last executing test programs: 26.245005205s ago: executing program 3 (id=86): io_setup(0x7, &(0x7f0000000100)=0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_timeval(r2, 0x1, 0x14, &(0x7f0000000000)={0x0, 0xea60}, 0x10) io_submit(r0, 0x2, &(0x7f00000004c0)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x0, r2, &(0x7f0000000140)="01", 0x1}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x8, 0x1, r1, 0x0, 0x0, 0x7}]) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0x401c5820, &(0x7f0000000080)={@desc={0xd32780, 0x0, @desc2}}) syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0) 26.080829858s ago: executing program 3 (id=90): socketpair$tipc(0x1e, 0x1, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002380)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b4090a79507df79f298129da487130d5f24b46001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad379e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee293fbd165a5a68488a010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a18159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7962b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac2bba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f407000000000000006d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab669ab377e4c2422a47e9ffe2d4a2d32f7528751313694bf57704400b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6940b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d30902208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c8000000000000003a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f000000000facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f296115d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc05000000000000006c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a4619a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806b90cc39c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d3133319e069f9648a2ff93060ff073b3a113e47e447c030931651dd315003b7a6a47c912853826c4c65433a2bb560ae99ec4b227eda2e63a1cb1a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e5f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec90f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858eb756c815e7695d00000000000000000000000000000000000000000000000000007ccf0ce549d97510f7f8765408bb702f0000006d4754c68b7064cf31a681421994e1f307f0ab4ff2e33d3c88fea5d218a276b77adfee7c8fb145783ee1f8adbd2c2604eab3a62a28611da1dae5ce60003111ce5c96a1d6e45ee144ffa3dcca32a33f8f0ce2995b7b7aa0bce228cbf37412cbbdebae06edb51a134301d2627d4927287daf9dcae6720334862d3a18094f1edd9e350337cbb804004d1755cfe7d7fa01872fb99815dcfbbc8141f6e1bbb0901ae91357677fd9d2bb00d4f17fb441c2dfa2b424bf46ae299d68ac27792cdac2b63a6038ab5546ba1e5ad6a329f2c627100e0442f865fc6c179ad3edcb6b000000000000000b0000000000000000ac192d48d76e2a8cae83ae850f73fdfbaca81b6b7b1a0d7b517f41fbd46aa24b0f4b8e0202e3a580947f1925ba4de097e8dcb6bd7f686322b45d4a544ca1e83b592d4a6d46d0a0dc39634550bc77d4cabba01b283082e66778de7c61a1a36838d36c2f8e58cef603770ee3d6a9625be0bc21d2be2da69ac9e9c5e88278d39239501b465102ad16d651ea8bb8cee35527c1ad42ac6a565e449929ccb4469bdd6824b64e13579b7188566e735200000000000000000094e05bcda1e96e4c33ccf6d74046e45bafe9d512c43a3e485dedad9a38b34f7fcd00fafcc25dc36716f0e21e0632425b7a1c1a6bc15c3fc07d914c88103411d8d2b77b72a796fd3aaa7ea493c7bc43e63b2b0d05ad5682121682096b224933fa20255d58a680cc2ec200"/3002], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2, 0x0, 0x0, 0x0, 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 26.006629029s ago: executing program 3 (id=93): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r0}, 0x18) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x101, 0x7ffc, 0xcc, 0x0, 0xffffffffffffffff, 0x101, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 25.907609651s ago: executing program 3 (id=95): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x2000000, &(0x7f0000000000)={[{@errors_remount}, {@usrquota}]}, 0x81, 0x7bb, &(0x7f00000003c0)="$eJzs3c1rXFUbAPDnTj6mSfu+yQsvvG9dBQQNlE5Mja2Ci4oLESwUdG0bkmmomWRKPkoTAm0RwY2g4kLQTdda686tH1v9L1xIS9W0WHEhI3fmTjJpZmJSMzOl/f3g5p5zv855cu7HSe5hJoDH1kj6IxdxOCLeTyKGsuVJRPRVU70RJ2vb3Vtfm0qnJCqV139JqtvcXV+bioZ9UgezzP8j4tt3Io7ktpe7uLI6O1kqFRey/NjS3IWxxZXVo+fnJmeKM8X54+MTE8dOPHfi+P7F+tsPq4duffDK01+c/OPt/91477skTsahbF1jHPtlJEay30lf+ivc4uX9LqzLkm5XgAeSXpo9tas8DsdQ9FRTLQx0smYAQLtcjogKAPCYSXb3/B/QTQCAR0X9/wB319em6lN3/yPRWbdfiogDtfir7zfzkcXfm72zO1B9Dzp4N9nyZiSJiOF9KH8kIj796s3P0yna9B4SoJkrVyPi7PDI9vt/sm3Mwl49s9PKSr46G9lYUBsk4v4HnfN12v95vln/L7fR/4km/Z/8lmv3wd1/jO3Xf+7mPhTTUtr/e7FhbNu9hvgzwz1Z7l/VPl9fcu58qZje2/4dEaPRl0/z49VNm4+CGr3z551W5Tf2/3798K3P0vLT+eYWuZu9+a37TE8uTf7TuOtuX414ordZ/MlG+yct+r+nd1nGqy+8+0mrdWn8abz1aXv87R1bVrkW8VTT9k+2lN96fOJY9XQYq58UTXz548eDrcrfbP98dZ6WX/9boBPS9h/cOf7hpHG85uKOh+trtvD7a0PftNqh8fzfjL9xwGjz878/eaOa7s+WXZpcWloYj+hPXtu+/NjmvvV8ffs0/tEnm1//rc7/XBbo2Y3cznpv/Xw9O1TT+KuuNMbf2faf3lP775CoZPvct+rGvdmeVuU3b//G+NP2n6imRrMlu7n//U1Nd3c2AwAAAAAAAAAAAAAAAAAAAAAAAMA+yUXEoUhyhY10Llco1L7D+78xmCuVF5eOnCsvz09H9buyh6MvV/+oy6GGz0Mdzz4Pv54/dl/+2Yj4T0R8lB+o5gtT5dJ0t4MHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMzBrd//fzmdFQq1dT/lu107AKBtDnS7AgBAx3n+A8DjZ2/P/4G21QMA6Jw9//1fSdpTEQCgY3b9/D/b3noAAJ3j/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtdvrUqXSq/L6+NpXmpy+uLM+WLx6dLi7OFuaWpwpT5YULhZlyeaZULCQ7HOhKbVYqly9MxPzypbGl4vVsVXl5funM+bnJmeKZYl8HYgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvVpcWZ2dLJWKCxI7JgY6VNZA1yPdXaI3HopqPPKJ/k4XGsO1G0Op8S4x0KW7EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDD768AAAD//4gBGVE=") creat(&(0x7f0000000040)='./bus\x00', 0xc8) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x185641, 0x0) r0 = open(&(0x7f00000003c0)='./bus\x00', 0x84902, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x11, r0, 0x0) rename(&(0x7f0000000580)='./file0\x00', &(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 25.662436945s ago: executing program 3 (id=98): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x800, &(0x7f00000001c0)={[{@gid}, {@iocharset={'iocharset', 0x3d, 'cp865'}}, {@namecase}, {@iocharset={'iocharset', 0x3d, 'cp862'}}, {@dmask={'dmask', 0x3d, 0x9}}, {@errors_remount}, {@utf8}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@iocharset={'iocharset', 0x3d, 'cp737'}}]}, 0x29, 0x1506, &(0x7f0000001800)="$eJzs3AuYjVX7MPD7Xms9Y0zSbpLDsNa6H3ZyWCZJckiSQ5IkSZJTQtIkSUJiyClpSEJyGJLDEJLDxKRxPh9yTpKkSZKcckrWdyk+b2+9X//+/76/93rn/l3Xc+117+e5176ffe/D2s/FfNd5SI1GNas2ICL4H8Ffb5IBIBYABgDANQAQAEDZ+LLxF/bnlJj8P3sQ9vd6KO1KV8CuJO5/9sb9z964/9kb9z974/5nb9z/7I37n71x/xnLzjZNK3Atb9l34+v/2Rl///8HySo15qs1pa7v8hdSuP/ZG/f/P1bwXzmI+5+9cf+zN+5/9sb9zw5y/Ms93P/sjfvPWHZ2pa8/83Zltyv9+mOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlj2c9pcpALg0vtJ1McYYY4wxxhhj7O/jc1zpChhjjDHGGGOMMfb/H4IACQoCiIEcEAs5IQ4EAFwNueEaiMC1EA/XQR64HvJCPsgPBSABCkIh0GDAAkEIhaEIROEGKAo3QjEoDiWgJDgoBYlwE5SGm6EM3AJl4VYoB7dBeagAFaES3A6V4Q6oAndCVbgLqkF1qAE14W6oBfdAbbgX6sB9UBfuh3rwANSHB6EBPAQN4WFoBI9AY3gUmkBTaAbNocV/K/9F6A4vQQ/oCcnQC3rDy9AH+kI/6A8D4BUYCK/CIHgNUmAwDIHXYSi8AcPgTRgOI2AkvAWj4G0YDWNgLIyDVBgPE+AdmAjvwiSYDFNgKqTBNJgO78EMmAmz4H2YDR/AHJgL82A+pMOHsAAWQgZ8BIvgY8iExbAElsIyWA4rYCWsgtWwBtbCOlgPG2AjbIJPYDNsga2wDbbDDtgJn8Iu+Ax2w+ewB774i/mn/im/CwICChSoUGEMxmAsxmIcxmEuzIW5MTdGMILxGI95MA/mxbyYH/NjAiZgISyEBg0SEhbGwhjFKBbFolgMi2EJLIEOHSZiIpbGm7EMlsGyWBbLYTksjxWwAlbCSlgZK2MVrIJVsSpWw2pYA2vg3Xg39sLaWBvrYB2si3UvXZ7CBtgAG2JDbISNsDE2xibYBJthM2yBLbAltsRW2ArbYBtsi22xHbbDJEzC9tgeO2AH7IgdsRN2ws7YGbtgV+yKL+YAfAlfwp5YTfTC3tgb+2Af7If9sT++ggPxVXwVX8MUHIxD8HV8Hd/AYXgSh+MIHIkjsbJ4G0fjGCQxDlMxFSfgBJyIE3ESTsbJOBXTcBpOx+k4A2fiTHwfZ+MH+AHOxbk4H9MxHRfgQszADFyEpzATF+MSXIrLcDkuw5W4ClfiGlyLa3A9rseNuBE/wU9wC27BbbgNd6ACwE/xM/wMU3AP7sG9uBf34T7cj/sxC7PwAB7Ag3gQD+EhPIyH8QgexWN4FE/gCTyJp/A0nsazeBbP4fMJ3zTcUXx1CogLlFAiRsSIWBEr4kScyCVyidwit4iIiIgX8SKPyCPyirwiv8gvEkSCKCQKCSOMIBHGAICIiqgoKoqKYqKYKCFKCCecSBSJorQoLcqIMqKsuFWUE7eJ8qKCaO0qiUqismjjqog7RVVRVVQT1UUNUVPUFLVELVFb1BZ1RB1RV9QV9cQDor7ohf3wIXGhM43EYGwshmAT0VTIi59gLcUwbCVaizbiCTECh2M70dIliadFezEaO4hnxRh8TnQS47CzeEF0EV1FN/Gi6C5auR6ip5iEvURvMRX7iL6in+gvZmB1caFjNcRrIkUMFkPE62I+viGGiTfFcDFCjBRviVHibTFajBFjxTiRKsaLCeIdMVG8KyaJyWKKmCrSxDQxXbwnZoiZYpZ4X8wWH4g5Yq6YJ+aLdPGhWCAWigzxkVgkPhaZYrFYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTeITsVlsEVvFNrFd7BA7xadil/hM7Bafiz3iC7FXfCn2ia/EfvG1yBLfiAPiW3FQfCcOie/FYfGDOCKOimPiuDghfhQnxSlxWpwRZ8VP4pz4WZwXXoBEKaSUSgYyRuaQsTKnjJNXyVwyuPjsXivj5XUyj7xe5pX5ZH5ZQCbIgrKQ1NJIK0mGsrAsIqPyBllU3iiLyeKyhCwpnSwlE+VNsrS8WZaRt8iy8lZZTt4my8sKsqKsJG+XleUdsoq8U1aVd8lqsrqsIWvKu2UteY+sLe+VdeR9sq68X9aTD8j68kHZQD4kG8qHZSP5iGwsH5VNZFPZTDaXLeRjsqV8XLaSrWUb+YRsK5+U7eRTMkk+LdvLZ2QH+azsKJ+TneTzsrN8QXaRXWU3+bM8L73sIXvKZNlL9pYvyz6yr+wn+8sB8hU5UL4qB8nXZIocLIfI1+VQ+YYcJt+Uw+UIOVK+JUfJt+VoOUaOleNkqhwvJ8h35ET5rpwkJ8spcqpMk9Nkv4szzZLyT/Pf+YP8Qb88+ka5SX4iN8stcqvcJrfLHXKn3Cl3yV1yt9wt98g9cq/cK/fJfXK/3C+zZJY8IA/Ig/KgPCQPycPysDwij8oz8rg8IX+UJ+UpeUqekWflWXnu4nMACpVQUikVqBiVQ8WqnCpOXaVyqatVbnWNiqhrVby6TuVR16u8Kp/KrwqoBFVQFVJaGWUVqVAVVkVUVN2AF18wqoQqqZwqpRLVTX8lXxVVN6piqvhv8v+svhaqhWqpWqpWqpVqo9qotqqtaqfaqSSVpNqr9qqD6qA6qo6qk+qkOqvOqovqorqpbqq76q56qB4qWSWr3upl1Uf1Vf1UfzVAvaIGqoFqkBqkUlSKGqKGqKFqqBqmhqnhargaqUaqUWqUGq1Gq7FqrEpVqWqCmqAmqolqkpqkpqgpKk2lqelqupqhZqhZapaarWarOWqOmqfmqXSVrhaoBSpDZahFapHKVIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWpNqlNarParLaqrWq72q52qp1ql9qldqvdao/ao/aqvWqf2qf2q/0qS2WpA+qAOqgOqkPqkDqsDqsj6og6po6pE+qEOqlOqtPqtDqrzqpz6pw6r85fWPYFIhCBClQQE8QEsUFsEBfEBbmCXEHuIHcQCSJBfBAf5AmuD/IG+YL8QYEgISgYFAp0YAIbiItNjwY3BEWDG4NiQfGgRFAycEGpIDG4KSgd3ByUCW4Jyga3BuWC24LyQYWgYlApuD2oHNwRVAnuDKoGdwXVgupBjaBmcHdQK7gnqB3cG9QJ7gvqBvcH9YIHgvrBg0GD4KGgYfBw0Ch4JGgcPBo0CZoGzYLmQYu/dX7vT+Z73PXQPXWy7qV765d1H91X99P99QD9ih6oX9WD9Gs6RQ/WQ/Treqh+Qw/Tb+rheoQeqd/So/TberQeo8fqcTpVj9cT9Dt6on5XT9KT9RQ9VafpaXq6fk/P0DP1LP2+nq0/0HP0XD1Pz9fp+kO9QC/UGfojvUh/rDP1Yr1EL9XL9HK9Qq/Uq/RqvUav1ev0er1Bb9Sb9Cd6s96it+pterveoXfqT/Uu/ZnerT/Xe/QXeq/+Uu/TX+n9+mudpb/RB/S3+qD+Th/S3+vD+gd9RB/Vx/RxfUL/qE/qU/q0PqPP6p/0Of2zPq/9hcX9ha93o4wyMSbGxJpYE2fiTC6Ty+Q2uU3EREy8iTd5TB6T1+Q1+U1+k2ASTCFTyFxAhkxhU9hETdQUNUVNMVPMlDAljDPOJJpEU9qUNmVMGVPWlDXlTDlT3pQ3FU1Fc7u53dxh7jB3mjvNXeYuU91UNzVNTVPL1DK1TW1Tx9QxdU1dU8/UM/VNfdPANDANTUPTyDQyjU1j08Q0Mc1MM9PCtDAtTUvTyrQybUwb09a0Ne1MO5Nkkkx70950MB1MR9PRdDKdTGfT2XQxXUw30810N91ND9PDJJtk09v0Nn1MH9PP9DMDzAAz0Aw0g8wgk2JSzBAzxAw1Q80wM8wMNyPMSPOWGWXeNqPNGDPWjDOpJtVMMBPMRDPRTDKTzBQzxaSZNDPdTDczzAwzy8wys81sM8fMMfPMPJNu0s0Cs8BkmAyzyCwymSbTLDFLzDKzzKwwK8wqs8qsMWvMOlhnNpgNZpPZZDabzWar2Wq2m+1mp9lpdpldZrfZbfaYPWav2Wv2mX1mv9lvskyWOWAOmIPmoDlkDpnD5rA5Yo6YY+aYOWFOmJPmpDltTpuzJt/FJZU3sTanjbNX2Vz2apvbXmP/Oc5vC9gEW9AWstrmtfl+ExtrbTFb3JawJa2zpWyivel3cXlbwVa0lezttrK9w1b5XVzL3mNr23ttHXufrWnv/k1c195v69lHbH1EANvUNrTNbSP7iG1sH7VNbFPbzDa3be2Ttp19yibZp217+8zv4gV2oV1lV9s1dq3dZT+zp+0Ze9B+Z8/an2wP29MOsK/YgfZVO8i+ZlPs4N/FI+1bdpR92462Y+xYO+538RQ71abZaXa6fc/OsDN/F6fbD+1sm2Hn2Ll2np3/S3yhpgz7kV1kP7aZdrFdYpfaZXa5XWFX/t9al9r1doPdaHfaT+1mu8Vutdvsdrvjl/jCeey2n9s99gt7wH5r99mv7H57yGbZb36JL5zfIfu9PWx/sEfsUXvMHrcn7I/2pD31y/lfOPfj9md73noLhCRIkqKAYigHxVJOiqOrKBddTbnpGorQtRRP11Eeup7yUj7KTwUogQpSIdJkyBJRSIWpCEXpBrq0Ti9BJclRKUqkm6g03Uxl6BYqS7dSObqNylMFqkiV6HaqTHdQFbqTqtJdVI2qUw2qSXdTLbqHatO9VIfuo7p0P9WjB6g+PUgN6CFqSA9TI3qEGtOj1ISaUjNqTi3oMWpJj1Mrak1t6AlqS09SO3qKkuhpak/PUAd6ljrSc9SJnqfO9AJ1oa7UjV6k7vQS9aCelEy9qDe9TH2oL/Wj/jSAXqGB9CoNotcohQbTEHqdhtIbNIzepOE0gkbSWzSK3qbRNIbG0jhKpfE0gd6hifQuTaLJNIWmUhpNo+n0Hs2gmTSL3qfZ9AHNobk0j+ZTOn1IC2ghZdBHtIg+pkxaTEtoKS2j5bSCVtIqWk1raC2to/W0gTbSJvqENtMW2krbaDvtoJ30Ke2iz2g3fU576AvaS1/SPvqK9tPXlEXf0AH6lg7Sd3SIvvc96Qc6QkfpGB2nE/QjnaRTdJrO0Fn6ic7Rz3SePEGIoQhlqMIgjAlzhLFhzjAuvCrMFV4d5g6vCSPhtWF8eF2YJ7w+zBvmC/OHBcKEsGBYKNShCW1IYRgWDouE0fCGsGh4Y1gsLB6WCEuGLiwVJoY3haXDm8My4S1h2fDWsFx4W1g+rBA+cl+l8PawcnhHWCW8M6wa3hVWC6uHNcKa4d1hrfCesHZ4b1gnvC8sE94f1gsfCOuHD4YNwofChuHDYaPwkbBx+GjYJGwaNgubhy3Cx8KW4eNhq7B12CZ8ImwbPhm2C58Kk8Knw/bhM3+6PznsFfYOXw5fDr2/V86Lzo+mRz+MLogujGZEP4ouin4czYwuji6JLo0uiy6ProiujK6Kro6uia6Nrouuj26Ibox6XzMHOHTCSadc4GJcDhfrcro4d5XL5a52ud01LuKudfHuOpfHXe/yunwuvyvgElxBV8hpZ5x15EJX2BVxUXeDK+pudMVccVfClXTOlXKJrrlr4Vq4lu5x18q1dm3cE+4J96R70j3lnnJPu/buGdfBPes6uudcJ/e8e9694Lq4rq6be9F1d+Nz//qeTHa9XW/Xx/Vx/Vw/N8ANcAPdQDfIDXIpLsUNcUPcUDfUDXPD3HA33I10I90oN8qNdqPdWDfWpbpUN8FNcBPdRDfJTXJT3BSX5tLcdDfdzXAzXOWZvz7KHDfHzXPzXLpLdwvchTVjhlvkFrlMl+mWuCVumVvmVrgVbpVb5da4NW6dW+c2uA1uk9vkNrvNbqvb6ra77W6n2+l2+Wt+ndTtcXvdXrfP7XP73dcuy33jDrhv3UH3nTvkvneH3Q/uiDvqjrnj7oT70Z10p9xpd8addT+5c+5nd955lxoZH5kQeScyMfJuZFJkcmRKZGokLTItMj3yXmRGZGZkVuT9yOzIB5E5kbmReZH5kfTIh5EFkYWRjMhHkUWRjyOZkcWRJZGlkWWR5RHvC24OfWFfxEf9Db6ov9EX88V9CV/SO1/KJ/qbfGl/sy/jb/Fl/a2+nL/Nl/cVfEX/qG/im/pmvrlv4R/zLf3jvpVv7dv4J3xb/6Rv55/ySf5p394/4zv4Z31H/5zv5J/3nf0Lvovv6rv5F313/5Lv4Xv6ZN/L9/Yv+z6+r+/n+/sB/hU/0L/qB/nXfIof7If41/1Q/4Yf5t/0w/0IPzLmLT/KX/p0HudT/Xg/wb/jJ/p3/SQ/2U/xU32an+an+/f8DD/Tz/Lv+9n+Az/Hz/Xz/Hyf7j/0C/xCn+E/8ov8xz7TL750Udmv8Cv9Kr/ar/Fr/Tq/3m/wG/0m/4nf7Lf4rX6b3+53+J3+U7/Lf+Z3+8/9Hv+F3+u/9Pv8V36//9pn+W/8Af+tP+i/84f89/6w/8Ef8Uf9MX/cn/A/+pP+lD/tz/iz/id/zv/sz/P/WWOMMcYY+y8Zf3ko/mh/rz+4T/zDwb0B4OotBbL+cf+FFeW6vL+O+4qEthEAeLpn54cubdWqJScnXzw2U0JQZC4ARC7nx8DleDG0gSchCVpD6T+sv6/oepb+ZP7orQBx/5ATC5fjy/N/+S/mf+yJkQvKhafj/x/zzwUoVuRyTk64HC+GNurCbWso8y/mz9fyT+rP+VUqQKt/yMkFl+PL9SfC4/AMJP3mSMYYY4wxxhhj7Fd9RcWOl35/XvoXn3/0+zxBXc7JAZfjP/t9zhhjjDHGGGOMsSvvua7dnnosKal1x78+qPLfyuLBv+vAe4BL9ygAuNL1/LsOUi6+df5517IzPoB/iwr/lsEV/mBijDHGGGOM/e0uL/p/e7+6UgUxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPZ0P/GnxO70ufIGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXWn/JwAA//9cqxFN") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r0}, 0x18) sysinfo(0x0) 25.3251859s ago: executing program 3 (id=103): unshare(0x2c020400) syz_emit_ethernet(0x60, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x2a, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @dev, @empty, [{0x2}]}}}}}}, 0x0) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = dup(r0) ioctl$PTP_EXTTS_REQUEST2(r1, 0xc0603d0f, &(0x7f0000000000)={0x1, 0xc}) 25.32496083s ago: executing program 32 (id=103): unshare(0x2c020400) syz_emit_ethernet(0x60, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x2a, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @dev, @empty, [{0x2}]}}}}}}, 0x0) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = dup(r0) ioctl$PTP_EXTTS_REQUEST2(r1, 0xc0603d0f, &(0x7f0000000000)={0x1, 0xc}) 1.174393041s ago: executing program 5 (id=823): fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = dup(r0) bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e) getsockname$packet(r1, 0x0, &(0x7f0000000380)) 1.157768261s ago: executing program 5 (id=825): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = socket$inet6(0xa, 0x3, 0x3c) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f00000004c0)=[{0x28, 0x0, 0x5, 0xfffff034}, {0x80000006, 0x0, 0x12, 0xf9}]}, 0x10) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xffffffff, @dev, 0x9}, 0x1c) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1) 1.068432183s ago: executing program 5 (id=829): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) process_vm_writev(r0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 938.004635ms ago: executing program 1 (id=836): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) open_tree(0xffffffffffffffff, &(0x7f0000000640)='\x00', 0x89901) 890.891186ms ago: executing program 1 (id=837): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000001000000000000000b00000000030014"], 0x30}}, 0x0) 861.195887ms ago: executing program 4 (id=838): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000540)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4020aeb2, &(0x7f0000000740)={0x1, 0x12c, @ioapic={0x6000, 0xcee, 0x6, 0xd, 0x0, [{0x4, 0x7, 0x6c, '\x00', 0x2}, {0x96, 0x40, 0x7, '\x00', 0x27}, {0x80, 0x2, 0x8, '\x00', 0x1}, {0xa0, 0x4c, 0x46, '\x00', 0x5}, {0xf6, 0x7, 0x5, '\x00', 0x1}, {0xff, 0x2, 0x7, '\x00', 0x8b}, {0x9, 0x2, 0x4, '\x00', 0x9}, {0x4, 0xf, 0xfc, '\x00', 0x3}, {0x4, 0x2, 0xa, '\x00', 0xf}, {0x6, 0x8, 0xd, '\x00', 0x8}, {0x40, 0x1, 0x4, '\x00', 0xff}, {0x5, 0x7f, 0x2, '\x00', 0x5}, {0xb5, 0x6, 0xf7, '\x00', 0x2}, {0x9, 0x9, 0x9, '\x00', 0x9}, {0x40, 0xa, 0x2, '\x00', 0x1}, {0x0, 0x1, 0x6, '\x00', 0x5}, {0x1a, 0x2, 0x7f, '\x00', 0x1}, {0x0, 0x80, 0x8, '\x00', 0x80}, {0x1, 0xff, 0x1, '\x00', 0xf7}, {0x3, 0x6f, 0x7, '\x00', 0x6}, {0x7, 0x8, 0xe, '\x00', 0x2}, {0x5, 0x2, 0xe, '\x00', 0xe}, {0x67, 0x4, 0x5, '\x00', 0x5}, {0xfa, 0x2, 0x2, '\x00', 0x1}]}}) 803.099757ms ago: executing program 1 (id=840): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x4, [{}, {0x0, 0x100000000000000}]}, 0x68) 779.957817ms ago: executing program 1 (id=841): socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r1, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000001000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) close(r0) 771.167388ms ago: executing program 4 (id=842): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) 735.323588ms ago: executing program 1 (id=843): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000280), 0x0, 0x0) 718.991478ms ago: executing program 5 (id=845): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) clock_nanosleep(0x9, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, 0x0) 666.500019ms ago: executing program 2 (id=847): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000480)={'#! ', './bus/file0'}, 0xf) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x14, 0x0, &(0x7f0000000180)) 649.675979ms ago: executing program 1 (id=848): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x80801c, &(0x7f0000000580), 0x1, 0x503, &(0x7f0000000880)="$eJzs3c9vI1cdAPDvOL+cNG3S0gMgoEspLGi1TuJto6oHWE4IoUqIHkHahsQbRbHjKHZKE/aQ/g9IVOIER/4Azj1x54LgxmU5IPEjAm1W4mA040nWm7U3ZpPYUfz5SKN5b2bs73trzXv21xu/AEbWjYg4iIjJiPgwIuby40m+xd32ll736PDB6tHhg9UkWq0P/plk59Nj0fGY1Ev5cxYj4kffi/hp8mzcxt7+5kq1WtlpV6cXmrXthcbe/u2N2sp6Zb2yVS4vLy0vvnvnnfKF9fWN2mRe+vLDPxx86+dps2bzI539uEjtrk+cxEmNR8QPLiPYEIzl/ZkcdkN4IYWIeC0i3szu/7kYy15NAOA6a7XmojXXWQcArrtClgNLCqU8FzAbhUKp1M7hvR4zhWq90bx1v767tdbOlc3HROH+RrWymOcK52MiSetLWflJvXyqficiXo2IX0xNZ/XSar26Nsw3PgAwwl46Nf//Z6o9/wMA11xx2A0AAAbO/A8Ao8f8DwCjx/wPAKPnyfx/d6jtAAAGx+d/ABg95n8AGCk/fP/9dGsd5b9/vfbR3u5m/aPba5XGZqm2u1pare9sl9br9fXsN3tqZz1ftV7fXno7dj+e//Z2o7nQ2Nu/V6vvbjXvZb/rfa8yMZBeAQDP8+obn/05iYiD96azLTrWcjBXw/VWGHYDgKEZG3YDgKGx2heMrnN8xpcegGuiyxK9TylGxPTpg61Wq3V5TQIu2c0vyP/DqOrI//tfwDBi5P9hdMn/w+hqtZJ+1/yPfi8EAK42OX6gx/f/r+X73+ZfDvxk7fQVn15mqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBqO17/t5SvBT4bhUKpFPFyRMzHRHJ/o1pZjIhXIuJPUxNTaX1pyG0GAM6r8LckX//r5txbs6fPTiaPp7J9RPzsVx/88uOVZnPnj+nxf50cb36aHy8Po/0AwFmO5+ls3/FB/tHhg9XjbZDt+ft3I6LYjn90OBlHJ/HHYzzbF2MiImb+neT1tqQjd3EeB59ExOe79T+J2SwH0l759HT8NPbLA41feCp+ITvX3qf/Fp+7gLbAqPksHX/udrv/CnEj23e//4vZCHV++fiXPtXqUTYGPol/PP6N9Rj/bvQb4+3ff79dmn723CcRXxyPOI591DH+HMdPesR/q8/4f/nSV97sda7164ib0T1+Z6yFZm17obG3f3ujtrJeWa9slcvLS8uL7955p7yQ5agXes8G/3jv1itZocslaf9nesQvntH/r/fZ/9/898Mff7XHuTT+N7/WLX4hXn9O/HRO/Eaf8VdmflfsdS6Nv9aj/2e9/rf6jP/wr/vPLBsOAAxPY29/c6VarewMsnD8RmKgQRX6K0zlL85Vac9ThSvbsM2V6ncGFWsy/q9HtVovFKvXiHERWTfgKji56SPi8bAbAwAAAAAAAAAAAAAAdHWpf6iUtAvD7iMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADX1/8CAAD//8jOyzo=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x2) 623.46097ms ago: executing program 5 (id=849): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000013c0)=[{0x200000000006, 0x2, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000220000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) futimesat(0xffffffffffffffff, 0x0, 0x0) 563.021801ms ago: executing program 2 (id=851): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x2, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x73) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000900)={0x10, 0x0, &(0x7f0000000780)=[@clear_death], 0x0, 0x0, 0x0}) 443.266033ms ago: executing program 5 (id=852): r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x104, &(0x7f0000000040)=0x205, 0x0, 0x4) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f00000000c0)={{&(0x7f00008d7000/0x3000)=nil, 0x3000}}) 442.578132ms ago: executing program 2 (id=853): r0 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast2}}}, 0x135) r1 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x4e22, 0x0, @private2}}}, 0x108) r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00') preadv(r2, &(0x7f00000000c0)=[{&(0x7f0000000580)=""/128, 0x80}], 0x1, 0x111, 0x0) 349.944094ms ago: executing program 2 (id=855): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) close(r2) 349.351884ms ago: executing program 0 (id=856): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=0x0, @ANYRES32, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10) setitimer(0x0, 0x0, 0x0) 310.575225ms ago: executing program 0 (id=857): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) unshare(0x40000600) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.current\x00', 0x275a, 0x0) flistxattr(r1, 0x0, 0x0) 282.545845ms ago: executing program 4 (id=858): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='signal_generate\x00', r1}, 0x18) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 207.395516ms ago: executing program 4 (id=859): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000040000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x9) io_setup(0x2, &(0x7f0000002400)=0x0) io_submit(r2, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="5400ffff0000", 0x6, 0x0, 0x0, 0x2}]) 207.018966ms ago: executing program 2 (id=860): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r0}, 0x18) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) close(r1) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48) close(r1) 205.195576ms ago: executing program 0 (id=861): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2002, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x84}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000280)='kmem_cache_free\x00', r1}, 0x18) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) utime(&(0x7f0000000280)='./file0\x00', 0x0) 172.486697ms ago: executing program 4 (id=862): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp6\x00') preadv(r2, &(0x7f00000000c0)=[{&(0x7f0000002140)=""/4096, 0x1000}], 0x1, 0xffffffff, 0x0) 138.492577ms ago: executing program 2 (id=863): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x1008a, &(0x7f0000000140)={[{@nomblk_io_submit}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@mblk_io_submit}, {@grpjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@jqfmt_vfsv1}]}, 0xfe, 0x455, &(0x7f00000004c0)="$eJzs3M9PHFUcAPDv7rJQ2iJY649iq2g1En9AoT/swUuNJh40MdFDjScE2mC3xRRMbEMUPeDRNPFuPJr4F3ixXox6MvGqd2NCDBerpzWzO0O3sAssLGx1P59k4L19b/Ped2be7ts3OxtAxxpK/uQiDkbErxHRX83eWWGo+u/WysLk3ysLk7kol9/4M1ep99fKwmRWNXvegWqmXN6g3aW3IyZKpemraX50/vJ7o3PXrj83c3ni4vTF6SvjZ8+eOnms+8z46ZbE2Zf0dfDD2aNHXnnrxmuT52+88+PXSX8PpuW1cbTKUHXv1vVkqxtrs76adK6rjR2hKYWISA5XsTL++6MQvatl/fHyJ23tHLCryuV8uadx8WIZ+B9LJupAJ8re6JPPv9m2R1OPu8LyuVhdx7iVbtWSrsindYrpZ6TdMBQR5xf/+SLZYpfWIQAAat08FxHP1pv/5eOBmnr3pNeGBiLi3og4FBH3RcThiLg/olL3wYh4qMn2114hWT//KfdvK7AtSuZ/L6TXtu6c/2WzvxgopLm+SvzF3IWZ0vSJdJ8MR7EnyY9t0MZ3L/3yWaOy2vlfsiXtZ3PBtB9/dK1ZoJuamJ/YScy1lj+OGOyqF39udc6bzI+PRMTgNtuYefqro43KNo9/Ay2YlJe/jHiqevwXY038mVzD65Njz58ZPz26L0rTJ0azs2K9n35eer1R+zuKvwWWb5Zjf93zfzX+gdy+iLlr1y9VrtfONd/G0m+fNvxMs93zvzv3ZiXdnT72wcT8/NWxiO7cq+sfH7/93Cyf1U/O/+Hj9cf/obi9Jx6OiOQkPhYRj0TEo2nfH4uIxyPi+Abx//DiE+82H/8Gq/ItlMQ/tdnxj9rj33yicOn7b5qPP5Mc/1OV1HD6yFZe/7bawZ3sOwAAAPivyFe+A5/Lj6ym8/mRkep3+A/H/nxpdm7+mQuz71+Zqn5XfiCK+Wylq79mPXQsXRvO8uNr8ifTdePPC72V/MjkbGmq3cFDhzvQYPwnfi+0u3fArnO/FnQu4x86l/EPncv4h85l/EPnqjf+P2pDP4C9t8n7f+9e9QPYe+b/0LmMf+hcxj90pIb3xud3dMu/RJsS33bv7Lcatp6I/F0S8q4neiNiL9oqRjXRExE1RV1b/jGLbSZ66ha1+5UJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4NAAD//xwt370=") syz_emit_ethernet(0x5e, &(0x7f0000000200)={@broadcast, @random="156307be2ebb", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "9d0080", 0x28, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @mcast1, @ipv4}}}}}}, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='lo\x00', 0x10) setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000280)={@rand_addr, @remote}, 0xc) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./bus\x00', 0x1a00040, &(0x7f00000004c0)=ANY=[@ANYBLOB="756e695f786c6174653d312c726f6469722c756e695f786c6174653d312c756e695f786c6174653d312c756e695f786c6174653d312c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c636f6465706167653d313235302c726f6469722c696f636861727365743d6370371a000000000000002c757466383d302c00"], 0x3, 0x352, &(0x7f0000000980)="$eJzs3U9om2UYAPAn+9KkHcz2IAwF4dOboGWteNBTy+hgmItK8M9BDK5TaeqgwWB3aFYv4lHwqCdvHvTgYWcRFPHmwasTZCoedLeBw0+SfGm+NGnXCdks/n6H8Ox9nyfv+y4fzduvzdtXV2LjwkxcvHHjeszOlqK8cnYlbpZiIZIYuBLjKhPaAIDj4WaWxZ9Z3xFLSlOeEgAwZb33/9dPFVre/fqw/My7PwAce/n3/3OH5cwe1HFpKlMCAKZt//3/R0Z6K6M/6i8XfisAADiunn/p5WdWaxHPpelsxOZ77Xq7Hk8P+1cvxpvRjPU4E/Nxq7td6G4Uug+l3uO587W1M2maduKXhah3K9r1iM1Ou97fKawmvfpqLMV8LOT1+W4jy7Lk3Be1taW0JyKudHrjx2apXZ+Jk/n4P56M9ViONO4fq484X1tbTvMnqG8O6jsRu8P7Ft35L8Z8fP9aXIpmXOhtewbbmtrazlKans1qI/XterWX13fgHRAAAAAAAAAAAAAAAAAAAAAAAPhXFtM9C3vn32TD83sWFyf0987H6dfn5wPt9s8HyqpZZNkf7zxefz+JkfOB9p/P066X48S9XToAAAAAAAAAAAAAAAAAAAD8Z7S2K9FoNte3WtuXN4pBZ6u1fSIiui1vffvZV3MxnnOboJyPUehK86bLG40sGSRnyUhOHiTdwQctn17dm3Exp7q3ionTqB7c1Wyeevjnj4YtDyWDZ/57mJPE5AUm+6ZRDDbv60/pTv6j9oLl2+Rcy7LsoPKdV8arohRRvvMX7vAg6wbfXH/jgSdap5/stXyZ9T362PwL1z785LeNRrM7cvRewcpW61a20cj/PfliOzhICtdPKfpBqXgllA8r3x1taSQ//P7igx98d7TRs2LL2xNykv5yPt/fVekH3Wnu65qbNNbMhIt/CsHpj1caV3d++vWoVYUvEg7qAAAAAAAAAAAAAAAAAACAu6LwWfFc/mHfmcOqnnp2+jMDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLtn+Pf/C8HuWMtRgr86Md5VXd9qRVTu9TIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPif+ycAAP//tpFtgQ==") 122.559248ms ago: executing program 0 (id=864): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x7e, &(0x7f0000000380)={@link_local, @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0x48, 0x11, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, {[], {0x0, 0xe22, 0x48, 0x0, @wg=@cookie={0x3, 0x4, "e4574f9d3c5e7270660f5f1a296ebd2c3bbadb735eeb8cf5", "20487988bca1150e96992f4fcc6c008ca257143847b6da45ad42d5cce94cda59"}}}}}}}, 0x0) 94.488948ms ago: executing program 0 (id=865): setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xe501, 0x3, 0x458, 0x320, 0x6affffff, 0x3403000b, 0x320, 0x7, 0x3f8, 0x230, 0x230, 0x3f8, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00', {}, {}, 0x6c}, 0x0, 0x2a0, 0x2e8, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x1, [{0x6}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x40000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xffff}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x5}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {0x1000}]}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x2, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x558ac59, 'syz0\x00', 'syz1\x00', {0x5}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4b8) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0xf000, 0x0, 0x2400c042}, 0x4040020) r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000000000e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff0000000000000005"], 0x310) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000500)={0x1, {{0xa, 0x0, 0x0, @mcast1}}, 0x1, 0x1, [{{0xa, 0x0, 0x3000000, @empty}}]}, 0x110) 91.917538ms ago: executing program 4 (id=866): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0xba98575a95aeb71d) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$cgroup(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000040), 0x0, &(0x7f0000000000)={[{@name={'name', 0x3d, '-'}}]}) ioctl$TUNSETNOCSUM(r0, 0x400454cc, 0x1) 0s ago: executing program 0 (id=867): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={r1, 0x1, 0x6, @local}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r1, 0x1, 0x0, @local}, 0x10) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000300)={r1, 0x1, 0x6, @random="fd46f2ccf8c9"}, 0x10) kernel console output (not intermixed with test programs): [ 6.627701][ T30] audit: type=1400 audit(1743473804.402:28): avc: denied { write open } for pid=122 comm="dbus-daemon" path="/run/messagebus.pid" dev="tmpfs" ino=406 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 6.637066][ T30] audit: type=1400 audit(1743473804.402:29): avc: denied { getattr } for pid=122 comm="dbus-daemon" path="/run/messagebus.pid" dev="tmpfs" ino=406 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 6.768872][ T30] audit: type=1400 audit(1743473804.602:30): avc: denied { search } for pid=136 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 14.132813][ T30] kauditd_printk_skb: 30 callbacks suppressed [ 14.132829][ T30] audit: type=1400 audit(1743473811.962:61): avc: denied { transition } for pid=224 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 14.141461][ T30] audit: type=1400 audit(1743473811.962:62): avc: denied { noatsecure } for pid=224 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 14.147832][ T30] audit: type=1400 audit(1743473811.962:63): avc: denied { write } for pid=224 comm="sh" path="pipe:[14802]" dev="pipefs" ino=14802 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 14.160406][ T30] audit: type=1400 audit(1743473811.962:64): avc: denied { rlimitinh } for pid=224 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 14.178892][ T30] audit: type=1400 audit(1743473811.962:65): avc: denied { siginh } for pid=224 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 15.278299][ T225] sshd (225) used greatest stack depth: 20480 bytes left Warning: Permanently added '10.128.1.158' (ED25519) to the list of known hosts. [ 21.873879][ T30] audit: type=1400 audit(1743473819.702:66): avc: denied { integrity } for pid=279 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 21.900304][ T30] audit: type=1400 audit(1743473819.732:67): avc: denied { mounton } for pid=279 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 21.901764][ T279] cgroup: Unknown subsys name 'net' [ 21.925632][ T30] audit: type=1400 audit(1743473819.732:68): avc: denied { mount } for pid=279 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 21.957102][ T30] audit: type=1400 audit(1743473819.762:69): avc: denied { unmount } for pid=279 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 21.957370][ T279] cgroup: Unknown subsys name 'devices' [ 22.169609][ T279] cgroup: Unknown subsys name 'hugetlb' [ 22.175467][ T279] cgroup: Unknown subsys name 'rlimit' [ 22.377020][ T30] audit: type=1400 audit(1743473820.202:70): avc: denied { setattr } for pid=279 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 22.400703][ T30] audit: type=1400 audit(1743473820.202:71): avc: denied { mounton } for pid=279 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 22.414177][ T283] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 22.426509][ T30] audit: type=1400 audit(1743473820.202:72): avc: denied { mount } for pid=279 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 22.458281][ T30] audit: type=1400 audit(1743473820.262:73): avc: denied { relabelto } for pid=283 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 22.475113][ T279] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 22.485531][ T30] audit: type=1400 audit(1743473820.262:74): avc: denied { write } for pid=283 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 22.520532][ T30] audit: type=1400 audit(1743473820.302:75): avc: denied { read } for pid=279 comm="syz-executor" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 23.259326][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.266739][ T289] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.275067][ T289] device bridge_slave_0 entered promiscuous mode [ 23.307456][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.315874][ T289] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.326591][ T289] device bridge_slave_1 entered promiscuous mode [ 23.393772][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.404580][ T290] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.412348][ T290] device bridge_slave_0 entered promiscuous mode [ 23.433643][ T291] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.440946][ T291] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.449084][ T291] device bridge_slave_0 entered promiscuous mode [ 23.456491][ T291] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.463675][ T291] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.470974][ T291] device bridge_slave_1 entered promiscuous mode [ 23.477339][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.484555][ T290] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.491983][ T290] device bridge_slave_1 entered promiscuous mode [ 23.532662][ T292] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.541107][ T292] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.548351][ T292] device bridge_slave_0 entered promiscuous mode [ 23.568695][ T292] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.576286][ T292] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.584584][ T292] device bridge_slave_1 entered promiscuous mode [ 23.632367][ T293] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.641022][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.649746][ T293] device bridge_slave_0 entered promiscuous mode [ 23.668208][ T293] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.675072][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.682437][ T293] device bridge_slave_1 entered promiscuous mode [ 23.827651][ T292] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.834628][ T292] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.841866][ T292] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.849058][ T292] bridge0: port 1(bridge_slave_0) entered forwarding state [ 23.861995][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.869007][ T289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.876205][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.883473][ T289] bridge0: port 1(bridge_slave_0) entered forwarding state [ 23.903447][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.911397][ T290] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.919822][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.927347][ T290] bridge0: port 1(bridge_slave_0) entered forwarding state [ 23.964790][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.974046][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.986088][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.994341][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.002470][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 24.011067][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.018622][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.046325][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 24.055235][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.062963][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.071373][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 24.080087][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.087095][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.108182][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 24.116342][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 24.139511][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 24.148428][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 24.156798][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 24.166127][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 24.176203][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.184243][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.197932][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 24.208730][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.216876][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.249400][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 24.260873][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 24.278672][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 24.294050][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 24.308340][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 24.321950][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.330867][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.342087][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 24.353234][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 24.368842][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 24.383760][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.392178][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.411783][ T292] device veth0_vlan entered promiscuous mode [ 24.427819][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 24.436226][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 24.462667][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 24.472541][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 24.508786][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 24.518394][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 24.530928][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 24.540593][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 24.552274][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.560650][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.568919][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 24.578247][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 24.587860][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.596599][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.604727][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 24.613515][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 24.623016][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 24.632178][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 24.641231][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 24.650502][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 24.660405][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 24.671163][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 24.680810][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 24.688855][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 24.697025][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 24.710015][ T289] device veth0_vlan entered promiscuous mode [ 24.718120][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 24.726741][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 24.734743][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 24.743987][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 24.753333][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 24.762141][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 24.772029][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 24.780847][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.788126][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.797351][ T292] device veth1_macvtap entered promiscuous mode [ 24.809440][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 24.821213][ T290] device veth0_vlan entered promiscuous mode [ 24.840266][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 24.850753][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 24.859453][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 24.868570][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 24.877154][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.885975][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.894126][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 24.903597][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 24.912127][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 24.920561][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 24.932532][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 24.941191][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 24.948711][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 24.961456][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 24.970079][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 24.979450][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 25.008855][ T289] device veth1_macvtap entered promiscuous mode [ 25.020092][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.030708][ T292] request_module fs-gadgetfs succeeded, but still no fs? [ 25.030730][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 25.047796][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 25.055418][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 25.068649][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 25.078242][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 25.089920][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.099895][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 25.121430][ T290] device veth1_macvtap entered promiscuous mode [ 25.137263][ T291] device veth0_vlan entered promiscuous mode [ 25.171181][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.181159][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.190589][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.201405][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.210787][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.214268][ T315] loop2: detected capacity change from 0 to 8192 [ 25.219885][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.235945][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.245038][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.255536][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.268446][ T291] device veth1_macvtap entered promiscuous mode [ 25.300468][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 25.310472][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 25.339852][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.378868][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.388232][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.397002][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.425251][ T293] device veth0_vlan entered promiscuous mode [ 25.433837][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 25.451974][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.474761][ T293] device veth1_macvtap entered promiscuous mode [ 25.487700][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 25.500690][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 25.509567][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 25.518215][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.526911][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 25.554253][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.563741][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.573541][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.585400][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.643667][ T340] loop4: detected capacity change from 0 to 256 [ 25.653693][ T341] input: syz0 as /devices/virtual/input/input4 [ 25.691644][ T345] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 25.718190][ T340] exfat: Deprecated parameter 'namecase' [ 25.729018][ T340] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d) [ 25.852328][ T350] loop4: detected capacity change from 0 to 512 [ 25.938266][ T350] EXT4-fs (loop4): mounted filesystem without journal. Opts: resgid=0x0000000000000000,noload,noblock_validity,,errors=continue. Quota mode: none. [ 25.965963][ T350] EXT4-fs (loop4): Couldn't remount RDWR because of unprocessed orphan inode list. Please umount/remount instead [ 26.039150][ T348] loop1: detected capacity change from 0 to 40427 [ 26.104995][ T348] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 26.120851][ T348] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 26.138988][ T348] F2FS-fs (loop1): Found nat_bits in checkpoint [ 26.234929][ T348] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 26.244205][ T348] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 26.313444][ T396] loop2: detected capacity change from 0 to 512 [ 26.353418][ T398] loop4: detected capacity change from 0 to 2048 [ 26.360539][ T396] ======================================================= [ 26.360539][ T396] WARNING: The mand mount option has been deprecated and [ 26.360539][ T396] and is ignored by this kernel. Remove the mand [ 26.360539][ T396] option from the mount to silence this warning. [ 26.360539][ T396] ======================================================= [ 26.420288][ T401] syz.0.33[401] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 26.420367][ T401] syz.0.33[401] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 26.428351][ T396] EXT4-fs (loop2): Ignoring removed nobh option [ 26.465463][ T398] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 26.465460][ T396] EXT4-fs (loop2): mounted filesystem without journal. Opts: barrier=0x0000000000000004,bsddf,nobh,init_itable=0x0000000000000003,data_err=ignore,,errors=continue. Quota mode: none. [ 26.800845][ T407] loop0: detected capacity change from 0 to 40427 [ 26.852256][ T407] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 26.876488][ T407] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 26.891654][ T407] F2FS-fs (loop0): invalid crc value [ 26.901735][ T407] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 26.926970][ T30] kauditd_printk_skb: 102 callbacks suppressed [ 26.926987][ T30] audit: type=1400 audit(1743473824.752:178): avc: denied { write } for pid=418 comm="syz.1.40" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 26.962775][ T30] audit: type=1400 audit(1743473824.782:179): avc: denied { setopt } for pid=417 comm="syz.2.39" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 26.986082][ T323] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 26.999784][ T407] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 27.015683][ T407] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 27.059699][ T30] audit: type=1400 audit(1743473824.892:180): avc: denied { mounton } for pid=431 comm="syz.1.44" path="/7/file0" dev="tmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 27.091268][ T30] audit: type=1400 audit(1743473824.912:181): avc: denied { read write open } for pid=406 comm="syz.0.34" path="/2/file1/file1" dev="loop0" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 27.091662][ T407] process 'syz.0.34' launched './file1' with NULL argv: empty string added [ 27.133442][ T30] audit: type=1400 audit(1743473824.952:182): avc: denied { write } for pid=433 comm="syz.2.45" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 27.162049][ T291] attempt to access beyond end of device [ 27.162049][ T291] loop0: rw=2049, want=45104, limit=40427 [ 27.177683][ T30] audit: type=1400 audit(1743473824.962:183): avc: denied { execute } for pid=406 comm="syz.0.34" name="file1" dev="loop0" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 27.220065][ T30] audit: type=1400 audit(1743473824.962:184): avc: denied { execute_no_trans } for pid=406 comm="syz.0.34" path="/2/file1/file1" dev="loop0" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 27.254983][ T30] audit: type=1400 audit(1743473825.032:185): avc: denied { append } for pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 27.288068][ T323] usb 5-1: Using ep0 maxpacket: 32 [ 27.313045][ T446] netlink: 8 bytes leftover after parsing attributes in process `syz.3.51'. [ 27.322247][ T30] audit: type=1400 audit(1743473825.032:186): avc: denied { open } for pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 27.353976][ T446] netlink: 8 bytes leftover after parsing attributes in process `syz.3.51'. [ 27.369490][ T30] audit: type=1400 audit(1743473825.032:187): avc: denied { getattr } for pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 27.438274][ T323] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 27.464068][ T323] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 27.485830][ T323] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 27.505137][ T323] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 27.524372][ T323] usb 5-1: config 0 descriptor?? [ 27.542739][ T460] loop0: detected capacity change from 0 to 512 [ 27.568135][ T323] hub 5-1:0.0: USB hub found [ 27.588633][ T460] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 27.607267][ T460] EXT4-fs (loop0): invalid journal inode [ 27.613283][ T460] EXT4-fs (loop0): can't get journal size [ 27.631463][ T442] loop1: detected capacity change from 0 to 40427 [ 27.639518][ T460] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c118, mo2=0002] [ 27.650524][ T460] System zones: 1-12, 13-13 [ 27.658676][ T460] EXT4-fs (loop0): 1 truncate cleaned up [ 27.665743][ T460] EXT4-fs (loop0): mounted filesystem without journal. Opts: norecovery,grpquota,debug,discard,,errors=continue. Quota mode: writeback. [ 27.684155][ T460] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.56: bg 0: block 255: padding at end of block bitmap is not set [ 27.698870][ T460] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6183: Corrupt filesystem [ 27.754918][ T442] F2FS-fs (loop1): Fix alignment : internally, start(4096) end(16896) block(12288) [ 27.777713][ T323] hub 5-1:0.0: 2 ports detected [ 27.828627][ T442] F2FS-fs (loop1): invalid crc value [ 27.841395][ T442] F2FS-fs (loop1): invalid crc value [ 27.851520][ T442] F2FS-fs (loop1): Failed to get valid F2FS checkpoint [ 27.978457][ T481] loop0: detected capacity change from 0 to 1024 [ 28.082292][ T481] EXT4-fs (loop0): Ignoring removed nobh option [ 28.090266][ T481] EXT4-fs (loop0): Ignoring removed bh option [ 28.102216][ T481] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 28.119551][ T442] loop1: detected capacity change from 0 to 512 [ 28.145980][ T481] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,nodelalloc,barrier=0x0000000000000006,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback. [ 28.192119][ T442] EXT4-fs (loop1): Unrecognized mount option "nouid32"errors=continue" or missing value [ 28.232197][ T482] loop3: detected capacity change from 0 to 40427 [ 28.296229][ T482] F2FS-fs (loop3): fault_injection options not supported [ 28.349251][ T482] F2FS-fs (loop3): invalid crc value [ 28.370800][ T482] F2FS-fs (loop3): Found nat_bits in checkpoint [ 28.467096][ T482] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 28.534225][ T482] attempt to access beyond end of device [ 28.534225][ T482] loop3: rw=2049, want=77960, limit=40427 [ 28.591495][ T290] attempt to access beyond end of device [ 28.591495][ T290] loop3: rw=2049, want=45104, limit=40427 [ 28.717570][ T323] hub 5-1:0.0: hub_hub_status failed (err = -71) [ 28.731758][ T323] hub 5-1:0.0: config failed, can't get hub status (err -71) [ 28.816201][ T520] loop3: detected capacity change from 0 to 512 [ 28.847905][ T323] usbhid 5-1:0.0: can't add hid device: -71 [ 28.854618][ T323] usbhid: probe of 5-1:0.0 failed with error -71 [ 28.878771][ T520] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 28.895262][ T520] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 28.907597][ T6] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 28.909580][ T323] usb 5-1: USB disconnect, device number 2 [ 28.925721][ T520] EXT4-fs (loop3): 1 truncate cleaned up [ 28.932251][ T520] EXT4-fs (loop3): mounted filesystem without journal. Opts: init_itable,resuid=0x0000000000000000,stripe=0x0000000000000040,,errors=continue. Quota mode: none. [ 29.035825][ T529] SELinux: Context /usr/sbin/cups-browsed is not valid (left unmapped). [ 29.068140][ T535] SELinux: Context /usr/lib/telepathy/mission-control-5 is not valid (left unmapped). [ 29.167665][ T6] usb 1-1: Using ep0 maxpacket: 32 [ 29.287616][ T6] usb 1-1: config 0 has an invalid interface number: 184 but max is 0 [ 29.295845][ T6] usb 1-1: config 0 has no interface number 0 [ 29.318134][ T6] usb 1-1: config 0 interface 184 has no altsetting 0 [ 29.417322][ T553] loop3: detected capacity change from 0 to 2048 [ 29.447635][ T545] loop1: detected capacity change from 0 to 40427 [ 29.477631][ T6] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 29.490566][ T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 29.501420][ T545] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 29.509665][ T6] usb 1-1: Product: syz [ 29.515897][ T545] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 29.519921][ T553] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,usrquota,. Quota mode: writeback. [ 29.526910][ T6] usb 1-1: Manufacturer: syz [ 29.564658][ T553] EXT4-fs error (device loop3): __ext4_get_inode_loc:4351: comm syz.3.95: Invalid inode table block 7016996765293437281 in block_group 0 [ 29.581026][ T545] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 29.587672][ T553] EXT4-fs (loop3): Remounting filesystem read-only [ 29.594053][ T6] usb 1-1: SerialNumber: syz [ 29.617943][ T290] EXT4-fs error (device loop3): __ext4_get_inode_loc:4351: comm syz-executor: Invalid inode table block 7016996765293437281 in block_group 0 [ 29.640104][ T290] EXT4-fs (loop3): Remounting filesystem read-only [ 29.646989][ T290] EXT4-fs error (device loop3): __ext4_get_inode_loc:4351: comm syz-executor: Invalid inode table block 7016996765293437281 in block_group 0 [ 29.665579][ T290] EXT4-fs (loop3): Remounting filesystem read-only [ 29.670717][ T6] usb 1-1: config 0 descriptor?? [ 29.697420][ T545] F2FS-fs (loop1): Inconsistent i_blocks, ino:3, iblocks:0, sectors:8 [ 29.728178][ T6] smsc75xx v1.0.0 [ 29.732378][ T6] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 29.744509][ T290] EXT4-fs error (device loop3): __ext4_get_inode_loc:4351: comm syz-executor: Invalid inode table block 7016996765293437281 in block_group 0 [ 29.760654][ T6] smsc75xx: probe of 1-1:0.184 failed with error -22 [ 29.761928][ T290] EXT4-fs (loop3): Remounting filesystem read-only [ 29.777106][ T290] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5837: Corrupt filesystem [ 29.788329][ T290] EXT4-fs (loop3): Remounting filesystem read-only [ 29.795048][ T290] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #2: comm syz-executor: mark_inode_dirty error [ 29.807803][ T290] EXT4-fs (loop3): Remounting filesystem read-only [ 29.814417][ T45] EXT4-fs error (device loop3): __ext4_get_inode_loc:4351: comm kworker/u4:2: Invalid inode table block 7016996765293437281 in block_group 0 [ 29.841028][ T45] EXT4-fs (loop3): Remounting filesystem read-only [ 29.940031][ T572] loop4: detected capacity change from 0 to 4096 [ 29.955190][ T60] usb 1-1: USB disconnect, device number 2 [ 29.982015][ T572] EXT4-fs (loop4): Test dummy encryption mode enabled [ 29.992454][ T572] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000002,noquota,dioread_nolock,test_dummy_encryption,nobarrier,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback. [ 30.029220][ T572] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 30.085414][ T586] loop4: detected capacity change from 0 to 128 [ 30.093881][ T579] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.103680][ T579] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.114112][ T579] device bridge_slave_0 entered promiscuous mode [ 30.125876][ T579] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.134270][ T579] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.143450][ T579] device bridge_slave_1 entered promiscuous mode [ 30.173072][ T586] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 30.189700][ T586] ext4 filesystem being mounted at /19/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 30.239255][ T586] EXT4-fs (loop4): shut down requested (2) [ 30.295526][ T589] device vlan2 entered promiscuous mode [ 30.308496][ T579] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.316744][ T579] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.327087][ T579] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.335737][ T579] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.376840][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 30.387306][ T316] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.396472][ T316] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.409275][ T10] device bridge_slave_1 left promiscuous mode [ 30.416378][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.427603][ T10] device bridge_slave_0 left promiscuous mode [ 30.434171][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.443316][ T10] device veth1_macvtap left promiscuous mode [ 30.449707][ T10] device veth0_vlan left promiscuous mode [ 30.554860][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 30.564292][ T316] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.571747][ T316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.585536][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 30.594778][ T316] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.602288][ T316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.611754][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 30.621818][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 30.636867][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 30.647693][ T6] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 30.653394][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 30.664160][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 30.671893][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 30.681137][ T579] device veth0_vlan entered promiscuous mode [ 30.696082][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 30.707946][ T579] device veth1_macvtap entered promiscuous mode [ 30.721401][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 30.732755][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 30.847673][ T511] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 30.889277][ T609] loop1: detected capacity change from 0 to 2048 [ 30.912372][ T609] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 30.926475][ T601] loop5: detected capacity change from 0 to 40427 [ 30.939780][ T609] EXT4-fs (loop1): mounted filesystem without journal. Opts: mblk_io_submit,min_batch_time=0x000000004d0ef551,,errors=continue. Quota mode: none. [ 31.008254][ T601] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 31.015914][ T601] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 31.027301][ T601] F2FS-fs (loop5): Found nat_bits in checkpoint [ 31.033899][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 31.057579][ T6] usb 5-1: New USB device found, idVendor=056a, idProduct=0029, bcdDevice= 0.00 [ 31.066701][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 31.075932][ T6] usb 5-1: config 0 descriptor?? [ 31.089101][ T601] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 31.096370][ T601] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 31.107696][ T511] usb 1-1: Using ep0 maxpacket: 32 [ 31.107712][ T591] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 31.135476][ T617] netlink: 9 bytes leftover after parsing attributes in process `syz.1.116'. [ 31.145475][ T617] device gretap0 entered promiscuous mode [ 31.155024][ T617] netlink: 5 bytes leftover after parsing attributes in process `syz.1.116'. [ 31.164216][ T617] 0ªX¹¦D: renamed from gretap0 [ 31.170403][ T617] device 30ªX¹¦D left promiscuous mode [ 31.176871][ T617] A link change request failed with some changes committed already. Interface 30ªX¹¦D may have been left with an inconsistent configuration, please check. [ 31.205450][ T617] syz.1.116 (617) used greatest stack depth: 19744 bytes left [ 31.223320][ T619] SELinux: security_context_str_to_sid(user_u) failed for (dev ?, type ?) errno=-22 [ 31.232655][ T619] SELinux: security_context_str_to_sid(user_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 31.277630][ T511] usb 1-1: config 0 has no interfaces? [ 31.311695][ T625] SELinux: Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped). [ 31.447667][ T511] usb 1-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=21.78 [ 31.461853][ T511] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 31.469971][ T511] usb 1-1: Product: syz [ 31.475835][ T511] usb 1-1: Manufacturer: syz [ 31.481172][ T511] usb 1-1: SerialNumber: syz [ 31.498704][ T511] usb 1-1: config 0 descriptor?? [ 31.569543][ T6] wacom 0003:056A:0029.0001: unknown main item tag 0x3 [ 31.576988][ T6] wacom 0003:056A:0029.0001: Unknown device_type for 'HID 056a:0029'. Assuming pen. [ 31.595999][ T6] wacom 0003:056A:0029.0001: hidraw0: USB HID v1.01 Device [HID 056a:0029] on usb-dummy_hcd.4-1/input0 [ 31.608302][ T6] input: Wacom Intuos5 S Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:0029.0001/input/input5 [ 31.740076][ T511] usb 1-1: USB disconnect, device number 3 [ 31.774929][ T6] usb 5-1: USB disconnect, device number 3 [ 31.809765][ T673] loop1: detected capacity change from 0 to 1024 [ 31.845519][ T673] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a000c018, mo2=0002] [ 31.854384][ T673] System zones: 0-1, 3-12 [ 31.859840][ T673] EXT4-fs (loop1): mounted filesystem without journal. Opts: nolazytime,bsddf,barrier=0x0000000000000000,debug,debug_want_extra_isize=0x0000000000000080,resuid=0x0000000000000000,nodelalloc,acl,min_batch_time=0x0000000000000007,,errors=continue. Quota mode: none. [ 31.965374][ T30] kauditd_printk_skb: 104 callbacks suppressed [ 31.965391][ T30] audit: type=1326 audit(1743473829.792:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=680 comm="syz.1.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 32.017567][ T30] audit: type=1326 audit(1743473829.792:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=680 comm="syz.1.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 32.042776][ T30] audit: type=1326 audit(1743473829.822:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=680 comm="syz.1.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 32.067172][ T30] audit: type=1326 audit(1743473829.832:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=680 comm="syz.1.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 32.091196][ T30] audit: type=1326 audit(1743473829.842:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=680 comm="syz.1.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 32.124340][ T30] audit: type=1326 audit(1743473829.842:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=680 comm="syz.1.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 32.152832][ T30] audit: type=1326 audit(1743473829.842:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=680 comm="syz.1.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 32.182941][ T30] audit: type=1326 audit(1743473829.842:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=680 comm="syz.1.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 32.211405][ T30] audit: type=1326 audit(1743473829.842:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=680 comm="syz.1.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 32.238668][ T30] audit: type=1326 audit(1743473829.842:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=680 comm="syz.1.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 32.273606][ T689] Non-string source [ 32.419129][ T710] syz.2.158 uses obsolete (PF_INET,SOCK_PACKET) [ 32.433586][ T712] syz.4.160 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 32.860346][ T752] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 32.905052][ T756] futex_wake_op: syz.1.181 tries to shift op by -1; fix this program [ 32.942414][ T759] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.182' sets config #1 [ 32.989160][ T763] netlink: 16 bytes leftover after parsing attributes in process `syz.1.184'. [ 33.091301][ T768] netlink: 40 bytes leftover after parsing attributes in process `syz.1.186'. [ 33.272610][ T788] syz.5.195[788] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 33.272691][ T788] syz.5.195[788] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 33.489175][ T60] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 33.518863][ T819] xt_bpf: check failed: parse error [ 33.763162][ T853] netlink: 1319 bytes leftover after parsing attributes in process `syz.5.224'. [ 33.828290][ T861] netlink: 'syz.5.227': attribute type 15 has an invalid length. [ 33.867653][ T60] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 33.909915][ T60] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 33.946341][ T875] loop1: detected capacity change from 0 to 256 [ 33.956671][ T871] loop4: detected capacity change from 0 to 1024 [ 34.062010][ T871] EXT4-fs (loop4): Ignoring removed orlov option [ 34.107649][ T60] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 34.116792][ T60] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 34.132021][ T60] usb 1-1: Product: syz [ 34.137957][ T871] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,resgid=0x0000000000000000,errors=remount-ro,grpid,orlov,. Quota mode: none. [ 34.148048][ T60] usb 1-1: Manufacturer: syz [ 34.184608][ T871] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2816: Unable to expand inode 12. Delete some EAs or run e2fsck. [ 34.198613][ T60] usb 1-1: SerialNumber: syz [ 34.214773][ T883] loop1: detected capacity change from 0 to 40427 [ 34.274325][ T883] F2FS-fs (loop1): fault_injection options not supported [ 34.288337][ T883] F2FS-fs (loop1): invalid crc value [ 34.294283][ T897] loop4: detected capacity change from 0 to 128 [ 34.299445][ T883] F2FS-fs (loop1): Found nat_bits in checkpoint [ 34.333281][ T883] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 34.345021][ T897] FAT-fs (loop4): bogus number of FAT sectors [ 34.351436][ T897] FAT-fs (loop4): Can't find a valid FAT filesystem [ 34.363998][ T289] attempt to access beyond end of device [ 34.363998][ T289] loop1: rw=2049, want=45120, limit=40427 [ 34.452967][ T783] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 34.502200][ T905] loop4: detected capacity change from 0 to 2048 [ 34.549142][ T905] EXT4-fs (loop4): mounted filesystem without journal. Opts: min_batch_time=0x000000000000000d,mb_optimize_scan=0x0000000000000001,noblock_validity,,errors=continue. Quota mode: none. [ 34.593919][ T915] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 34.604807][ T915] F2FS-fs (loop3): Unable to read 1th superblock [ 34.612258][ T915] blk_update_request: I/O error, dev loop3, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 34.623942][ T915] F2FS-fs (loop3): Unable to read 2th superblock [ 34.810345][ T921] loop4: detected capacity change from 0 to 40427 [ 34.872489][ T921] F2FS-fs (loop4): fault_injection options not supported [ 34.882648][ T921] F2FS-fs (loop4): invalid crc value [ 34.889848][ T921] F2FS-fs (loop4): Found nat_bits in checkpoint [ 34.925183][ T921] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 34.980005][ T293] attempt to access beyond end of device [ 34.980005][ T293] loop4: rw=2049, want=45112, limit=40427 [ 35.108096][ T783] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 35.347591][ T60] cdc_mbim 1-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 35.357345][ T60] cdc_mbim 1-1:1.0: setting rx_max = 16384 [ 35.391271][ T971] loop5: detected capacity change from 0 to 40427 [ 35.403960][ T971] F2FS-fs (loop5): Invalid Fs Meta Ino: node(0) meta(0) root(83886083) [ 35.412935][ T971] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 35.421772][ T971] F2FS-fs (loop5): fault_injection options not supported [ 35.434603][ T971] F2FS-fs (loop5): invalid crc value [ 35.444787][ T971] F2FS-fs (loop5): Found nat_bits in checkpoint [ 35.474500][ T983] xt_bpf: check failed: parse error [ 35.495679][ T971] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0 [ 35.503547][ T971] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 35.540818][ T971] attempt to access beyond end of device [ 35.540818][ T971] loop5: rw=2049, want=45104, limit=40427 [ 35.556164][ T60] cdc_mbim 1-1:1.0: setting tx_max = 16384 [ 35.573683][ T60] cdc_mbim 1-1:1.0: cdc-wdm0: USB WDM device [ 35.587387][ T60] cdc_mbim 1-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.0-1, CDC MBIM, 42:42:42:42:42:42 [ 35.615228][ T579] attempt to access beyond end of device [ 35.615228][ T579] loop5: rw=2049, want=45112, limit=40427 [ 35.648010][ T60] usb 1-1: USB disconnect, device number 4 [ 35.654197][ T60] cdc_mbim 1-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.0-1, CDC MBIM [ 35.795584][ T1009] netlink: 96 bytes leftover after parsing attributes in process `syz.1.288'. [ 35.810552][ T1011] loop2: detected capacity change from 0 to 512 [ 35.855694][ T1011] EXT4-fs (loop2): Ignoring removed orlov option [ 35.880400][ T1011] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 35.941480][ T1011] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.289: casefold flag without casefold feature [ 35.995436][ T1011] EXT4-fs (loop2): Remounting filesystem read-only [ 36.021911][ T1011] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.289: couldn't read orphan inode 15 (err -117) [ 36.051078][ T1011] EXT4-fs (loop2): Remounting filesystem read-only [ 36.058204][ T1011] EXT4-fs (loop2): mounted filesystem without journal. Opts: orlov,nodelalloc,errors=remount-ro,grpquota,auto_da_alloc,dioread_nolock,quota,. Quota mode: writeback. [ 36.228838][ T1067] capability: warning: `syz.2.304' uses deprecated v2 capabilities in a way that may be insecure [ 36.337321][ T1074] SELinux: failed to load policy [ 36.461057][ T1106] loop2: detected capacity change from 0 to 256 [ 36.508917][ T1106] FAT-fs (loop2): bogus number of FAT sectors [ 36.519648][ T1106] FAT-fs (loop2): Can't find a valid FAT filesystem [ 36.542338][ T1117] loop4: detected capacity change from 0 to 512 [ 36.631099][ T1117] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 36.650949][ T1117] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 36.786193][ T1117] syz.4.320 (1117) used greatest stack depth: 18304 bytes left [ 37.173427][ T30] kauditd_printk_skb: 225 callbacks suppressed [ 37.173444][ T30] audit: type=1400 audit(1743473835.002:527): avc: denied { nlmsg_write } for pid=1163 comm="syz.0.340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 37.249317][ T30] audit: type=1400 audit(1743473835.072:528): avc: denied { mounton } for pid=1168 comm="syz.0.342" path="/29/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 37.315583][ T30] audit: type=1326 audit(1743473835.142:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1175 comm="syz.4.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a41532169 code=0x7ffc0000 [ 37.342712][ T30] audit: type=1400 audit(1743473835.142:530): avc: denied { getopt } for pid=1177 comm="syz.0.346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 37.362647][ T30] audit: type=1326 audit(1743473835.172:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1175 comm="syz.4.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2a41532169 code=0x7ffc0000 [ 37.386952][ T30] audit: type=1326 audit(1743473835.172:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1175 comm="syz.4.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a41532169 code=0x7ffc0000 [ 37.417175][ T1183] rtc_cmos 00:00: Alarms can be up to one day in the future [ 37.422832][ T30] audit: type=1326 audit(1743473835.172:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1175 comm="syz.4.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2a41532169 code=0x7ffc0000 [ 37.449032][ T30] audit: type=1400 audit(1743473835.242:534): avc: denied { write } for pid=1179 comm="syz.0.347" name="random" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1 [ 37.482967][ T30] audit: type=1326 audit(1743473835.302:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1175 comm="syz.4.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a41532169 code=0x7ffc0000 [ 37.515536][ T30] audit: type=1326 audit(1743473835.302:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1175 comm="syz.4.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7f2a41532169 code=0x7ffc0000 [ 37.549727][ T1190] IPv6: Can't replace route, no match found [ 37.655119][ T1209] loop5: detected capacity change from 0 to 512 [ 37.734674][ T1209] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback. [ 37.767807][ T1209] ext4 filesystem being mounted at /64/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 37.804040][ T1227] 9pnet: p9_errstr2errno: server reported unknown error @í΂Í(ááí«Q¶ÜÍM8,0´Ë-’§¥‹fÑF+ùþ/ÿ$„­Æ<[Šž`‰«©šQ;–¯äƒ!©LùJgƒ+‡Ç [ 37.903536][ T1236] overlayfs: option "workdir=." is useless in a non-upper mount, ignore [ 37.940076][ T1236] overlayfs: missing 'lowerdir' [ 38.103714][ T1250] loop2: detected capacity change from 0 to 2048 [ 38.127666][ T511] rtc_cmos 00:00: Alarms can be up to one day in the future [ 38.138243][ T511] rtc_cmos 00:00: Alarms can be up to one day in the future [ 38.159149][ T511] rtc_cmos 00:00: Alarms can be up to one day in the future [ 38.184203][ T511] rtc_cmos 00:00: Alarms can be up to one day in the future [ 38.198158][ T1250] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 38.205945][ T511] rtc rtc0: __rtc_set_alarm: err=-22 [ 38.207917][ T1250] EXT4-fs (loop2): Ignoring removed orlov option [ 38.268757][ T1250] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,grpquota,resgid=0x000000000000ee01,nouid32,auto_da_alloc,mblk_io_submit,minixdf,barrier=0x0000000000000000,orlov,bsddf,,errors=continue. Quota mode: writeback. [ 38.291963][ T26] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 38.292545][ T1243] loop1: detected capacity change from 0 to 40427 [ 38.357861][ T1243] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 38.367153][ T1243] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 38.384904][ T1243] F2FS-fs (loop1): Found nat_bits in checkpoint [ 38.433038][ T1243] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 38.440477][ T1243] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 38.462215][ T1272] syz.0.385[1272] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 38.462307][ T1272] syz.0.385[1272] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 38.531988][ T289] attempt to access beyond end of device [ 38.531988][ T289] loop1: rw=2051, want=53248, limit=40427 [ 38.537605][ T26] usb 6-1: Using ep0 maxpacket: 32 [ 38.543595][ T289] attempt to access beyond end of device [ 38.543595][ T289] loop1: rw=2051, want=73728, limit=40427 [ 38.572310][ T289] F2FS-fs (loop1): Issue discard(6144, 6144, 512) failed, ret: -5 [ 38.572349][ T289] F2FS-fs (loop1): Issue discard(7168, 7168, 2048) failed, ret: -5 [ 38.677720][ T26] usb 6-1: config 0 has no interfaces? [ 38.788559][ T1296] netem: change failed [ 38.811118][ T1300] input: syz0 as /devices/virtual/input/input8 [ 38.877675][ T26] usb 6-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=21.78 [ 38.887043][ T26] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 38.895380][ T26] usb 6-1: Product: syz [ 38.899435][ T26] usb 6-1: Manufacturer: syz [ 38.904558][ T26] usb 6-1: SerialNumber: syz [ 38.918641][ T26] usb 6-1: config 0 descriptor?? [ 38.935891][ T1312] input: syz0 as /devices/virtual/input/input9 [ 39.011986][ T1320] netlink: 64 bytes leftover after parsing attributes in process `syz.4.407'. [ 39.050138][ T1324] syz.4.409[1324] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 39.050213][ T1324] syz.4.409[1324] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 39.162530][ T26] usb 6-1: USB disconnect, device number 2 [ 39.197561][ T956] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 39.300730][ T1337] netlink: 96 bytes leftover after parsing attributes in process `syz.2.415'. [ 39.350416][ T1344] netlink: 64 bytes leftover after parsing attributes in process `syz.4.418'. [ 39.990615][ T1356] Illegal XDP return value 4294966772, expect packet loss! [ 40.136755][ T1358] netlink: 'syz.5.424': attribute type 4 has an invalid length. [ 40.375403][ T1361] loop2: detected capacity change from 0 to 128 [ 40.536901][ T956] usb 2-1: Using ep0 maxpacket: 32 [ 40.544030][ T1360] netlink: 'syz.5.424': attribute type 4 has an invalid length. [ 40.569247][ T1361] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 40.586711][ T1361] ext4 filesystem being mounted at /65/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 40.658507][ T956] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 40.671553][ T956] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 40.682546][ T956] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 40.692426][ T956] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 40.701585][ T956] usb 2-1: config 0 descriptor?? [ 40.766483][ T1385] netlink: 8 bytes leftover after parsing attributes in process `syz.4.436'. [ 40.788196][ T1385] netlink: 12 bytes leftover after parsing attributes in process `syz.4.436'. [ 40.808844][ T1385] Zero length message leads to an empty skb [ 40.855854][ T1395] loop4: detected capacity change from 0 to 1024 [ 40.929961][ T1395] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 40.967873][ T1395] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,noquota,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 41.126394][ T1421] netlink: 8 bytes leftover after parsing attributes in process `syz.2.452'. [ 41.172141][ T1427] netlink: 96 bytes leftover after parsing attributes in process `syz.4.449'. [ 41.217998][ T956] savu 0003:1E7D:2D5A.0002: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 41.479280][ T956] usb 2-1: USB disconnect, device number 2 [ 41.535072][ T1453] loop4: detected capacity change from 0 to 40427 [ 41.569168][ T1453] F2FS-fs (loop4): fault_injection options not supported [ 41.586227][ T1453] F2FS-fs (loop4): invalid crc value [ 41.595675][ T1453] F2FS-fs (loop4): Found nat_bits in checkpoint [ 41.641318][ T1453] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 41.697874][ T1471] netlink: 8 bytes leftover after parsing attributes in process `syz.0.471'. [ 41.711703][ T1471] netlink: 12 bytes leftover after parsing attributes in process `syz.0.471'. [ 41.885586][ T1453] attempt to access beyond end of device [ 41.885586][ T1453] loop4: rw=2049, want=79872, limit=40427 [ 41.904063][ T1453] attempt to access beyond end of device [ 41.904063][ T1453] loop4: rw=2049, want=81920, limit=40427 [ 41.922769][ T1453] attempt to access beyond end of device [ 41.922769][ T1453] loop4: rw=2049, want=51208, limit=40427 [ 41.940409][ T1453] attempt to access beyond end of device [ 41.940409][ T1453] loop4: rw=2049, want=53248, limit=40427 [ 41.959718][ T1453] attempt to access beyond end of device [ 41.959718][ T1453] loop4: rw=2049, want=59416, limit=40427 [ 41.977358][ T1453] attempt to access beyond end of device [ 41.977358][ T1453] loop4: rw=2049, want=61504, limit=40427 [ 41.996880][ T1453] attempt to access beyond end of device [ 41.996880][ T1453] loop4: rw=2049, want=63576, limit=40427 [ 42.015753][ T1453] attempt to access beyond end of device [ 42.015753][ T1453] loop4: rw=2049, want=65632, limit=40427 [ 42.036737][ T1453] attempt to access beyond end of device [ 42.036737][ T1453] loop4: rw=2049, want=67704, limit=40427 [ 42.049028][ T1491] netlink: 96 bytes leftover after parsing attributes in process `syz.1.480'. [ 42.073593][ T1453] attempt to access beyond end of device [ 42.073593][ T1453] loop4: rw=2049, want=69760, limit=40427 [ 42.149846][ T1495] SELinux: failed to load policy [ 42.213860][ T30] kauditd_printk_skb: 119 callbacks suppressed [ 42.213876][ T30] audit: type=1326 audit(1743473840.042:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1503 comm="syz.1.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 42.328269][ T30] audit: type=1326 audit(1743473840.042:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1503 comm="syz.1.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=86 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 42.393623][ T30] audit: type=1326 audit(1743473840.042:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1503 comm="syz.1.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 42.448198][ T30] audit: type=1326 audit(1743473840.072:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1503 comm="syz.1.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 42.473711][ T30] audit: type=1326 audit(1743473840.202:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1523 comm="syz.1.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 42.499166][ T30] audit: type=1326 audit(1743473840.202:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1523 comm="syz.1.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 42.546992][ T30] audit: type=1326 audit(1743473840.202:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1523 comm="syz.1.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 42.586418][ T1537] IPv6: NLM_F_REPLACE set, but no existing node found! [ 42.653388][ T1542] SELinux: failed to load policy [ 42.711506][ T30] audit: type=1400 audit(1743473840.542:663): avc: denied { getopt } for pid=1548 comm="syz.0.508" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 42.740659][ T1553] loop2: detected capacity change from 0 to 256 [ 42.751687][ T30] audit: type=1400 audit(1743473840.562:664): avc: denied { sys_admin } for pid=1546 comm="syz.1.507" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 42.774877][ T30] audit: type=1326 audit(1743473840.602:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1554 comm="syz.0.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd47548a169 code=0x7ffc0000 [ 42.880145][ T1553] FAT-fs (loop2): Directory bread(block 64) failed [ 42.891991][ T1576] syz.1.514[1576] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 42.892074][ T1576] syz.1.514[1576] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 42.903854][ T1553] FAT-fs (loop2): Directory bread(block 65) failed [ 42.976302][ T1553] FAT-fs (loop2): Directory bread(block 66) failed [ 42.996745][ T1553] FAT-fs (loop2): Directory bread(block 67) failed [ 43.016413][ T1553] FAT-fs (loop2): Directory bread(block 68) failed [ 43.027558][ T1553] FAT-fs (loop2): Directory bread(block 69) failed [ 43.044467][ T1553] FAT-fs (loop2): Directory bread(block 70) failed [ 43.054659][ T1553] FAT-fs (loop2): Directory bread(block 71) failed [ 43.061673][ T1553] FAT-fs (loop2): Directory bread(block 72) failed [ 43.076005][ T1553] FAT-fs (loop2): Directory bread(block 73) failed [ 43.125183][ T1590] cgroup: noprefix used incorrectly [ 43.149773][ T1592] loop4: detected capacity change from 0 to 2048 [ 43.218088][ T1592] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none. [ 43.238401][ T1592] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 43.253478][ T1592] EXT4-fs (loop4): Remounting filesystem read-only [ 43.349150][ T1609] loop4: detected capacity change from 0 to 4096 [ 43.387124][ T1621] loop2: detected capacity change from 0 to 512 [ 43.411918][ T1623] 9pnet: p9_errstr2errno: server reported unknown error @þLì²¼  [ 43.441330][ T1609] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 43.457962][ T1627] SELinux: Context system_u:object_r:fixed_disk_device_t:s0 is not valid (left unmapped). [ 43.498678][ T1621] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 43.534863][ T1621] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 44.157583][ T26] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 44.527633][ T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 44.538601][ T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 44.548909][ T26] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 44.562562][ T26] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 44.571983][ T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 44.586544][ T26] usb 2-1: config 0 descriptor?? [ 44.825332][ T1716] loop2: detected capacity change from 0 to 1024 [ 44.857332][ T1716] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 44.947658][ T295] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 45.069018][ T26] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 45.082464][ T26] plantronics 0003:047F:FFFF.0003: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 45.217557][ T295] usb 1-1: Using ep0 maxpacket: 32 [ 45.337709][ T295] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 45.352512][ T295] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 45.372006][ T295] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 45.389715][ T295] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 45.402181][ T295] usb 1-1: config 0 descriptor?? [ 45.494483][ T1755] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.509313][ T1755] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.568215][ T1762] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 45.621333][ T1767] loop4: detected capacity change from 0 to 128 [ 45.652440][ T1772] syz.2.604[1772] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 45.652499][ T1772] syz.2.604[1772] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 45.716025][ T1776] __nla_validate_parse: 5 callbacks suppressed [ 45.716046][ T1776] netlink: 96 bytes leftover after parsing attributes in process `syz.2.607'. [ 45.890028][ T295] savu 0003:1E7D:2D5A.0004: hiddev97,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 45.930144][ T1804] loop4: detected capacity change from 0 to 128 [ 46.016187][ T1804] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 46.026785][ T1804] ext4 filesystem being mounted at /143/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 46.044674][ T1804] syz.4.618 (pid 1804) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 46.056458][ T1804] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-generic)" [ 46.107124][ T1814] loop4: detected capacity change from 0 to 512 [ 46.178746][ T1814] EXT4-fs (loop4): Ignoring removed nobh option [ 46.186813][ T1814] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier=0x0000000000000008,bsddf,nobh,init_itable=0x0000000000000003,data_err=ignore,,errors=continue. Quota mode: none. [ 46.389833][ T511] usb 1-1: USB disconnect, device number 5 [ 46.450525][ T1822] netem: change failed [ 46.743864][ T1827] loop5: detected capacity change from 0 to 256 [ 46.777987][ T1827] exfat: Deprecated parameter 'namecase' [ 46.810338][ T1827] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 47.208252][ T39] usb 2-1: USB disconnect, device number 3 [ 47.251501][ T1871] loop1: detected capacity change from 0 to 2048 [ 47.324797][ T1871] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,minixdf,nolazytime,bsddf,,errors=continue. Quota mode: none. [ 47.338937][ T1871] ext4 filesystem being mounted at /138/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 47.371472][ T1871] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 47.381771][ T30] kauditd_printk_skb: 134 callbacks suppressed [ 47.381796][ T30] audit: type=1400 audit(2000000003.380:800): avc: denied { relabelto } for pid=1870 comm="syz.1.646" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 47.414528][ T1871] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.646: bg 0: block 345: padding at end of block bitmap is not set [ 47.429179][ T1871] EXT4-fs error (device loop1): ext4_xattr_block_set:2197: inode #2: comm syz.1.646: bad block 0 [ 47.487615][ T30] audit: type=1326 audit(2000000003.480:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1892 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd560648169 code=0x7ffc0000 [ 47.516136][ T30] audit: type=1326 audit(2000000003.480:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1892 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd560648169 code=0x7ffc0000 [ 47.549593][ T30] audit: type=1326 audit(2000000003.480:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1892 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd560648169 code=0x7ffc0000 [ 47.574945][ T1895] serio: Serial port ptm0 [ 47.583644][ T30] audit: type=1326 audit(2000000003.480:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1892 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd560648169 code=0x7ffc0000 [ 47.585928][ T1899] loop5: detected capacity change from 0 to 256 [ 47.607844][ T30] audit: type=1326 audit(2000000003.480:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1892 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd560648169 code=0x7ffc0000 [ 47.636924][ T30] audit: type=1326 audit(2000000003.480:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1892 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd560648169 code=0x7ffc0000 [ 47.661043][ T30] audit: type=1326 audit(2000000003.510:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1892 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd560648169 code=0x7ffc0000 [ 47.693183][ T30] audit: type=1326 audit(2000000003.510:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1892 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd560648169 code=0x7ffc0000 [ 47.696058][ T1899] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 47.741531][ T30] audit: type=1326 audit(2000000003.510:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1892 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd560648169 code=0x7ffc0000 [ 47.750831][ T1899] handle_bad_sector: 7 callbacks suppressed [ 47.750851][ T1899] attempt to access beyond end of device [ 47.750851][ T1899] loop5: rw=34817, want=304, limit=256 [ 47.849861][ T1912] netlink: 96 bytes leftover after parsing attributes in process `syz.1.664'. [ 48.046926][ T1936] loop1: detected capacity change from 0 to 1024 [ 48.139196][ T1936] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 48.604519][ T1964] overlayfs: failed to resolve './file1': -2 [ 49.008893][ T2005] syz.0.706[2005] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 49.008973][ T2005] syz.0.706[2005] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 49.079824][ T2010] IPv6: sit1: Disabled Multicast RS [ 49.246090][ T2012] loop2: detected capacity change from 0 to 40427 [ 49.298354][ T2012] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 49.308456][ T2012] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 49.321584][ T2012] F2FS-fs (loop2): Found nat_bits in checkpoint [ 49.367568][ T2012] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 49.378036][ T2012] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 49.625000][ T292] attempt to access beyond end of device [ 49.625000][ T292] loop2: rw=2051, want=53248, limit=40427 [ 49.639870][ T292] attempt to access beyond end of device [ 49.639870][ T292] loop2: rw=2051, want=73728, limit=40427 [ 49.654454][ T292] F2FS-fs (loop2): Issue discard(6144, 6144, 512) failed, ret: -5 [ 49.654495][ T292] F2FS-fs (loop2): Issue discard(7168, 7168, 2048) failed, ret: -5 [ 49.737530][ T2040] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.752479][ T2040] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.971777][ T2054] netlink: 104 bytes leftover after parsing attributes in process `syz.2.724'. [ 50.172443][ T2076] loop2: detected capacity change from 0 to 512 [ 50.200146][ T2075] devpts: called with bogus options [ 50.257435][ T2076] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 50.269678][ T2076] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002] [ 50.297748][ T2076] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2219: inode #15: comm syz.2.729: corrupted in-inode xattr [ 50.360486][ T2076] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.729: couldn't read orphan inode 15 (err -117) [ 50.428136][ T2076] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,max_dir_size_kb=0x0000000000000002,,errors=continue. Quota mode: none. [ 50.701531][ T2108] xt_hashlimit: size too large, truncated to 1048576 [ 51.448287][ T2158] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=2158 comm=syz.0.769 [ 51.474659][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.485229][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.500294][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.509875][ T2158] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=2158 comm=syz.0.769 [ 51.529920][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.539637][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.547333][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.555974][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.570717][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.584062][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.593539][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.601228][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.610249][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.637800][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.645409][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.654158][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.661958][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.670213][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.678206][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.686182][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.694454][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.702245][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.710188][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.718000][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.725418][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.732669][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.739920][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.747136][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.754425][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.761824][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.769230][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.776535][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.784023][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.791408][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.798637][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.806116][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.813873][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.821266][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.828735][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.836116][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.843915][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.851226][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.858720][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.866203][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.873920][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.881213][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.888475][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.895644][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.902999][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.910532][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.918236][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.925387][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.933312][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.940598][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.948286][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.955446][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.962658][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.969944][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.977765][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.985405][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 51.992887][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.000147][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.007337][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.014625][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.021776][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.030293][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.038442][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.046118][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.054122][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.063343][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.071393][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.078581][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.085726][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.093155][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.100791][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.108413][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.115940][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.123358][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.131133][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.138853][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.146015][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.154001][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.162156][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.170180][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.177376][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.184635][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.192245][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.199580][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.207369][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.214943][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.223467][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.231136][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.238373][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.245560][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.253087][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.260447][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.268054][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.275423][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.282638][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.289835][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.297198][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.305042][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.312430][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.319764][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.327010][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.334481][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.342188][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.349389][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.356575][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.363798][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.371009][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.378206][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.385462][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.393231][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.401307][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.408833][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.416512][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.424562][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.432067][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.439887][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.447306][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.454615][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.462184][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.469771][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.476903][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.484571][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.491995][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.499331][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.506691][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.514026][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x1 [ 52.521398][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.528606][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.535779][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.543010][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.550349][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.557600][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x4 [ 52.564771][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.572228][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.579744][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.587396][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x2 [ 52.594771][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.601958][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.609477][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.616633][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.623871][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.631133][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.638616][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.646005][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.653335][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.660689][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.668366][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.675915][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.683235][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.691405][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.698934][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.706549][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.714104][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.721816][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.730855][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.739748][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.751166][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.758895][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.768041][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.776417][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.784835][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.793050][ T6] hid-generic 0000:0010:BBD7.0005: unknown main item tag 0x0 [ 52.800905][ T6] hid-generic 0000:0010:BBD7.0005: hidraw0: HID v0.40 Device [syz1] on syz1 [ 52.934512][ T2199] netlink: 8 bytes leftover after parsing attributes in process `syz.1.787'. [ 52.993281][ T30] kauditd_printk_skb: 55 callbacks suppressed [ 52.993297][ T30] audit: type=1326 audit(2000000008.990:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2207 comm="syz.1.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 53.040828][ T30] audit: type=1326 audit(2000000009.020:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2207 comm="syz.1.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 53.066795][ T2213] loop4: detected capacity change from 0 to 512 [ 53.107611][ T30] audit: type=1326 audit(2000000009.020:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2207 comm="syz.1.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 53.138884][ T30] audit: type=1326 audit(2000000009.020:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2207 comm="syz.1.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 53.164155][ T2219] overlayfs: failed to resolve './file1': -2 [ 53.184674][ T2213] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,nolazytime,minixdf,,errors=continue. Quota mode: writeback. [ 53.227561][ T30] audit: type=1326 audit(2000000009.020:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2207 comm="syz.1.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 53.251167][ T30] audit: type=1326 audit(2000000009.020:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2207 comm="syz.1.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 53.267689][ T2213] ext4 filesystem being mounted at /177/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 53.280799][ T30] audit: type=1326 audit(2000000009.020:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2207 comm="syz.1.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 53.326762][ T30] audit: type=1400 audit(2000000009.030:872): avc: denied { create } for pid=2205 comm="syz.4.790" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 53.363349][ T30] audit: type=1326 audit(2000000009.030:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2207 comm="syz.1.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01295bc169 code=0x7ffc0000 [ 53.427565][ T30] audit: type=1400 audit(2000000009.030:874): avc: denied { create } for pid=2209 comm="syz.2.793" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 53.594455][ T2240] SELinux: failed to load policy [ 53.701364][ T2250] loop4: detected capacity change from 0 to 512 [ 53.744708][ T2252] loop2: detected capacity change from 0 to 512 [ 53.789666][ T2250] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 53.822834][ T2250] EXT4-fs (loop4): 1 truncate cleaned up [ 53.838532][ T2250] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv0,,errors=continue. Quota mode: none. [ 53.890794][ T2252] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback. [ 53.913199][ T2252] ext4 filesystem being mounted at /150/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.155097][ T2294] SELinux: policydb magic number 0x3 does not match expected magic number 0xf97cff8c [ 54.165724][ T2277] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 54.173550][ T2294] SELinux: failed to load policy [ 54.194851][ T2277] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 54.629323][ T289] ------------[ cut here ]------------ [ 54.634687][ T289] WARNING: CPU: 0 PID: 289 at fs/inode.c:332 drop_nlink+0xc1/0x110 [ 54.664011][ T289] Modules linked in: [ 54.676067][ T289] CPU: 0 PID: 289 Comm: syz-executor Not tainted 5.15.178-syzkaller-00034-g5e1b899f19c3 #0 [ 54.691702][ T2342] device wireguard0 entered promiscuous mode [ 54.697767][ T289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 54.707752][ T289] RIP: 0010:drop_nlink+0xc1/0x110 [ 54.712702][ T289] Code: 1e 48 8d bb b8 04 00 00 be 08 00 00 00 e8 d7 f5 f0 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 9f 88 ae ff <0f> 0b eb 88 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c [ 54.737555][ T289] RSP: 0018:ffffc900009d7c88 EFLAGS: 00010293 [ 54.745049][ T289] RAX: ffffffff81c1e411 RBX: 0000000000000000 RCX: ffff88810b20a780 [ 54.771977][ T289] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 54.796425][ T289] RBP: ffffc900009d7cb0 R08: ffffffff81c1e394 R09: 0000000000000003 [ 54.827596][ T289] R10: fffff5200013af80 R11: dffffc0000000001 R12: dffffc0000000000 [ 54.836037][ T289] R13: 1ffff1102528bdda R14: ffff88812945ee88 R15: ffff88812945eed0 [ 54.850251][ T289] FS: 0000555580b25500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 54.867675][ T289] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 54.877692][ T289] CR2: 0000000000000001 CR3: 00000001244f4000 CR4: 00000000003506b0 [ 54.893392][ T289] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 54.907684][ T289] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 54.921533][ T289] Call Trace: [ 54.924757][ T289] [ 54.937747][ T289] ? show_regs+0x58/0x60 [ 54.941877][ T289] ? __warn+0x160/0x2f0 [ 54.945856][ T289] ? drop_nlink+0xc1/0x110 [ 54.958291][ T289] ? report_bug+0x3d9/0x5b0 [ 54.967551][ T289] ? drop_nlink+0xc1/0x110 [ 54.971814][ T289] ? handle_bug+0x41/0x70 [ 54.996342][ T289] ? exc_invalid_op+0x1b/0x50 [ 55.010832][ T289] ? asm_exc_invalid_op+0x1b/0x20 [ 55.027550][ T289] ? drop_nlink+0x44/0x110 [ 55.037512][ T289] ? drop_nlink+0xc1/0x110 [ 55.042607][ T289] ? drop_nlink+0xc1/0x110 [ 55.077533][ T289] ? drop_nlink+0xc1/0x110 [ 55.082001][ T289] shmem_rmdir+0x59/0x90 [ 55.086075][ T289] vfs_rmdir+0x324/0x470 [ 55.100783][ T289] incfs_kill_sb+0x113/0x230 [ 55.108117][ T289] deactivate_locked_super+0xad/0x110 [ 55.113491][ T289] deactivate_super+0xbe/0xf0 [ 55.129939][ T289] cleanup_mnt+0x45c/0x510 [ 55.143229][ T289] __cleanup_mnt+0x19/0x20 [ 55.157898][ T289] task_work_run+0x129/0x190 [ 55.162351][ T289] exit_to_user_mode_loop+0xc4/0xe0 [ 55.184940][ T289] exit_to_user_mode_prepare+0x5a/0xa0 [ 55.195245][ T289] syscall_exit_to_user_mode+0x26/0x160 [ 55.205009][ T2380] loop2: detected capacity change from 0 to 512 [ 55.207522][ T289] do_syscall_64+0x47/0xb0 [ 55.215469][ T289] ? clear_bhb_loop+0x35/0x90 [ 55.224931][ T289] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 55.231421][ T2379] cgroup: No subsys list or none specified [ 55.237250][ T289] RIP: 0033:0x7f01295bd497 [ 55.248644][ T289] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 55.249615][ T2379] syzkaller0: tun_chr_ioctl cmd 1074025676 [ 55.270340][ T289] RSP: 002b:00007ffe09931468 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 55.287157][ T289] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f01295bd497 [ 55.288465][ T2380] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 55.303080][ T289] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe09931520 [ 55.311609][ T2380] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 55.313049][ T2379] syzkaller0: owner set to 1 [ 55.318795][ T289] RBP: 00007ffe09931520 R08: 0000000000000000 R09: 0000000000000000 [ 55.318815][ T289] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe099325b0 [ 55.318830][ T289] R13: 00007f012963d08c R14: 000000000000d552 R15: 00007ffe099325f0 [ 55.357782][ T2383] device batadv_slave_1 entered promiscuous mode [ 55.369340][ T289] [ 55.372992][ T289] ---[ end trace aaa8b5933643f1e4 ]--- [ 55.379730][ T289] ================================================================== [ 55.380508][ T2382] device batadv_slave_1 left promiscuous mode [ 55.387982][ T289] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60 [ 55.388017][ T289] Write of size 4 at addr 0000000000000170 by task syz-executor/289 [ 55.388033][ T289] [ 55.388039][ T289] CPU: 0 PID: 289 Comm: syz-executor Tainted: G W 5.15.178-syzkaller-00034-g5e1b899f19c3 #0 [ 55.388061][ T289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 55.388073][ T289] Call Trace: [ 55.388080][ T289] [ 55.388089][ T289] dump_stack_lvl+0x151/0x1c0 [ 55.399643][ T2380] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 55.400237][ T289] ? io_uring_drop_tctx_refs+0x190/0x190 [ 55.419603][ T2380] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 55.422227][ T289] ? _raw_spin_lock+0xa4/0x1b0 [ 55.447583][ T2380] EXT4-fs (loop2): 1 truncate cleaned up [ 55.451193][ T289] ? _raw_spin_trylock_bh+0x190/0x190 [ 55.451231][ T289] kasan_report+0x16f/0x1c0 [ 55.468239][ T2380] EXT4-fs (loop2): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 55.469730][ T289] ? ihold+0x20/0x60 [ 55.509119][ T289] ? ihold+0x20/0x60 [ 55.512936][ T289] kasan_check_range+0x293/0x2a0 [ 55.517808][ T289] __kasan_check_write+0x14/0x20 [ 55.522583][ T289] ihold+0x20/0x60 [ 55.526231][ T289] vfs_rmdir+0x201/0x470 [ 55.530487][ T289] incfs_kill_sb+0x113/0x230 [ 55.535165][ T289] deactivate_locked_super+0xad/0x110 [ 55.540476][ T289] deactivate_super+0xbe/0xf0 [ 55.545729][ T289] cleanup_mnt+0x45c/0x510 [ 55.550329][ T289] __cleanup_mnt+0x19/0x20 [ 55.554737][ T289] task_work_run+0x129/0x190 [ 55.559399][ T289] exit_to_user_mode_loop+0xc4/0xe0 [ 55.564427][ T289] exit_to_user_mode_prepare+0x5a/0xa0 [ 55.569722][ T289] syscall_exit_to_user_mode+0x26/0x160 [ 55.575639][ T289] do_syscall_64+0x47/0xb0 [ 55.579982][ T289] ? clear_bhb_loop+0x35/0x90 [ 55.584481][ T289] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 55.590326][ T289] RIP: 0033:0x7f01295bd497 [ 55.594600][ T289] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 55.614224][ T289] RSP: 002b:00007ffe09931468 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 55.622470][ T289] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f01295bd497 [ 55.630280][ T289] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe09931520 [ 55.638359][ T289] RBP: 00007ffe09931520 R08: 0000000000000000 R09: 0000000000000000 [ 55.646160][ T289] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe099325b0 [ 55.654002][ T289] R13: 00007f012963d08c R14: 000000000000d552 R15: 00007ffe099325f0 [ 55.661916][ T289] [ 55.664779][ T289] ================================================================== [ 55.672983][ T289] Disabling lock debugging due to kernel taint [ 55.689260][ T289] BUG: kernel NULL pointer dereference, address: 0000000000000170 [ 55.696966][ T289] #PF: supervisor write access in kernel mode [ 55.702825][ T289] #PF: error_code(0x0002) - not-present page [ 55.708626][ T289] PGD 129351067 P4D 129351067 PUD 0 [ 55.713743][ T289] Oops: 0002 [#1] PREEMPT SMP KASAN [ 55.719091][ T289] CPU: 0 PID: 289 Comm: syz-executor Tainted: G B W 5.15.178-syzkaller-00034-g5e1b899f19c3 #0 [ 55.730459][ T289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 55.740369][ T289] RIP: 0010:ihold+0x25/0x60 [ 55.744824][ T289] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 b1 80 ae ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 c0 ed f0 ff bb 01 00 00 00 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 34 84 ae [ 55.764354][ T289] RSP: 0018:ffffc900009d7cc8 EFLAGS: 00010246 [ 55.770253][ T289] RAX: ffff88810b20a700 RBX: 0000000000000001 RCX: ffff88810b20a780 [ 55.778152][ T289] RDX: 0000000000000000 RSI: 0000000000000286 RDI: 00000000ffffffff [ 55.785965][ T289] RBP: ffffc900009d7cd8 R08: ffffffff8141a9ab R09: 0000000000000003 [ 55.793881][ T289] R10: fffffbfff0e9aa4c R11: dffffc0000000001 R12: dffffc0000000000 [ 55.801935][ T289] R13: ffff88812fc45770 R14: 0000000000000000 R15: 1ffff11025f88af4 [ 55.809949][ T289] FS: 0000555580b25500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 55.818713][ T289] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 55.825147][ T289] CR2: 0000000000000170 CR3: 00000001244f4000 CR4: 00000000003506b0 [ 55.832946][ T289] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 55.840928][ T289] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 55.848943][ T289] Call Trace: [ 55.852044][ T289] [ 55.854817][ T289] ? __die_body+0x62/0xb0 [ 55.859085][ T289] ? __die+0x7e/0x90 [ 55.862924][ T289] ? page_fault_oops+0x7f9/0xa90 [ 55.867892][ T289] ? _raw_spin_unlock+0x4d/0x70 [ 55.872963][ T289] ? kernelmode_fixup_or_oops+0xd0/0xd0 [ 55.878368][ T289] ? __schedule+0xcd4/0x1590 [ 55.883448][ T289] ? exc_page_fault+0x510/0x7f0 [ 55.888324][ T289] ? asm_exc_page_fault+0x27/0x30 [ 55.894119][ T289] ? check_panic_on_warn+0x5b/0xb0 [ 55.899400][ T289] ? ihold+0x25/0x60 [ 55.903114][ T289] ? ihold+0x20/0x60 [ 55.907659][ T289] vfs_rmdir+0x201/0x470 [ 55.912644][ T289] incfs_kill_sb+0x113/0x230 [ 55.917853][ T289] deactivate_locked_super+0xad/0x110 [ 55.924026][ T289] deactivate_super+0xbe/0xf0 [ 55.928985][ T289] cleanup_mnt+0x45c/0x510 [ 55.934115][ T289] __cleanup_mnt+0x19/0x20 [ 55.938640][ T289] task_work_run+0x129/0x190 [ 55.943689][ T289] exit_to_user_mode_loop+0xc4/0xe0 [ 55.949163][ T289] exit_to_user_mode_prepare+0x5a/0xa0 [ 55.954489][ T289] syscall_exit_to_user_mode+0x26/0x160 [ 55.960406][ T289] do_syscall_64+0x47/0xb0 [ 55.964767][ T289] ? clear_bhb_loop+0x35/0x90 [ 55.969629][ T289] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 55.976220][ T289] RIP: 0033:0x7f01295bd497 [ 55.980694][ T289] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 56.000415][ T289] RSP: 002b:00007ffe09931468 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 56.009190][ T289] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f01295bd497 [ 56.017628][ T289] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe09931520 [ 56.025520][ T289] RBP: 00007ffe09931520 R08: 0000000000000000 R09: 0000000000000000 [ 56.034045][ T289] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe099325b0 [ 56.041945][ T289] R13: 00007f012963d08c R14: 000000000000d552 R15: 00007ffe099325f0 [ 56.049844][ T289] [ 56.052707][ T289] Modules linked in: [ 56.056629][ T289] CR2: 0000000000000170 [ 56.060630][ T289] ---[ end trace aaa8b5933643f1e5 ]--- [ 56.065984][ T289] RIP: 0010:ihold+0x25/0x60 [ 56.070409][ T289] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 b1 80 ae ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 c0 ed f0 ff bb 01 00 00 00 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 34 84 ae [ 56.090559][ T289] RSP: 0018:ffffc900009d7cc8 EFLAGS: 00010246 [ 56.096537][ T289] RAX: ffff88810b20a700 RBX: 0000000000000001 RCX: ffff88810b20a780 [ 56.105237][ T289] RDX: 0000000000000000 RSI: 0000000000000286 RDI: 00000000ffffffff [ 56.113058][ T289] RBP: ffffc900009d7cd8 R08: ffffffff8141a9ab R09: 0000000000000003 [ 56.121225][ T289] R10: fffffbfff0e9aa4c R11: dffffc0000000001 R12: dffffc0000000000 [ 56.129542][ T289] R13: ffff88812fc45770 R14: 0000000000000000 R15: 1ffff11025f88af4 [ 56.137563][ T289] FS: 0000555580b25500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 56.146311][ T289] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 56.152746][ T289] CR2: 0000000000000170 CR3: 00000001244f4000 CR4: 00000000003506b0 [ 56.160635][ T289] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 56.168444][ T289] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 56.176355][ T289] Kernel panic - not syncing: Fatal exception [ 56.182507][ T289] Kernel Offset: disabled [ 56.186673][ T289] Rebooting in 86400 seconds..