last executing test programs: 1.837838323s ago: executing program 3 (id=1455): r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) r3 = openat$selinux_policy(0xffffff9c, &(0x7f0000000200), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r3, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0xffa8) 1.696007026s ago: executing program 3 (id=1456): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18) r2 = add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, r2) 1.638333396s ago: executing program 3 (id=1457): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000140), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xa0242, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x169142, 0x0) fcntl$setlease(r1, 0x400, 0x1) symlinkat(&(0x7f0000000000)='.\x02\x00', r0, &(0x7f0000000180)='.\x02\x00') rename(&(0x7f0000000800)='.\x02\x00', &(0x7f0000000840)='./file1\x00') renameat2(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file7\x00', 0x0) 1.349002841s ago: executing program 0 (id=1459): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x33f}, 0x1, 0x0, 0x0, 0xc0d0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$pppl2tp(0x18, 0x1, 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94) connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r1, {}, 0xa}}, 0x26) sendmmsg$inet(r2, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040) 1.287026632s ago: executing program 0 (id=1461): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) syz_io_uring_setup(0xd3c, 0x0, 0x0, 0x0) syz_clone(0x2000, 0x0, 0x0, 0x0, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r2, 0xc0105500, &(0x7f0000000040)={0x0, 0x3, 0x1, 0x3, 0x0, 0x7, 0x0}) 1.142245054s ago: executing program 0 (id=1464): r0 = socket$inet(0x2, 0x80001, 0x84) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000000040)=@buf={0x72, &(0x7f0000000300)="555c6273f1367be9f8e9ad7b40e1abeccad1c74c9682fe14e2e0477928cb604127b6c62d7507bd0e7f3e2fcf36fb9ab12ebc4082992926dd9a1abddeed69a260e72b0a74847c4a7cc66a9b236340bb051bbd6918514d37380c3299c696d7b630b823fb6911849ad0ec49e0fb49b8746a81e6"}) 1.030592415s ago: executing program 1 (id=1467): r0 = socket$l2tp6(0xa, 0x2, 0x73) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000280)=ANY=[@ANYBLOB="1b0204"], 0x18) sendto$inet6(r0, 0x0, 0xf5, 0x4000000, &(0x7f0000000000)={0xa, 0xd9, 0xfffffffc, @empty, 0x100000}, 0x1c) 1.027939596s ago: executing program 0 (id=1468): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r3, &(0x7f0000000140)="24000000010006", 0x7) 973.137166ms ago: executing program 1 (id=1470): openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000040)={0x0, 0xa0b3}) mkdirat(0xffffffffffffff9c, &(0x7f0000000d40)='./file0\x00', 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0) open_tree(r0, &(0x7f0000000640)='\x00', 0x89901) 945.892346ms ago: executing program 0 (id=1472): socket$kcm(0x1e, 0x1, 0x0) set_mempolicy(0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$inet_udp(0x2, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000080)='./bus\x00', 0x2000c10, &(0x7f0000000240)=ANY=[], 0x2, 0xa17, &(0x7f0000000280)="$eJzs3UtsnOW5B/D/50viGJQEyOFwEJBJOAkGfBzbOSQnYsFJ7Eli6ktlOxJRF4QSp0rjlpa0EqBKBKnqqqiVWnXR7lBX7QaJTdlUqJt21666qFSx6h51la5cfTNjZ3wZj20cO4Tfzxp/t+d73+e7vp7xzLzhi2XhwLKphYXaY4vTl36zAxlzDzs3+ukHH75fPt67lT3pzAvF75KeJJWkK8ljSffI6PTURJuCbiRXknySFEn2pj7ckCspfpIH70x/kuJXZb0t7dloybSzwJfabp9/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwLypGRgcHh4o9GZu89EqlLqmsMjI6PVVkYWH1ksV16j6u9fpdfNy23qQoH+npaXT1/fZjh+4sfjRJ5WieqE89UeuQPD1554FHD774SFfH4vqtsvlc9m682Jtvv3Pjtfn5uTdbhyy8W9+G7cntHnOhOjk2MzU2cfZCtTI2M1U5c+rU4ImL52cq58fGqzOXZ2arE5WR6erZ2anpSt/Is5WhM2dOVqoDl6cuTV4YHRivLs48/T/Dg4OnKi8PfLV6dnpmavLEywMzIxfHxsfHJi/UYsrFZczp8kT8ythsZbZ6dqJSuXZ9fu7kipw6V+7sMmio3ZaUQcPtgoYHh4eHhoaHh95r9J69NOPUC2deOD042DW4QlZF3KWTlnvLvtaHebtv4bBlHfX2P98cz1gmcymvpLLmz0hGM52pTKyYn6VhzWL7f+xEdd16m9v/Rivf1bT48fLX0TzVmOxp0f63yHXnfm7m7byTG3kt85nPXN7c9Yx29udCqpnMWGYylbFM5GxtTqUxp5IzOZVTGcyruZjDmUkl5zOW8VQzk8uZyWyqtTNqJNOp5mxmM5XpVNKXkTybSoZyJmdyMpVUM5DLmcqlTOZCRnO2Vsq1XK/t95Pr5LgUNLSRoOF1glY25uW5vrn2v3q//iXIhm3/TRy2aKHR/u9pH9o3shMJAQAAANvuv/6U/Yce/uPfkyJP1l6XPz82Xn1pt9MCAAAAtlHt7XpPlIPucuzJntrz/8HdTgsAAADYRkXtM3ZFkt4cro8tfhLKiwAAAABwn6j9//+pFIebJhPP/wEAAOB+0v479ttGFP2LX/9buVofXm1E1KeK3vNj49WBkanxF4dyvPYtA0meXF1aZ1J01z5+8FyO1KOO9NaHvXdKLOvsKaOGBl4cynM52tiQvqfLwdN9a0QO1yOfqUc+0xzZmWWRJ8tIALjfHV2nPW7T/u+rzS2K4rn01yP6H681+V2Pr9EGD2pZAeBesdTHzr8aXZqt0f43Ip5q9fz/f9d5/l9GPJxrh+sfKRjI63kj87ma/jTecXB4rVIXeyOovw2hv82rAb2Njyz85XRH+le9HtCztK3NsXMZTv+arwg0lVss5nCyHtd5d44BAOy0o+u2wxto/7tS9Ld5/t/rI4UAcE9Z6sF+EyPvbiZ47s2bu72NAMByWmkAAAAAAAAAAAAAAAAAAAAAAAAAAADYfhv6Av8/H0/m5+eSLXQWsOWRns1kuP5IR3Yo510f6UyyW7W/lE2vVR7jz1Hpb/c1Vv/H7u/5+25kl29MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7Igi6VxrfkeyN8lgkhP1yfvDrd1OYLtU9mxpteJ2buet7N/2fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvuQa3//fkfrwgfqsdHUkx5JcSfK13c5xO93e7QTujqJ9yLfqgXe+/78j6c5Cka76YU/RPTI6PTVRFlXsLZd/+sGH75eP9mWv7lWhLKCsYVnnEo0amuZ0L1/rodpavaNzN298743vVEbP1U7Mc7Pnx0cnLkz//53AR4uPkkrqj0WL+f7g2O9/2jS70VFC8VG5pWtbWe/5Wr2jq+v9z7XWblHvBlyfnxsua5qtvjL7/W9ff6tp0cM5kjzdl/Qtr+kb5aNFTUdW7s/lis+KHxX784tcqR3/cm8UC0V5iA7Utn/ftevzcwOvvzF/dSmnd5fldDCHk1xNejae0+HW52btrOvoLmsdrAWVvw61KW9dTSUOtdivD9VOmd5NbUOlzfXVZr83Mjq5ZkY/++4jOb7pI328TY1rKj4r/lZczF/zw6b+PzrK438sa16daxRRi2w6U5qXLbu8OuqRtS0fbl7w6soyW16VbJt9S2M/ztfzf0vHv6Pp/t84VjtzP2qqce3rItn8dfHrA6talDtqLdKhFS1S4+7Tap1GnofqUS3y/I88Xy9zE3eU59u12G3W/8MWr/9fFn35Z27p/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALj3FUnnWvM7kmNJDiY5UE5XkoWVMbe2UF9Hb7GVNDdkIyVvJecvnqLlhha3cztvZf9OZwQAAAAAAADA3XFu9NMPPny/fNT+a96Z/+5oLKkkXUkOFj/vHhmdnppoU1B3cmXxH+89m8vhSvnrwTvTn5RTj7VZ6e69fQAA7nv/DgAA//+aNm7H") brk(0x20001000) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) 945.399846ms ago: executing program 1 (id=1473): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x6) symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r3, &(0x7f00000003c0)='./file0\x00') readlinkat(r3, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f00000002c0)=""/198, 0xc6) 813.885348ms ago: executing program 1 (id=1476): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x18) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000540)='./bus\x00', 0x8800, &(0x7f00000006c0)={[{@errors_remount}, {@sysvgroups}, {@minixdf}]}, 0x1, 0x50c, &(0x7f0000001000)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLEaGVEHsEqRsSN4pix1HsLJvQQ3rmikQlTvTIH8C5Jw7cuCC4cSkHJH5EoAaJg9GMJ6mb2o3VJHYUfz7SaObNm/r7fXH8Xuc59gtgZF2PiP2ImIiITyNiNjufy7b4qL0l1z05uLdyeHBvJRet1if/zKX1ybno+DeJa9ljFiPihw8jfpJ7Pm5jd29juVqtbGfl+WZta76xu3drvba8VlmrbJbLS4tLCx/cfr98bm19qzaRHX318R/2v/WzJK2Z7ExnO85Tu+mF4ziJ8Yj4/kUEG4KxrD0Tw06El5KPiNcj4u309T8bY+mzCQBcZa3WbLRmO8sAwFWXT+fAcvlSNhcwE/l8qdSew3sjpvPVeqN58259Z3O1PVc2F4X83fVqZSGbK5yLQi4pL6bHT8vlE+XbEfFaRPxiciotl1bq1dVh/scHAEbYtRPj/38m2+M/AHDFFYedAAAwcD3G//1B5wEADI77fwAYPcZ/ABg97fF/athpAAAD5P4fAEaP8R8ARsoPPv442VqH2fdfr362u7NR/+zWaqWxUartrJRW6ttbpbV6fS39zp7aaY9Xrde3Ft+Lnc/nvr3VaM43dvfu1Oo7m8076fd636kU0qt8sgAAhum1tx79OZeMyB9OpVt0rOVQGGpmwEXLDzsBYGjGhp0AMDRW+4LRdYZ7fNMDcEV0WaL3GcVuHxBqtVqti0sJuGA3vmT+H0ZVx/y/vwKGEWP+H0aX+X8YXa1Wrt81/6PfCwGAy80cP9Dj/f/Xs/1vsjcHfrx68ooHF5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXG5H6/+WsrXAZyKfL5UiXomIuSjk7q5XKwsR8WpE/GmyMJmUF4ecMwBwVvm/5bL1v27MvjvzTNWb144PJyLip7/65JefLzeb23+MmMj9a/LofPNBdr48+OwBgNMdjdPpvuNG/snBvZWjbZD5/P27EVFsxz88mIjD4/jjMZ7ui1GIiOl/57JyW65j7uIs9u9HxBe7tT8XM+kcSHvl05Pxk9ivDDR+/pn4+bSuvU9+Fl84h1xg1DxK+p+Pur3+8nE93Xd//RfTHurssv4veaiVw7QPfBr/qP8b69H/Xe83xnu/+177aOr5uvsRXx6POIp92NH/HMXP9Yj/bp/x//KVN9/uVdf6dcSN6B6/M9Z8s7Y139jdu7VeW16rrFU2y+WlxaWFD26/X55P56jne48G//jw5qu96pL2T/eIXzyl/V/vs/0P//fpj772gvjffKdb/Hy88YL4yZj4jT7jL0//ttirLom/2qP9pz3/N/uM//ive88tGw4ADE9jd29juVqtbI/kQfR38e+zH9alyHmkD5Jn4RKk0fXgO4OKNRHdq37+TvvXdDKi8xe71XqpWL16jPOYdQMug+MXfUT8d9jJAAAAAAAAAAAAAAAAXQ3iE0vDbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABX1/8DAAD//9RMyv0=") r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x3) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000240)={0x3920e, r1, 0x2, 0x0, 0x2}) bpf$MAP_CREATE(0x0, 0x0, 0x50) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x108) 787.680669ms ago: executing program 3 (id=1477): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x140, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000001040)={{0x1, 0x1, 0x1018}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'}) 697.33815ms ago: executing program 1 (id=1481): r0 = syz_io_uring_setup(0x110, &(0x7f0000000300)={0x0, 0xfad6, 0x80, 0x0, 0x87}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r5 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x5, r5, 0x0, 0x0, 0x0, 0x80000, 0x2}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 671.6379ms ago: executing program 0 (id=1483): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000e40)=[{{0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f00000002c0)="cc", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000380)="12", 0x1}], 0x1}}], 0x2, 0x50) syz_usb_disconnect(0xffffffffffffffff) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='illinois\x00', 0x9) shutdown(r0, 0x2) 653.682401ms ago: executing program 3 (id=1485): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000001d40)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000380)='udp_fail_queue_rcv_skb\x00', r1, 0x0, 0x6}, 0x18) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x21}}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 445.191013ms ago: executing program 3 (id=1487): perf_event_open(&(0x7f0000000a80)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x5, 0x2240, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x1}, 0x0, 0x80000, 0x8, 0x8, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000900)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0xffff, 0x7, &(0x7f0000000380)=""/7, 0x41000, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x5, 0x5}, 0x8, 0x10, &(0x7f0000000700)={0x3, 0xe, 0x6, 0xfffff190}, 0x10, 0x28e48, 0xffffffffffffffff, 0x4, 0x0, &(0x7f0000000780)=[{0x4, 0x4, 0x4, 0x3}, {0x3, 0x2, 0x10, 0x5}, {0x1, 0x3, 0xc, 0x8}, {0x4, 0x5, 0x4, 0xa}], 0x10, 0x2, @void, @value}, 0x94) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0) syz_usb_connect$cdc_ecm(0x4, 0x281a6676de9560a0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x1}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) 377.623235ms ago: executing program 1 (id=1489): syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12) write(r1, &(0x7f0000004200)='t', 0x1) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7ffff000) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='unmap\x00'}, 0x18) mount$9p_fd(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000400), 0x0, &(0x7f0000000800)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_uid}, {@dfltgid}, {@afid={'afid', 0x3d, 0x68a3fc58}}], [{@smackfstransmute={'smackfstransmute', 0x3d, 'GPL\x00'}}, {@smackfshat={'smackfshat', 0x3d, 'kmem_cache_free\x00'}}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@fowner_gt}, {@fowner_gt}, {@hash}]}}) 373.835795ms ago: executing program 4 (id=1491): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000400)='percpu_alloc_percpu\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 348.522505ms ago: executing program 4 (id=1492): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 178.490988ms ago: executing program 2 (id=1494): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]}) syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) getresgid(0x0, 0x0, 0x0) lchown(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) 140.346448ms ago: executing program 2 (id=1495): bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a300000000014000780050015000000000008001240000000000d000300686173683a6e657400000000050005000a000000050004"], 0x5c}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c00000003060500001f0000000000000000000605000100"], 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0) 140.038458ms ago: executing program 4 (id=1496): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001a0000000c00018008000100", @ANYRES32=r3], 0x20}}, 0x0) 139.736908ms ago: executing program 2 (id=1497): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57) setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) r1 = socket$inet(0x2, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0xe, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40) 114.697159ms ago: executing program 4 (id=1498): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0b00000007000000ab0000000800000005"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f00000003c0), &(0x7f0000000580), 0x1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000004c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ff8}]}) rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440)) r2 = memfd_create(&(0x7f0000000600)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LL;\xd6\x84\x195\x06\x00\x00\x00~\xf3\x83\x18\xe4\xe8\xac\xc1\xa4y\x89m\x80\xf4k\xfbS\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xa7C\xc6\x01\x1d\xd9^\xaf\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xef\xf6c%n', 0x4) fallocate(r2, 0x0, 0x400000000000000, 0x2) 114.268518ms ago: executing program 2 (id=1499): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffb, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_io_uring_setup(0x762f, &(0x7f0000000140)={0x0, 0x114dd, 0x10, 0xffffffff, 0x320}, &(0x7f00000004c0)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000380)='./file0/../file0\x00', 0xffffffffffffffff, 0x1000, 0x1}) io_uring_enter(r2, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f) 77.503399ms ago: executing program 2 (id=1500): socket$inet(0x2, 0xa, 0x3) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=@newtfilter={0x40, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0x6}, {}, {0x7}}, [@filter_kind_options=@f_flow={{0x9}, {0x10, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x1536c}, @TCA_FLOW_ACT={0x4}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x0) 76.980489ms ago: executing program 4 (id=1501): unshare(0x2040400) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = fsopen(&(0x7f0000000440)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) unshare(0x2000400) fsmount(r2, 0x0, 0x0) 9.03267ms ago: executing program 4 (id=1502): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xb}]}) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6) close_range(r0, 0xffffffffffffffff, 0x0) 0s ago: executing program 2 (id=1503): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0, 0x0, 0x10000000000ac6}, 0x18) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300) futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0) kernel console output (not intermixed with test programs): _adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 30.310773][ T3319] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 30.321272][ T29] audit: type=1400 audit(1746753451.968:96): avc: denied { map_create } for pid=3451 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 30.321279][ T3319] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 30.321296][ T3319] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 30.340023][ T29] audit: type=1400 audit(1746753451.968:97): avc: denied { bpf } for pid=3451 comm="syz.0.1" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 30.349838][ T3319] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 30.360241][ T29] audit: type=1400 audit(1746753451.968:98): avc: denied { map_read map_write } for pid=3451 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 30.380415][ T3319] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 30.390231][ T29] audit: type=1400 audit(1746753451.968:99): avc: denied { create } for pid=3451 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 30.390260][ T29] audit: type=1400 audit(1746753451.968:100): avc: denied { prog_load } for pid=3451 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 30.409718][ T3319] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 30.415136][ T3319] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 30.420167][ T29] audit: type=1400 audit(1746753451.968:101): avc: denied { perfmon } for pid=3451 comm="syz.0.1" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 30.496161][ T29] audit: type=1400 audit(1746753451.978:102): avc: denied { prog_run } for pid=3451 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 30.527876][ T3319] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 30.538541][ T3319] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 30.548429][ T3319] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 30.558980][ T3319] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 30.569034][ T3319] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 30.579507][ T3319] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 30.589397][ T3319] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 30.599875][ T3319] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 30.610954][ T3319] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 30.627177][ T3319] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.636048][ T3319] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.644842][ T3319] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.653633][ T3319] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.665457][ T3313] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.674232][ T3313] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.683053][ T3313] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.692019][ T3313] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.875362][ T3471] loop4: detected capacity change from 0 to 164 [ 30.901930][ T3476] loop2: detected capacity change from 0 to 128 [ 30.919973][ T3478] capability: warning: `syz.0.11' uses 32-bit capabilities (legacy support in use) [ 30.923211][ T3471] process 'syz.4.5' launched '/dev/fd/6' with NULL argv: empty string added [ 30.988762][ T3471] syz.4.5: attempt to access beyond end of device [ 30.988762][ T3471] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 31.042217][ T3471] syz.4.5: attempt to access beyond end of device [ 31.042217][ T3471] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 31.108217][ T3482] hub 4-0:1.0: USB hub found [ 31.113065][ T3482] hub 4-0:1.0: 8 ports detected [ 31.190712][ T3494] loop2: detected capacity change from 0 to 128 [ 31.417773][ T3504] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 31.428875][ T3504] SELinux: failed to load policy [ 31.683086][ C1] hrtimer: interrupt took 27756 ns [ 31.704410][ T3520] IPv4: Oversized IP packet from 127.202.26.0 [ 31.755162][ T3514] loop3: detected capacity change from 0 to 8192 [ 31.823864][ T3497] loop3: p1 p2 p3 [ 31.830338][ T3497] loop3: p2 start 3506442254 is beyond EOD, truncated [ 31.837272][ T3497] loop3: p3 size 49412 extends beyond EOD, truncated [ 31.867695][ T3514] loop3: p1 p2 p3 [ 31.872934][ T3514] loop3: p2 start 3506442254 is beyond EOD, truncated [ 31.879861][ T3514] loop3: p3 size 49412 extends beyond EOD, truncated [ 32.036961][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 32.037135][ T3497] udevd[3497]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 32.117013][ T3300] udevd[3300]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 32.128553][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 32.192062][ T3541] bridge_slave_0: left allmulticast mode [ 32.197905][ T3541] bridge_slave_0: left promiscuous mode [ 32.203755][ T3541] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.228542][ T3541] bridge_slave_1: left allmulticast mode [ 32.234273][ T3541] bridge_slave_1: left promiscuous mode [ 32.240143][ T3541] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.293783][ T3541] bond0: (slave bond_slave_0): Releasing backup interface [ 32.311236][ T3541] bond0: (slave bond_slave_1): Releasing backup interface [ 32.341510][ T3541] team0: Port device team_slave_0 removed [ 32.364022][ T3541] team0: Port device team_slave_1 removed [ 32.376782][ T3541] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 32.384227][ T3541] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 32.427630][ T3541] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 32.435147][ T3541] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 32.614456][ T3541] syz.1.38 (3541) used greatest stack depth: 11000 bytes left [ 32.675597][ T3557] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 32.682217][ T3557] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 32.689871][ T3557] vhci_hcd vhci_hcd.0: Device attached [ 32.729693][ T3558] vhci_hcd: connection closed [ 32.730000][ T12] vhci_hcd: stop threads [ 32.739002][ T12] vhci_hcd: release socket [ 32.743497][ T12] vhci_hcd: disconnect device [ 32.875960][ T3582] netlink: 16 bytes leftover after parsing attributes in process `syz.4.55'. [ 32.927998][ T3587] pim6reg1: entered promiscuous mode [ 32.933456][ T3587] pim6reg1: entered allmulticast mode [ 32.942650][ T3589] netlink: 4 bytes leftover after parsing attributes in process `syz.2.58'. [ 33.016433][ T3596] loop4: detected capacity change from 0 to 128 [ 33.025288][ T3596] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 33.038558][ T3596] ext4 filesystem being mounted at /14/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 33.071534][ T3578] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 33.080535][ T3578] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 33.081862][ T3596] EXT4-fs error (device loop4): dx_make_map:1298: inode #2: block 33: comm syz.4.61: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 33.107841][ T3596] EXT4-fs error (device loop4) in do_split:2031: Corrupt filesystem [ 33.132754][ T3596] EXT4-fs error (device loop4): htree_dirblock_to_tree:1082: inode #2: block 33: comm syz.4.61: bad entry in directory: inode out of bounds - offset=2012, inode=128, rec_len=36, size=1024 fake=1 [ 33.163993][ T3313] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 33.187001][ T3602] loop4: detected capacity change from 0 to 512 [ 33.194447][ T3602] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 33.217875][ T3602] EXT4-fs (loop4): 1 orphan inode deleted [ 33.224105][ T3602] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.236946][ T1713] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1 [ 33.237589][ T3602] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 33.279320][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.484216][ T3620] ======================================================= [ 33.484216][ T3620] WARNING: The mand mount option has been deprecated and [ 33.484216][ T3620] and is ignored by this kernel. Remove the mand [ 33.484216][ T3620] option from the mount to silence this warning. [ 33.484216][ T3620] ======================================================= [ 33.574142][ T3622] SELinux: Context Ü is not valid (left unmapped). [ 33.670622][ T3634] netlink: 12 bytes leftover after parsing attributes in process `syz.1.75'. [ 33.682901][ T3635] $Hÿ: renamed from bond0 (while UP) [ 33.723676][ T3635] $Hÿ: entered promiscuous mode [ 33.728908][ T3635] bond_slave_0: entered promiscuous mode [ 33.734918][ T3635] bond_slave_1: entered promiscuous mode [ 33.862011][ T3668] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 34.018633][ T3690] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 34.020267][ T3688] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 34.131142][ T3701] capability: warning: `syz.4.102' uses deprecated v2 capabilities in a way that may be insecure [ 34.198682][ T3706] loop4: detected capacity change from 0 to 512 [ 34.205679][ T3706] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 34.222634][ T3710] netlink: 24 bytes leftover after parsing attributes in process `syz.0.105'. [ 34.232536][ T3710] netlink: 4 bytes leftover after parsing attributes in process `syz.0.105'. [ 34.233022][ T3706] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 34.256230][ T3706] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 34.276667][ T3706] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 34.285372][ T3710] team0: Port device team_slave_1 removed [ 34.297764][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.444594][ T3727] SELinux: failed to load policy [ 34.510588][ T3741] netlink: 4 bytes leftover after parsing attributes in process `syz.4.120'. [ 34.520455][ T3741] netlink: 4 bytes leftover after parsing attributes in process `syz.4.120'. [ 34.548358][ T3743] loop4: detected capacity change from 0 to 128 [ 34.566754][ T3743] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 34.579746][ T3743] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 34.603691][ T3313] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 34.644550][ T3750] netlink: 24 bytes leftover after parsing attributes in process `syz.4.124'. [ 34.756728][ T3766] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3766 comm=syz.4.127 [ 34.785375][ T3770] netlink: 12 bytes leftover after parsing attributes in process `syz.2.133'. [ 34.828312][ T3778] netlink: 8 bytes leftover after parsing attributes in process `syz.2.136'. [ 34.864627][ T3781] ALSA: seq fatal error: cannot create timer (-19) [ 34.896809][ T3788] pimreg: entered allmulticast mode [ 34.904451][ T3788] pimreg: left allmulticast mode [ 35.009003][ T3800] -1: renamed from syzkaller0 [ 35.037798][ T3805] pimreg: entered allmulticast mode [ 35.045377][ T3805] pimreg: left allmulticast mode [ 35.085341][ T3809] random: crng reseeded on system resumption [ 35.206391][ T29] kauditd_printk_skb: 147 callbacks suppressed [ 35.206408][ T29] audit: type=1400 audit(1746753456.888:249): avc: denied { mount } for pid=3815 comm="syz.0.154" name="/" dev="ramfs" ino=6236 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 35.259268][ T29] audit: type=1400 audit(1746753456.938:250): avc: denied { mount } for pid=3820 comm="syz.4.156" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 35.317931][ T3819] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 35.335606][ T29] audit: type=1326 audit(1746753457.018:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3828 comm="syz.4.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 35.341398][ T3819] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 35.382672][ T29] audit: type=1326 audit(1746753457.018:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3828 comm="syz.4.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 35.406114][ T29] audit: type=1326 audit(1746753457.018:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3828 comm="syz.4.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 35.429510][ T29] audit: type=1326 audit(1746753457.018:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3828 comm="syz.4.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 35.453068][ T29] audit: type=1326 audit(1746753457.018:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3828 comm="syz.4.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 35.476608][ T29] audit: type=1326 audit(1746753457.018:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3828 comm="syz.4.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 35.499874][ T29] audit: type=1326 audit(1746753457.018:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3828 comm="syz.4.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 35.523414][ T29] audit: type=1326 audit(1746753457.018:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3828 comm="syz.4.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 35.622875][ T3839] netlink: 'syz.1.164': attribute type 4 has an invalid length. [ 35.633823][ T3836] syz.4.163 (3836) used greatest stack depth: 9552 bytes left [ 35.657923][ T3845] loop1: detected capacity change from 0 to 256 [ 36.024484][ C1] vcan0: j1939_tp_rxtimer: 0xffff88811987d000: rx timeout, send abort [ 36.032863][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811987d000: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 36.215190][ T3866] hsr_slave_1 (unregistering): left promiscuous mode [ 36.369584][ T3878] tipc: Started in network mode [ 36.374816][ T3878] tipc: Node identity 7ae7dd615dfe, cluster identity 4711 [ 36.382403][ T3878] tipc: Enabled bearer , priority 0 [ 36.426637][ T3878] tipc: Disabling bearer [ 36.511581][ T3886] loop2: detected capacity change from 0 to 2048 [ 36.558790][ T3886] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 36.732642][ T3886] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 1 with max blocks 1 with error 28 [ 36.744896][ T3886] EXT4-fs (loop2): This should not happen!! Data will be lost [ 36.744896][ T3886] [ 36.754704][ T3886] EXT4-fs (loop2): Total free blocks count 0 [ 36.760925][ T3886] EXT4-fs (loop2): Free/Dirty block details [ 36.767024][ T3886] EXT4-fs (loop2): free_blocks=0 [ 36.772047][ T3886] EXT4-fs (loop2): dirty_blocks=0 [ 36.777117][ T3886] EXT4-fs (loop2): Block reservation details [ 36.783122][ T3886] EXT4-fs (loop2): i_reserved_data_blocks=0 [ 36.863092][ T3910] loop0: detected capacity change from 0 to 512 [ 36.896746][ T3910] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 36.897285][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.923848][ T3910] EXT4-fs (loop0): 1 truncate cleaned up [ 36.931311][ T3910] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 36.954344][ T3913] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 36.962287][ T3913] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 36.976984][ T3913] vhci_hcd: default hub control req: 6314 v0008 i0002 l0 [ 37.009761][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.032162][ T3915] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 37.057157][ T3917] vhci_hcd: invalid port number 96 [ 37.062318][ T3917] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 37.071887][ T3919] Invalid ELF header magic: != ELF [ 37.269511][ T3927] netlink: 'syz.2.211': attribute type 4 has an invalid length. [ 37.580101][ T3963] Zero length message leads to an empty skb [ 37.623562][ T3967] syz.0.217 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 37.801018][ T3980] netlink: 'syz.4.223': attribute type 13 has an invalid length. [ 37.864018][ T3980] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.871332][ T3980] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.920608][ T3980] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 37.931247][ T3980] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 37.965155][ T3980] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 37.974415][ T3980] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 37.983618][ T3980] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 37.992582][ T3980] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.006281][ T3982] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 38.040835][ T3990] loop2: detected capacity change from 0 to 128 [ 38.095212][ T3992] syzkaller0: entered promiscuous mode [ 38.100835][ T3992] syzkaller0: entered allmulticast mode [ 38.276953][ T4014] smc: net device bond0 applied user defined pnetid SYZ2 [ 38.284417][ T4014] smc: net device bond0 erased user defined pnetid SYZ2 [ 38.349297][ T4020] netlink: 'syz.4.242': attribute type 21 has an invalid length. [ 38.444671][ T4031] loop0: detected capacity change from 0 to 512 [ 38.479164][ T4031] EXT4-fs (loop0): 1 orphan inode deleted [ 38.495605][ T4031] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.508420][ T1713] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1 [ 38.522495][ T4031] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 38.612329][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.687976][ T4050] __nla_validate_parse: 7 callbacks suppressed [ 38.687996][ T4050] netlink: 191080 bytes leftover after parsing attributes in process `wg1'. [ 38.707134][ T4050] netlink: zone id is out of range [ 38.712410][ T4050] netlink: zone id is out of range [ 38.718963][ T4050] netlink: zone id is out of range [ 38.724123][ T4050] netlink: zone id is out of range [ 38.729356][ T4050] netlink: zone id is out of range [ 38.734515][ T4050] netlink: zone id is out of range [ 38.739700][ T4050] netlink: zone id is out of range [ 38.744818][ T4050] netlink: zone id is out of range [ 38.749957][ T4050] netlink: zone id is out of range [ 38.918250][ T4072] netlink: 24 bytes leftover after parsing attributes in process `syz.0.265'. [ 38.943735][ T4074] loop4: detected capacity change from 0 to 1024 [ 38.978197][ T4079] syz.3.267 uses obsolete (PF_INET,SOCK_PACKET) [ 38.986902][ T4074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 38.993844][ T4079] syzkaller1: entered promiscuous mode [ 39.004656][ T4079] syzkaller1: entered allmulticast mode [ 39.021741][ T4074] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 39.317260][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.476299][ T4157] netlink: 64 bytes leftover after parsing attributes in process `syz.4.285'. [ 39.670397][ T4181] loop2: detected capacity change from 0 to 512 [ 39.677238][ T4181] EXT4-fs: Ignoring removed orlov option [ 39.687004][ T4181] EXT4-fs: inline encryption not supported [ 39.702721][ T4181] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.288: corrupted in-inode xattr: invalid ea_ino [ 39.726247][ T4181] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.288: couldn't read orphan inode 15 (err -117) [ 39.746246][ T4181] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.784829][ T4181] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.288: bg 0: block 411: padding at end of block bitmap is not set [ 39.798221][ T4187] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 39.807007][ T4187] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 39.810140][ T4181] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 39.831709][ T4181] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.288: invalid indirect mapped block 234881024 (level 0) [ 39.862664][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.088532][ T4222] netlink: 8 bytes leftover after parsing attributes in process `syz.4.307'. [ 40.121350][ T4226] loop0: detected capacity change from 0 to 1024 [ 40.128472][ T4226] EXT4-fs: Ignoring removed bh option [ 40.161514][ T4226] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 40.249209][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.288120][ T4242] loop0: detected capacity change from 0 to 256 [ 40.296159][ T4242] FAT-fs (loop0): bogus number of directory entries (17407) [ 40.303507][ T4242] FAT-fs (loop0): Can't find a valid FAT filesystem [ 40.408862][ T29] kauditd_printk_skb: 185 callbacks suppressed [ 40.408876][ T29] audit: type=1326 audit(1746753462.088:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.4.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 40.453121][ T29] audit: type=1326 audit(1746753462.088:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.4.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 40.476597][ T29] audit: type=1326 audit(1746753462.118:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.4.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 40.500163][ T29] audit: type=1326 audit(1746753462.118:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.4.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 40.523526][ T29] audit: type=1326 audit(1746753462.118:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.4.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 40.546913][ T29] audit: type=1326 audit(1746753462.118:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.4.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 40.570191][ T29] audit: type=1326 audit(1746753462.118:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.4.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 40.593562][ T29] audit: type=1326 audit(1746753462.118:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.4.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 40.616830][ T29] audit: type=1326 audit(1746753462.118:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.4.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 40.640273][ T29] audit: type=1326 audit(1746753462.118:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.4.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 40.821262][ T4267] tipc: New replicast peer: 255.255.255.255 [ 40.827659][ T4267] tipc: Enabled bearer , priority 10 [ 40.864875][ T4271] IPv6: NLM_F_CREATE should be specified when creating new route [ 41.037893][ T4291] loop2: detected capacity change from 0 to 1024 [ 41.054802][ T4291] EXT4-fs: Ignoring removed orlov option [ 41.072656][ T4291] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.152186][ T4302] loop3: detected capacity change from 0 to 8192 [ 41.210170][ T4313] 9pnet_fd: Insufficient options for proto=fd [ 41.218201][ T4302] loop3: p1 p2 p3 p4 [ 41.223281][ T4302] loop3: p2 size 16711680 extends beyond EOD, truncated [ 41.294164][ T4302] loop3: p3 start 4294967295 is beyond EOD, truncated [ 41.489152][ T4338] netlink: 'syz.4.342': attribute type 4 has an invalid length. [ 41.508119][ T4338] netlink: 'syz.4.342': attribute type 4 has an invalid length. [ 41.821779][ T4368] netlink: 8 bytes leftover after parsing attributes in process `syz.1.349'. [ 41.874696][ T4372] netlink: 4 bytes leftover after parsing attributes in process `syz.4.352'. [ 41.895034][ T4372] netlink: 12 bytes leftover after parsing attributes in process `syz.4.352'. [ 41.945614][ T3389] tipc: Node number set to 656006497 [ 41.957693][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.970282][ T4383] netlink: 'syz.0.356': attribute type 4 has an invalid length. [ 42.008001][ T4386] bridge0: entered promiscuous mode [ 42.013442][ T4381] ALSA: seq fatal error: cannot create timer (-19) [ 42.030149][ T4383] netlink: 'syz.0.356': attribute type 4 has an invalid length. [ 42.038004][ T4386] macvlan2: entered promiscuous mode [ 42.044326][ T4386] bridge0: port 3(macvlan2) entered blocking state [ 42.050964][ T4386] bridge0: port 3(macvlan2) entered disabled state [ 42.061386][ T4386] macvlan2: entered allmulticast mode [ 42.066963][ T4386] bridge0: entered allmulticast mode [ 42.072873][ T4386] macvlan2: left allmulticast mode [ 42.078187][ T4386] bridge0: left allmulticast mode [ 42.083914][ T4386] bridge0: left promiscuous mode [ 42.585287][ T4457] netlink: 96 bytes leftover after parsing attributes in process `syz.3.369'. [ 42.600408][ T4456] loop2: detected capacity change from 0 to 2048 [ 42.628547][ T4456] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 42.678308][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.909614][ T36] kernel write not supported for file /123/attr/sockcreate (pid: 36 comm: kworker/1:1) [ 43.041449][ T4497] vhci_hcd: default hub control req: 800f v0000 i0000 l31125 [ 43.156995][ T4510] tipc: Started in network mode [ 43.161927][ T4510] tipc: Node identity 4e354a1bc1a2, cluster identity 4711 [ 43.169308][ T4510] tipc: Enabled bearer , priority 0 [ 43.187854][ T4510] tipc: Disabling bearer [ 43.242633][ T4524] bridge0: entered promiscuous mode [ 43.249472][ T4524] macvlan2: entered promiscuous mode [ 43.267515][ T4524] bridge0: port 3(macvlan2) entered blocking state [ 43.274112][ T4524] bridge0: port 3(macvlan2) entered disabled state [ 43.301342][ T4524] macvlan2: entered allmulticast mode [ 43.306965][ T4524] bridge0: entered allmulticast mode [ 43.314972][ T4524] macvlan2: left allmulticast mode [ 43.320271][ T4524] bridge0: left allmulticast mode [ 43.338091][ T4524] bridge0: left promiscuous mode [ 43.507352][ T36] kernel write not supported for file /117/attr/sockcreate (pid: 36 comm: kworker/1:1) [ 43.548977][ T4561] netlink: 24 bytes leftover after parsing attributes in process `syz.4.396'. [ 43.576782][ T4552] Falling back ldisc for ttyS3. [ 43.619987][ T4567] loop1: detected capacity change from 0 to 512 [ 43.659558][ T4567] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 43.678614][ T4567] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 43.701849][ T4567] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #2: comm syz.1.398: corrupted inode contents [ 43.714184][ T4577] serio: Serial port ptm0 [ 43.718938][ T4567] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #2: comm syz.1.398: mark_inode_dirty error [ 43.736824][ T4567] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #2: comm syz.1.398: corrupted inode contents [ 43.755300][ T4567] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #2: comm syz.1.398: mark_inode_dirty error [ 43.787905][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.885034][ T4598] bridge0: entered promiscuous mode [ 43.890763][ T4598] macvlan2: entered promiscuous mode [ 43.898907][ T4598] bridge0: port 3(macvlan2) entered blocking state [ 43.905588][ T4598] bridge0: port 3(macvlan2) entered disabled state [ 43.912470][ T4598] macvlan2: entered allmulticast mode [ 43.917925][ T4598] bridge0: entered allmulticast mode [ 43.946002][ T4598] macvlan2: left allmulticast mode [ 43.951224][ T4598] bridge0: left allmulticast mode [ 43.981089][ T4598] bridge0: left promiscuous mode [ 44.189161][ T2969] kernel write not supported for file /231/attr/sockcreate (pid: 2969 comm: kworker/0:2) [ 44.391018][ T2969] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 44.404178][ T4641] loop1: detected capacity change from 0 to 1024 [ 44.416710][ T2969] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 44.440731][ T4641] EXT4-fs: Ignoring removed nomblk_io_submit option [ 44.450770][ T4641] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 44.471783][ T4641] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.486575][ T4650] loop3: detected capacity change from 0 to 128 [ 44.492588][ T4651] netlink: 2048 bytes leftover after parsing attributes in process `syz.2.419'. [ 44.502097][ T4651] netlink: 4 bytes leftover after parsing attributes in process `syz.2.419'. [ 44.530788][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.567808][ T4654] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 44.575789][ T4654] FAT-fs (loop3): Filesystem has been set read-only [ 44.582558][ T4654] syz.3.422: attempt to access beyond end of device [ 44.582558][ T4654] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 44.596771][ T4650] syz.3.422: attempt to access beyond end of device [ 44.596771][ T4650] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 44.597579][ T4654] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 44.615486][ T4650] syz.3.422: attempt to access beyond end of device [ 44.615486][ T4650] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 44.617837][ T4654] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 44.642774][ T4654] syz.3.422: attempt to access beyond end of device [ 44.642774][ T4654] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 44.656163][ T4654] syz.3.422: attempt to access beyond end of device [ 44.656163][ T4654] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 44.669516][ T4650] syz.3.422: attempt to access beyond end of device [ 44.669516][ T4650] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 44.682925][ T4654] syz.3.422: attempt to access beyond end of device [ 44.682925][ T4654] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 44.696213][ T4650] syz.3.422: attempt to access beyond end of device [ 44.696213][ T4650] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 44.719740][ T4654] syz.3.422: attempt to access beyond end of device [ 44.719740][ T4654] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 44.765353][ T36] kernel write not supported for file /228/attr/sockcreate (pid: 36 comm: kworker/1:1) [ 45.276076][ T4739] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 45.369240][ T4751] macvlan2: entered promiscuous mode [ 45.374673][ T4751] bridge0: entered promiscuous mode [ 45.415610][ T4751] bridge0: port 3(macvlan2) entered blocking state [ 45.422223][ T4751] bridge0: port 3(macvlan2) entered disabled state [ 45.447376][ T4751] macvlan2: entered allmulticast mode [ 45.452820][ T4751] bridge0: entered allmulticast mode [ 45.476841][ T4751] macvlan2: left allmulticast mode [ 45.482105][ T4751] bridge0: left allmulticast mode [ 45.505544][ T4751] bridge0: left promiscuous mode [ 45.706481][ T4777] netlink: 'syz.0.436': attribute type 21 has an invalid length. [ 45.822876][ T29] kauditd_printk_skb: 268 callbacks suppressed [ 45.822892][ T29] audit: type=1400 audit(1746753467.498:721): avc: denied { kexec_image_load } for pid=4780 comm="syz.4.440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1 [ 45.884774][ T29] audit: type=1400 audit(1746753467.558:722): avc: denied { execute } for pid=4786 comm="syz.0.443" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=8364 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 46.019607][ T29] audit: type=1400 audit(1746753467.688:723): avc: denied { ioctl } for pid=4788 comm="syz.2.444" path="socket:[7586]" dev="sockfs" ino=7586 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 46.058658][ T4797] SELinux: syz.1.446 (4797) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 46.073304][ T29] audit: type=1400 audit(1746753467.748:724): avc: denied { allowed } for pid=4792 comm="syz.0.447" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 46.117547][ T4799] netlink: 24 bytes leftover after parsing attributes in process `syz.4.449'. [ 46.151023][ T29] audit: type=1326 audit(1746753467.828:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4801 comm="syz.1.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 46.194773][ T29] audit: type=1326 audit(1746753467.868:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4801 comm="syz.1.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 46.243993][ T29] audit: type=1326 audit(1746753467.898:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4801 comm="syz.1.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 46.267468][ T29] audit: type=1326 audit(1746753467.898:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4801 comm="syz.1.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 46.290769][ T29] audit: type=1326 audit(1746753467.898:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4801 comm="syz.1.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 46.314290][ T29] audit: type=1326 audit(1746753467.898:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4801 comm="syz.1.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 46.346657][ T4790] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 46.359755][ T4790] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 47.004625][ T3388] kernel write not supported for file /207/attr/sockcreate (pid: 3388 comm: kworker/0:3) [ 47.163627][ T4852] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 47.243032][ T4864] bridge_slave_0: left allmulticast mode [ 47.248832][ T4864] bridge_slave_0: left promiscuous mode [ 47.254574][ T4864] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.276629][ T4864] bridge_slave_1: left allmulticast mode [ 47.278119][ T4863] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 47.282344][ T4864] bridge_slave_1: left promiscuous mode [ 47.282576][ T4864] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.310701][ T4863] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 47.326476][ T4864] bond0: (slave bond_slave_0): Releasing backup interface [ 47.340182][ T4864] bond0: (slave bond_slave_1): Releasing backup interface [ 47.359113][ T4864] team0: Port device team_slave_0 removed [ 47.394113][ T4864] team0: Port device team_slave_1 removed [ 47.418379][ T4864] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 47.448551][ T4864] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 47.683633][ T23] kernel write not supported for file /219/attr/sockcreate (pid: 23 comm: kworker/1:0) [ 47.696535][ T4910] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 47.769818][ T4918] mmap: syz.0.479 (4918) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 47.939719][ T4931] bridge_slave_0: left allmulticast mode [ 47.945626][ T4931] bridge_slave_0: left promiscuous mode [ 47.951375][ T4931] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.007411][ T4931] bridge_slave_1: left allmulticast mode [ 48.013163][ T4931] bridge_slave_1: left promiscuous mode [ 48.019139][ T4931] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.044908][ T4931] bond0: (slave bond_slave_0): Releasing backup interface [ 48.056970][ T4931] bond0: (slave bond_slave_1): Releasing backup interface [ 48.087174][ T4931] team0: Port device team_slave_0 removed [ 48.094055][ T4931] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 48.101707][ T4931] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 48.112676][ T4931] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 48.120306][ T4931] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 48.215889][ T23] kernel write not supported for file /259/attr/sockcreate (pid: 23 comm: kworker/1:0) [ 48.490954][ T4994] $Hÿ: renamed from bond0 [ 48.498432][ T4994] $Hÿ: entered promiscuous mode [ 48.579751][ T5004] netlink: 8 bytes leftover after parsing attributes in process `syz.2.504'. [ 48.764360][ T5012] bridge_slave_0: left allmulticast mode [ 48.770294][ T5012] bridge_slave_0: left promiscuous mode [ 48.776114][ T5012] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.786564][ T5012] bridge_slave_1: left allmulticast mode [ 48.792457][ T5012] bridge_slave_1: left promiscuous mode [ 48.798319][ T5012] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.810164][ T5012] bond0: (slave bond_slave_0): Releasing backup interface [ 48.832360][ T5012] bond0: (slave bond_slave_1): Releasing backup interface [ 48.849228][ T5012] team0: Port device team_slave_0 removed [ 48.888552][ T5012] team0: Port device team_slave_1 removed [ 48.905075][ T5012] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 48.912587][ T5012] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 48.937251][ T5012] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 48.944826][ T5012] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 49.013328][ T5029] vhci_hcd: default hub control req: 800f v0000 i0000 l31125 [ 49.025157][ T5026] $Hÿ: renamed from bond0 (while UP) [ 49.034092][ T5026] $Hÿ: entered promiscuous mode [ 49.329104][ T5061] vhci_hcd: default hub control req: 800f v0000 i0000 l31125 [ 49.402826][ T5067] loop0: detected capacity change from 0 to 2048 [ 49.432880][ T5067] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.538496][ T5067] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 1 with max blocks 1 with error 28 [ 49.550917][ T5067] EXT4-fs (loop0): This should not happen!! Data will be lost [ 49.550917][ T5067] [ 49.560659][ T5067] EXT4-fs (loop0): Total free blocks count 0 [ 49.566802][ T5067] EXT4-fs (loop0): Free/Dirty block details [ 49.572773][ T5067] EXT4-fs (loop0): free_blocks=0 [ 49.577782][ T5067] EXT4-fs (loop0): dirty_blocks=0 [ 49.582828][ T5067] EXT4-fs (loop0): Block reservation details [ 49.588887][ T5067] EXT4-fs (loop0): i_reserved_data_blocks=0 [ 49.679356][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.702755][ T5079] netlink: 24 bytes leftover after parsing attributes in process `syz.2.538'. [ 49.743015][ T5081] bridge_slave_0: left allmulticast mode [ 49.748882][ T5081] bridge_slave_0: left promiscuous mode [ 49.754566][ T5081] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.763717][ T5081] bridge_slave_1: left allmulticast mode [ 49.769543][ T5081] bridge_slave_1: left promiscuous mode [ 49.775334][ T5081] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.799451][ T5081] $Hÿ: (slave bond_slave_0): Releasing backup interface [ 49.809483][ T5089] loop2: detected capacity change from 0 to 512 [ 49.811253][ T5081] bond_slave_0: left promiscuous mode [ 49.816872][ T5089] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 49.831905][ T5081] $Hÿ: (slave bond_slave_1): Releasing backup interface [ 49.848318][ T5089] EXT4-fs (loop2): 1 truncate cleaned up [ 49.856053][ T5089] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.857564][ T5081] bond_slave_1: left promiscuous mode [ 49.878307][ T5095] serio: Serial port ptm0 [ 49.887466][ T5081] team0: Port device team_slave_0 removed [ 49.898924][ T5081] team0: Port device team_slave_1 removed [ 49.906174][ T5081] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 49.913633][ T5081] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 49.922187][ T5081] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 49.929705][ T5081] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 49.986564][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.999395][ T5091] syzkaller0: entered promiscuous mode [ 50.004926][ T5091] syzkaller0: entered allmulticast mode [ 50.088851][ T5111] loop3: detected capacity change from 0 to 256 [ 50.186591][ T5121] SELinux: failed to load policy [ 50.225005][ T5126] net_ratelimit: 27 callbacks suppressed [ 50.225020][ T5126] openvswitch: netlink: Message has 6 unknown bytes. [ 50.288106][ T5136] netlink: 24 bytes leftover after parsing attributes in process `syz.0.559'. [ 50.365105][ T5139] tipc: Started in network mode [ 50.370123][ T5139] tipc: Node identity 4, cluster identity 4711 [ 50.376410][ T5139] tipc: Node number set to 4 [ 50.441726][ T5146] syzkaller0: entered promiscuous mode [ 50.447305][ T5146] syzkaller0: entered allmulticast mode [ 50.472205][ T5149] netlink: 4 bytes leftover after parsing attributes in process `syz.3.565'. [ 50.484651][ T5149] loop3: detected capacity change from 0 to 512 [ 50.492573][ T5149] EXT4-fs: Ignoring removed orlov option [ 50.499331][ T5149] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 50.518796][ T5149] EXT4-fs (loop3): orphan cleanup on readonly fs [ 50.525812][ T5149] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.565: bg 0: block 248: padding at end of block bitmap is not set [ 50.540402][ T5149] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.565: Failed to acquire dquot type 1 [ 50.553363][ T5149] EXT4-fs (loop3): 1 truncate cleaned up [ 50.560126][ T5149] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 50.576913][ T5149] EXT4-fs: Ignoring removed orlov option [ 50.582749][ T5149] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 50.596766][ T5149] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 50.627201][ T5149] EXT4-fs error (device loop3): __ext4_remount:6738: comm syz.3.565: Abort forced by user [ 50.642964][ T5149] EXT4-fs (loop3): Remounting filesystem read-only [ 50.649687][ T5149] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 50.650047][ T5149] ext4 filesystem being remounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 50.694641][ T5149] syz.3.565 (5149) used greatest stack depth: 9360 bytes left [ 50.703436][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.729287][ T5162] loop0: detected capacity change from 0 to 128 [ 50.768850][ T37] kworker/u8:2: attempt to access beyond end of device [ 50.768850][ T37] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 50.820851][ T5175] atomic_op ffff888120b72928 conn xmit_atomic 0000000000000000 [ 50.868500][ T5181] SELinux: security_context_str_to_sid (aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.) failed with errno=-22 [ 50.980878][ T29] kauditd_printk_skb: 79 callbacks suppressed [ 50.980895][ T29] audit: type=1400 audit(1746753472.658:808): avc: denied { ioctl } for pid=5194 comm="syz.3.586" path="socket:[8103]" dev="sockfs" ino=8103 ioctlcmd=0x89f0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 51.056464][ T29] audit: type=1400 audit(1746753472.738:809): avc: denied { mount } for pid=5202 comm="syz.1.590" name="/" dev="configfs" ino=927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 51.079245][ T29] audit: type=1400 audit(1746753472.738:810): avc: denied { search } for pid=5202 comm="syz.1.590" name="/" dev="configfs" ino=927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 51.101265][ T29] audit: type=1400 audit(1746753472.738:811): avc: denied { mounton } for pid=5202 comm="syz.1.590" path="/" dev="configfs" ino=927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 51.135363][ T29] audit: type=1400 audit(1746753472.808:812): avc: denied { unmount } for pid=3321 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 51.205592][ T29] audit: type=1400 audit(1746753472.878:813): avc: denied { bind } for pid=5211 comm="syz.0.594" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 51.262261][ T29] audit: type=1400 audit(1746753472.938:814): avc: denied { read } for pid=5222 comm="syz.3.599" name="/" dev="configfs" ino=927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 51.284124][ T29] audit: type=1400 audit(1746753472.938:815): avc: denied { open } for pid=5222 comm="syz.3.599" path="/" dev="configfs" ino=927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 51.315284][ T29] audit: type=1400 audit(1746753472.988:816): avc: denied { watch watch_reads } for pid=5222 comm="syz.3.599" path="/" dev="configfs" ino=927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 51.464989][ T5236] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.484304][ T29] audit: type=1400 audit(1746753473.158:817): avc: denied { execute_no_trans } for pid=5239 comm="syz.3.606" path="/92/file0" dev="tmpfs" ino=494 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 51.548502][ T5236] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.570454][ T5247] loop3: detected capacity change from 0 to 2048 [ 51.597068][ T5247] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.655804][ T5236] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.682474][ T5260] vlan2: entered allmulticast mode [ 51.687738][ T5260] bridge_slave_0: entered allmulticast mode [ 51.733472][ T5247] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2 with max blocks 1 with error 28 [ 51.745852][ T5247] EXT4-fs (loop3): This should not happen!! Data will be lost [ 51.745852][ T5247] [ 51.755574][ T5247] EXT4-fs (loop3): Total free blocks count 0 [ 51.761578][ T5247] EXT4-fs (loop3): Free/Dirty block details [ 51.767605][ T5247] EXT4-fs (loop3): free_blocks=0 [ 51.772625][ T5247] EXT4-fs (loop3): dirty_blocks=0 [ 51.777719][ T5247] EXT4-fs (loop3): Block reservation details [ 51.783790][ T5247] EXT4-fs (loop3): i_reserved_data_blocks=0 [ 51.792375][ T5236] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.806829][ T5266] 9pnet_fd: Insufficient options for proto=fd [ 51.877052][ T5236] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.898692][ T5236] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.911591][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.914280][ T5236] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.934421][ T5236] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.950287][ T5279] SELinux: failed to load policy [ 51.993844][ T5281] syzkaller0: entered promiscuous mode [ 51.999574][ T5281] syzkaller0: entered allmulticast mode [ 52.034326][ T5284] SELinux: failed to load policy [ 52.123164][ T5293] ipvlan2: entered promiscuous mode [ 52.128481][ T5293] ipvlan2: entered allmulticast mode [ 52.133841][ T5293] macvlan0: entered allmulticast mode [ 52.139267][ T5293] veth1_vlan: entered allmulticast mode [ 52.200961][ T5299] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22 [ 52.209266][ T5299] netdevsim netdevsim3: Direct firmware load for . failed with error -22 [ 52.352677][ T5310] Driver unsupported XDP return value 0 on prog (id 532) dev N/A, expect packet loss! [ 52.389313][ T5314] $Hÿ: (slave vlan2): Opening slave failed [ 52.442297][ T5318] SELinux: failed to load policy [ 52.756731][ T5343] SELinux: failed to load policy [ 52.796183][ T5335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 52.805200][ T5335] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 52.819498][ T5350] xt_connbytes: Forcing CT accounting to be enabled [ 52.826367][ T5350] Cannot find add_set index 0 as target [ 52.884774][ T5360] netlink: 'syz.2.660': attribute type 11 has an invalid length. [ 52.894807][ T5360] netlink: 448 bytes leftover after parsing attributes in process `syz.2.660'. [ 52.905294][ T5362] loop1: detected capacity change from 0 to 128 [ 52.912314][ T5362] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 52.941596][ T5362] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 52.979656][ T12] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 53.297881][ T5377] SELinux: failed to load policy [ 53.418180][ T5392] ipvlan2: entered promiscuous mode [ 53.423872][ T5392] bridge0: port 1(ipvlan2) entered blocking state [ 53.430489][ T5392] bridge0: port 1(ipvlan2) entered disabled state [ 53.447731][ T5394] loop1: detected capacity change from 0 to 2048 [ 53.488319][ T5393] SELinux: failed to load policy [ 53.541329][ T5392] ipvlan2: entered allmulticast mode [ 53.541854][ T5394] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.546683][ T5392] bridge0: entered allmulticast mode [ 53.547178][ T5392] ipvlan2: left allmulticast mode [ 53.569201][ T5392] bridge0: left allmulticast mode [ 53.647747][ T5408] wireguard0: entered promiscuous mode [ 53.653274][ T5408] wireguard0: entered allmulticast mode [ 53.672391][ T5394] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 1 with max blocks 1 with error 28 [ 53.684797][ T5394] EXT4-fs (loop1): This should not happen!! Data will be lost [ 53.684797][ T5394] [ 53.694519][ T5394] EXT4-fs (loop1): Total free blocks count 0 [ 53.700560][ T5394] EXT4-fs (loop1): Free/Dirty block details [ 53.706573][ T5394] EXT4-fs (loop1): free_blocks=0 [ 53.711554][ T5394] EXT4-fs (loop1): dirty_blocks=0 [ 53.716666][ T5394] EXT4-fs (loop1): Block reservation details [ 53.722709][ T5394] EXT4-fs (loop1): i_reserved_data_blocks=0 [ 53.798338][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.840198][ T5427] netlink: 96 bytes leftover after parsing attributes in process `syz.1.688'. [ 53.900126][ T5429] SELinux: failed to load policy [ 53.987343][ T5447] loop1: detected capacity change from 0 to 2048 [ 54.021972][ T5447] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 54.120934][ T5447] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 1 with max blocks 1 with error 28 [ 54.133286][ T5447] EXT4-fs (loop1): This should not happen!! Data will be lost [ 54.133286][ T5447] [ 54.142978][ T5447] EXT4-fs (loop1): Total free blocks count 0 [ 54.149047][ T5447] EXT4-fs (loop1): Free/Dirty block details [ 54.155038][ T5447] EXT4-fs (loop1): free_blocks=0 [ 54.160042][ T5447] EXT4-fs (loop1): dirty_blocks=0 [ 54.165168][ T5447] EXT4-fs (loop1): Block reservation details [ 54.171190][ T5447] EXT4-fs (loop1): i_reserved_data_blocks=0 [ 54.205998][ T5463] SELinux: failed to load policy [ 54.226313][ T5469] loop0: detected capacity change from 0 to 512 [ 54.233167][ T5469] EXT4-fs: Ignoring removed nomblk_io_submit option [ 54.240477][ T5469] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 54.265334][ T5469] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 54.284070][ T5469] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 54.304508][ T5469] EXT4-fs (loop0): 1 truncate cleaned up [ 54.313090][ T5469] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 54.341002][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.350679][ T5479] netlink: 12 bytes leftover after parsing attributes in process `syz.2.711'. [ 54.391024][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.467968][ T5488] netlink: 8 bytes leftover after parsing attributes in process `syz.4.716'. [ 54.516730][ T5500] netlink: 4 bytes leftover after parsing attributes in process `syz.2.719'. [ 54.544003][ T5506] loop0: detected capacity change from 0 to 256 [ 54.559985][ T5497] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 54.569440][ T2969] IPVS: starting estimator thread 0... [ 54.633005][ T5515] loop4: detected capacity change from 0 to 2048 [ 54.649354][ T5515] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 54.673456][ T5511] IPVS: using max 2304 ests per chain, 115200 per kthread [ 54.726160][ T5525] loop3: detected capacity change from 0 to 256 [ 54.775667][ T5515] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2 with max blocks 1 with error 28 [ 54.787965][ T5515] EXT4-fs (loop4): This should not happen!! Data will be lost [ 54.787965][ T5515] [ 54.797765][ T5515] EXT4-fs (loop4): Total free blocks count 0 [ 54.803766][ T5515] EXT4-fs (loop4): Free/Dirty block details [ 54.809689][ T5515] EXT4-fs (loop4): free_blocks=0 [ 54.814635][ T5515] EXT4-fs (loop4): dirty_blocks=0 [ 54.819699][ T5515] EXT4-fs (loop4): Block reservation details [ 54.825714][ T5515] EXT4-fs (loop4): i_reserved_data_blocks=0 [ 54.919065][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.091530][ T5560] loop4: detected capacity change from 0 to 512 [ 55.120431][ T5560] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.144476][ T5560] ext4 filesystem being mounted at /170/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 55.237711][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.083110][ T29] kauditd_printk_skb: 104 callbacks suppressed [ 56.083128][ T29] audit: type=1326 audit(1746753477.758:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 56.121798][ T29] audit: type=1326 audit(1746753477.788:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 56.133603][ T5629] loop3: detected capacity change from 0 to 512 [ 56.145181][ T29] audit: type=1326 audit(1746753477.788:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 56.174674][ T29] audit: type=1326 audit(1746753477.798:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 56.197998][ T29] audit: type=1326 audit(1746753477.798:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 56.221274][ T29] audit: type=1326 audit(1746753477.798:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 56.244664][ T29] audit: type=1326 audit(1746753477.798:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 56.267935][ T29] audit: type=1326 audit(1746753477.798:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 56.291365][ T29] audit: type=1326 audit(1746753477.798:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 56.295958][ T5629] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 56.314657][ T29] audit: type=1326 audit(1746753477.798:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5626 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fa7c94fe969 code=0x7ffc0000 [ 56.354699][ T5627] loop1: detected capacity change from 0 to 8192 [ 56.366849][ T5629] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended [ 56.383226][ T5629] EXT4-fs error (device loop3): ext4_orphan_get:1391: comm syz.3.772: inode #15: comm syz.3.772: iget: illegal inode # [ 56.410216][ T5629] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.772: couldn't read orphan inode 15 (err -117) [ 56.430743][ T5634] loop4: detected capacity change from 0 to 128 [ 56.459656][ T5634] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 56.485108][ T5629] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 56.509225][ T5634] ext4 filesystem being mounted at /173/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 56.608284][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.615916][ T5641] 9pnet: p9_errstr2errno: server reported unknown error &ëŸjâáë=‹ùÆ«&B [ 56.637676][ T3313] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 56.769176][ T5664] loop2: detected capacity change from 0 to 512 [ 56.781890][ T5664] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 56.808277][ T5664] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 56.850768][ T5664] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 56.878746][ T5664] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 56.934622][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.962637][ T5694] loop0: detected capacity change from 0 to 512 [ 56.971758][ T5693] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 56.983106][ T5694] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 57.000976][ T5694] EXT4-fs (loop0): 1 truncate cleaned up [ 57.007545][ T5694] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 57.022645][ T5697] netlink: 4 bytes leftover after parsing attributes in process `syz.2.794'. [ 57.030749][ T5694] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.047826][ T5697] hsr_slave_1 (unregistering): left promiscuous mode [ 57.133664][ T5700] loop4: detected capacity change from 0 to 2048 [ 57.137922][ T5707] loop1: detected capacity change from 0 to 128 [ 57.151687][ T5707] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 57.165117][ T5707] ext4 filesystem being mounted at /136/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 57.203066][ T5700] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 57.236439][ T3321] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 57.247151][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.256715][ T5716] netlink: 4 bytes leftover after parsing attributes in process `syz.0.809'. [ 57.273988][ T5716] netlink: 4 bytes leftover after parsing attributes in process `syz.0.809'. [ 57.303045][ T5724] loop2: detected capacity change from 0 to 256 [ 57.439441][ T5732] netlink: 8 bytes leftover after parsing attributes in process `syz.0.816'. [ 57.449378][ T5732] netlink: 8 bytes leftover after parsing attributes in process `syz.0.816'. [ 57.470016][ T5732] netlink: 8 bytes leftover after parsing attributes in process `syz.0.816'. [ 57.479447][ T5732] netlink: 8 bytes leftover after parsing attributes in process `syz.0.816'. [ 57.583301][ T5738] SELinux: failed to load policy [ 57.677629][ T5764] netlink: 24 bytes leftover after parsing attributes in process `syz.1.827'. [ 57.708666][ T5766] can0: slcan on ttyS3. [ 57.721774][ T5770] netlink: 'syz.0.833': attribute type 4 has an invalid length. [ 57.745746][ T5766] can0 (unregistered): slcan off ttyS3. [ 57.755184][ T5766] can0: slcan on ttyS3. [ 57.825763][ T5765] can0 (unregistered): slcan off ttyS3. [ 57.911863][ T5787] loop4: detected capacity change from 0 to 1024 [ 57.921014][ T5787] EXT4-fs: Ignoring removed bh option [ 57.929960][ T5787] EXT4-fs: inline encryption not supported [ 57.935973][ T5787] EXT4-fs: Ignoring removed i_version option [ 57.949905][ T5787] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 57.973958][ T5802] netlink: 191080 bytes leftover after parsing attributes in process `wg1'. [ 57.983287][ T5787] EXT4-fs error (device loop4): ext4_map_blocks:709: inode #3: block 1: comm syz.4.843: lblock 1 mapped to illegal pblock 1 (length 1) [ 57.985501][ T5802] netlink: zone id is out of range [ 58.004804][ T5802] netlink: zone id is out of range [ 58.012454][ T5787] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.843: Failed to acquire dquot type 0 [ 58.023784][ T5802] netlink: zone id is out of range [ 58.029020][ T5802] netlink: zone id is out of range [ 58.034250][ T5802] netlink: zone id is out of range [ 58.039515][ T5802] netlink: zone id is out of range [ 58.044672][ T5802] netlink: zone id is out of range [ 58.046128][ T5787] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.843: Freeing blocks not in datazone - block = 0, count = 4096 [ 58.049926][ T5802] netlink: zone id is out of range [ 58.068278][ T5802] netlink: zone id is out of range [ 58.073444][ T5802] netlink: zone id is out of range [ 58.089167][ T5787] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.843: Invalid inode bitmap blk 0 in block_group 0 [ 58.105811][ T12] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 58.120979][ T5787] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem [ 58.139826][ T5787] EXT4-fs (loop4): 1 orphan inode deleted [ 58.148126][ T12] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:0: Failed to release dquot type 0 [ 58.156014][ T5787] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.186662][ T5787] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.273795][ T5814] netlink: 2040 bytes leftover after parsing attributes in process `syz.4.852'. [ 58.512858][ T5836] tipc: Enabled bearer , priority 0 [ 58.523936][ T5836] tipc: Disabling bearer [ 58.733089][ T5856] hub 4-0:1.0: USB hub found [ 58.740749][ T5856] hub 4-0:1.0: 8 ports detected [ 58.778042][ T5864] loop0: detected capacity change from 0 to 2048 [ 58.798341][ T5864] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 58.899776][ T5879] loop2: detected capacity change from 0 to 2048 [ 58.922656][ T5879] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 58.941342][ T5879] ext4 filesystem being mounted at /171/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 58.976866][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.048272][ T5893] SELinux: syz.0.885 (5893) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 59.088833][ T51] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 345: padding at end of block bitmap is not set [ 59.128355][ T51] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 169 with error 117 [ 59.140998][ T51] EXT4-fs (loop2): This should not happen!! Data will be lost [ 59.140998][ T51] [ 59.188703][ T51] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 185 with max blocks 2 with error 117 [ 59.201591][ T51] EXT4-fs (loop2): This should not happen!! Data will be lost [ 59.201591][ T51] [ 59.361787][ T5908] vhci_hcd: invalid port number 96 [ 59.366987][ T5908] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 59.761998][ T9] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 59.781359][ T5917] loop4: detected capacity change from 0 to 1024 [ 59.796783][ T9] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 59.825814][ T5917] EXT4-fs: Ignoring removed nomblk_io_submit option [ 59.860238][ T5917] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 59.886752][ T5917] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.911015][ T5921] SELinux: failed to load policy [ 59.961563][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.001298][ T5931] netlink: 'syz.3.905': attribute type 21 has an invalid length. [ 60.148059][ T5879] syz.2.882 (5879) used greatest stack depth: 7032 bytes left [ 60.170639][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.353048][ T5960] @: renamed from vlan0 (while UP) [ 60.460247][ T5971] loop1: detected capacity change from 0 to 2048 [ 60.491082][ T5973] loop3: detected capacity change from 0 to 128 [ 60.531088][ T5973] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 60.531138][ T5971] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 60.562518][ T5973] ext4 filesystem being mounted at /158/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 60.662381][ T5971] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 1 with max blocks 1 with error 28 [ 60.674806][ T5971] EXT4-fs (loop1): This should not happen!! Data will be lost [ 60.674806][ T5971] [ 60.684512][ T5971] EXT4-fs (loop1): Total free blocks count 0 [ 60.690589][ T5971] EXT4-fs (loop1): Free/Dirty block details [ 60.696551][ T5971] EXT4-fs (loop1): free_blocks=0 [ 60.701524][ T5971] EXT4-fs (loop1): dirty_blocks=0 [ 60.706616][ T5971] EXT4-fs (loop1): Block reservation details [ 60.712730][ T5971] EXT4-fs (loop1): i_reserved_data_blocks=0 [ 60.779360][ T3319] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 60.800799][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.830980][ T5982] loop3: detected capacity change from 0 to 2048 [ 60.876680][ T5982] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 60.890626][ T5982] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 60.991966][ T1713] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 345: padding at end of block bitmap is not set [ 61.009129][ T1713] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 314 with error 117 [ 61.021792][ T1713] EXT4-fs (loop3): This should not happen!! Data will be lost [ 61.021792][ T1713] [ 61.053177][ T1713] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 330 with max blocks 1 with error 117 [ 61.065711][ T1713] EXT4-fs (loop3): This should not happen!! Data will be lost [ 61.065711][ T1713] [ 61.160014][ T6005] @: renamed from vlan0 (while UP) [ 61.197041][ T6011] pimreg: entered allmulticast mode [ 61.204444][ T6011] pimreg: left allmulticast mode [ 61.352977][ T6018] loop1: detected capacity change from 0 to 128 [ 61.412412][ T6020] syzkaller0: entered promiscuous mode [ 61.417962][ T6020] syzkaller0: entered allmulticast mode [ 61.427121][ T6018] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 61.441995][ T6018] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.454661][ T6022] tipc: New replicast peer: 255.255.255.255 [ 61.460868][ T6022] tipc: Enabled bearer , priority 10 [ 61.578523][ T3321] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 61.640815][ T6031] syzkaller0: entered promiscuous mode [ 61.646426][ T6031] syzkaller0: entered allmulticast mode [ 61.823089][ T6045] pimreg: entered allmulticast mode [ 61.845556][ T6045] pimreg: left allmulticast mode [ 61.884294][ T6047] netlink: 'syz.4.948': attribute type 4 has an invalid length. [ 61.988886][ T6055] tipc: New replicast peer: 255.255.255.255 [ 61.995208][ T6055] tipc: Enabled bearer , priority 10 [ 62.050319][ T5982] syz.3.921 (5982) used greatest stack depth: 7000 bytes left [ 62.059597][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.662265][ T6064] __nla_validate_parse: 2 callbacks suppressed [ 62.662282][ T6064] netlink: 8 bytes leftover after parsing attributes in process `syz.1.956'. [ 62.680340][ T6067] loop0: detected capacity change from 0 to 128 [ 62.683464][ T6064] netlink: 8 bytes leftover after parsing attributes in process `syz.1.956'. [ 62.696094][ T6064] netlink: 8 bytes leftover after parsing attributes in process `syz.1.956'. [ 62.705081][ T6064] netlink: 8 bytes leftover after parsing attributes in process `syz.1.956'. [ 62.706793][ T6067] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 62.726166][ T6067] ext4 filesystem being mounted at /233/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 62.799496][ T3314] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 62.845317][ T6078] netlink: 4 bytes leftover after parsing attributes in process `syz.2.963'. [ 62.848588][ T6084] netlink: 'syz.1.962': attribute type 4 has an invalid length. [ 62.903562][ T6091] netlink: 12 bytes leftover after parsing attributes in process `syz.0.967'. [ 63.125537][ T36] tipc: Node number set to 2409056795 [ 63.131158][ T6113] loop4: detected capacity change from 0 to 8192 [ 63.186134][ T6113] loop4: p1 p2 p3 p4 [ 63.191598][ T6113] loop4: p2 size 16711680 extends beyond EOD, truncated [ 63.199295][ T6113] loop4: p3 start 4294967295 is beyond EOD, truncated [ 63.200099][ T6131] tipc: Enabling of bearer rejected, already enabled [ 63.254582][ T36] kernel write not supported for file /523/attr/exec (pid: 36 comm: kworker/1:1) [ 63.301971][ T6140] netlink: 24 bytes leftover after parsing attributes in process `syz.4.993'. [ 63.341348][ T6142] loop1: detected capacity change from 0 to 512 [ 63.349244][ T6142] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 63.370072][ T6142] ext4 filesystem being mounted at /186/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.402490][ T6142] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 63.479505][ T6157] loop1: detected capacity change from 0 to 512 [ 63.486844][ T6157] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 63.508075][ T6157] EXT4-fs (loop1): 1 truncate cleaned up [ 63.515690][ T6160] netlink: 8 bytes leftover after parsing attributes in process `syz.4.997'. [ 63.525333][ T6160] netlink: 8 bytes leftover after parsing attributes in process `syz.4.997'. [ 63.534549][ T6160] netlink: 8 bytes leftover after parsing attributes in process `syz.4.997'. [ 63.603780][ T6170] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6) [ 63.610360][ T6170] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 63.618195][ T6170] vhci_hcd vhci_hcd.0: Device attached [ 63.640587][ T6173] vhci_hcd: connection closed [ 63.640813][ T12] vhci_hcd: stop threads [ 63.649839][ T12] vhci_hcd: release socket [ 63.654342][ T12] vhci_hcd: disconnect device [ 63.748185][ T6181] random: crng reseeded on system resumption [ 63.942269][ T6195] SELinux: failed to load policy [ 63.985990][ T6199] loop3: detected capacity change from 0 to 512 [ 63.992867][ T6199] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 64.004872][ T6199] EXT4-fs (loop3): 1 truncate cleaned up [ 64.136834][ T6212] netlink: 'syz.2.1020': attribute type 21 has an invalid length. [ 64.226958][ T6219] tipc: Enabled bearer , priority 0 [ 64.235385][ T6219] tipc: Disabling bearer [ 64.330644][ T6228] random: crng reseeded on system resumption [ 64.489929][ T6243] serio: Serial port ptm0 [ 64.746673][ T6266] loop4: detected capacity change from 0 to 256 [ 64.783291][ T6268] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 64.789890][ T6268] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 64.797579][ T6268] vhci_hcd vhci_hcd.0: Device attached [ 64.841140][ T6270] vhci_hcd: connection closed [ 64.841761][ T51] vhci_hcd: stop threads [ 64.850906][ T51] vhci_hcd: release socket [ 64.855329][ T51] vhci_hcd: disconnect device [ 64.907943][ T6282] tipc: Started in network mode [ 64.912964][ T6282] tipc: Node identity 0a4c22f536b1, cluster identity 4711 [ 64.920320][ T6282] tipc: Enabled bearer , priority 0 [ 64.929128][ T6283] loop2: detected capacity change from 0 to 2048 [ 64.939042][ T6282] tipc: Disabling bearer [ 65.029004][ T6283] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 1 with max blocks 1 with error 28 [ 65.041338][ T6283] EXT4-fs (loop2): This should not happen!! Data will be lost [ 65.041338][ T6283] [ 65.051075][ T6283] EXT4-fs (loop2): Total free blocks count 0 [ 65.057230][ T6283] EXT4-fs (loop2): Free/Dirty block details [ 65.063321][ T6283] EXT4-fs (loop2): free_blocks=0 [ 65.068374][ T6283] EXT4-fs (loop2): dirty_blocks=0 [ 65.073501][ T6283] EXT4-fs (loop2): Block reservation details [ 65.079576][ T6283] EXT4-fs (loop2): i_reserved_data_blocks=0 [ 65.778441][ T6316] loop4: detected capacity change from 0 to 128 [ 65.919163][ T51] kworker/u8:3: attempt to access beyond end of device [ 65.919163][ T51] loop4: rw=1, sector=145, nr_sectors = 896 limit=128 [ 65.966804][ T6293] net_ratelimit: 28 callbacks suppressed [ 65.966826][ T6293] Set syz1 is full, maxelem 65536 reached [ 66.127801][ T6335] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 66.134392][ T6335] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 66.142163][ T6335] vhci_hcd vhci_hcd.0: Device attached [ 66.149426][ T6338] vhci_hcd: connection closed [ 66.150267][ T51] vhci_hcd: stop threads [ 66.159611][ T51] vhci_hcd: release socket [ 66.164224][ T51] vhci_hcd: disconnect device [ 66.384833][ T29] kauditd_printk_skb: 89 callbacks suppressed [ 66.384850][ T29] audit: type=1326 audit(1746753488.058:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6351 comm="syz.4.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 66.417020][ T29] audit: type=1326 audit(1746753488.098:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6351 comm="syz.4.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 66.440601][ T29] audit: type=1326 audit(1746753488.098:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6351 comm="syz.4.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f945d70e9a3 code=0x7ffc0000 [ 66.469407][ T29] audit: type=1326 audit(1746753488.098:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6351 comm="syz.4.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f945d70d41f code=0x7ffc0000 [ 66.473884][ T6352] loop4: detected capacity change from 0 to 128 [ 66.492824][ T29] audit: type=1326 audit(1746753488.098:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6351 comm="syz.4.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f945d70e9f7 code=0x7ffc0000 [ 66.496049][ T29] audit: type=1326 audit(1746753488.148:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6351 comm="syz.4.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f945d70d2d0 code=0x7ffc0000 [ 66.545994][ T29] audit: type=1326 audit(1746753488.148:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6351 comm="syz.4.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f945d70e56b code=0x7ffc0000 [ 66.570817][ T29] audit: type=1326 audit(1746753488.178:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6351 comm="syz.4.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f945d70d5ca code=0x7ffc0000 [ 66.594215][ T29] audit: type=1326 audit(1746753488.178:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6351 comm="syz.4.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f945d70d5ca code=0x7ffc0000 [ 66.617546][ T29] audit: type=1326 audit(1746753488.178:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6351 comm="syz.4.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f945d70d1d7 code=0x7ffc0000 [ 66.817544][ T6363] loop2: detected capacity change from 0 to 8192 [ 66.860555][ T6363] loop2: p1 p2 p3 [ 66.865985][ T6363] loop2: p2 start 3506442254 is beyond EOD, truncated [ 66.872822][ T6363] loop2: p3 size 49412 extends beyond EOD, truncated [ 67.632450][ T6415] loop0: detected capacity change from 0 to 128 [ 67.948183][ T6438] __nla_validate_parse: 10 callbacks suppressed [ 67.948203][ T6438] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1115'. [ 67.989339][ T6436] vlan0: entered allmulticast mode [ 67.994525][ T6436] bridge_slave_0: entered allmulticast mode [ 68.020931][ T6444] loop1: detected capacity change from 0 to 1024 [ 68.029255][ T6444] EXT4-fs: Ignoring removed bh option [ 68.184602][ T6453] loop1: detected capacity change from 0 to 128 [ 68.228956][ T6459] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1124'. [ 68.309573][ T6471] loop3: detected capacity change from 0 to 1024 [ 68.348745][ T6471] EXT4-fs: Ignoring removed bh option [ 68.363686][ T6473] vlan2: entered allmulticast mode [ 68.368937][ T6473] bridge_slave_0: entered allmulticast mode [ 68.378834][ T6475] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1134'. [ 68.490364][ T6481] ipvlan2: entered promiscuous mode [ 68.495879][ T6481] ipvlan2: entered allmulticast mode [ 68.501303][ T6481] macvlan0: entered allmulticast mode [ 68.628784][ T6489] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.725841][ T6489] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.780939][ T6497] netlink: 'syz.0.1142': attribute type 4 has an invalid length. [ 68.869760][ T6489] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.974304][ T6489] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.035850][ T6489] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.057915][ T6489] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.123573][ T6489] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.161831][ T6489] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.336970][ T6519] ipvlan2: entered promiscuous mode [ 69.342252][ T6519] ipvlan2: entered allmulticast mode [ 69.347706][ T6519] macvlan0: entered allmulticast mode [ 69.353101][ T6519] veth1_vlan: entered allmulticast mode [ 69.391453][ T6522] netlink: 'syz.3.1153': attribute type 11 has an invalid length. [ 69.411352][ T6522] netlink: 448 bytes leftover after parsing attributes in process `syz.3.1153'. [ 69.508020][ T6528] ipvlan2: entered promiscuous mode [ 69.513346][ T6528] ipvlan2: entered allmulticast mode [ 69.518788][ T6528] macvlan0: entered allmulticast mode [ 69.524173][ T6528] veth1_vlan: entered allmulticast mode [ 69.869788][ T6552] xt_connbytes: Forcing CT accounting to be enabled [ 69.887005][ T6552] Cannot find del_set index 1 as target [ 70.167195][ T6557] loop3: detected capacity change from 0 to 128 [ 70.194547][ T6557] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 70.225790][ T6557] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 70.274527][ T112] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 70.398985][ T6569] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1182'. [ 70.411293][ T6567] ipvlan2: entered promiscuous mode [ 70.416733][ T6567] ipvlan2: entered allmulticast mode [ 70.422141][ T6567] macvlan0: entered allmulticast mode [ 70.427778][ T6567] veth1_vlan: entered allmulticast mode [ 70.523218][ T6576] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1186'. [ 70.790252][ T6587] wireguard0: entered promiscuous mode [ 70.795852][ T6587] wireguard0: entered allmulticast mode [ 70.859602][ T6600] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1183'. [ 70.909380][ T6606] ipvlan2: entered promiscuous mode [ 70.932887][ T6606] bridge0: port 1(ipvlan2) entered blocking state [ 70.939486][ T6606] bridge0: port 1(ipvlan2) entered disabled state [ 70.948662][ T6606] ipvlan2: entered allmulticast mode [ 70.954017][ T6606] bridge0: entered allmulticast mode [ 70.968219][ T6608] netlink: 'syz.3.1189': attribute type 4 has an invalid length. [ 70.976601][ T6606] ipvlan2: left allmulticast mode [ 70.981765][ T6606] bridge0: left allmulticast mode [ 71.588365][ T6656] wireguard0: entered promiscuous mode [ 71.593877][ T6656] wireguard0: entered allmulticast mode [ 71.746144][ T6648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 71.760320][ T6648] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 71.803099][ T6679] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.896456][ T6679] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.959431][ T6679] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.028855][ T6679] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.083900][ T29] kauditd_printk_skb: 73 callbacks suppressed [ 72.083987][ T29] audit: type=1400 audit(1746753493.758:1101): avc: denied { name_bind } for pid=6693 comm="syz.0.1221" src=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1 [ 72.123331][ T29] audit: type=1400 audit(1746753493.788:1102): avc: denied { name_connect } for pid=6693 comm="syz.0.1221" dest=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1 [ 72.184982][ T6679] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.198748][ T6679] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.212464][ T6679] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.227611][ T6679] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.268393][ T6702] wireguard0: entered promiscuous mode [ 72.273958][ T6702] wireguard0: entered allmulticast mode [ 72.371648][ T6708] loop4: detected capacity change from 0 to 512 [ 72.385711][ T6708] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 72.468097][ T6716] loop2: detected capacity change from 0 to 1024 [ 72.476104][ T6716] EXT4-fs: Ignoring removed orlov option [ 72.481863][ T6716] EXT4-fs: Ignoring removed nomblk_io_submit option [ 72.490211][ T6708] EXT4-fs error (device loop4): ext4_quota_enable:7122: comm syz.4.1226: Bad quota inum: 29696, type: 1 [ 72.509223][ T6708] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=29696). Please run e2fsck to fix. [ 72.536105][ T6708] EXT4-fs (loop4): mount failed [ 72.542363][ T6716] EXT4-fs mount: 12 callbacks suppressed [ 72.542382][ T6716] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.590085][ T6716] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 72.628924][ T6728] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1241'. [ 72.629412][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.688700][ T6730] loop2: detected capacity change from 0 to 128 [ 72.695634][ T6730] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 72.710882][ T6730] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 72.748816][ T1713] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 72.860677][ T6745] ref_ctr_offset mismatch. inode: 0x506 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8 [ 73.002174][ T6751] netlink: 'syz.4.1243': attribute type 4 has an invalid length. [ 73.236747][ T29] audit: type=1400 audit(1746753494.908:1103): avc: denied { connect } for pid=6760 comm="" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 73.469021][ T6769] loop1: detected capacity change from 0 to 512 [ 73.500382][ T29] audit: type=1326 audit(1746753495.158:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6774 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f362047e969 code=0x7ffc0000 [ 73.505852][ T6769] EXT4-fs: Ignoring removed nomblk_io_submit option [ 73.523922][ T29] audit: type=1326 audit(1746753495.158:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6774 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f362047e969 code=0x7ffc0000 [ 73.553795][ T29] audit: type=1326 audit(1746753495.158:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6774 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f362047e969 code=0x7ffc0000 [ 73.565260][ T6769] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 73.577222][ T29] audit: type=1326 audit(1746753495.158:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6774 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f362047e969 code=0x7ffc0000 [ 73.610501][ T29] audit: type=1326 audit(1746753495.158:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6774 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f362047e969 code=0x7ffc0000 [ 73.634074][ T29] audit: type=1326 audit(1746753495.158:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6774 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f362047e969 code=0x7ffc0000 [ 73.657654][ T29] audit: type=1326 audit(1746753495.158:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6774 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f362047e969 code=0x7ffc0000 [ 73.702316][ T6769] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 73.725342][ T6783] atomic_op ffff888119b60d28 conn xmit_atomic 0000000000000000 [ 73.733591][ T6769] EXT4-fs (loop1): 1 truncate cleaned up [ 73.740593][ T6769] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.750794][ T6785] ALSA: seq fatal error: cannot create timer (-19) [ 73.864298][ T6794] loop0: detected capacity change from 0 to 512 [ 73.882398][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.896312][ T6794] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 73.912576][ T6794] EXT4-fs (loop0): invalid journal inode [ 73.919062][ T6794] EXT4-fs (loop0): can't get journal size [ 73.925083][ T6798] netlink: 'syz.1.1263': attribute type 4 has an invalid length. [ 73.955993][ T6801] loop4: detected capacity change from 0 to 512 [ 73.963094][ T6794] EXT4-fs (loop0): 1 truncate cleaned up [ 73.970514][ T6794] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.994373][ T6801] EXT4-fs (loop4): orphan cleanup on readonly fs [ 74.013364][ T6801] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.1264: bad orphan inode 13 [ 74.025718][ T6801] ext4_test_bit(bit=12, block=18) = 1 [ 74.031134][ T6801] is_bad_inode(inode)=0 [ 74.035479][ T6801] NEXT_ORPHAN(inode)=2130706432 [ 74.040440][ T6801] max_ino=32 [ 74.043648][ T6801] i_nlink=1 [ 74.055460][ T6794] loop0: detected capacity change from 512 to 0 [ 74.062250][ T6803] syz.0.1260: attempt to access beyond end of device [ 74.062250][ T6803] loop0: rw=524288, sector=10, nr_sectors = 2 limit=0 [ 74.075823][ T6803] syz.0.1260: attempt to access beyond end of device [ 74.075823][ T6803] loop0: rw=524288, sector=12, nr_sectors = 2 limit=0 [ 74.089352][ T6803] syz.0.1260: attempt to access beyond end of device [ 74.089352][ T6803] loop0: rw=524288, sector=14, nr_sectors = 2 limit=0 [ 74.102917][ T6803] syz.0.1260: attempt to access beyond end of device [ 74.102917][ T6803] loop0: rw=524288, sector=18, nr_sectors = 2 limit=0 [ 74.117166][ T6803] syz.0.1260: attempt to access beyond end of device [ 74.117166][ T6803] loop0: rw=524288, sector=20, nr_sectors = 2 limit=0 [ 74.131183][ T6803] syz.0.1260: attempt to access beyond end of device [ 74.131183][ T6803] loop0: rw=524288, sector=22, nr_sectors = 2 limit=0 [ 74.144733][ T6803] syz.0.1260: attempt to access beyond end of device [ 74.144733][ T6803] loop0: rw=524288, sector=24, nr_sectors = 2 limit=0 [ 74.158738][ T6801] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 74.183027][ T6803] syz.0.1260: attempt to access beyond end of device [ 74.183027][ T6803] loop0: rw=524288, sector=26, nr_sectors = 2 limit=0 [ 74.206719][ T6803] syz.0.1260: attempt to access beyond end of device [ 74.206719][ T6803] loop0: rw=12288, sector=16, nr_sectors = 2 limit=0 [ 74.229531][ T6801] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 74.248774][ T6803] EXT4-fs error (device loop0): ext4_get_inode_loc:4588: inode #15: block 8: comm syz.0.1260: unable to read itable block [ 74.265680][ T6803] syz.0.1260: attempt to access beyond end of device [ 74.265680][ T6803] loop0: rw=145409, sector=2, nr_sectors = 2 limit=0 [ 74.279053][ T6803] Buffer I/O error on dev loop0, logical block 1, lost sync page write [ 74.298176][ T6803] EXT4-fs (loop0): I/O error while writing superblock [ 74.305619][ T6801] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1264: bg 0: block 248: padding at end of block bitmap is not set [ 74.325635][ T6803] EXT4-fs error (device loop0): ext4_get_inode_loc:4588: inode #15: block 8: comm syz.0.1260: unable to read itable block [ 74.331225][ T6801] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.1264: Failed to acquire dquot type 1 [ 74.341824][ T6803] Buffer I/O error on dev loop0, logical block 1, lost sync page write [ 74.359871][ T6803] EXT4-fs (loop0): I/O error while writing superblock [ 74.366765][ T6803] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5899: IO failure [ 74.376438][ T6803] Buffer I/O error on dev loop0, logical block 1, lost sync page write [ 74.380833][ T6801] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 74.384763][ T6803] EXT4-fs (loop0): I/O error while writing superblock [ 74.406265][ T6803] EXT4-fs error (device loop0): ext4_dirty_inode:6103: inode #15: comm syz.0.1260: mark_inode_dirty error [ 74.417727][ T6803] Buffer I/O error on dev loop0, logical block 1, lost sync page write [ 74.426178][ T6803] EXT4-fs (loop0): I/O error while writing superblock [ 74.433186][ T6803] EXT4-fs error (device loop0): ext4_get_inode_loc:4588: inode #15: block 8: comm syz.0.1260: unable to read itable block [ 74.446055][ T6803] Buffer I/O error on dev loop0, logical block 1, lost sync page write [ 74.454540][ T6803] EXT4-fs (loop0): I/O error while writing superblock [ 74.461429][ T6803] EXT4-fs error (device loop0): ext4_get_max_inline_size:121: inode #15: comm syz.0.1260: can't get inode location 15 [ 74.474128][ T6803] Buffer I/O error on dev loop0, logical block 1, lost sync page write [ 74.482493][ T6803] EXT4-fs (loop0): I/O error while writing superblock [ 74.489539][ T6803] EXT4-fs error (device loop0): ext4_get_inode_loc:4588: inode #15: block 8: comm syz.0.1260: unable to read itable block [ 74.502445][ T6803] Buffer I/O error on dev loop0, logical block 1, lost sync page write [ 74.515492][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.545805][ T6803] EXT4-fs (loop0): I/O error while writing superblock [ 74.626739][ T3314] EXT4-fs warning (device loop0): htree_dirblock_to_tree:1053: inode #2: lblock 0: comm syz-executor: error -5 reading directory block [ 74.665523][ T3314] EXT4-fs error (device loop0): ext4_get_inode_loc:4588: inode #2: block 5: comm syz-executor: unable to read itable block [ 74.681368][ T3314] Buffer I/O error on dev loop0, logical block 1, lost sync page write [ 74.696344][ T3314] EXT4-fs (loop0): I/O error while writing superblock [ 74.703166][ T3314] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5899: IO failure [ 74.715677][ T3314] Buffer I/O error on dev loop0, logical block 1, lost sync page write [ 74.724083][ T3314] EXT4-fs (loop0): I/O error while writing superblock [ 74.730941][ T3314] EXT4-fs error (device loop0): ext4_dirty_inode:6103: inode #2: comm syz-executor: mark_inode_dirty error [ 74.745562][ T3314] Buffer I/O error on dev loop0, logical block 1, lost sync page write [ 74.984306][ T112] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.022937][ T6822] wireguard0: entered promiscuous mode [ 75.030642][ T6822] wireguard0: entered allmulticast mode [ 75.069689][ T112] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.150647][ T112] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.215095][ T112] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.249131][ T6843] loop4: detected capacity change from 0 to 512 [ 75.257273][ T6843] EXT4-fs: Ignoring removed nomblk_io_submit option [ 75.264671][ T6843] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 75.311192][ T6843] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 75.329585][ T6843] EXT4-fs (loop4): 1 truncate cleaned up [ 75.336341][ T6843] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.418360][ T112] $Hÿ (unregistering): Released all slaves [ 75.418548][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.435866][ T6825] chnl_net:caif_netlink_parms(): no params data found [ 75.469458][ T112] tipc: Disabling bearer [ 75.474817][ T112] tipc: Left network mode [ 75.481251][ T6854] netlink: 'syz.1.1279': attribute type 2 has an invalid length. [ 75.489062][ T6854] netlink: 'syz.1.1279': attribute type 1 has an invalid length. [ 75.496931][ T6854] netlink: 199820 bytes leftover after parsing attributes in process `syz.1.1279'. [ 75.507606][ T6825] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.514780][ T6825] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.522487][ T6825] bridge_slave_0: entered allmulticast mode [ 75.529721][ T6825] bridge_slave_0: entered promiscuous mode [ 75.539067][ T112] hsr_slave_0: left promiscuous mode [ 75.544955][ T112] hsr_slave_1: left promiscuous mode [ 75.554472][ T112] veth1_vlan: left allmulticast mode [ 75.559973][ T112] veth1_vlan: left promiscuous mode [ 75.566057][ T112] veth0_vlan: left promiscuous mode [ 75.671304][ T6825] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.678891][ T6825] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.689121][ T6825] bridge_slave_1: entered allmulticast mode [ 75.696091][ T6825] bridge_slave_1: entered promiscuous mode [ 75.720791][ T6825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.732223][ T6825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.754138][ T6825] team0: Port device team_slave_0 added [ 75.762057][ T6825] team0: Port device team_slave_1 added [ 75.779894][ T6825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.786986][ T6825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.813138][ T6825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.824682][ T6825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.831750][ T6825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.857830][ T6825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.893889][ T6865] serio: Serial port ptm0 [ 75.904390][ T6825] hsr_slave_0: entered promiscuous mode [ 75.915087][ T6825] hsr_slave_1: entered promiscuous mode [ 75.928164][ T6825] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 75.945584][ T6825] Cannot create hsr debugfs directory [ 76.040124][ T6878] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.108070][ T6878] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.157726][ T6878] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.258833][ T6878] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.272940][ T6889] loop2: detected capacity change from 0 to 512 [ 76.283929][ T6889] journal_path: Lookup failure for './file0' [ 76.290781][ T6889] EXT4-fs: error: could not find journal device path [ 76.363259][ T6878] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.381408][ T6878] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.392798][ T6894] bridge0: entered promiscuous mode [ 76.398153][ T6894] macsec0: entered allmulticast mode [ 76.403555][ T6894] bridge0: entered allmulticast mode [ 76.414823][ T6894] bridge0: port 1(macsec0) entered blocking state [ 76.421407][ T6894] bridge0: port 1(macsec0) entered disabled state [ 76.430085][ T6894] bridge0: left allmulticast mode [ 76.435256][ T6894] bridge0: left promiscuous mode [ 76.448870][ T6878] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.462209][ T6878] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.484937][ T6825] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 76.507597][ T6825] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 76.527747][ T6825] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 76.537899][ T6825] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 76.648012][ T6825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.677763][ T6825] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.688470][ T3407] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.695657][ T3407] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.718309][ T3407] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.725518][ T3407] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.764487][ T6902] xt_CT: You must specify a L4 protocol and not use inversions on it [ 76.788098][ T6923] tipc: New replicast peer: 10.1.1.2 [ 76.793493][ T6923] tipc: Enabled bearer , priority 10 [ 76.898047][ T6825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.907372][ T6939] syzkaller1: entered promiscuous mode [ 76.912986][ T6939] syzkaller1: entered allmulticast mode [ 76.928154][ T6942] wireguard0: entered promiscuous mode [ 76.933698][ T6942] wireguard0: entered allmulticast mode [ 76.949728][ T6945] loop3: detected capacity change from 0 to 512 [ 76.956490][ T6945] EXT4-fs: Ignoring removed nomblk_io_submit option [ 76.963650][ T6945] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 76.982012][ T6945] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 76.998557][ T6945] EXT4-fs (loop3): 1 truncate cleaned up [ 77.009755][ T6945] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.067459][ T6825] veth0_vlan: entered promiscuous mode [ 77.080820][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.092473][ T6825] veth1_vlan: entered promiscuous mode [ 77.119044][ T6825] veth0_macvtap: entered promiscuous mode [ 77.135574][ T6825] veth1_macvtap: entered promiscuous mode [ 77.147280][ T6825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.159419][ T6825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.172634][ T6825] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.181489][ T6825] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.190575][ T6825] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.199353][ T6825] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.251281][ T29] kauditd_printk_skb: 286 callbacks suppressed [ 77.251299][ T29] audit: type=1400 audit(1746753498.928:1395): avc: denied { mounton } for pid=6825 comm="syz-executor" path="/root/syzkaller.lmbQU2/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 77.326044][ T29] audit: type=1400 audit(1746753498.968:1396): avc: denied { mount } for pid=6825 comm="syz-executor" name="/" dev="gadgetfs" ino=3556 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 77.379993][ T6976] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1278'. [ 77.422532][ T6982] loop1: detected capacity change from 0 to 128 [ 77.458623][ T6976] bond1: entered promiscuous mode [ 77.464192][ T6976] bond1: entered allmulticast mode [ 77.473500][ T6976] 8021q: adding VLAN 0 to HW filter on device bond1 [ 77.541803][ T29] audit: type=1400 audit(1746753499.208:1397): avc: denied { bind } for pid=6989 comm="syz.3.1329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 77.561243][ T29] audit: type=1400 audit(1746753499.208:1398): avc: denied { listen } for pid=6989 comm="syz.3.1329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 77.634878][ T6995] loop1: detected capacity change from 0 to 8192 [ 77.666466][ T6995] loop1: p1 p2 < > p3 p4 < p5 > [ 77.671465][ T6995] loop1: partition table partially beyond EOD, truncated [ 77.678828][ T6995] loop1: p1 size 100663296 extends beyond EOD, truncated [ 77.687862][ T6995] loop1: p2 start 591104 is beyond EOD, truncated [ 77.694375][ T6995] loop1: p3 start 33572980 is beyond EOD, truncated [ 77.701864][ T6995] loop1: p5 size 100663296 extends beyond EOD, truncated [ 77.810338][ T7000] loop2: detected capacity change from 0 to 512 [ 77.822092][ T7000] EXT4-fs: Ignoring removed nomblk_io_submit option [ 77.835353][ T7000] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 77.872316][ T7000] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 77.891471][ T7000] EXT4-fs (loop2): 1 truncate cleaned up [ 77.918921][ T7000] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.988453][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.133918][ T7023] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 78.198813][ T7031] loop2: detected capacity change from 0 to 256 [ 78.388221][ T7052] loop3: detected capacity change from 0 to 512 [ 78.399557][ T7052] EXT4-fs: Ignoring removed oldalloc option [ 78.405676][ T7052] EXT4-fs: Ignoring removed mblk_io_submit option [ 78.418264][ T7056] loop2: detected capacity change from 0 to 256 [ 78.424719][ T7054] loop4: detected capacity change from 0 to 2048 [ 78.433272][ T7054] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities [ 78.453311][ T7052] EXT4-fs (loop3): orphan cleanup on readonly fs [ 78.461662][ T7052] Quota error (device loop3): do_check_range: Getting block 196613 out of range 1-5 [ 78.471232][ T7052] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 78.480755][ T7052] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.1357: Failed to acquire dquot type 1 [ 78.505241][ T7052] EXT4-fs (loop3): 1 truncate cleaned up [ 78.511064][ T29] audit: type=1326 audit(1746753500.168:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7059 comm="syz.4.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 78.534578][ T29] audit: type=1326 audit(1746753500.168:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7059 comm="syz.4.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 78.558076][ T29] audit: type=1326 audit(1746753500.178:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7059 comm="syz.4.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 78.581435][ T29] audit: type=1326 audit(1746753500.178:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7059 comm="syz.4.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945d70e969 code=0x7ffc0000 [ 78.607329][ T7052] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 78.640745][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.666525][ T7065] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 78.673968][ T7065] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 78.681435][ T7065] vhci_hcd: default hub control req: 6314 v0008 i0002 l0 [ 78.982741][ T7074] SELinux: failed to load policy [ 79.223836][ T7112] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1370'. [ 79.584782][ T7161] SELinux: failed to load policy [ 79.703811][ T7179] loop2: detected capacity change from 0 to 512 [ 79.736752][ T7179] EXT4-fs: Ignoring removed nomblk_io_submit option [ 79.746907][ T7179] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 79.773899][ T7179] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 79.789429][ T7179] EXT4-fs (loop2): 1 truncate cleaned up [ 79.798914][ T7179] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.852156][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.907221][ T7199] --map-set only usable from mangle table [ 79.947321][ T7201] loop3: detected capacity change from 0 to 1024 [ 79.954102][ T7201] EXT4-fs: Ignoring removed orlov option [ 79.962981][ T7201] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.104166][ T7223] 9pnet_fd: Insufficient options for proto=fd [ 80.438982][ T7244] loop0: detected capacity change from 0 to 512 [ 80.629508][ T7250] loop0: detected capacity change from 0 to 512 [ 80.668441][ T7250] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 80.676536][ T7250] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002] [ 80.694427][ T7250] EXT4-fs (loop0): orphan cleanup on readonly fs [ 80.709377][ T7250] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949761 > max in inode 13 [ 80.734286][ T7250] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949762 > max in inode 13 [ 80.745707][ T7250] EXT4-fs (loop0): 1 truncate cleaned up [ 80.753387][ T7250] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 80.766016][ T7250] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.821962][ T7261] loop1: detected capacity change from 0 to 512 [ 80.828727][ T7261] EXT4-fs: Ignoring removed nomblk_io_submit option [ 80.839187][ T7261] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 80.858328][ T7261] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 80.883751][ T7261] EXT4-fs (loop1): 1 truncate cleaned up [ 80.890105][ T7261] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.968155][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.989894][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.011212][ T7274] loop4: detected capacity change from 0 to 512 [ 81.029675][ T7272] loop2: detected capacity change from 0 to 1024 [ 81.039128][ T7274] journal_path: Lookup failure for './file0' [ 81.039889][ T7280] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1417'. [ 81.045131][ T7274] EXT4-fs: error: could not find journal device path [ 81.056561][ T7280] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1417'. [ 81.070035][ T7272] EXT4-fs: Ignoring removed mblk_io_submit option [ 81.085744][ T7272] EXT4-fs: Ignoring removed nobh option [ 81.091371][ T7272] EXT4-fs: Ignoring removed bh option [ 81.122634][ T7272] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.139656][ T7272] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.1419: inode #327696: comm syz.2.1419: iget: illegal inode # [ 81.156331][ T7272] EXT4-fs (loop2): Remounting filesystem read-only [ 81.163155][ T7292] loop4: detected capacity change from 0 to 1024 [ 81.171100][ T7292] EXT4-fs: Ignoring removed nobh option [ 81.176833][ T7292] EXT4-fs: Ignoring removed bh option [ 81.185086][ T7272] EXT4-fs warning (device loop2): ext4_xattr_inode_inc_ref_all:1129: inode #18: comm syz.2.1419: cleanup dec ref error -30 [ 81.187095][ T7294] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1426'. [ 81.198216][ T7272] EXT4-fs warning (device loop2): ext4_xattr_block_set:2190: inode #18: comm syz.2.1419: dec ref error=-30 [ 81.234007][ T7294] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1426'. [ 81.246722][ T7292] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.294157][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.328023][ T7292] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.1427: Allocating blocks 497-513 which overlap fs metadata [ 81.342872][ T7291] EXT4-fs (loop4): pa ffff888106e3b150: logic 16, phys. 321, len 12 [ 81.351000][ T7291] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 81.375087][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.405472][ T7311] loop4: detected capacity change from 0 to 1024 [ 81.412273][ T7311] EXT4-fs: Ignoring removed orlov option [ 81.424117][ T7311] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.580740][ T7334] 9pnet_fd: Insufficient options for proto=fd [ 82.151260][ T7387] SELinux: failed to load policy [ 82.330945][ T7403] SELinux: failed to load policy [ 82.350202][ T7401] loop3: detected capacity change from 0 to 4096 [ 82.479567][ T7401] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.553373][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.563402][ T7401] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #15: comm syz.3.1457: corrupted inode contents [ 82.587430][ T7401] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #15: comm syz.3.1457: mark_inode_dirty error [ 82.606895][ T29] kauditd_printk_skb: 97 callbacks suppressed [ 82.606911][ T29] audit: type=1400 audit(1746753504.288:1500): avc: denied { lock } for pid=7400 comm="syz.3.1457" path="/255/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 82.610799][ T7401] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #15: comm syz.3.1457: corrupted inode contents [ 82.668263][ T29] audit: type=1400 audit(1746753504.348:1501): avc: denied { remove_name } for pid=7400 comm="syz.3.1457" name=2E02 dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 82.668538][ T7401] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #15: comm syz.3.1457: mark_inode_dirty error [ 82.742578][ T7401] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #15: comm syz.3.1457: corrupted inode contents [ 82.758386][ T29] audit: type=1400 audit(1746753504.348:1502): avc: denied { rename } for pid=7400 comm="syz.3.1457" name=2E02 dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 82.780496][ T29] audit: type=1400 audit(1746753504.348:1503): avc: denied { unlink } for pid=7400 comm="syz.3.1457" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 82.802821][ T29] audit: type=1400 audit(1746753504.408:1504): avc: denied { accept } for pid=7419 comm="syz.4.1465" lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 82.823405][ T29] audit: type=1400 audit(1746753504.418:1505): avc: denied { ioctl } for pid=7421 comm="syz.0.1464" path="socket:[17421]" dev="sockfs" ino=17421 ioctlcmd=0x8912 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 82.823922][ T7401] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #15: comm syz.3.1457: mark_inode_dirty error [ 82.880127][ T7401] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #15: comm syz.3.1457: corrupted inode contents [ 82.892864][ T7425] geneve0: entered allmulticast mode [ 82.902610][ T7401] EXT4-fs error (device loop3): ext4_truncate:4255: inode #15: comm syz.3.1457: mark_inode_dirty error [ 82.915123][ T7401] EXT4-fs error (device loop3) in ext4_setattr:5628: Corrupt filesystem [ 82.958317][ T7410] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #15: comm syz.3.1457: corrupted inode contents [ 82.982907][ T29] audit: type=1326 audit(1746753504.658:1506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7436 comm="syz.0.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b3cc0e969 code=0x7ffc0000 [ 82.988329][ T7441] loop0: detected capacity change from 0 to 1764 [ 83.006448][ T29] audit: type=1326 audit(1746753504.658:1507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7436 comm="syz.0.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b3cc0e969 code=0x7ffc0000 [ 83.036176][ T29] audit: type=1326 audit(1746753504.658:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7436 comm="syz.0.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3b3cc0e969 code=0x7ffc0000 [ 83.059623][ T29] audit: type=1326 audit(1746753504.658:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7436 comm="syz.0.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3b3cc0e9a3 code=0x7ffc0000 [ 83.087662][ T3319] EXT4-fs warning (device loop3): ext4_evict_inode:262: couldn't mark inode dirty (err -117) [ 83.099016][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.112383][ T7445] loop1: detected capacity change from 0 to 512 [ 83.156308][ T7445] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.168946][ T7445] ext4 filesystem being mounted at /289/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 83.201399][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.299095][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x4 [ 83.307101][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x2 [ 83.370863][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 83.378703][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 83.386425][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 83.394172][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 83.402046][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 83.409763][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 83.417629][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 83.425326][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 83.433046][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 83.440928][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 83.448669][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 83.456449][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 83.464156][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 83.471894][ T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 83.486387][ T9] hid-generic 0000:3000000:0000.0003: hidraw0: HID v0.00 Device [sy] on syz0 [ 83.533905][ T7476] loop1: detected capacity change from 0 to 1024 [ 83.540700][ T7476] EXT4-fs: Ignoring removed orlov option [ 83.573824][ T7476] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.654176][ T7484] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1493'. [ 83.663903][ T7484] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1493'. [ 83.681976][ T7484] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1493'. [ 83.712151][ T7486] 9pnet_fd: Insufficient options for proto=fd [ 83.934988][ T7476] ================================================================== [ 83.943128][ T7476] BUG: KCSAN: data-race in filemap_splice_read / filemap_splice_read [ 83.951259][ T7476] [ 83.953608][ T7476] write to 0xffff88813148c528 of 8 bytes by task 7485 on cpu 0: [ 83.961261][ T7476] filemap_splice_read+0x47e/0x6b0 [ 83.966424][ T7476] ext4_file_splice_read+0x8f/0xb0 [ 83.971570][ T7476] splice_direct_to_actor+0x26c/0x680 [ 83.976965][ T7476] do_splice_direct+0xda/0x150 [ 83.981759][ T7476] do_sendfile+0x380/0x640 [ 83.986204][ T7476] __x64_sys_sendfile64+0x105/0x150 [ 83.991422][ T7476] x64_sys_call+0xb39/0x2fb0 [ 83.996027][ T7476] do_syscall_64+0xd0/0x1a0 [ 84.000540][ T7476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.006444][ T7476] [ 84.008769][ T7476] write to 0xffff88813148c528 of 8 bytes by task 7476 on cpu 1: [ 84.016403][ T7476] filemap_splice_read+0x47e/0x6b0 [ 84.021533][ T7476] ext4_file_splice_read+0x8f/0xb0 [ 84.026661][ T7476] splice_direct_to_actor+0x26c/0x680 [ 84.032063][ T7476] do_splice_direct+0xda/0x150 [ 84.036844][ T7476] do_sendfile+0x380/0x640 [ 84.041285][ T7476] __x64_sys_sendfile64+0x105/0x150 [ 84.046501][ T7476] x64_sys_call+0xb39/0x2fb0 [ 84.051101][ T7476] do_syscall_64+0xd0/0x1a0 [ 84.055616][ T7476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.061515][ T7476] [ 84.063854][ T7476] value changed: 0x0000000000000633 -> 0x0000000000000634 [ 84.071045][ T7476] [ 84.073369][ T7476] Reported by Kernel Concurrency Sanitizer on: [ 84.079546][ T7476] CPU: 1 UID: 0 PID: 7476 Comm: syz.1.1489 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) [ 84.091968][ T7476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 84.102029][ T7476] ================================================================== [ 84.458338][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.