop4: detected capacity change from 0 to 256 [ 51.770151][ T4222] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 51.797593][ T4226] FAT-fs (loop4): Directory bread(block 64) failed [ 51.808409][ T4226] FAT-fs (loop4): Directory bread(block 65) failed [ 51.828717][ T4226] FAT-fs (loop4): Directory bread(block 66) failed [ 51.848655][ T4226] FAT-fs (loop4): Directory bread(block 67) failed [ 51.855279][ T4226] FAT-fs (loop4): Directory bread(block 68) failed [ 51.892738][ T4226] FAT-fs (loop4): Directory bread(block 69) failed [ 51.901037][ T4226] FAT-fs (loop4): Directory bread(block 70) failed [ 51.933016][ T4226] FAT-fs (loop4): Directory bread(block 71) failed [ 51.948043][ T4226] FAT-fs (loop4): Directory bread(block 72) failed [ 51.968932][ T4226] FAT-fs (loop4): Directory bread(block 73) failed [ 52.010643][ T4238] Falling back ldisc for ttyS3. [ 52.025399][ T4243] netlink: 'syz.2.332': attribute type 1 has an invalid length. [ 52.033356][ T4243] netlink: 'syz.2.332': attribute type 6 has an invalid length. [ 52.041069][ T4243] netlink: 'syz.2.332': attribute type 3 has an invalid length. [ 52.048840][ T4243] netlink: 24 bytes leftover after parsing attributes in process `syz.2.332'. [ 52.240733][ T4263] hsr_slave_0: left promiscuous mode [ 52.253210][ T4263] hsr_slave_1: left promiscuous mode [ 52.286360][ T4267] macvlan1: entered promiscuous mode [ 52.297238][ T4267] ipvlan0: entered promiscuous mode [ 52.305447][ T4267] ipvlan0: left promiscuous mode [ 52.311288][ T4267] macvlan1: left promiscuous mode [ 52.461671][ T4293] syz_tun: entered allmulticast mode [ 52.469653][ T4292] syz_tun: left allmulticast mode [ 52.745704][ T4334] rdma_op ffff88811a2ee580 conn xmit_rdma 0000000000000000 [ 52.821279][ T4344] vhci_hcd: invalid port number 236 [ 52.953058][ T4356] netlink: 'syz.0.385': attribute type 21 has an invalid length. [ 52.969546][ T4356] __nla_validate_parse: 1 callbacks suppressed [ 52.969567][ T4356] netlink: 132 bytes leftover after parsing attributes in process `syz.0.385'. [ 52.985201][ T4356] netlink: 'syz.0.385': attribute type 1 has an invalid length. [ 53.012664][ T4365] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 53.067778][ T4374] rdma_op ffff88811a2ee580 conn xmit_rdma 0000000000000000 [ 53.560643][ T1033] Process accounting resumed [ 53.585833][ T1460] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.611746][ T1460] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.661861][ T1460] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.777124][ T1460] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.821245][ T4444] lo speed is unknown, defaulting to 1000 [ 53.906641][ T1460] bridge_slave_1: left allmulticast mode [ 53.912529][ T1460] bridge_slave_1: left promiscuous mode [ 53.918331][ T1460] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.929137][ T1460] bridge_slave_0: left allmulticast mode [ 53.934818][ T1460] bridge_slave_0: left promiscuous mode [ 53.940711][ T1460] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.965161][ T4478] loop4: detected capacity change from 0 to 2048 [ 54.016065][ T4478] loop4: p2 p3 p7 [ 54.043975][ T1460] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 54.064757][ T1460] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 54.078984][ T1460] bond0 (unregistering): Released all slaves [ 54.141956][ T4473] syz.0.435 (4473) used greatest stack depth: 10176 bytes left [ 54.157943][ T1460] hsr_slave_0: left promiscuous mode [ 54.171928][ T1460] hsr_slave_1: left promiscuous mode [ 54.182869][ T1460] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 54.190366][ T1460] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 54.205166][ T1460] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 54.212741][ T1460] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 54.233234][ T1460] team_slave_0: left promiscuous mode [ 54.238914][ T1460] team_slave_1: left promiscuous mode [ 54.246885][ T1460] veth0_macvtap: left promiscuous mode [ 54.252592][ T1460] veth1_vlan: left allmulticast mode [ 54.258123][ T1460] veth1_vlan: left promiscuous mode [ 54.266152][ T1460] veth0_vlan: left promiscuous mode [ 54.332067][ T1460] team0 (unregistering): Port device macvlan0 removed [ 54.359829][ T1460] team0 (unregistering): Port device team_slave_1 removed [ 54.370111][ T1460] team0 (unregistering): Port device team_slave_0 removed [ 54.431723][ T4444] chnl_net:caif_netlink_parms(): no params data found [ 54.494143][ T4444] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.501335][ T4444] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.508622][ T4444] bridge_slave_0: entered allmulticast mode [ 54.518402][ T4444] bridge_slave_0: entered promiscuous mode [ 54.525374][ T4444] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.532525][ T4444] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.539970][ T4444] bridge_slave_1: entered allmulticast mode [ 54.546876][ T4444] bridge_slave_1: entered promiscuous mode [ 54.571218][ T4444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.589256][ T4444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.613686][ T4444] team0: Port device team_slave_0 added [ 54.621783][ T4444] team0: Port device team_slave_1 added [ 54.649032][ T4444] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.656271][ T4444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.683136][ T4444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.721722][ T4444] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.729018][ T4444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.755064][ T4444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.775907][ T4531] loop3: detected capacity change from 0 to 512 [ 54.792107][ T4531] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 54.809852][ T4444] hsr_slave_0: entered promiscuous mode [ 54.812513][ T4531] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.816123][ T4444] hsr_slave_1: entered promiscuous mode [ 54.832465][ T4540] netlink: 4 bytes leftover after parsing attributes in process `syz.4.460'. [ 54.844126][ T4444] debugfs: 'hsr0' already exists in 'hsr' [ 54.849926][ T4444] Cannot create hsr debugfs directory [ 54.859192][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.014925][ T4557] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4557 comm=syz.4.466 [ 55.041104][ T4444] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 55.052221][ T4444] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 55.071500][ T4444] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 55.093462][ T4444] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 55.194458][ T4444] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.210465][ T4444] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.227870][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.235161][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.261676][ T4444] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 55.272201][ T4444] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 55.286620][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.293820][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.326324][ T4586] loop3: detected capacity change from 0 to 8192 [ 55.399394][ T4444] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.533158][ T4624] netlink: 8 bytes leftover after parsing attributes in process `syz.4.488'. [ 55.542182][ T4624] netlink: 4 bytes leftover after parsing attributes in process `syz.4.488'. [ 55.558187][ T4624] netlink: 8 bytes leftover after parsing attributes in process `syz.4.488'. [ 55.559996][ T3477] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 55.567254][ T4624] netlink: 4 bytes leftover after parsing attributes in process `syz.4.488'. [ 55.606766][ T4444] veth0_vlan: entered promiscuous mode [ 55.616941][ T3477] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 55.626627][ T3477] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 55.641322][ T4444] veth1_vlan: entered promiscuous mode [ 55.659176][ T3477] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 55.692807][ T4444] veth0_macvtap: entered promiscuous mode [ 55.709772][ T4444] veth1_macvtap: entered promiscuous mode [ 55.737527][ T4444] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.765754][ T4444] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.795314][ T1460] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.810673][ T1460] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.837328][ T1460] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.847025][ T4660] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 55.849544][ T4656] netlink: 'syz.0.496': attribute type 2 has an invalid length. [ 55.856719][ T4660] vhci_hcd: default hub control req: 2314 v0008 i0002 l0 [ 55.862150][ T4656] netlink: 'syz.0.496': attribute type 3 has an invalid length. [ 55.893794][ T1460] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.031464][ T29] kauditd_printk_skb: 841 callbacks suppressed [ 56.031552][ T29] audit: type=1400 audit(2000000003.760:1377): avc: denied { getattr } for pid=4672 comm="syz.4.501" name="/" dev="secretmem" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 56.103086][ T29] audit: type=1400 audit(2000000003.830:1378): avc: denied { ioctl } for pid=4681 comm="syz.5.505" path="socket:[8687]" dev="sockfs" ino=8687 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 56.159439][ T4679] loop2: detected capacity change from 0 to 164 [ 56.174042][ T4679] syz.2.502: attempt to access beyond end of device [ 56.174042][ T4679] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 56.189746][ T4687] SELinux: failed to load policy [ 56.199567][ T29] audit: type=1400 audit(2000000003.920:1379): avc: denied { load_policy } for pid=4686 comm="syz.4.507" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 56.199822][ T4679] syz.2.502: attempt to access beyond end of device [ 56.199822][ T4679] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 56.238510][ T4691] unsupported nla_type 52263 [ 56.297593][ T4693] lo speed is unknown, defaulting to 1000 [ 56.375108][ T4705] loop2: detected capacity change from 0 to 512 [ 56.453401][ T4705] EXT4-fs (loop2): too many log groups per flexible block group [ 56.461329][ T4705] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 56.485723][ T4705] EXT4-fs (loop2): mount failed [ 56.614561][ T29] audit: type=1400 audit(2000000004.340:1380): avc: denied { mounton } for pid=4729 comm="syz.0.526" path="/102/file0" dev="tmpfs" ino=543 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 56.642166][ T4731] 9pnet_fd: Insufficient options for proto=fd [ 56.653300][ T4734] netlink: 28 bytes leftover after parsing attributes in process `syz.3.528'. [ 56.662506][ T4734] netlink: 28 bytes leftover after parsing attributes in process `syz.3.528'. [ 56.719007][ T29] audit: type=1400 audit(2000000004.450:1381): avc: denied { create } for pid=4742 comm="syz.3.533" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 56.764484][ T29] audit: type=1400 audit(2000000004.450:1382): avc: denied { write } for pid=4742 comm="syz.3.533" name="file0" dev="tmpfs" ino=633 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 56.787200][ T29] audit: type=1400 audit(2000000004.450:1383): avc: denied { open } for pid=4742 comm="syz.3.533" path="/120/file0" dev="tmpfs" ino=633 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 56.811047][ T29] audit: type=1400 audit(2000000004.450:1384): avc: denied { ioctl } for pid=4742 comm="syz.3.533" path="/120/file0" dev="tmpfs" ino=633 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 56.864792][ T29] audit: type=1326 audit(2000000004.570:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4750 comm="syz.4.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 56.889024][ T29] audit: type=1326 audit(2000000004.570:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4750 comm="syz.4.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 56.973562][ T4760] rdma_op ffff888118ef4d80 conn xmit_rdma 0000000000000000 [ 57.284550][ T4792] loop4: detected capacity change from 0 to 164 [ 57.301163][ T4792] syz.4.554: attempt to access beyond end of device [ 57.301163][ T4792] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 57.318328][ T4792] syz.4.554: attempt to access beyond end of device [ 57.318328][ T4792] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 57.334124][ T4800] netlink: 92 bytes leftover after parsing attributes in process `syz.2.558'. [ 57.343060][ T4800] netem: unknown loss type 0 [ 57.347800][ T4800] netem: change failed [ 57.391242][ T4807] netlink: 'syz.0.561': attribute type 39 has an invalid length. [ 57.472963][ T4817] netlink: 12 bytes leftover after parsing attributes in process `syz.4.566'. [ 57.487387][ T4817] netlink: 'syz.4.566': attribute type 6 has an invalid length. [ 57.635673][ T4835] IPv6: Can't replace route, no match found [ 57.647566][ T4841] loop4: detected capacity change from 0 to 512 [ 57.691706][ T4841] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.706254][ T4841] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 57.817454][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.867996][ T4856] Falling back ldisc for ttyS3. [ 58.034475][ T4878] 8021q: adding VLAN 0 to HW filter on device bond1 [ 58.089358][ T4878] bridge0: port 3(bond1) entered blocking state [ 58.095771][ T4878] bridge0: port 3(bond1) entered disabled state [ 58.136222][ T4878] bond1: entered allmulticast mode [ 58.152386][ T4878] bond1: entered promiscuous mode [ 58.157681][ T4878] bridge0: port 3(bond1) entered blocking state [ 58.164382][ T4878] bridge0: port 3(bond1) entered forwarding state [ 58.316898][ T4889] bridge0: entered promiscuous mode [ 58.330752][ T4889] macsec1: entered promiscuous mode [ 58.337529][ T4889] bridge0: port 4(macsec1) entered blocking state [ 58.344248][ T4889] bridge0: port 4(macsec1) entered disabled state [ 58.351397][ T4889] macsec1: entered allmulticast mode [ 58.356719][ T4889] bridge0: entered allmulticast mode [ 58.362907][ T4889] macsec1: left allmulticast mode [ 58.367997][ T4889] bridge0: left allmulticast mode [ 58.374635][ T4889] bridge0: left promiscuous mode [ 58.394368][ T4898] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 58.407187][ T4895] IPVS: stopping master sync thread 4898 ... [ 58.414970][ T4893] lo speed is unknown, defaulting to 1000 [ 58.500553][ T4909] loop2: detected capacity change from 0 to 164 [ 58.512488][ T4910] netlink: 'syz.0.605': attribute type 1 has an invalid length. [ 58.525499][ T4909] syz.2.604: attempt to access beyond end of device [ 58.525499][ T4909] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 58.540772][ T4909] syz.2.604: attempt to access beyond end of device [ 58.540772][ T4909] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 58.564623][ T4910] bond1: entered promiscuous mode [ 58.584580][ T4910] 8021q: adding VLAN 0 to HW filter on device bond1 [ 58.626272][ T4906] mmap: syz.4.603 (4906) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 58.641462][ T4915] 8021q: adding VLAN 0 to HW filter on device bond1 [ 58.659530][ T4915] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 58.672020][ T4915] bond1: (slave vxcan3): Setting fail_over_mac to active for active-backup mode [ 58.721540][ T4915] bond1: (slave vxcan3): making interface the new active one [ 58.729172][ T4915] vxcan3: entered promiscuous mode [ 58.738739][ T4915] bond1: (slave vxcan3): Enslaving as an active interface with an up link [ 58.747570][ T4917] __nla_validate_parse: 6 callbacks suppressed [ 58.747590][ T4917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.607'. [ 58.762735][ T4917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.607'. [ 58.774457][ T1460] bridge0: port 3(bond1) entered disabled state [ 58.794773][ T4924] loop4: detected capacity change from 0 to 512 [ 58.813839][ T4924] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.829673][ T4929] program syz.2.612 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 58.855500][ T4924] ext4 filesystem being mounted at /140/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 58.913731][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.153430][ T4968] netlink: 51 bytes leftover after parsing attributes in process `syz.0.629'. [ 59.450445][ T4990] loop3: detected capacity change from 0 to 512 [ 59.469353][ T4990] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.482221][ T4990] ext4 filesystem being mounted at /131/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 59.512890][ T4990] syz.3.638 (4990) used greatest stack depth: 9128 bytes left [ 59.522583][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.114764][ T5047] netlink: 'syz.2.661': attribute type 3 has an invalid length. [ 60.213398][ T5068] syz.4.671 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 60.493068][ T5099] loop4: detected capacity change from 0 to 512 [ 60.546600][ T5103] bridge0: entered promiscuous mode [ 60.552790][ T5103] macsec1: entered promiscuous mode [ 60.560318][ T5103] bridge0: port 3(macsec1) entered blocking state [ 60.566835][ T5103] bridge0: port 3(macsec1) entered disabled state [ 60.573814][ T5103] macsec1: entered allmulticast mode [ 60.579195][ T5103] bridge0: entered allmulticast mode [ 60.592490][ T5103] macsec1: left allmulticast mode [ 60.597694][ T5103] bridge0: left allmulticast mode [ 60.616523][ T5103] bridge0: left promiscuous mode [ 60.649677][ T5107] netlink: 'syz.4.691': attribute type 3 has an invalid length. [ 60.661928][ T5107] netlink: 'syz.4.691': attribute type 3 has an invalid length. [ 60.792515][ T5124] netlink: 'syz.4.696': attribute type 39 has an invalid length. [ 60.938384][ T5137] 8021q: adding VLAN 0 to HW filter on device bond2 [ 60.958668][ T5142] loop2: detected capacity change from 0 to 1024 [ 60.969849][ T5137] bridge0: port 3(bond2) entered blocking state [ 60.976386][ T5137] bridge0: port 3(bond2) entered disabled state [ 60.983340][ T5137] bond2: entered allmulticast mode [ 60.990044][ T5137] bond2: entered promiscuous mode [ 60.995431][ T5137] bridge0: port 3(bond2) entered blocking state [ 61.002092][ T5137] bridge0: port 3(bond2) entered forwarding state [ 61.009107][ T5142] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 61.021288][ T5144] netlink: 8 bytes leftover after parsing attributes in process `syz.3.705'. [ 61.065013][ T29] kauditd_printk_skb: 271 callbacks suppressed [ 61.065028][ T29] audit: type=1326 audit(2000000008.790:1658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5150 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 61.108726][ T29] audit: type=1326 audit(2000000008.820:1659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5150 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 61.132912][ T29] audit: type=1326 audit(2000000008.820:1660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5150 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 61.156884][ T29] audit: type=1326 audit(2000000008.820:1661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5150 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 61.181192][ T29] audit: type=1326 audit(2000000008.820:1662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5150 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 61.204915][ T29] audit: type=1326 audit(2000000008.820:1663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5150 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 61.228427][ T29] audit: type=1326 audit(2000000008.830:1664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5150 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 61.251847][ T29] audit: type=1326 audit(2000000008.830:1665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5150 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 61.275510][ T29] audit: type=1326 audit(2000000008.830:1666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5150 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 61.299133][ T29] audit: type=1326 audit(2000000008.830:1667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5150 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f68db43eec9 code=0x7ffc0000 [ 61.323424][ T37] bridge0: port 3(bond2) entered disabled state [ 61.331736][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.391224][ T5154] lo speed is unknown, defaulting to 1000 [ 61.404551][ T5167] loop3: detected capacity change from 0 to 512 [ 61.437666][ T5176] netlink: 12 bytes leftover after parsing attributes in process `syz.4.721'. [ 61.447003][ T5176] netlink: 28 bytes leftover after parsing attributes in process `syz.4.721'. [ 61.453890][ T5167] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 61.456090][ T5176] netlink: 12 bytes leftover after parsing attributes in process `syz.4.721'. [ 61.468984][ T5167] ext4 filesystem being mounted at /155/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.482038][ T5176] netlink: 28 bytes leftover after parsing attributes in process `syz.4.721'. [ 61.496887][ T5176] netlink: 'syz.4.721': attribute type 6 has an invalid length. [ 61.552792][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.657120][ T5201] loop4: detected capacity change from 0 to 1024 [ 61.667487][ T5201] EXT4-fs: Ignoring removed bh option [ 61.715595][ T5201] EXT4-fs: inline encryption not supported [ 61.734615][ T5201] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 61.774450][ T5201] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 61.795081][ T5201] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.730: lblock 2 mapped to illegal pblock 2 (length 1) [ 61.855417][ T5201] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.730: lblock 0 mapped to illegal pblock 48 (length 1) [ 61.921733][ T5201] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.730: Failed to acquire dquot type 0 [ 61.966294][ T5201] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 61.995239][ T5226] loop5: detected capacity change from 0 to 512 [ 61.998913][ T5201] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.730: mark_inode_dirty error [ 62.015298][ T5201] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 62.028488][ T5201] EXT4-fs (loop4): 1 orphan inode deleted [ 62.034991][ T5201] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.049267][ T2867] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1) [ 62.065522][ T2867] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 0 [ 62.100516][ T5201] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.730: lblock 0 mapped to illegal pblock 48 (length 1) [ 62.131386][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.149450][ T5226] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.165010][ T5226] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 62.201388][ T5233] SELinux: Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped). [ 62.291398][ T4444] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.368043][ T5248] netlink: 'syz.4.749': attribute type 3 has an invalid length. [ 62.385803][ T5250] pimreg: entered allmulticast mode [ 62.396242][ T5247] loop3: detected capacity change from 0 to 4096 [ 62.406627][ T5250] pimreg: left allmulticast mode [ 62.426719][ T5247] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.456395][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.491703][ T5259] netlink: 8 bytes leftover after parsing attributes in process `syz.4.755'. [ 62.500800][ T5259] netlink: 12 bytes leftover after parsing attributes in process `syz.4.755'. [ 62.509829][ T5259] netlink: 'syz.4.755': attribute type 20 has an invalid length. [ 62.521149][ T5261] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 62.534772][ T5259] netlink: 'syz.4.755': attribute type 20 has an invalid length. [ 62.544561][ T5263] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 62.544561][ T5263] program syz.0.757 not setting count and/or reply_len properly [ 62.616437][ T5273] rdma_op ffff888104a0e980 conn xmit_rdma 0000000000000000 [ 62.681687][ T5283] loop4: detected capacity change from 0 to 1764 [ 62.699531][ T5283] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5283 comm=syz.4.766 [ 62.814139][ T5298] loop4: detected capacity change from 0 to 2048 [ 62.849337][ T5298] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 62.872246][ T3147] Process accounting resumed [ 62.909935][ T2867] nci: nci_ntf_packet: unsupported ntf opcode 0xf06 [ 62.944378][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.061607][ T5325] loop2: detected capacity change from 0 to 512 [ 63.080131][ T5325] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.092916][ T5325] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.129681][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.149037][ T5331] loop4: detected capacity change from 0 to 512 [ 63.167208][ T5331] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 63.192804][ T5331] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.784: Failed to acquire dquot type 1 [ 63.206896][ T5331] EXT4-fs (loop4): 1 truncate cleaned up [ 63.214952][ T5331] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.242107][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.901761][ T5384] atomic_op ffff888104ab3128 conn xmit_atomic 0000000000000000 [ 63.936966][ T5390] IPVS: Error connecting to the multicast addr [ 64.198698][ C0] vcan0: j1939_tp_rxtimer: 0xffff88813fe4f400: rx timeout, send abort [ 64.206988][ C0] vcan0: j1939_tp_rxtimer: 0xffff88813fe4e400: rx timeout, send abort [ 64.215516][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88813fe4f400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 64.229851][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88813fe4e400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 64.264937][ T5410] __nla_validate_parse: 2 callbacks suppressed [ 64.264957][ T5410] netlink: 8 bytes leftover after parsing attributes in process `syz.2.816'. [ 64.280234][ T5410] netlink: 'syz.2.816': attribute type 5 has an invalid length. [ 64.288016][ T5410] netlink: 4 bytes leftover after parsing attributes in process `syz.2.816'. [ 64.427523][ T5422] loop2: detected capacity change from 0 to 512 [ 64.450035][ T5422] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.540148][ T5422] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 64.640436][ T5437] uprobe: syz.4.825:5437 failed to unregister, leaking uprobe [ 64.697995][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.899111][ T5464] netlink: 16 bytes leftover after parsing attributes in process `syz.5.836'. [ 64.908147][ T5464] netlink: 16 bytes leftover after parsing attributes in process `syz.5.836'. [ 65.033326][ T5488] loop4: detected capacity change from 0 to 512 [ 65.050318][ T5488] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 65.064580][ T5488] EXT4-fs (loop4): 1 orphan inode deleted [ 65.070503][ T5488] EXT4-fs (loop4): 1 truncate cleaned up [ 65.077610][ T5488] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.107113][ T5488] EXT4-fs error (device loop4): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.4.844: path /189/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0 [ 65.137542][ T5488] EXT4-fs (loop4): Remounting filesystem read-only [ 65.139794][ T5497] loop2: detected capacity change from 0 to 256 [ 65.163041][ T5497] FAT-fs (loop2): Directory bread(block 64) failed [ 65.169883][ T5497] FAT-fs (loop2): Directory bread(block 65) failed [ 65.189437][ T5497] FAT-fs (loop2): Directory bread(block 66) failed [ 65.190791][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.196074][ T5497] FAT-fs (loop2): Directory bread(block 67) failed [ 65.211898][ T5497] FAT-fs (loop2): Directory bread(block 68) failed [ 65.218927][ T5497] FAT-fs (loop2): Directory bread(block 69) failed [ 65.225664][ T5497] FAT-fs (loop2): Directory bread(block 70) failed [ 65.232299][ T5497] FAT-fs (loop2): Directory bread(block 71) failed [ 65.239518][ T5497] FAT-fs (loop2): Directory bread(block 72) failed [ 65.246154][ T5497] FAT-fs (loop2): Directory bread(block 73) failed [ 65.274853][ T5502] loop3: detected capacity change from 0 to 512 [ 65.293293][ T5502] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.306610][ T5502] ext4 filesystem being mounted at /177/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 65.333168][ T5507] SELinux: Context Ü is not valid (left unmapped). [ 65.381574][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.506569][ T5522] uprobe: syz.3.868:5522 failed to unregister, leaking uprobe [ 65.550387][ T5533] netlink: 8 bytes leftover after parsing attributes in process `syz.0.864'. [ 65.867633][ T5555] loop5: detected capacity change from 0 to 512 [ 65.893238][ T5555] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 65.946329][ T5555] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.875: Failed to acquire dquot type 1 [ 65.966965][ T5555] EXT4-fs (loop5): 1 truncate cleaned up [ 65.981800][ T5555] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.020331][ T4444] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.041729][ T5567] netlink: 'syz.5.878': attribute type 21 has an invalid length. [ 66.049593][ T5567] netlink: 156 bytes leftover after parsing attributes in process `syz.5.878'. [ 66.159475][ T5580] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 66.168275][ T5580] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 66.202104][ T29] kauditd_printk_skb: 207 callbacks suppressed [ 66.202150][ T29] audit: type=1400 audit(2000000013.930:1867): avc: denied { connect } for pid=5581 comm="syz.0.886" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 66.296561][ T29] audit: type=1326 audit(2000000013.980:1868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 66.320021][ T29] audit: type=1326 audit(2000000013.980:1869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 66.343834][ T29] audit: type=1326 audit(2000000013.980:1870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 66.367525][ T29] audit: type=1326 audit(2000000013.980:1871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 66.391194][ T29] audit: type=1326 audit(2000000013.980:1872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 66.414645][ T29] audit: type=1326 audit(2000000013.980:1873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 66.438015][ T29] audit: type=1326 audit(2000000013.980:1874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 66.461487][ T29] audit: type=1326 audit(2000000013.980:1875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 66.485468][ T29] audit: type=1326 audit(2000000013.980:1876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 66.595258][ T5609] netlink: 96 bytes leftover after parsing attributes in process `syz.4.898'. [ 66.605267][ T5601] uprobe: syz.0.893:5601 failed to unregister, leaking uprobe [ 66.625166][ T5612] loop2: detected capacity change from 0 to 512 [ 66.633348][ T5612] EXT4-fs (loop2): orphan cleanup on readonly fs [ 66.641497][ T5612] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.899: bad orphan inode 13 [ 66.651852][ T5612] ext4_test_bit(bit=12, block=18) = 1 [ 66.657349][ T5612] is_bad_inode(inode)=0 [ 66.661786][ T5612] NEXT_ORPHAN(inode)=2130706432 [ 66.666964][ T5612] max_ino=32 [ 66.670251][ T5612] i_nlink=1 [ 66.674814][ T5612] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 66.742818][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.893626][ T5653] loop3: detected capacity change from 0 to 512 [ 66.913130][ T5660] veth0: entered promiscuous mode [ 66.914588][ T5653] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.919: bad orphan inode 11862016 [ 66.930975][ T5660] veth0: left promiscuous mode [ 66.937113][ T5653] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 66.955199][ T5653] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 67.042270][ T5662] loop2: detected capacity change from 0 to 512 [ 67.083705][ T5662] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 67.089230][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 67.159099][ T5684] loop3: detected capacity change from 0 to 512 [ 67.178481][ T5684] EXT4-fs warning (device loop3): ext4_xattr_inode_get:556: inode #11: comm syz.3.928: EA inode hash validation failed [ 67.191400][ T5684] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.928: corrupted inode contents [ 67.193010][ T5662] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.921: Failed to acquire dquot type 1 [ 67.223673][ T5684] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #15: comm syz.3.928: mark_inode_dirty error [ 67.245418][ T5684] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.928: corrupted inode contents [ 67.263276][ T5662] EXT4-fs (loop2): 1 truncate cleaned up [ 67.274158][ T5684] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #15: comm syz.3.928: mark_inode_dirty error [ 67.299094][ T5662] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.303386][ T5684] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #15: comm syz.3.928: mark inode dirty (error -117) [ 67.325997][ T5684] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 67.336448][ T5676] loop4: detected capacity change from 0 to 128 [ 67.343610][ T5684] EXT4-fs (loop3): 1 orphan inode deleted [ 67.349975][ T5684] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.351328][ T5693] loop5: detected capacity change from 0 to 512 [ 67.399611][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.411416][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.426503][ T5693] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.439756][ T5693] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 67.457528][ T5699] loop4: detected capacity change from 0 to 512 [ 67.477533][ T5701] netlink: 'syz.3.938': attribute type 10 has an invalid length. [ 67.485649][ T5701] netlink: 40 bytes leftover after parsing attributes in process `syz.3.938'. [ 67.495263][ T5701] dummy0: entered promiscuous mode [ 67.501459][ T5701] bridge0: port 3(dummy0) entered blocking state [ 67.508299][ T5701] bridge0: port 3(dummy0) entered disabled state [ 67.515100][ T5701] dummy0: entered allmulticast mode [ 67.521372][ T5701] bridge0: port 3(dummy0) entered blocking state [ 67.527931][ T5701] bridge0: port 3(dummy0) entered forwarding state [ 67.548982][ T5699] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.578928][ T5699] ext4 filesystem being mounted at /215/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 67.594920][ T5709] SELinux: Context system_u:object_r:wireless_device_t:s0 is not valid (left unmapped). [ 67.616382][ T4444] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.689456][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.713676][ T5716] netlink: 4 bytes leftover after parsing attributes in process `syz.5.950'. [ 67.838994][ T5733] sctp: [Deprecated]: syz.3.949 (pid 5733) Use of struct sctp_assoc_value in delayed_ack socket option. [ 67.838994][ T5733] Use struct sctp_sack_info instead [ 67.846375][ T5730] SELinux: failed to load policy [ 67.890459][ T5739] ALSA: seq fatal error: cannot create timer (-22) [ 67.911349][ T5736] vhci_hcd: invalid port number 96 [ 67.916651][ T5736] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 68.042326][ T5754] program syz.3.960 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 68.320144][ T5782] loop3: detected capacity change from 0 to 512 [ 68.341101][ T5782] ext4 filesystem being mounted at /206/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 68.437225][ T5797] loop3: detected capacity change from 0 to 512 [ 68.445080][ T5797] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 68.461012][ T5797] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.979: bg 0: block 104: invalid block bitmap [ 68.485888][ T5797] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 68.512596][ T5797] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.979: invalid indirect mapped block 1 (level 1) [ 68.535394][ T5797] EXT4-fs (loop3): 1 truncate cleaned up [ 68.605515][ T5810] loop3: detected capacity change from 0 to 512 [ 68.776328][ T5822] loop4: detected capacity change from 0 to 8192 [ 68.792029][ T5835] netlink: 'syz.3.997': attribute type 1 has an invalid length. [ 68.851044][ T5842] netdevsim netdevsim4: Direct firmware load for ./file0/file1 failed with error -2 [ 69.026852][ T5869] netlink: 'syz.3.1012': attribute type 10 has an invalid length. [ 69.080242][ T5869] team0: Device hsr_slave_0 failed to register rx_handler [ 69.140124][ T5871] loop4: detected capacity change from 0 to 8192 [ 69.146811][ T5879] loop2: detected capacity change from 0 to 512 [ 69.188486][ T5877] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 69.211440][ T5879] ext4 filesystem being mounted at /186/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 69.535803][ T5911] xt_HMARK: proto mask must be zero with L3 mode [ 69.624259][ T5912] loop3: detected capacity change from 0 to 512 [ 69.643560][ T5912] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 69.700492][ T5912] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1029: Failed to acquire dquot type 1 [ 69.720204][ T5912] EXT4-fs (loop3): 1 truncate cleaned up [ 69.794045][ T5926] loop4: detected capacity change from 0 to 512 [ 69.801259][ T5926] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 69.811495][ T5926] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1046: bg 0: block 104: invalid block bitmap [ 69.824453][ T5926] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 69.833507][ T5926] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1046: invalid indirect mapped block 1 (level 1) [ 69.847008][ T5926] EXT4-fs (loop4): 1 truncate cleaned up [ 70.004913][ T5945] netlink: 332 bytes leftover after parsing attributes in process `syz.3.1044'. [ 70.311075][ T5983] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1064'. [ 70.501933][ C1] vcan0: j1939_tp_rxtimer: 0xffff88811a2a5a00: rx timeout, send abort [ 70.510972][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a2a5a00: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 70.805372][ T6039] lo speed is unknown, defaulting to 1000 [ 70.851591][ T6045] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1092'. [ 70.868357][ T6045] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1092'. [ 70.888714][ T6047] netdevsim netdevsim5: Direct firmware load for ..€ failed with error -2 [ 71.015636][ T6067] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0) [ 71.024373][ T6067] SELinux: failed to load policy [ 71.120285][ T6074] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1102'. [ 71.238538][ T29] kauditd_printk_skb: 269 callbacks suppressed [ 71.238557][ T29] audit: type=1326 audit(2000000018.970:2141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6087 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 71.292264][ T29] audit: type=1326 audit(2000000019.000:2142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6087 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 71.316124][ T29] audit: type=1326 audit(2000000019.000:2143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6087 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 71.340042][ T29] audit: type=1326 audit(2000000019.000:2144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6087 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 71.363536][ T29] audit: type=1326 audit(2000000019.000:2145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6087 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 71.373759][ T6093] openvswitch: netlink: Message has 6 unknown bytes. [ 71.387184][ T29] audit: type=1326 audit(2000000019.000:2146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6087 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 71.417809][ T29] audit: type=1326 audit(2000000019.000:2147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6087 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 71.441945][ T29] audit: type=1326 audit(2000000019.000:2148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6087 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 71.466164][ T29] audit: type=1326 audit(2000000019.000:2149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6087 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f98c557d710 code=0x7ffc0000 [ 71.489945][ T29] audit: type=1326 audit(2000000019.000:2150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6087 comm="syz.4.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f98c557d710 code=0x7ffc0000 [ 71.580170][ T6101] SELinux: failed to load policy [ 71.620439][ T6105] sch_tbf: peakrate 7 is lower than or equals to rate 19 ! [ 72.040198][ T6155] loop4: detected capacity change from 0 to 512 [ 72.060899][ T6155] EXT4-fs mount: 10 callbacks suppressed [ 72.060928][ T6155] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.100141][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.118447][ T6160] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1141'. [ 72.127462][ T6160] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1141'. [ 72.236566][ T1460] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.302689][ T1460] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.365261][ T36] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 72.372824][ T36] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 72.380320][ T36] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 72.388140][ T36] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 72.395618][ T36] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 72.403312][ T36] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 72.410775][ T36] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 72.418361][ T36] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 72.425801][ T36] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 72.433265][ T36] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 72.443929][ T1460] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.454116][ T36] hid-generic 0003:0004:0000.0002: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 72.525436][ T1460] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.590634][ T6202] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 72.631665][ T6178] lo speed is unknown, defaulting to 1000 [ 72.688218][ T1460] dummy0: left allmulticast mode [ 72.706688][ T1460] bridge0: port 3(dummy0) entered disabled state [ 72.784403][ T1460] bridge_slave_1: left allmulticast mode [ 72.790158][ T1460] bridge_slave_1: left promiscuous mode [ 72.795907][ T1460] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.818071][ T1460] bridge_slave_0: left allmulticast mode [ 72.824089][ T1460] bridge_slave_0: left promiscuous mode [ 72.830176][ T1460] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.961183][ T1460] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 72.975833][ T1460] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 72.993639][ T1460] bond0 (unregistering): Released all slaves [ 73.065411][ T1460] hsr_slave_0: left promiscuous mode [ 73.071277][ T1460] hsr_slave_1: left promiscuous mode [ 73.082513][ T1460] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 73.090084][ T1460] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 73.098953][ T1460] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 73.106639][ T1460] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 73.135442][ T1460] veth1_macvtap: left promiscuous mode [ 73.147969][ T1460] veth0_macvtap: left promiscuous mode [ 73.232227][ T1460] team0 (unregistering): Port device team_slave_1 removed [ 73.268978][ T1460] team0 (unregistering): Port device team_slave_0 removed [ 73.337051][ T6258] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 73.365281][ T6260] loop5: detected capacity change from 0 to 512 [ 73.414883][ T6260] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.416160][ T6178] chnl_net:caif_netlink_parms(): no params data found [ 73.481620][ T4444] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.516789][ T6178] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.524074][ T6178] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.546765][ T6178] bridge_slave_0: entered allmulticast mode [ 73.563826][ T6178] bridge_slave_0: entered promiscuous mode [ 73.578812][ T6178] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.585949][ T6178] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.598000][ T6178] bridge_slave_1: entered allmulticast mode [ 73.604710][ T6178] bridge_slave_1: entered promiscuous mode [ 73.613791][ T6286] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1191'. [ 73.660180][ T6178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.711197][ T6178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.763805][ T6178] team0: Port device team_slave_0 added [ 73.773250][ T6309] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 73.782023][ T6309] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 73.794199][ T6178] team0: Port device team_slave_1 added [ 73.800767][ T6309] sch_fq: defrate 4294967295 ignored. [ 73.834864][ T6178] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 73.842224][ T6178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.868206][ T6178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 73.881656][ T6178] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 73.888737][ T6178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.914714][ T6178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 73.955583][ T6178] hsr_slave_0: entered promiscuous mode [ 73.971604][ T6178] hsr_slave_1: entered promiscuous mode [ 73.982184][ T6178] debugfs: 'hsr0' already exists in 'hsr' [ 73.988005][ T6178] Cannot create hsr debugfs directory [ 74.056972][ T6334] team_slave_0: entered promiscuous mode [ 74.063726][ T6334] team_slave_0: left promiscuous mode [ 74.339183][ T6178] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 74.351928][ T6178] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 74.380743][ T6178] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 74.404441][ T6178] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 74.405524][ T6357] loop2: detected capacity change from 0 to 1024 [ 74.423571][ T6357] EXT4-fs: Ignoring removed orlov option [ 74.432978][ T6357] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.531365][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.556959][ T6178] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.586856][ T6178] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.605452][ T6377] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1228'. [ 74.619659][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.626897][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.650889][ T2867] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.658250][ T2867] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.708371][ T6387] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6387 comm=syz.4.1233 [ 74.803367][ T6397] loop5: detected capacity change from 0 to 1024 [ 74.831969][ T6397] EXT4-fs: inline encryption not supported [ 74.842539][ T6403] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1240'. [ 74.860371][ T6178] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.868957][ T6397] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.905705][ T6397] SELinux: security_context_str_to_sid (unt-ro,) failed with errno=-22 [ 74.948138][ T4444] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.060996][ T6178] veth0_vlan: entered promiscuous mode [ 75.074690][ T6178] veth1_vlan: entered promiscuous mode [ 75.100956][ T6178] veth0_macvtap: entered promiscuous mode [ 75.102907][ T3147] hid-generic 0000:0000:0000.0003: hidraw0: HID v80008.00 Device [syz0] on syz0 [ 75.122708][ T6178] veth1_macvtap: entered promiscuous mode [ 75.146851][ T6178] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.175854][ T6178] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.197184][ T2867] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.220730][ T2867] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.242758][ T2867] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.263823][ T2867] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.345457][ T6452] __nla_validate_parse: 1 callbacks suppressed [ 75.345477][ T6452] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1258'. [ 75.601862][ T6485] 8021q: adding VLAN 0 to HW filter on device bond1 [ 75.614344][ T6492] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1276'. [ 75.871918][ T6539] rdma_op ffff88811a2ee180 conn xmit_rdma 0000000000000000 [ 75.941108][ T6551] /dev/md0: Can't lookup blockdev [ 75.973607][ T6561] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 76.012103][ T6567] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1309'. [ 76.147949][ T6582] program syz.5.1317 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 76.183809][ T6590] loop4: detected capacity change from 0 to 512 [ 76.198172][ T6590] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 76.249408][ T29] kauditd_printk_skb: 150 callbacks suppressed [ 76.249507][ T29] audit: type=1400 audit(2000000023.980:2301): avc: denied { create } for pid=6594 comm="syz.0.1322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 76.275416][ T29] audit: type=1400 audit(2000000023.980:2302): avc: denied { mounton } for pid=6594 comm="syz.0.1322" path="/257/file0" dev="tmpfs" ino=1344 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 76.449801][ T6615] loop4: detected capacity change from 0 to 512 [ 76.487746][ T6615] EXT4-fs: Ignoring removed bh option [ 76.510559][ T6615] EXT4-fs: Ignoring removed mblk_io_submit option [ 76.534190][ T6615] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 76.552864][ T6615] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 76.561340][ T6615] EXT4-fs (loop4): orphan cleanup on readonly fs [ 76.573189][ T6615] Quota error (device loop4): do_insert_tree: Free block already used in tree: block 4 [ 76.583234][ T6615] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota [ 76.597394][ T6615] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.1331: Failed to acquire dquot type 1 [ 76.610032][ T6615] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.1331: Invalid block bitmap block 0 in block_group 0 [ 76.625991][ T6627] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0' [ 76.626749][ T6615] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.1331: Invalid block bitmap block 0 in block_group 0 [ 76.650559][ T6615] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.1331: Invalid block bitmap block 0 in block_group 0 [ 76.673209][ T6615] Quota error (device loop4): write_blk: dquota write failed [ 76.681017][ T6615] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 76.691126][ T6615] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.1331: Failed to acquire dquot type 1 [ 76.695735][ T6629] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1337'. [ 76.713563][ T6615] Quota error (device loop4): write_blk: dquota write failed [ 76.721091][ T6615] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 76.731061][ T6615] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.1331: Failed to acquire dquot type 1 [ 76.755880][ T6633] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1339'. [ 76.767355][ T29] audit: type=1400 audit(2000000024.500:2303): avc: denied { read } for pid=6632 comm="syz.2.1339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 76.775772][ T6615] EXT4-fs (loop4): 1 orphan inode deleted [ 76.824288][ T6639] netlink: 61967 bytes leftover after parsing attributes in process `syz.5.1342'. [ 76.834105][ T6615] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 76.854662][ T29] audit: type=1400 audit(2000000024.580:2304): avc: denied { block_suspend } for pid=6640 comm="syz.5.1344" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 76.894437][ T6615] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 76.942833][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.313334][ T6677] atomic_op ffff888104ab0928 conn xmit_atomic 0000000000000000 [ 77.511853][ T6700] loop5: detected capacity change from 0 to 512 [ 77.528295][ T6700] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 77.560199][ T6700] EXT4-fs (loop5): 1 truncate cleaned up [ 77.566279][ T6700] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.680943][ T4444] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.713192][ T6718] loop3: detected capacity change from 0 to 2048 [ 77.742636][ T6718] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.789703][ T6730] hub 9-0:1.0: USB hub found [ 77.800037][ T6730] hub 9-0:1.0: 8 ports detected [ 77.816985][ T6178] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.862804][ T6748] netlink: 'syz.5.1383': attribute type 4 has an invalid length. [ 77.885084][ T6748] netlink: 'syz.5.1383': attribute type 4 has an invalid length. [ 77.926369][ T6751] loop4: detected capacity change from 0 to 256 [ 77.936680][ T6751] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001) [ 77.983871][ T6757] loop3: detected capacity change from 0 to 2048 [ 78.013269][ T6767] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1388'. [ 78.036861][ T6759] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1388'. [ 78.050544][ T6757] Alternate GPT is invalid, using primary GPT. [ 78.056952][ T6757] loop3: p1 p2 p3 [ 78.060751][ T6757] loop3: partition table partially beyond EOD, truncated [ 78.115000][ T6773] loop0: detected capacity change from 0 to 128 [ 78.122610][ T6773] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 78.151990][ T6773] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 78.224829][ T6783] lo speed is unknown, defaulting to 1000 [ 78.230852][ T1460] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 78.321707][ T6794] ipvlan2: entered promiscuous mode [ 78.340398][ T6794] bridge0: port 3(ipvlan2) entered blocking state [ 78.347032][ T6794] bridge0: port 3(ipvlan2) entered disabled state [ 78.362255][ T6797] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2621 [ 78.373884][ T3147] IPVS: starting estimator thread 0... [ 78.380283][ T6794] ipvlan2: entered allmulticast mode [ 78.385637][ T6794] bridge0: entered allmulticast mode [ 78.396124][ T6794] ipvlan2: left allmulticast mode [ 78.401380][ T6794] bridge0: left allmulticast mode [ 78.477790][ T6801] IPVS: using max 2016 ests per chain, 100800 per kthread [ 78.504807][ T6818] netlink: 51563 bytes leftover after parsing attributes in process `syz.0.1415'. [ 78.642463][ T6827] lo speed is unknown, defaulting to 1000 [ 78.776434][ T6840] netlink: 'syz.2.1425': attribute type 1 has an invalid length. [ 78.911507][ T6852] loop5: detected capacity change from 0 to 512 [ 78.968379][ T6852] EXT4-fs: Ignoring removed bh option [ 78.975291][ T6852] EXT4-fs: Ignoring removed mblk_io_submit option [ 78.995786][ T6852] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 79.023441][ T6852] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 79.040620][ T6852] EXT4-fs (loop5): orphan cleanup on readonly fs [ 79.053078][ T6856] loop4: detected capacity change from 0 to 2048 [ 79.076096][ T6852] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.1431: Failed to acquire dquot type 1 [ 79.096545][ T6860] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125 [ 79.105028][ T6852] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.1431: Invalid block bitmap block 0 in block_group 0 [ 79.121967][ T6856] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.134734][ T6852] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.1431: Invalid block bitmap block 0 in block_group 0 [ 79.158538][ T6852] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.1431: Invalid block bitmap block 0 in block_group 0 [ 79.162088][ T6866] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1435'. [ 79.175990][ T6852] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.1431: Failed to acquire dquot type 1 [ 79.195348][ T6852] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.1431: Failed to acquire dquot type 1 [ 79.209873][ T6852] EXT4-fs (loop5): 1 orphan inode deleted [ 79.222385][ T6852] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 79.226236][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.256079][ T6852] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 79.277370][ T6852] syz.5.1431 (6852) used greatest stack depth: 9072 bytes left [ 79.291128][ T4444] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.349502][ T6874] smc: net device bond0 applied user defined pnetid SYZ0 [ 79.362473][ T6874] smc: net device bond0 erased user defined pnetid SYZ0 [ 79.368245][ T6883] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125 [ 79.573223][ T6913] lo speed is unknown, defaulting to 1000 [ 79.693447][ T6935] netlink: 'syz.0.1462': attribute type 13 has an invalid length. [ 79.701405][ T6935] netlink: 'syz.0.1462': attribute type 17 has an invalid length. [ 79.783501][ T6935] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 79.884819][ T6954] loop2: detected capacity change from 0 to 512 [ 79.911252][ T6964] loop4: detected capacity change from 0 to 512 [ 79.925858][ T6954] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.939917][ T6954] ext4 filesystem being mounted at /269/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 79.953786][ T6954] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1475: corrupted inode contents [ 79.965870][ T6954] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #2: comm syz.2.1475: mark_inode_dirty error [ 79.967937][ T6964] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.978005][ T6954] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1475: corrupted inode contents [ 79.990018][ T6964] ext4 filesystem being mounted at /351/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 80.040998][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.055254][ T6978] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1475: corrupted inode contents [ 80.071101][ T6978] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #2: comm syz.2.1475: mark_inode_dirty error [ 80.083374][ T6978] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1475: corrupted inode contents [ 80.097115][ T6978] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.1475: mark_inode_dirty error [ 80.109905][ T6981] loop5: detected capacity change from 0 to 2048 [ 80.118276][ T6978] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1475: corrupted inode contents [ 80.148653][ T6978] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #2: comm syz.2.1475: mark_inode_dirty error [ 80.163969][ T6981] Alternate GPT is invalid, using primary GPT. [ 80.170390][ T6981] loop5: p1 p2 p3 [ 80.174146][ T6981] loop5: partition table partially beyond EOD, truncated [ 80.208456][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.294844][ T7002] loop5: detected capacity change from 0 to 128 [ 80.323091][ T7002] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 80.341393][ T7002] System zones: 1-3, 19-19, 35-36 [ 80.353619][ T7002] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 80.366557][ T7002] ext4 filesystem being mounted at /181/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 80.459610][ T4444] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 80.464800][ T7014] syzkaller1: tun_chr_ioctl cmd 1074025678 [ 80.474858][ T7014] syzkaller1: group set to 0 [ 80.493997][ T7016] __nla_validate_parse: 8 callbacks suppressed [ 80.494016][ T7016] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1499'. [ 80.506011][ T7018] vcan0: tx drop: invalid sa for name 0xffffffffffffffff [ 80.516691][ T7016] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 80.533200][ T7016] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 80.568881][ T7022] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1503'. [ 80.684337][ T7038] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1510'. [ 80.702179][ T7038] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1510'. [ 80.712475][ T7038] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1510'. [ 80.723586][ T7038] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1510'. [ 80.757189][ T7041] loop5: detected capacity change from 0 to 2048 [ 80.813006][ T7041] loop5: p2 p3 p7 [ 80.907649][ T7073] IPv6: NLM_F_CREATE should be specified when creating new route [ 80.982983][ T7083] syz_tun: refused to change device tx_queue_len [ 81.090914][ T7093] loop4: detected capacity change from 0 to 128 [ 81.201589][ T7105] netlink: 'syz.0.1540': attribute type 3 has an invalid length. [ 81.265478][ T29] kauditd_printk_skb: 308 callbacks suppressed [ 81.265507][ T29] audit: type=1400 audit(2000000028.990:2607): avc: denied { unmount } for pid=3300 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 81.296104][ T7116] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1545'. [ 81.301952][ T7117] loop0: detected capacity change from 0 to 512 [ 81.306875][ T7116] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 81.321064][ T29] audit: type=1400 audit(2000000029.030:2608): avc: denied { read } for pid=7110 comm="syz.2.1544" dev="nsfs" ino=4026532376 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 81.343117][ T29] audit: type=1400 audit(2000000029.030:2609): avc: denied { open } for pid=7110 comm="syz.2.1544" path="pid:[4026532376]" dev="nsfs" ino=4026532376 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 81.367995][ T29] audit: type=1400 audit(2000000029.050:2610): avc: denied { mounton } for pid=7110 comm="syz.2.1544" path="/proc/631/cgroup" dev="proc" ino=16869 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 81.391157][ T29] audit: type=1400 audit(2000000029.050:2611): avc: denied { mounton } for pid=7110 comm="syz.2.1544" path="/proc/631/cgroup" dev="nsfs" ino=4026532376 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 81.416345][ T7116] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 81.424047][ T7117] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 81.433901][ T7117] EXT4-fs (loop0): orphan cleanup on readonly fs [ 81.443927][ T7117] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1547: corrupted inode contents [ 81.456318][ T7117] EXT4-fs (loop0): Remounting filesystem read-only [ 81.463012][ T7117] EXT4-fs (loop0): 1 truncate cleaned up [ 81.471801][ T29] audit: type=1400 audit(2000000029.200:2612): avc: denied { listen } for pid=7120 comm="syz.4.1548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 81.498337][ T12] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 81.509350][ T12] Quota error (device loop0): write_blk: dquota write failed [ 81.516860][ T12] Quota error (device loop0): remove_free_dqentry: Can't write block (5) with free entries [ 81.527016][ T12] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 81.537843][ T12] Quota error (device loop0): write_blk: dquota write failed [ 81.545371][ T12] Quota error (device loop0): free_dqentry: Can't move quota data block (5) to free list [ 81.577098][ T12] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started [ 81.589257][ T7117] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 81.632346][ T7136] loop4: detected capacity change from 0 to 2048 [ 81.640277][ T7138] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1553'. [ 81.672466][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.687524][ T7136] loop4: p2 p3 p7 [ 81.796816][ T7157] loop4: detected capacity change from 0 to 128 [ 81.810944][ T7157] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 81.820269][ T7157] System zones: 1-3, 19-19, 35-36 [ 81.828563][ T7157] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 81.848296][ T7157] ext4 filesystem being mounted at /367/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 81.927322][ T3300] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 81.939907][ T7165] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1566'. [ 81.952499][ T7166] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7166 comm=syz.0.1565 [ 81.965401][ T7166] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7166 comm=syz.0.1565 [ 82.124992][ T7187] IPv6: Can't replace route, no match found [ 82.132177][ T7189] ref_ctr_offset mismatch. inode: 0x402 offset: 0x0 ref_ctr_offset(old): 0x82 ref_ctr_offset(new): 0x0 [ 82.155161][ T7191] loop4: detected capacity change from 0 to 1024 [ 82.163920][ T7191] EXT4-fs: Ignoring removed orlov option [ 82.169975][ T7191] EXT4-fs: Ignoring removed nomblk_io_submit option [ 82.181235][ T7195] capability: warning: `syz.5.1580' uses deprecated v2 capabilities in a way that may be insecure [ 82.211739][ T7191] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.243571][ T7191] EXT4-fs (loop4): shut down requested (0) [ 82.259075][ T7202] vcan0: tx drop: invalid sa for name 0xffffffffffffffff [ 82.283531][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.305513][ T7206] netlink: 'syz.0.1583': attribute type 21 has an invalid length. [ 82.313892][ T7206] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1583'. [ 82.583778][ T7240] loop5: detected capacity change from 0 to 128 [ 82.602002][ T7240] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 82.622330][ T7240] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 82.713999][ T7254] rdma_op ffff888118d09d80 conn xmit_rdma 0000000000000000 [ 82.889752][ T9] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=9 comm=kworker/0:0 [ 82.952060][ T7273] 9pnet: p9_errstr2errno: server reported unknown error 18446 [ 82.998188][ T7286] IPVS: stopping backup sync thread 7291 ... [ 83.001293][ T7291] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0 [ 83.008953][ T7288] loop2: detected capacity change from 0 to 1024 [ 83.022112][ T7288] EXT4-fs: Ignoring removed orlov option [ 83.032594][ T7290] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 83.043380][ T7290] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.071548][ T7288] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 83.089062][ T7288] ext4 filesystem being mounted at /301/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.104377][ T7288] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 83.136925][ T7290] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 83.147585][ T7290] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.167278][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 83.213401][ T7305] SELinux: policydb version 384 does not match my version range 15-35 [ 83.236631][ T7305] SELinux: failed to load policy [ 83.252927][ T7290] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 83.263330][ T7290] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.306502][ T7311] loop3: detected capacity change from 0 to 1024 [ 83.313584][ T7311] EXT4-fs: Ignoring removed orlov option [ 83.319657][ T7311] EXT4-fs: Ignoring removed nomblk_io_submit option [ 83.332817][ T7311] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.349263][ T7290] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 83.353718][ T7311] EXT4-fs (loop3): shut down requested (0) [ 83.359722][ T7290] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.396923][ T6178] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.426600][ T1460] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 83.435266][ T1460] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.448299][ T3477] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 83.456830][ T3477] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.468036][ T1460] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 83.476323][ T1460] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.496226][ T3477] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 83.504785][ T3477] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.644094][ T7333] netlink: 'syz.2.1636': attribute type 1 has an invalid length. [ 83.692166][ T7333] 8021q: adding VLAN 0 to HW filter on device bond2 [ 83.737071][ T7340] bond2: (slave geneve2): making interface the new active one [ 83.752714][ T7340] bond2: (slave geneve2): Enslaving as an active interface with an up link [ 83.776637][ T7349] loop3: detected capacity change from 0 to 1024 [ 83.802087][ T7349] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.877788][ T7359] SELinux: failed to load policy [ 83.952744][ T6178] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.963096][ T7371] vhci_hcd: invalid port number 96 [ 83.968361][ T7371] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 84.000519][ T7375] loop0: detected capacity change from 0 to 512 [ 84.031219][ T7375] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1654: bg 0: block 5: invalid block bitmap [ 84.044399][ T7375] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 84.053880][ T7375] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1654: invalid indirect mapped block 3 (level 2) [ 84.069890][ T7375] EXT4-fs (loop0): 2 truncates cleaned up [ 84.076146][ T7375] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.079933][ T7388] IPVS: stopping backup sync thread 7390 ... [ 84.169118][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.182870][ T7397] loop5: detected capacity change from 0 to 512 [ 84.228857][ T7397] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.1663: Failed to acquire dquot type 1 [ 84.279491][ T7397] EXT4-fs (loop5): 1 truncate cleaned up [ 84.285659][ T7397] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.304178][ T7397] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.331993][ T7421] loop0: detected capacity change from 0 to 4096 [ 84.339047][ T7421] EXT4-fs: Ignoring removed nomblk_io_submit option [ 84.352392][ T7421] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.352564][ T4444] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.768724][ T7459] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 84.782238][ T7458] IPVS: stopping master sync thread 7459 ... [ 84.864188][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.926719][ T7480] atomic_op ffff888129956128 conn xmit_atomic 0000000000000000 [ 85.006167][ T7483] loop2: detected capacity change from 0 to 8192 [ 85.341977][ T7507] loop4: detected capacity change from 0 to 1024 [ 85.359055][ T7507] EXT4-fs: Ignoring removed bh option [ 85.376068][ T7507] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 85.411628][ T7507] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.497555][ T7507] EXT4-fs error (device loop4): ext4_check_all_de:659: inode #12: block 7: comm syz.4.1710: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 85.548714][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.716628][ T7530] loop0: detected capacity change from 0 to 512 [ 85.750590][ T7530] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002] [ 85.761422][ T7530] System zones: 0-2, 18-18, 34-35 [ 85.769174][ T7530] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.791453][ T7530] ext4 filesystem being mounted at /322/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 85.831965][ T7530] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #18: comm syz.0.1720: corrupted inode contents [ 85.855916][ T7530] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #18: comm syz.0.1720: mark_inode_dirty error [ 85.886703][ T7530] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #18: comm syz.0.1720: corrupted inode contents [ 85.901970][ T7545] SELinux: Context @ is not valid (left unmapped). [ 85.923461][ T7530] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2991: inode #18: comm syz.0.1720: mark_inode_dirty error [ 85.940053][ T7530] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2994: inode #18: comm syz.0.1720: mark inode dirty (error -117) [ 85.962300][ T7530] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117) [ 85.988580][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.246913][ T7564] SELinux: ebitmap: truncated map [ 86.260818][ T7564] SELinux: failed to load policy [ 86.300339][ T7500] syz.3.1707 (7500) used greatest stack depth: 7288 bytes left [ 86.414052][ T29] kauditd_printk_skb: 248 callbacks suppressed [ 86.414070][ T29] audit: type=1400 audit(2000000000.780:2857): avc: denied { mounton } for pid=7580 comm="syz.3.1742" path="/95/file0" dev="tmpfs" ino=508 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 86.446021][ T7583] loop3: detected capacity change from 0 to 2048 [ 86.449665][ T37] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe [ 86.475845][ T29] audit: type=1326 audit(2000000000.820:2858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7516 comm="syz.2.1715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd70d1deec9 code=0x7fc00000 [ 86.507539][ T7588] netlink: 4380 bytes leftover after parsing attributes in process `syz.2.1745'. [ 86.517334][ T7588] netlink: 4380 bytes leftover after parsing attributes in process `syz.2.1745'. [ 86.529085][ T7583] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.592198][ T29] audit: type=1400 audit(2000000000.950:2859): avc: denied { setopt } for pid=7595 comm="syz.2.1748" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 86.624236][ T7600] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 86.645858][ T7600] SELinux: failed to load policy [ 86.697209][ T7604] loop0: detected capacity change from 0 to 2048 [ 86.710271][ T7604] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.746158][ T6178] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.775531][ T29] audit: type=1400 audit(2000000001.140:2860): avc: denied { mount } for pid=7611 comm="syz.2.1754" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 86.829596][ T7619] netlink: 196 bytes leftover after parsing attributes in process `syz.3.1755'. [ 86.919784][ T29] audit: type=1400 audit(2000000001.290:2861): avc: denied { listen } for pid=7626 comm="syz.2.1762" path=2F3332352FE91F7189591E9233614B scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1 [ 86.962897][ T29] audit: type=1400 audit(2000000001.290:2862): avc: denied { connect } for pid=7628 comm="syz.2.1763" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 86.982732][ T29] audit: type=1400 audit(2000000001.290:2863): avc: denied { getopt } for pid=7628 comm="syz.2.1763" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 87.027818][ T29] audit: type=1326 audit(2000000001.390:2864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7633 comm="syz.4.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 87.051441][ T29] audit: type=1326 audit(2000000001.390:2865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7633 comm="syz.4.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 87.075012][ T29] audit: type=1326 audit(2000000001.390:2866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7633 comm="syz.4.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c557eec9 code=0x7ffc0000 [ 87.113558][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.147482][ T7639] loop0: detected capacity change from 0 to 1024 [ 87.175420][ T7639] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.196455][ T7639] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.1767: Allocating blocks 385-513 which overlap fs metadata [ 87.237909][ T7639] EXT4-fs (loop0): pa ffff888106fd9380: logic 16, phys. 129, len 24 [ 87.246149][ T7639] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 87.287527][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.311928][ T7662] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1776'. [ 87.320952][ T7662] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1776'. [ 87.334267][ T1460] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 87.343382][ T7662] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1776'. [ 87.352364][ T7662] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1776'. [ 87.361649][ T1460] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 87.370603][ T1460] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 87.379782][ T1460] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 87.493164][ T7681] loop0: detected capacity change from 0 to 128 [ 87.612147][ T37] kworker/u8:2: attempt to access beyond end of device [ 87.612147][ T37] loop0: rw=1, sector=145, nr_sectors = 16 limit=128 [ 87.626101][ T37] kworker/u8:2: attempt to access beyond end of device [ 87.626101][ T37] loop0: rw=1, sector=169, nr_sectors = 8 limit=128 [ 87.639925][ T37] kworker/u8:2: attempt to access beyond end of device [ 87.639925][ T37] loop0: rw=1, sector=185, nr_sectors = 8 limit=128 [ 87.669925][ T37] kworker/u8:2: attempt to access beyond end of device [ 87.669925][ T37] loop0: rw=1, sector=201, nr_sectors = 8 limit=128 [ 87.685004][ T37] kworker/u8:2: attempt to access beyond end of device [ 87.685004][ T37] loop0: rw=1, sector=217, nr_sectors = 8 limit=128 [ 87.699598][ T37] kworker/u8:2: attempt to access beyond end of device [ 87.699598][ T37] loop0: rw=1, sector=233, nr_sectors = 8 limit=128 [ 87.713368][ T37] kworker/u8:2: attempt to access beyond end of device [ 87.713368][ T37] loop0: rw=1, sector=249, nr_sectors = 8 limit=128 [ 87.726962][ T37] kworker/u8:2: attempt to access beyond end of device [ 87.726962][ T37] loop0: rw=1, sector=265, nr_sectors = 8 limit=128 [ 87.740728][ T37] kworker/u8:2: attempt to access beyond end of device [ 87.740728][ T37] loop0: rw=1, sector=281, nr_sectors = 8 limit=128 [ 87.754459][ T37] kworker/u8:2: attempt to access beyond end of device [ 87.754459][ T37] loop0: rw=1, sector=297, nr_sectors = 8 limit=128 [ 87.812001][ T7695] SELinux: ebitmap: truncated map [ 87.820016][ T7695] SELinux: failed to load policy [ 87.875370][ T7706] block device autoloading is deprecated and will be removed. [ 87.899151][ T7712] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125 [ 87.994244][ T7728] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.012065][ T7733] SELinux: Context system_u:object_r:ptchown_exec_t:s0 is not valid (left unmapped). [ 88.072290][ T7728] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.090849][ T7739] netlink: 'syz.2.1812': attribute type 1 has an invalid length. [ 88.098942][ T7739] netlink: 'syz.2.1812': attribute type 2 has an invalid length. [ 88.112046][ T7728] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.130746][ T7742] ref_ctr_offset mismatch. inode: 0x6c2 offset: 0x0 ref_ctr_offset(old): 0x82 ref_ctr_offset(new): 0x0 [ 88.171230][ T7747] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1817'. [ 88.172288][ T7728] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.256136][ T37] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.268967][ T37] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.294174][ T37] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.310318][ T37] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.448446][ T7779] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7779 comm=syz.4.1832 [ 88.504541][ T7782] loop0: detected capacity change from 0 to 8192 [ 88.682471][ T7798] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.753409][ T7798] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.801571][ T7798] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.851156][ T7798] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.868217][ T7816] tmpfs: Too small a size for current use [ 88.917585][ T37] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.941940][ T37] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.967580][ T37] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.996942][ T37] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.119062][ T3408] hid_parser_main: 37 callbacks suppressed [ 89.119085][ T3408] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.132468][ T3408] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.140234][ T3408] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.148298][ T3408] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.155755][ T3408] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.163640][ T3408] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.171124][ T3408] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.178638][ T3408] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.186131][ T3408] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.193732][ T3408] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 89.229076][ T3408] hid-generic 0000:0000:0000.0004: hidraw0: HID v8.00 Device [syz0] on syz0 [ 89.271131][ T7854] loop4: detected capacity change from 0 to 512 [ 89.409221][ T7863] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 89.419646][ T7863] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.494530][ T7863] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 89.504943][ T7863] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.567634][ T7863] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 89.578340][ T7863] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.642206][ T7863] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 89.652631][ T7863] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.758101][ T2867] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 89.761410][ T7884] loop3: detected capacity change from 0 to 512 [ 89.766358][ T2867] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.778402][ T2867] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 89.789562][ T2867] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.908137][ T7884] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 89.919475][ T7889] ref_ctr_offset mismatch. inode: 0x589 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 89.928260][ T2867] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 89.939652][ T2867] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.962893][ T7884] EXT4-fs (loop3): 1 truncate cleaned up [ 89.968606][ T2867] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 89.968719][ T2867] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.988366][ T7884] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.089144][ T6178] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.132326][ T7905] loop5: detected capacity change from 0 to 512 [ 90.149206][ T7905] EXT4-fs warning (device loop5): ext4_xattr_inode_get:542: inode #11: comm syz.5.1889: ea_inode file size=4 entry size=6 [ 90.165719][ T7905] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.1889: corrupted inode contents [ 90.188786][ T7905] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #15: comm syz.5.1889: mark_inode_dirty error [ 90.203322][ T7905] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.1889: corrupted inode contents [ 90.218144][ T7905] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #15: comm syz.5.1889: mark_inode_dirty error [ 90.226942][ T7910] bridge0: entered promiscuous mode [ 90.236992][ T7905] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #15: comm syz.5.1889: mark inode dirty (error -117) [ 90.250350][ T7908] loop3: detected capacity change from 0 to 8192 [ 90.257512][ T7910] macsec1: entered promiscuous mode [ 90.263933][ T7910] bridge0: port 4(macsec1) entered blocking state [ 90.270448][ T7910] bridge0: port 4(macsec1) entered disabled state [ 90.277391][ T7905] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117) [ 90.278098][ T7910] macsec1: entered allmulticast mode [ 90.291942][ T7910] bridge0: entered allmulticast mode [ 90.297725][ T7905] EXT4-fs (loop5): 1 orphan inode deleted [ 90.298115][ T7910] macsec1: left allmulticast mode [ 90.304271][ T7905] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.308692][ T7910] bridge0: left allmulticast mode [ 90.327660][ T7910] bridge0: left promiscuous mode [ 90.327975][ T7905] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.495499][ T7927] loop0: detected capacity change from 0 to 2048 [ 90.510364][ T7927] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.725526][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.749866][ T7942] loop0: detected capacity change from 0 to 512 [ 90.759157][ T7942] EXT4-fs (loop0): orphan cleanup on readonly fs [ 90.766252][ T7942] EXT4-fs warning (device loop0): ext4_xattr_inode_get:556: inode #11: comm syz.0.1903: EA inode hash validation failed [ 90.780298][ T7942] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 90.793415][ T7942] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.1903: corrupted inode contents [ 90.805760][ T7942] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #15: comm syz.0.1903: mark_inode_dirty error [ 90.817731][ T7942] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.1903: corrupted inode contents [ 90.830122][ T7942] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2991: inode #15: comm syz.0.1903: mark_inode_dirty error [ 90.842890][ T7942] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2994: inode #15: comm syz.0.1903: mark inode dirty (error -117) [ 90.856548][ T7942] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117) [ 90.865838][ T7942] EXT4-fs (loop0): 1 orphan inode deleted [ 90.872166][ T7942] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 90.898039][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.342457][ T7962] random: crng reseeded on system resumption [ 91.381921][ T7945] netlink: 'syz.0.1904': attribute type 1 has an invalid length. [ 91.389854][ T7945] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1904'. [ 91.461995][ T29] kauditd_printk_skb: 117 callbacks suppressed [ 91.462014][ T29] audit: type=1400 audit(2000000005.830:2984): avc: denied { map } for pid=7968 comm="syz.4.1915" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 91.500294][ T7969] vhci_hcd: invalid port number 96 [ 91.505515][ T7969] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 91.597973][ T29] audit: type=1400 audit(2000000005.960:2985): avc: denied { map } for pid=7987 comm="syz.4.1925" path="socket:[20163]" dev="sockfs" ino=20163 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 91.621675][ T29] audit: type=1400 audit(2000000005.960:2986): avc: denied { read } for pid=7987 comm="syz.4.1925" path="socket:[20163]" dev="sockfs" ino=20163 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 91.687940][ T29] audit: type=1400 audit(2000000006.050:2987): avc: denied { ioctl } for pid=8000 comm="syz.0.1930" path="socket:[20573]" dev="sockfs" ino=20573 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 91.743425][ T8007] loop5: detected capacity change from 0 to 512 [ 91.824720][ T8019] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 91.834813][ T29] audit: type=1326 audit(2000000006.180:2988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8012 comm="syz.5.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa538d3eec9 code=0x7ffc0000 [ 91.848117][ T8019] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 91.858873][ T29] audit: type=1326 audit(2000000006.180:2989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8012 comm="syz.5.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa538d3eec9 code=0x7ffc0000 [ 91.890313][ T29] audit: type=1326 audit(2000000006.180:2990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8012 comm="syz.5.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa538d3eec9 code=0x7ffc0000 [ 91.914171][ T29] audit: type=1326 audit(2000000006.180:2991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8012 comm="syz.5.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7fa538d3eec9 code=0x7ffc0000 [ 91.938485][ T29] audit: type=1326 audit(2000000006.180:2992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8012 comm="syz.5.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa538d3eec9 code=0x7ffc0000 [ 91.966983][ T8024] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1938'. [ 92.015221][ T29] audit: type=1400 audit(2000000006.380:2993): avc: denied { read } for pid=8027 comm="syz.5.1941" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 92.068923][ T8038] random: crng reseeded on system resumption [ 92.157544][ T8044] loop5: detected capacity change from 0 to 512 [ 92.259747][ T8064] ref_ctr_offset mismatch. inode: 0x78a offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 92.280505][ T8066] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.312199][ T8066] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.362662][ T8066] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.410738][ T8081] SELinux: failed to load policy [ 92.433383][ T8066] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.477329][ T2867] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.505994][ T8089] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 92.517462][ T2867] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.528060][ T2867] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.547635][ T2867] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.561058][ T8093] loop4: detected capacity change from 0 to 512 [ 92.587848][ T8093] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 92.611162][ T8093] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 92.625819][ T8093] EXT4-fs (loop4): 1 truncate cleaned up [ 92.632471][ T8093] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 92.700804][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.723507][ T8104] loop0: detected capacity change from 0 to 512 [ 92.736375][ T8106] loop3: detected capacity change from 0 to 512 [ 92.743750][ T8104] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 92.755852][ T8106] EXT4-fs: Ignoring removed mblk_io_submit option [ 92.764706][ T8106] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 92.779573][ T8104] EXT4-fs (loop0): 1 truncate cleaned up [ 92.789729][ T8104] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 92.805940][ T8106] EXT4-fs (loop3): 1 truncate cleaned up [ 92.812525][ T8106] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 92.902589][ T8113] loop4: detected capacity change from 0 to 8192 [ 92.921556][ T8121] netlink: 'syz.3.1983': attribute type 21 has an invalid length. [ 92.930200][ T8121] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1983'. [ 92.939885][ T8121] netlink: 'syz.3.1983': attribute type 1 has an invalid length. [ 92.958170][ T8113] loop4: p1 p2[DM] p4 [ 92.962481][ T8113] loop4: p1 size 196608 extends beyond EOD, truncated [ 92.971406][ T8113] loop4: p2 start 4292936063 is beyond EOD, truncated [ 92.978372][ T8113] loop4: p4 size 50331648 extends beyond EOD, truncated [ 93.009322][ T2867] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 93.323779][ T8169] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 649 [ 93.352821][ T8172] loop4: detected capacity change from 0 to 128 [ 93.649923][ T8180] ================================================================== [ 93.658226][ T8180] BUG: KCSAN: data-race in __writeback_single_inode / xas_set_mark [ 93.666330][ T8180] [ 93.668668][ T8180] write to 0xffff888108a0af14 of 4 bytes by task 8172 on cpu 0: [ 93.676330][ T8180] xas_set_mark+0x12b/0x140 [ 93.680858][ T8180] __folio_start_writeback+0x1dd/0x440 [ 93.686388][ T8180] __block_write_full_folio+0x53a/0x8f0 [ 93.691964][ T8180] block_write_full_folio+0x2c2/0x2e0 [ 93.697373][ T8180] mpage_writepages+0x6cf/0x1250 [ 93.702328][ T8180] fat_writepages+0x24/0x30 [ 93.706864][ T8180] do_writepages+0x1c3/0x310 [ 93.711474][ T8180] file_write_and_wait_range+0x156/0x2c0 [ 93.717564][ T8180] __generic_file_fsync+0x46/0x140 [ 93.722874][ T8180] fat_file_fsync+0x49/0x100 [ 93.727518][ T8180] vfs_fsync_range+0x10a/0x130 [ 93.732290][ T8180] generic_file_write_iter+0x1b8/0x2f0 [ 93.737757][ T8180] iter_file_splice_write+0x666/0xa60 [ 93.743612][ T8180] direct_splice_actor+0x156/0x2a0 [ 93.749178][ T8180] splice_direct_to_actor+0x312/0x680 [ 93.754565][ T8180] do_splice_direct+0xda/0x150 [ 93.759344][ T8180] do_sendfile+0x380/0x650 [ 93.763776][ T8180] __x64_sys_sendfile64+0x105/0x150 [ 93.768995][ T8180] x64_sys_call+0x2bb0/0x2ff0 [ 93.773679][ T8180] do_syscall_64+0xd2/0x200 [ 93.778225][ T8180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.784140][ T8180] [ 93.786467][ T8180] read to 0xffff888108a0af14 of 4 bytes by task 8180 on cpu 1: [ 93.794022][ T8180] __writeback_single_inode+0x1f9/0x7c0 [ 93.799609][ T8180] writeback_single_inode+0x167/0x3e0 [ 93.805006][ T8180] sync_inode_metadata+0x5b/0x90 [ 93.809965][ T8180] __generic_file_fsync+0xf8/0x140 [ 93.815180][ T8180] fat_file_fsync+0x49/0x100 [ 93.819994][ T8180] vfs_fsync_range+0x10a/0x130 [ 93.824790][ T8180] generic_file_write_iter+0x1b8/0x2f0 [ 93.830270][ T8180] iter_file_splice_write+0x666/0xa60 [ 93.835756][ T8180] direct_splice_actor+0x156/0x2a0 [ 93.840883][ T8180] splice_direct_to_actor+0x312/0x680 [ 93.846278][ T8180] do_splice_direct+0xda/0x150 [ 93.851080][ T8180] do_sendfile+0x380/0x650 [ 93.855587][ T8180] __x64_sys_sendfile64+0x105/0x150 [ 93.860830][ T8180] x64_sys_call+0x2bb0/0x2ff0 [ 93.865577][ T8180] do_syscall_64+0xd2/0x200 [ 93.870301][ T8180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.876317][ T8180] [ 93.878655][ T8180] value changed: 0x0a000021 -> 0x04000021 [ 93.884384][ T8180] [ 93.886725][ T8180] Reported by Kernel Concurrency Sanitizer on: [ 93.893013][ T8180] CPU: 1 UID: 0 PID: 8180 Comm: syz.4.2004 Not tainted syzkaller #0 PREEMPT(voluntary) [ 93.902763][ T8180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 93.913048][ T8180] ==================================================================