last executing test programs: 1m22.819436977s ago: executing program 0 (id=3802): socket$kcm(0x10, 0x2, 0x10) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f0000000180), r2, 0x1}}, 0x18) 1m22.794969457s ago: executing program 0 (id=3805): symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00') r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x6, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 1m22.772769097s ago: executing program 0 (id=3807): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2) sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=r1], 0x1c}}, 0x0) write$nci(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="500404c0434664"], 0x7) 1m22.685116909s ago: executing program 0 (id=3812): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) chroot(&(0x7f0000000140)='./file0/../file0\x00') pivot_root(&(0x7f0000007b00)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00') 1m22.64780429s ago: executing program 0 (id=3815): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x18) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x181001, 0x0) ioctl$SNAPSHOT_FREE(r2, 0x3305) 1m22.473754673s ago: executing program 0 (id=3820): prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x3}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x2c, r2, 0x301, 0x70bd29, 0x25dfdbfc, {0x24}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}]}]}, 0x2c}}, 0x0) 1m22.473663413s ago: executing program 32 (id=3820): prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x3}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x2c, r2, 0x301, 0x70bd29, 0x25dfdbfc, {0x24}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}]}]}, 0x2c}}, 0x0) 1.338127184s ago: executing program 1 (id=7434): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01800000000000000000010000000000000006"], 0x28}}, 0x40000) 1.233777567s ago: executing program 1 (id=7437): sendmsg$rds(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000600)=[{0x0}], 0x1, 0x0, 0x0, 0x20000800}, 0x4000008) r0 = syz_io_uring_setup(0x466c, &(0x7f0000000280)={0x0, 0x0, 0x10100, 0x0, 0x13f}, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RENAMEAT={0x23, 0x30, 0x0, r3, 0x0, 0x0, r3}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 1.226947527s ago: executing program 1 (id=7438): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r3], 0x20}}, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f00000001c0)={@remote}, 0x14) 1.07577116s ago: executing program 3 (id=7445): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a300000000014000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000) 1.046462261s ago: executing program 3 (id=7446): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000000000000000000690800000000000039ac1414aa00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000feffffffff7f400002000000000000080000000000000000010000000000000044000500ac1414bb000000000000000000000000000000003c00000002000000fe8000000000000000000000000000aa0600000004"], 0xfc}}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) syz_emit_ethernet(0x4e, &(0x7f0000000780)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00 \x00', 0x18, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @local, {[], @mld={0x187, 0x0, 0x0, 0x0, 0x0, @local}}}}}}, 0x0) 1.045889531s ago: executing program 2 (id=7458): r0 = socket(0x11, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'gre0\x00', 0x0}) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x11}, 0x14) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="02017d29012918000e3580009f0001140000002f0600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304a80500ffffca88faca"], 0xdd12}], 0x1}, 0x0) 1.02493972s ago: executing program 3 (id=7447): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.kill\x00', 0x275a, 0x0) fcntl$lock(r1, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9}) fcntl$lock(r1, 0x7, &(0x7f00000000c0)={0x0, 0x2, 0x7, 0x401}) 1.023244241s ago: executing program 2 (id=7460): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10) sendmsg$inet_sctp(r1, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0xc851) r2 = dup3(r1, r0, 0x80000) recvmmsg$unix(r2, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x62, 0x406, 0x0) 1.008488201s ago: executing program 3 (id=7448): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) r1 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000180)={0x7a2a, 0x9, 0x5a}, 0x8) sendmsg$inet_sctp(r1, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1, 0x0, 0x0, 0x2804c044}, 0x0) shutdown(r1, 0x1) 924.331103ms ago: executing program 1 (id=7449): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x303}, '\x00', "5193bb672965593497c186a80e00", '\x00\x00=*', "1202000000040030"}, 0x38) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e20, 0x1, @empty, 0x4}}, 0x0, 0x0, 0x1d, 0x0, "ac9bf8f534da2ff7d4d4b7e765850892496543286935d33be18de5abf29adec7efe0796c84cfd07169722f8146e60a0b14d26dfe47cdb84d2d6070127fd3d653e929347c5b447884208d2ec6517016f8"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000400)={@in6={{0xa, 0x4e24, 0x8, @loopback, 0x9}}, 0x0, 0x0, 0x41, 0x0, "b208405cce4456e4fc8f2dabd194ff3763f799f91cf7e5e8260998f956ec57c24451db07550335ebf4a3d0168ccaa268e928f39cd7494c2b19ebef230a3373685fbacfcf3b6e9633bd997a9bfcf08f67"}, 0xd8) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x5, @loopback}, 0x1c) 923.956593ms ago: executing program 3 (id=7450): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, &(0x7f0000000080)={0x7, 0x40, 0x9}) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0xfffffffd, @loopback, 0x3681}, 0x1c) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0x20, &(0x7f0000000000)={@in6={{0xa, 0x4e22, 0x7, @local, 0x7}}, 0x0, 0x0, 0x3a, 0x0, "a30b3b28af4d2f246a016542daa845f387713f4048ff2ece1e75f1fc0100f41e4de6256109383664417165bba0dd5ace522fa788000000000033035551502f07b4001a00"}, 0xd8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e62, 0x1ff, @loopback, 0x23}, 0x1c) 429.859362ms ago: executing program 4 (id=7463): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x101201, 0x0) ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000600)=0x14) ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000080)=0x14) close(r1) 413.316293ms ago: executing program 4 (id=7464): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1) getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="8c000000100037042a00"/20, @ANYRES32=r2, @ANYBLOB="83040500000000006c0012800900010069706970000000005c000280060012004e210000060010000f00000008000100", @ANYBLOB="05000a000100"], 0x8c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000) sendmmsg$inet(r0, &(0x7f0000000880)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @empty, @multicast1}}}], 0x20}}], 0x1, 0x4880) 379.004943ms ago: executing program 4 (id=7466): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000380)='./bus\x00', 0x21081e, &(0x7f00000001c0), 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") syz_read_part_table(0x5e2, &(0x7f0000000600)="$eJzs1L9ro3UYAPDnTROTgho5DhxuObjiIFeV3KDDZZAjF7p45ThF/wALGXQoOGSoDWldU/0HlNoK0qU427E0lVIhnUpGKThbXILDK0neSNEKIv2h5fMZ3u/zPt+8z/t8yZME/2vJp59lUVqMUhaWpv7+gbQcEbubozj/7lbt8ezd+befPosoRPds3eFlOiKK4/vvsvyT4nh3rljprR88Ot166fDeUXdmI5ft7+QiWhFJKxfl8xuOZFR31Mu/PDQ3xmRSO81q47i+dPJgYbZ2Z6328Rdvfv1w+b2XH76fDdZO7nLev13dK6+sLtY7zXzjePL7SX9LxwaV/Sx1P1n+U9+ly2mIK/XH9z/5T7rd7rcH77zy7Sev37/V313+PBmnf83WwrV1CgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3HTb1b3yyupivdOsNo7rSycPFmZrdwYR6Ujhw+cnH8yVsqBwse+fns6iaqMUScz03vrmx/TJL1++8Fqh2xtU9svDvTd+OP/pUnKhzXDltqt7w6XeaX4Q+frSyVe32/32IIl4Lolb/eEMTg0HJC1GdCJe/GuB1jU0DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8p609nrs7n3v6LCKJ0pl8Whyvyeg6Nb75OSKy/Fyx0ls/eHS6FYf3jrozG/NZficX0YqIj37aLEe8+n06khXNX9mx+Id+DwAA//9HPn9f") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) truncate(&(0x7f00000000c0)='./file1\x00', 0x8fd) bpf$MAP_CREATE(0x0, 0x0, 0x50) preadv2(r0, &(0x7f0000000100)=[{&(0x7f0000001d00)=""/4096, 0x1000}], 0x1, 0xb, 0x5, 0x8) 292.160735ms ago: executing program 4 (id=7470): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x18) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="120000000d0000000400000002"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, &(0x7f0000000100), &(0x7f00000001c0)=r1}, 0x20) close(r1) 237.851506ms ago: executing program 5 (id=7474): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000080)=0x7, 0x4) syz_emit_ethernet(0x3e, &(0x7f0000000340)={@local, @random="fad1e048716e", @void, {@ipv4={0x800, @udp={{0xa, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@timestamp_addr={0x44, 0x14, 0xa, 0x1, 0x8, [{@broadcast, 0x7ff}, {@multicast2}]}]}}, {0x0, 0x4e20, 0x8}}}}}, 0x0) setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f00000001c0)=0x3f7, 0x4) recvmmsg(r0, &(0x7f0000001980)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0) 237.697886ms ago: executing program 4 (id=7476): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) io_setup(0x6, &(0x7f0000000680)=0x0) io_submit(r3, 0x2, &(0x7f0000000240)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, r2, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x8, 0x3, r2, &(0x7f00000006c0)="5810235a8c132d765b", 0x9, 0x1}]) 220.174606ms ago: executing program 5 (id=7477): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0b000000080000000c0000000100000001000000", @ANYRES32=0x1, @ANYBLOB="0000000600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/17], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38) 200.771577ms ago: executing program 5 (id=7478): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000300)=r1}, 0x20) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) get_robust_list(0x0, &(0x7f0000000400)=0x0, &(0x7f00000004c0)) 184.697827ms ago: executing program 5 (id=7479): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1, 0x0, 0x7}, 0x18) shmdt(0x0) 173.158717ms ago: executing program 2 (id=7480): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = socket(0x10, 0x803, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bdaa, 0xffffffff, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000b40)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r3, {0xc, 0x5}, {}, {0xf, 0x4}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_KEY_ID={0x8, 0x1a, 0x9}, @TCA_FLOWER_KEY_ENC_IPV4_SRC={0x8, 0x1b, @multicast2}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40051}, 0x20040054) 149.670518ms ago: executing program 4 (id=7481): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x26, &(0x7f0000000380)={0x1}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r1, 0x26, &(0x7f0000000380)={0x0, 0x0, 0x103ff}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r2, 0x7, &(0x7f00000006c0)={0x0, 0x0, 0x103ff, 0x1}) 149.073818ms ago: executing program 5 (id=7482): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0000}]}) close_range(r2, 0xffffffffffffffff, 0x0) 129.027388ms ago: executing program 5 (id=7483): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0, r0, 0x0, 0x2}, 0x18) write$P9_RREAD(r1, &(0x7f0000000580)=ANY=[], 0xa0) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7fffeffd) 111.514158ms ago: executing program 1 (id=7484): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x8404, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x1}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1fffffff, 0x0, 0x0, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 81.722699ms ago: executing program 2 (id=7485): ioctl$BLKCRYPTOPREPAREKEY(0xffffffffffffffff, 0xc040128b, 0x0) socket$netlink(0x10, 0x3, 0x10) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, 0x0) bpf$MAP_CREATE(0x700000000000000, &(0x7f0000000180)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x200005, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5}, 0x50) 64.950999ms ago: executing program 1 (id=7486): r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x38, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x9801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r3}]}}}]}, 0x38}}, 0x0) sendto$packet(r0, &(0x7f0000000400)="05d936277c6f5422007f83477ca1b278e3e4018a34e7bfd3de1a00ad6762646c95c716727eb53bcc", 0x5cc, 0x40880, &(0x7f0000000200)={0x11, 0x86dd, r3, 0x1, 0x4, 0x6, @local}, 0x14) 62.833379ms ago: executing program 3 (id=7487): r0 = syz_open_procfs(0x0, &(0x7f0000000640)='net/mcfilter6\x00') preadv(r0, &(0x7f0000000580)=[{&(0x7f0000000280)=""/151, 0x97}], 0x1, 0x8, 0x451) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001"], 0xfdef) 44.89111ms ago: executing program 2 (id=7488): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14f05c71", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 0s ago: executing program 2 (id=7489): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) kernel console output (not intermixed with test programs): 0:0000:0000.000B: unknown main item tag 0x0 [ 146.524695][ T3374] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 146.532139][ T3374] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 146.539762][ T3374] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 146.547248][ T3374] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 146.554668][ T3374] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 146.562177][ T3374] hid-generic 0000:0000:0000.000B: unknown main item tag 0x2 [ 146.563418][T13321] loop4: detected capacity change from 0 to 512 [ 146.573025][ T3374] hid-generic 0000:0000:0000.000B: hidraw0: HID v0.00 Device [syz0] on syz1 [ 146.576550][ T29] audit: type=1400 audit(2000000019.170:4675): avc: denied { remount } for pid=13320 comm="syz.4.4267" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 146.634625][ T29] audit: type=1400 audit(2000000019.220:4676): avc: denied { ioctl } for pid=13322 comm="syz.5.4268" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 146.661913][ T29] audit: type=1400 audit(2000000019.220:4677): avc: denied { create } for pid=13324 comm="syz.2.4269" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 146.681502][ T29] audit: type=1400 audit(2000000019.230:4678): avc: denied { setopt } for pid=13324 comm="syz.2.4269" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 146.710454][T13329] loop1: detected capacity change from 0 to 128 [ 146.719825][T13329] EXT4-fs: Ignoring removed nobh option [ 146.727012][T13329] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 146.740832][T13329] ext4 filesystem being mounted at /922/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 146.779692][ T3302] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 146.820512][T13340] program syz.2.4278 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 146.953692][T13362] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4288'. [ 147.010510][T13367] loop1: detected capacity change from 0 to 1024 [ 147.022923][T13367] EXT4-fs: Ignoring removed orlov option [ 147.028800][T13367] EXT4-fs: Ignoring removed nomblk_io_submit option [ 147.057646][T13373] loop4: detected capacity change from 0 to 512 [ 147.071708][T13379] loop5: detected capacity change from 0 to 128 [ 147.078753][T13379] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 147.079221][T13367] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 147.108416][ T3439] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 147.119243][T13373] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 147.133928][T13373] ext4 filesystem being mounted at /836/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 147.148814][T13373] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.4293: corrupted inode contents [ 147.165312][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.190200][T13373] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #2: comm syz.4.4293: mark_inode_dirty error [ 147.202826][T13373] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.4293: corrupted inode contents [ 147.217935][T13394] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.4293: corrupted inode contents [ 147.231273][T13394] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #2: comm syz.4.4293: mark_inode_dirty error [ 147.243213][T13394] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.4293: corrupted inode contents [ 147.260022][T13394] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.4293: mark_inode_dirty error [ 147.273821][T13394] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.4293: corrupted inode contents [ 147.290438][T13398] ip6_vti0: Caught tx_queue_len zero misconfig [ 147.292639][T13394] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #2: comm syz.4.4293: mark_inode_dirty error [ 147.341537][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.414907][T13416] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=13416 comm=syz.4.4310 [ 147.427519][T13416] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13416 comm=syz.4.4310 [ 147.511013][T13435] netlink: 'syz.1.4319': attribute type 10 has an invalid length. [ 147.527801][T13435] team0: Device hsr_slave_0 failed to register rx_handler [ 147.585051][T13444] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13444 comm=syz.5.4322 [ 147.619085][T13451] SELinux: policydb version 1207 does not match my version range 15-35 [ 147.628328][T13451] SELinux: failed to load policy [ 147.668613][T13459] loop1: detected capacity change from 0 to 164 [ 147.679022][T13459] syz.1.4329: attempt to access beyond end of device [ 147.679022][T13459] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 147.694626][T13459] syz.1.4329: attempt to access beyond end of device [ 147.694626][T13459] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 147.717955][T13465] loop4: detected capacity change from 0 to 128 [ 147.724808][T13465] vfat: Bad value for 'shortname' [ 147.734200][T13463] lo speed is unknown, defaulting to 1000 [ 148.491092][T13550] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 148.598843][T13555] loop5: detected capacity change from 0 to 1024 [ 148.618329][T13555] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 148.635349][T13555] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 148.662831][T12249] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.740363][T13565] netlink: 256 bytes leftover after parsing attributes in process `syz.5.4373'. [ 148.981491][T13595] loop4: detected capacity change from 0 to 164 [ 148.997977][T13593] SELinux: ebitmap: truncated map [ 149.004882][T13593] SELinux: failed to load policy [ 149.071562][T13605] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2621 [ 149.234827][T13624] netlink: del zone limit has 4 unknown bytes [ 149.382822][T13642] loop1: detected capacity change from 0 to 128 [ 149.619665][T13679] netlink: 'syz.1.4424': attribute type 21 has an invalid length. [ 149.622459][T13681] netlink: 'syz.2.4425': attribute type 1 has an invalid length. [ 149.642235][T13681] bond4: entered promiscuous mode [ 149.647625][T13681] 8021q: adding VLAN 0 to HW filter on device bond4 [ 149.669543][T13681] bond4: (slave bridge1): making interface the new active one [ 149.677186][T13681] bridge1: entered promiscuous mode [ 149.685818][T13681] bond4: (slave bridge1): Enslaving as an active interface with an up link [ 149.954799][T13710] __nla_validate_parse: 3 callbacks suppressed [ 149.954820][T13710] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4438'. [ 150.066764][T13721] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4443'. [ 150.201658][T13730] SELinux: failed to load policy [ 150.214170][T13738] atomic_op ffff888119b4cd28 conn xmit_atomic 0000000000000000 [ 150.253492][T13750] program syz.5.4454 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 150.309947][T13753] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4456'. [ 150.398859][T13774] netlink: 'syz.2.4465': attribute type 21 has an invalid length. [ 150.408798][T13774] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4465'. [ 150.419541][T13776] netlink: 'syz.4.4468': attribute type 1 has an invalid length. [ 150.427492][T13776] netlink: 199820 bytes leftover after parsing attributes in process `syz.4.4468'. [ 150.629860][T13803] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4479'. [ 150.822032][T13821] team0: Caught tx_queue_len zero misconfig [ 151.055033][T13854] loop4: detected capacity change from 0 to 128 [ 151.062078][T13854] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 151.153275][T13863] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4505'. [ 151.317215][ T29] kauditd_printk_skb: 179 callbacks suppressed [ 151.317233][ T29] audit: type=1400 audit(2000000023.910:4858): avc: denied { setcurrent } for pid=13879 comm="syz.3.4513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 151.380159][ T29] audit: type=1401 audit(2000000023.910:4859): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t [ 151.397172][ T29] audit: type=1326 audit(2000000023.940:4860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13881 comm="syz.5.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 151.420781][ T29] audit: type=1326 audit(2000000023.940:4861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13881 comm="syz.5.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 151.444315][ T29] audit: type=1326 audit(2000000023.940:4862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13881 comm="syz.5.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 151.468143][ T29] audit: type=1326 audit(2000000023.950:4863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13881 comm="syz.5.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 151.492030][ T29] audit: type=1326 audit(2000000023.950:4864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13881 comm="syz.5.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 151.515587][ T29] audit: type=1326 audit(2000000023.950:4865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13881 comm="syz.5.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 151.539103][ T29] audit: type=1326 audit(2000000023.950:4866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13881 comm="syz.5.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 151.562883][ T29] audit: type=1326 audit(2000000023.950:4867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13881 comm="syz.5.4514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 151.742300][T13912] syz_tun: entered allmulticast mode [ 151.749711][T13911] syz_tun: left allmulticast mode [ 151.789090][T13919] netlink: 'syz.2.4528': attribute type 10 has an invalid length. [ 151.821946][T13919] team0: Device hsr_slave_0 failed to register rx_handler [ 151.912121][T13930] loop2: detected capacity change from 0 to 512 [ 151.922346][T13930] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 151.935924][T13930] EXT4-fs (loop2): 1 truncate cleaned up [ 151.942575][T13930] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.979993][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.025398][T13946] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4539'. [ 152.078445][T13953] netlink: 'syz.3.4543': attribute type 10 has an invalid length. [ 152.121683][T13953] team0: Port device dummy0 added [ 152.144023][T13954] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4542'. [ 152.164872][T13953] netlink: 'syz.3.4543': attribute type 10 has an invalid length. [ 152.198685][T13953] team0: Port device dummy0 removed [ 152.214872][T13953] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 152.303484][T13973] loop3: detected capacity change from 0 to 1024 [ 152.311687][T13973] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 152.322696][T13973] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 152.334916][T13975] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13975 comm=syz.2.4553 [ 152.361698][T13973] JBD2: no valid journal superblock found [ 152.367514][T13973] EXT4-fs (loop3): Could not load journal inode [ 152.396199][T13973] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 152.431176][T13987] syzkaller1: entered promiscuous mode [ 152.436809][T13987] syzkaller1: entered allmulticast mode [ 152.443203][T13985] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=13985 comm=syz.1.4558 [ 152.528024][T14000] netlink: 168 bytes leftover after parsing attributes in process `syz.1.4565'. [ 152.537221][T14000] tipc: Started in network mode [ 152.542141][T14000] tipc: Node identity 0000000000005f120000000000000001, cluster identity 4711 [ 152.551068][T14000] tipc: Enabling of bearer rejected, failed to enable media [ 152.602161][T14012] program syz.4.4571 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 152.621733][T14012] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 152.767413][T14042] IPv6: Can't replace route, no match found [ 152.952814][T14074] program syz.5.4598 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 152.963325][T14074] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 153.018917][T14081] vhci_hcd: invalid port number 0 [ 153.071745][T14091] ip6gre1: entered allmulticast mode [ 153.246022][T14111] rdma_op ffff88814cd05180 conn xmit_rdma 0000000000000000 [ 153.274020][T14115] loop1: detected capacity change from 0 to 512 [ 153.281205][T14115] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 153.291698][T14115] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.4618: invalid block [ 153.303982][T14115] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.4618: invalid indirect mapped block 4294967295 (level 1) [ 153.326493][T14115] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.4618: invalid indirect mapped block 4294967295 (level 1) [ 153.341046][T14115] EXT4-fs (loop1): 2 truncates cleaned up [ 153.348501][T14115] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 153.366981][T14115] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.4618: bg 0: block 5: invalid block bitmap [ 153.439843][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.584113][T14136] loop4: detected capacity change from 0 to 512 [ 153.611814][T14136] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 153.648674][T14136] EXT4-fs (loop4): 1 truncate cleaned up [ 153.656092][T14136] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 153.785338][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.482010][T14171] loop2: detected capacity change from 0 to 1024 [ 154.489040][T14171] EXT4-fs: Ignoring removed orlov option [ 154.494773][T14171] EXT4-fs: Ignoring removed nomblk_io_submit option [ 154.509721][T14171] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 154.546582][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.666510][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 154.720066][T14214] loop5: detected capacity change from 0 to 512 [ 154.756077][T14216] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 154.766001][T14216] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.855343][T14216] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 154.865197][T14216] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.938590][T14216] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 154.948571][T14216] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.989739][T14216] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 154.999618][T14216] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.079273][ T3630] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 155.087733][ T3630] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.104020][ T3630] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 155.112554][ T3630] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.142802][ T3630] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 155.151220][ T3630] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.175004][ T3630] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 155.183351][ T3630] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.256145][T14280] 9pnet: Unknown protocol version 9 [ 155.634331][T14346] loop2: detected capacity change from 0 to 164 [ 155.649313][T14346] syz.2.4709: attempt to access beyond end of device [ 155.649313][T14346] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 155.671644][T14346] syz.2.4709: attempt to access beyond end of device [ 155.671644][T14346] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 155.686872][T14353] loop4: detected capacity change from 0 to 512 [ 155.959723][T14378] lo speed is unknown, defaulting to 1000 [ 156.432084][ T29] kauditd_printk_skb: 120 callbacks suppressed [ 156.432103][ T29] audit: type=1400 audit(2000000029.020:4988): avc: denied { create } for pid=14382 comm="syz.5.4736" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 156.464980][ T29] audit: type=1400 audit(2000000029.060:4989): avc: denied { write } for pid=14382 comm="syz.5.4736" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 156.494208][T14392] loop4: detected capacity change from 0 to 164 [ 156.503614][T14392] syz.4.4727: attempt to access beyond end of device [ 156.503614][T14392] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 156.517727][T14392] syz.4.4727: attempt to access beyond end of device [ 156.517727][T14392] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 156.552009][T14397] loop3: detected capacity change from 0 to 512 [ 156.560693][ T29] audit: type=1326 audit(2000000029.160:4990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14398 comm="syz.4.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 156.584306][ T29] audit: type=1326 audit(2000000029.160:4991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14398 comm="syz.4.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 156.611938][ T29] audit: type=1326 audit(2000000029.160:4992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14398 comm="syz.4.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 156.635614][ T29] audit: type=1326 audit(2000000029.160:4993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14398 comm="syz.4.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 156.659185][ T29] audit: type=1326 audit(2000000029.160:4994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14398 comm="syz.4.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 156.682733][ T29] audit: type=1326 audit(2000000029.180:4995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14398 comm="syz.4.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 156.706685][ T29] audit: type=1326 audit(2000000029.180:4996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14398 comm="syz.4.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 156.730291][ T29] audit: type=1326 audit(2000000029.180:4997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14398 comm="syz.4.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 156.778219][T14402] loop1: detected capacity change from 0 to 1024 [ 156.811561][T14402] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.828391][T14402] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 156.861789][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.888447][T14413] loop4: detected capacity change from 0 to 1764 [ 156.970761][T14423] vhci_hcd: invalid port number 96 [ 156.976134][T14423] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 157.205642][T14449] netlink: 'syz.3.4751': attribute type 1 has an invalid length. [ 157.217340][T14451] __nla_validate_parse: 10 callbacks suppressed [ 157.217360][T14451] netlink: 209560 bytes leftover after parsing attributes in process `syz.4.4748'. [ 157.224599][T14449] bond4: entered promiscuous mode [ 157.240357][T14449] 8021q: adding VLAN 0 to HW filter on device bond4 [ 157.260073][T14449] bond4: (slave bridge1): making interface the new active one [ 157.267856][T14449] bridge1: entered promiscuous mode [ 157.276511][T14449] bond4: (slave bridge1): Enslaving as an active interface with an up link [ 157.363754][T14463] SELinux: security_context_str_to_sid (s) failed with errno=-22 [ 157.374056][T14465] 9pnet: p9_errstr2errno: server reported unknown error 9YTPX: [ 157.411539][T14470] SELinux: failed to load policy [ 157.679692][T14501] SELinux: failed to load policy [ 157.771674][T14512] 9pnet: p9_errstr2errno: server reported unknown error 9YTPX: [ 158.138162][T14536] program syz.2.4787 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 158.487306][T14556] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 158.813953][T14595] loop1: detected capacity change from 0 to 128 [ 158.836424][T14595] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 158.863836][T14595] ext4 filesystem being mounted at /1027/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 158.929980][ T3302] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 159.397328][T14658] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 159.429229][T14662] veth0: Caught tx_queue_len zero misconfig [ 159.784627][T14689] loop2: detected capacity change from 0 to 256 [ 159.792029][T14689] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 160.132752][T14731] syz_tun: entered allmulticast mode [ 160.155106][T14730] syz_tun: left allmulticast mode [ 160.497696][T14781] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 160.542443][T14783] lo speed is unknown, defaulting to 1000 [ 160.629708][T14790] loop4: detected capacity change from 0 to 128 [ 160.640224][T14790] syz.4.4893: attempt to access beyond end of device [ 160.640224][T14790] loop4: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 160.662941][T14790] syz.4.4893: attempt to access beyond end of device [ 160.662941][T14790] loop4: rw=2049, sector=140, nr_sectors = 2 limit=128 [ 160.676542][T14790] Buffer I/O error on dev loop4, logical block 70, lost async page write [ 160.685580][T14790] syz.4.4893: attempt to access beyond end of device [ 160.685580][T14790] loop4: rw=2049, sector=142, nr_sectors = 2 limit=128 [ 160.699085][T14790] Buffer I/O error on dev loop4, logical block 71, lost async page write [ 160.707829][T14790] syz.4.4893: attempt to access beyond end of device [ 160.707829][T14790] loop4: rw=2049, sector=144, nr_sectors = 2 limit=128 [ 160.721340][T14790] Buffer I/O error on dev loop4, logical block 72, lost async page write [ 160.730104][T14790] syz.4.4893: attempt to access beyond end of device [ 160.730104][T14790] loop4: rw=2049, sector=146, nr_sectors = 104 limit=128 [ 160.744669][T14789] syz.4.4893: attempt to access beyond end of device [ 160.744669][T14789] loop4: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 160.758205][T14789] Buffer I/O error on dev loop4, logical block 69, lost async page write [ 160.803448][T14799] netlink: 'syz.5.4896': attribute type 10 has an invalid length. [ 160.824378][T14799] team0: Port device dummy0 added [ 160.852721][T14799] netlink: 'syz.5.4896': attribute type 10 has an invalid length. [ 160.865932][T14799] team0: Port device dummy0 removed [ 160.873218][T14799] dummy0: entered promiscuous mode [ 160.878766][T14799] $H: (slave dummy0): Enslaving as an active interface with an up link [ 160.979821][T14818] syzkaller1: entered promiscuous mode [ 160.985383][T14818] syzkaller1: entered allmulticast mode [ 161.045689][T14825] program syz.5.4904 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 161.055293][T14825] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 161.108416][T14833] loop5: detected capacity change from 0 to 1024 [ 161.116022][T14833] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 161.127195][T14833] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 161.139135][T14835] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14835 comm=syz.4.4909 [ 161.152604][T14833] JBD2: no valid journal superblock found [ 161.158439][T14833] EXT4-fs (loop5): Could not load journal inode [ 161.172817][T14833] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 161.243869][T14844] netlink: 168 bytes leftover after parsing attributes in process `syz.3.4912'. [ 161.253093][T14844] tipc: Started in network mode [ 161.258078][T14844] tipc: Node identity 0000000000005f120000000000000001, cluster identity 4711 [ 161.266993][T14844] tipc: Enabling of bearer rejected, failed to enable media [ 161.357640][T14854] program syz.1.4920 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 161.367556][T14854] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 161.468920][ T29] kauditd_printk_skb: 157 callbacks suppressed [ 161.468940][ T29] audit: type=1326 audit(2000000034.060:5155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14873 comm="syz.5.4927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 161.498724][ T29] audit: type=1326 audit(2000000034.060:5156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14873 comm="syz.5.4927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 161.523597][ T29] audit: type=1400 audit(2000000034.070:5157): avc: denied { ioctl } for pid=14870 comm="syz.4.4928" path="socket:[42395]" dev="sockfs" ino=42395 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 161.548690][ T29] audit: type=1400 audit(2000000034.070:5158): avc: denied { bind } for pid=14870 comm="syz.4.4928" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 161.568938][ T29] audit: type=1326 audit(2000000034.150:5159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14873 comm="syz.5.4927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 161.592516][ T29] audit: type=1326 audit(2000000034.150:5160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14873 comm="syz.5.4927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 161.616237][ T29] audit: type=1326 audit(2000000034.150:5161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14873 comm="syz.5.4927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 161.641724][ T29] audit: type=1326 audit(2000000034.160:5162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14873 comm="syz.5.4927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 161.665409][ T29] audit: type=1326 audit(2000000034.160:5163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14873 comm="syz.5.4927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 161.689349][ T29] audit: type=1326 audit(2000000034.160:5164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14873 comm="syz.5.4927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 161.736025][T14885] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4933'. [ 161.896945][T14911] rdma_op ffff888109d44980 conn xmit_rdma 0000000000000000 [ 161.919862][T14909] vhci_hcd: invalid port number 0 [ 161.958233][T14916] loop4: detected capacity change from 0 to 512 [ 161.965196][T14916] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 161.979127][T14916] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.4949: invalid block [ 161.991989][T14916] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4949: invalid indirect mapped block 4294967295 (level 1) [ 162.007014][T14916] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4949: invalid indirect mapped block 4294967295 (level 1) [ 162.021805][T14916] EXT4-fs (loop4): 2 truncates cleaned up [ 162.028114][T14916] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.044639][T14916] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.4949: bg 0: block 5: invalid block bitmap [ 162.069807][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.166280][T14930] loop4: detected capacity change from 0 to 4096 [ 162.175211][T14930] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.202821][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.239141][T14935] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4957'. [ 162.258172][T14935] bond5: entered promiscuous mode [ 162.263497][T14935] 8021q: adding VLAN 0 to HW filter on device bond5 [ 162.289596][T14935] 8021q: adding VLAN 0 to HW filter on device bond6 [ 162.299324][T14935] bond6: entered promiscuous mode [ 162.305651][T14935] bond5: (slave bond6): Enslaving as an active interface with an up link [ 162.358644][T14947] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4960'. [ 162.529498][T14955] loop3: detected capacity change from 0 to 32768 [ 162.566913][T14955] loop3: p1 p3 < > [ 162.750546][T14978] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4975'. [ 162.776202][T14980] loop3: detected capacity change from 0 to 128 [ 162.786078][T14980] syz.3.4976: attempt to access beyond end of device [ 162.786078][T14980] loop3: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 162.801730][T14980] syz.3.4976: attempt to access beyond end of device [ 162.801730][T14980] loop3: rw=2049, sector=140, nr_sectors = 2 limit=128 [ 162.815300][T14980] Buffer I/O error on dev loop3, logical block 70, lost async page write [ 162.825196][T14980] syz.3.4976: attempt to access beyond end of device [ 162.825196][T14980] loop3: rw=2049, sector=142, nr_sectors = 2 limit=128 [ 162.838680][T14980] Buffer I/O error on dev loop3, logical block 71, lost async page write [ 162.848543][T14980] syz.3.4976: attempt to access beyond end of device [ 162.848543][T14980] loop3: rw=2049, sector=144, nr_sectors = 2 limit=128 [ 162.855523][T14973] netlink: 240 bytes leftover after parsing attributes in process `syz.5.4983'. [ 162.862107][T14980] Buffer I/O error on dev loop3, logical block 72, lost async page write [ 162.881463][T14980] syz.3.4976: attempt to access beyond end of device [ 162.881463][T14980] loop3: rw=2049, sector=146, nr_sectors = 104 limit=128 [ 162.903808][T14979] Buffer I/O error on dev loop3, logical block 69, lost async page write [ 163.024037][T14995] loop5: detected capacity change from 0 to 1024 [ 163.030978][T14995] EXT4-fs: Ignoring removed orlov option [ 163.036856][T14995] EXT4-fs: Ignoring removed nomblk_io_submit option [ 163.048279][T14995] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 163.080813][T12249] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.153315][T15006] loop3: detected capacity change from 0 to 512 [ 163.160560][T15006] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 163.172124][T15006] EXT4-fs (loop3): 1 truncate cleaned up [ 163.179516][T15006] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 163.218346][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.263427][T15015] loop5: detected capacity change from 0 to 128 [ 163.272304][T15014] loop1: detected capacity change from 0 to 512 [ 163.281857][T15014] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 163.292924][T15015] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 163.317765][T15015] ext4 filesystem being mounted at /270/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 163.330432][T15014] EXT4-fs (loop1): 1 truncate cleaned up [ 163.346604][T15014] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 163.379056][T12249] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 163.425403][T15030] netlink: 'syz.3.4994': attribute type 8 has an invalid length. [ 163.433232][T15030] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4994'. [ 163.443545][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.448451][T15030] bond0: entered promiscuous mode [ 163.457761][T15030] bond_slave_0: entered promiscuous mode [ 163.463522][T15030] bond_slave_1: entered promiscuous mode [ 163.486606][T15030] dummy0: entered promiscuous mode [ 163.499788][T15030] veth1_to_bridge: entered promiscuous mode [ 163.508052][T15034] program syz.2.4998 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 163.521985][T15030] ip6gretap0: entered promiscuous mode [ 163.528746][T15030] hsr1: entered promiscuous mode [ 163.582051][T15042] loop3: detected capacity change from 0 to 128 [ 163.599156][T15036] syzkaller0: entered promiscuous mode [ 163.604685][T15036] syzkaller0: entered allmulticast mode [ 163.672930][T15020] loop4: detected capacity change from 0 to 32768 [ 163.738846][T15020] loop4: p1 p3 < > [ 163.802539][T15063] sd 0:0:1:0: device reset [ 163.847833][T15072] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5015'. [ 163.909688][T15074] lo speed is unknown, defaulting to 1000 [ 164.328102][T15095] loop2: detected capacity change from 0 to 32768 [ 164.347546][T15122] program syz.4.5034 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 164.377384][T15095] loop2: p1 p3 < > [ 164.377712][T15127] sd 0:0:1:0: device reset [ 164.419614][T15131] loop4: detected capacity change from 0 to 512 [ 164.459004][T15131] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 164.481984][T15131] ext4 filesystem being mounted at /991/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 164.530028][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.570983][T15145] sd 0:0:1:0: device reset [ 164.585445][T15143] syzkaller0: entered promiscuous mode [ 164.591214][T15143] syzkaller0: entered allmulticast mode [ 164.654399][T15149] loop4: detected capacity change from 0 to 512 [ 164.662261][T15151] SELinux: security policydb version 16 (MLS) not backwards compatible [ 164.671797][T15151] SELinux: failed to load policy [ 164.690939][T15149] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 164.709899][T15149] ext4 filesystem being mounted at /994/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 164.747940][T15149] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 164.772785][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.940460][T15182] netlink: 87 bytes leftover after parsing attributes in process `syz.4.5057'. [ 164.970446][T15161] loop1: detected capacity change from 0 to 32768 [ 164.990235][T15187] pimreg: entered allmulticast mode [ 164.992571][T15189] loop2: detected capacity change from 0 to 512 [ 165.004428][T15187] pimreg: left allmulticast mode [ 165.015869][T15189] ext4 filesystem being mounted at /938/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 165.029016][T15161] loop1: p1 p3 < > [ 165.063147][T15189] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 165.180458][T15217] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5074'. [ 165.189508][T15217] netlink: 120 bytes leftover after parsing attributes in process `syz.5.5074'. [ 165.199833][T15217] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5074'. [ 165.260618][T15226] loop4: detected capacity change from 0 to 2048 [ 165.555582][T15258] lo speed is unknown, defaulting to 1000 [ 165.688801][T15270] loop5: detected capacity change from 0 to 256 [ 165.730861][T15270] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152) [ 165.738894][T15270] FAT-fs (loop5): Filesystem has been set read-only [ 165.758313][T15270] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152) [ 165.767991][T15270] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152) [ 165.775977][T15270] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152) [ 165.826844][T15284] SELinux: security_context_str_to_sid () failed with errno=-22 [ 166.073926][T15317] netlink: 'syz.4.5120': attribute type 30 has an invalid length. [ 166.277333][T15338] SELinux: security_context_str_to_sid () failed with errno=-22 [ 166.448800][T15348] vhci_hcd: invalid port number 96 [ 166.454151][T15348] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 166.486157][ T29] kauditd_printk_skb: 520 callbacks suppressed [ 166.486174][ T29] audit: type=1326 audit(2000000039.070:5685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15310 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1fa3985d67 code=0x7ffc0000 [ 166.516532][ T29] audit: type=1326 audit(2000000039.070:5686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15310 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1fa392af79 code=0x7ffc0000 [ 166.540164][ T29] audit: type=1326 audit(2000000039.070:5687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15310 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f1fa398eec9 code=0x7ffc0000 [ 166.567859][ T29] audit: type=1326 audit(2000000039.120:5688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15310 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1fa3985d67 code=0x7ffc0000 [ 166.591537][ T29] audit: type=1326 audit(2000000039.120:5689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15310 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1fa392af79 code=0x7ffc0000 [ 166.615105][ T29] audit: type=1326 audit(2000000039.120:5690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15310 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f1fa398eec9 code=0x7ffc0000 [ 166.638689][ T29] audit: type=1326 audit(2000000039.130:5691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15310 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1fa3985d67 code=0x7ffc0000 [ 166.662130][ T29] audit: type=1326 audit(2000000039.130:5692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15310 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1fa392af79 code=0x7ffc0000 [ 166.685656][ T29] audit: type=1326 audit(2000000039.130:5693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15310 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f1fa398eec9 code=0x7ffc0000 [ 166.709205][ T29] audit: type=1326 audit(2000000039.150:5694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15310 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1fa3985d67 code=0x7ffc0000 [ 166.790165][T15365] netlink: 'syz.2.5140': attribute type 30 has an invalid length. [ 166.954364][T15385] loop3: detected capacity change from 0 to 256 [ 167.059454][T15385] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152) [ 167.067419][T15385] FAT-fs (loop3): Filesystem has been set read-only [ 167.084220][T15385] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152) [ 167.094483][T15385] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152) [ 167.102778][T15385] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152) [ 167.227120][T15412] random: crng reseeded on system resumption [ 167.257525][T15412] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 167.268458][T15412] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 167.341047][T15432] netlink: 'syz.1.5173': attribute type 30 has an invalid length. [ 167.388455][T15434] loop4: detected capacity change from 0 to 256 [ 167.469016][T15452] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 167.480375][T15449] IPVS: stopping master sync thread 15452 ... [ 167.483049][T15434] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152) [ 167.494354][T15434] FAT-fs (loop4): Filesystem has been set read-only [ 167.503008][T15434] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152) [ 167.510968][T15434] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152) [ 167.532598][T15434] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152) [ 167.555349][T15456] __nla_validate_parse: 8 callbacks suppressed [ 167.555366][T15456] netlink: 96 bytes leftover after parsing attributes in process `syz.1.5186'. [ 167.662453][T15476] loop9: detected capacity change from 0 to 7 [ 167.669445][T15476] Buffer I/O error on dev loop9, logical block 0, async page read [ 167.677576][T15476] Buffer I/O error on dev loop9, logical block 0, async page read [ 167.685491][T15476] loop9: unable to read partition table [ 167.691593][T15476] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 167.691593][T15476] ) failed (rc=-5) [ 167.711251][T15482] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 167.723775][T15480] IPVS: stopping master sync thread 15482 ... [ 167.759161][T15487] loop1: detected capacity change from 0 to 256 [ 167.808163][T15496] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5205'. [ 167.848576][T15487] FAT-fs (loop1): error, corrupted file size (i_pos 196, 2097152) [ 167.856670][T15487] FAT-fs (loop1): Filesystem has been set read-only [ 167.874132][T15487] FAT-fs (loop1): error, corrupted file size (i_pos 196, 2097152) [ 167.886738][T15506] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 167.899304][T15504] IPVS: stopping master sync thread 15506 ... [ 167.899944][T15487] FAT-fs (loop1): error, corrupted file size (i_pos 196, 2097152) [ 167.915928][T15487] FAT-fs (loop1): error, corrupted file size (i_pos 196, 2097152) [ 167.917099][T15509] loop9: detected capacity change from 0 to 7 [ 167.954338][T15509] Buffer I/O error on dev loop9, logical block 0, async page read [ 167.962447][T15509] Buffer I/O error on dev loop9, logical block 0, async page read [ 167.970453][T15509] loop9: unable to read partition table [ 167.976340][T15509] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 167.976340][T15509] ) failed (rc=-5) [ 168.024014][T15519] IPVS: stopping master sync thread 15522 ... [ 168.031806][T15522] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 168.394482][T15536] random: crng reseeded on system resumption [ 168.411350][T15536] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 168.488977][T15536] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 169.047440][T15568] SELinux: failed to load policy [ 169.091738][T15577] netlink: 'syz.2.5241': attribute type 4 has an invalid length. [ 169.178576][T15580] serio: Serial port ptm0 [ 169.197683][T15578] netlink: 'syz.2.5241': attribute type 4 has an invalid length. [ 169.413716][T15609] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5254'. [ 169.461543][T15609] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5254'. [ 169.680915][T15640] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5268'. [ 169.880510][T15675] loop3: detected capacity change from 0 to 1024 [ 169.895520][T15675] EXT4-fs: Ignoring removed orlov option [ 169.908244][T15675] EXT4-fs mount: 4 callbacks suppressed [ 169.908258][T15675] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.929516][T15675] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5285'. [ 169.952208][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.973759][T15687] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5288'. [ 169.993684][T15693] rdma_op ffff88810c53c180 conn xmit_rdma 0000000000000000 [ 170.042922][T15700] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5295'. [ 170.052111][T15700] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5295'. [ 170.065610][T15700] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5295'. [ 170.085070][T15706] rdma_op ffff88810c53c180 conn xmit_rdma 0000000000000000 [ 170.134956][T15713] loop1: detected capacity change from 0 to 1024 [ 170.144443][T15713] EXT4-fs: Ignoring removed orlov option [ 170.145046][T15716] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125 [ 170.159074][T15713] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.186713][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.565081][T15745] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2621 [ 170.578733][T15743] loop5: detected capacity change from 0 to 8192 [ 170.734863][T15769] SELinux: policydb version 0 does not match my version range 15-35 [ 170.761670][T15769] SELinux: failed to load policy [ 170.810346][T15781] rdma_op ffff88810c53d580 conn xmit_rdma 0000000000000000 [ 171.647567][T15851] netlink: 'syz.5.5362': attribute type 3 has an invalid length. [ 172.326232][ T29] kauditd_printk_skb: 266 callbacks suppressed [ 172.326249][ T29] audit: type=1400 audit(2000000044.910:5961): avc: denied { mounton } for pid=15875 comm="syz.1.5374" path="/syzcgroup/net/syz1/devices.allow" dev="cgroup" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1 [ 172.357489][T15876] SELinux: security_context_str_to_sid () failed with errno=-22 [ 172.538270][T15892] SELinux: failed to load policy [ 172.594896][ T29] audit: type=1400 audit(2000000045.180:5962): avc: denied { create } for pid=15905 comm="syz.4.5388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 172.627949][T15910] __nla_validate_parse: 8 callbacks suppressed [ 172.627966][T15910] netlink: 100 bytes leftover after parsing attributes in process `syz.2.5390'. [ 172.681625][ T29] audit: type=1400 audit(2000000045.260:5963): avc: denied { write } for pid=15905 comm="syz.4.5388" path="socket:[45650]" dev="sockfs" ino=45650 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 172.808164][ T29] audit: type=1400 audit(2000000045.400:5964): avc: denied { bind } for pid=15927 comm="syz.5.5399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 172.900889][T15941] netlink: 64 bytes leftover after parsing attributes in process `syz.3.5404'. [ 173.026708][ T29] audit: type=1400 audit(2000000045.610:5965): avc: denied { ioctl } for pid=15952 comm="syz.2.5411" path="socket:[45750]" dev="sockfs" ino=45750 ioctlcmd=0x48d2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 173.215592][T15987] loop4: detected capacity change from 0 to 512 [ 173.242436][T15993] loop5: detected capacity change from 0 to 128 [ 173.258836][ T29] audit: type=1400 audit(2000000045.850:5966): avc: denied { watch watch_reads } for pid=15990 comm="syz.5.5429" path="/361/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop5" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1 [ 173.310157][T16001] sd 0:0:1:0: device reset [ 173.314895][T15987] Quota error (device loop4): v2_read_file_info: Free block number 1 out of range (1, 6). [ 173.325522][T15987] EXT4-fs warning (device loop4): ext4_enable_quotas:7178: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 173.343167][T15987] EXT4-fs (loop4): mount failed [ 173.485624][T16024] loop3: detected capacity change from 0 to 1764 [ 173.503192][T16029] loop1: detected capacity change from 0 to 128 [ 173.549353][T16034] sit0: Caught tx_queue_len zero misconfig [ 173.579720][ T29] audit: type=1326 audit(2000000046.170:5967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16037 comm="syz.3.5448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 173.646756][T16043] loop3: detected capacity change from 0 to 512 [ 173.650898][ T29] audit: type=1326 audit(2000000046.200:5968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16037 comm="syz.3.5448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 173.676648][ T29] audit: type=1326 audit(2000000046.200:5969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16037 comm="syz.3.5448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 173.736351][T16052] SELinux: Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped). [ 173.747389][T16043] EXT4-fs warning (device loop3): ext4_enable_quotas:7178: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 173.774666][T16043] EXT4-fs (loop3): mount failed [ 173.931855][T16077] netlink: 20 bytes leftover after parsing attributes in process `+}[@'. [ 173.979076][T16063] loop3: detected capacity change from 0 to 32768 [ 174.003481][T16083] SELinux: policydb version 0 does not match my version range 15-35 [ 174.012001][T16083] SELinux: failed to load policy [ 174.017062][T16063] loop3: p1 p3 < > [ 174.339690][T16093] loop3: detected capacity change from 0 to 764 [ 174.347300][T16093] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 174.355596][T16096] loop5: detected capacity change from 0 to 512 [ 174.371195][T16096] EXT4-fs warning (device loop5): ext4_enable_quotas:7178: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 174.390232][T16096] EXT4-fs (loop5): mount failed [ 174.590924][T16123] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 174.608285][T16123] vhci_hcd: invalid port number 253 [ 174.618133][T16125] loop5: detected capacity change from 0 to 764 [ 174.626694][T16125] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 174.649020][T16127] loop4: detected capacity change from 0 to 512 [ 174.684765][T16133] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5491'. [ 174.712477][T16127] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 174.746654][T16127] ext4 filesystem being mounted at /1113/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 174.761735][T16138] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5491'. [ 174.789156][T16142] loop1: detected capacity change from 0 to 128 [ 174.809416][T16142] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 174.844289][T16142] ext4 filesystem being mounted at /1140/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 174.877734][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.908416][T16150] IPv6: Can't replace route, no match found [ 174.990822][ T3302] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 175.023402][T16167] netlink: 51 bytes leftover after parsing attributes in process `syz.4.5506'. [ 175.057864][T16175] random: crng reseeded on system resumption [ 175.090756][T16177] loop1: detected capacity change from 0 to 1024 [ 175.105682][T16177] EXT4-fs error (device loop1): ext4_acquire_dquot:6943: comm syz.1.5510: Failed to acquire dquot type 0 [ 175.117954][T16177] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 175.133289][T16177] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #13: comm syz.1.5510: corrupted inode contents [ 175.146048][T16177] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #13: comm syz.1.5510: mark_inode_dirty error [ 175.167887][T16177] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #13: comm syz.1.5510: corrupted inode contents [ 175.181031][T16177] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #13: comm syz.1.5510: mark_inode_dirty error [ 175.194790][T16177] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #13: comm syz.1.5510: corrupted inode contents [ 175.213717][T16177] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 175.222604][T16177] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #13: comm syz.1.5510: corrupted inode contents [ 175.264057][T16193] loop3: detected capacity change from 0 to 1024 [ 175.273068][T16177] EXT4-fs error (device loop1): ext4_truncate:4666: inode #13: comm syz.1.5510: mark_inode_dirty error [ 175.287245][T16193] EXT4-fs: Ignoring removed nomblk_io_submit option [ 175.294217][T16177] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 175.308337][T16177] EXT4-fs (loop1): 1 truncate cleaned up [ 175.314650][T16177] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 175.330299][T16193] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 175.338622][T16193] System zones: 0-1, 3-36 [ 175.344217][T16200] 9p: Unknown access argument : -22 [ 175.344419][T16193] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 175.387484][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.397468][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.475665][T16217] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5528'. [ 175.485577][T16217] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5528'. [ 175.569992][T16230] netlink: 'syz.4.5533': attribute type 298 has an invalid length. [ 176.006891][T16274] loop2: detected capacity change from 0 to 32768 [ 176.066895][T16274] loop2: p1 p3 < > [ 176.173775][T16298] loop4: detected capacity change from 0 to 1024 [ 176.180541][T16298] EXT4-fs: Ignoring removed nomblk_io_submit option [ 176.188705][T16298] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 176.196921][T16298] System zones: 0-1, 3-36 [ 176.202105][T16298] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.230835][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.464494][T16327] SELinux: failed to load policy [ 176.487139][T16334] loop2: detected capacity change from 0 to 512 [ 176.495562][T16334] EXT4-fs: Ignoring removed bh option [ 176.518543][T16334] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.533514][T16334] ext4 filesystem being mounted at /1035/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 176.549536][T16334] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5582'. [ 176.571527][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.629713][T16354] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5591'. [ 176.849938][T16401] loop3: detected capacity change from 0 to 128 [ 176.888863][T16401] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 176.913101][T16401] ext4 filesystem being mounted at /1103/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 176.978359][ T3309] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 177.062839][T16431] SELinux: failed to load policy [ 177.185628][T16448] rdma_op ffff888106dd6d80 conn xmit_rdma 0000000000000000 [ 177.328006][T16462] netlink: 'syz.5.5638': attribute type 5 has an invalid length. [ 177.335929][T16462] netlink: 'syz.5.5638': attribute type 2 has an invalid length. [ 177.343772][T16462] netlink: 'syz.5.5638': attribute type 1 has an invalid length. [ 177.351629][T16462] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.359197][T16462] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.366308][T16462] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.376544][ T29] kauditd_printk_skb: 104 callbacks suppressed [ 177.376561][ T29] audit: type=1326 audit(2000000049.960:6070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16456 comm="syz.5.5634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 177.511951][ T23] kernel write not supported for file /2423/oom_adj (pid: 23 comm: kworker/1:0) [ 177.693519][ T1035] kernel write not supported for file /864/oom_adj (pid: 1035 comm: kworker/0:2) [ 177.791284][ T29] audit: type=1326 audit(2000000050.380:6071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16500 comm="syz.1.5654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa398eec9 code=0x7ffc0000 [ 177.814894][ T29] audit: type=1326 audit(2000000050.380:6072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16500 comm="syz.1.5654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f1fa398eec9 code=0x7ffc0000 [ 177.838379][ T29] audit: type=1326 audit(2000000050.380:6073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16500 comm="syz.1.5654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa398eec9 code=0x7ffc0000 [ 177.851614][T16497] SELinux: failed to load policy [ 177.862092][ T29] audit: type=1326 audit(2000000050.380:6074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16500 comm="syz.1.5654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7f1fa398eec9 code=0x7ffc0000 [ 177.890521][ T29] audit: type=1326 audit(2000000050.380:6075): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16500 comm="syz.1.5654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa398eec9 code=0x7ffc0000 [ 178.019858][T16512] __nla_validate_parse: 6 callbacks suppressed [ 178.019880][T16512] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5660'. [ 178.080193][ T29] audit: type=1326 audit(2000000050.560:6076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16507 comm="syz.2.5658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1be8fdeec9 code=0x7ffc0000 [ 178.103889][ T29] audit: type=1326 audit(2000000050.560:6077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16507 comm="syz.2.5658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1be8fdeec9 code=0x7ffc0000 [ 178.127699][ T29] audit: type=1326 audit(2000000050.560:6078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16507 comm="syz.2.5658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1be8fdeec9 code=0x7ffc0000 [ 178.151240][ T29] audit: type=1326 audit(2000000050.560:6079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16507 comm="syz.2.5658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f1be8fdeec9 code=0x7ffc0000 [ 178.205359][T16530] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5668'. [ 178.272723][T16542] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5673'. [ 178.362700][T16555] netlink: 'syz.5.5679': attribute type 10 has an invalid length. [ 178.404947][T16560] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5681'. [ 178.430951][T16560] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5681'. [ 178.506984][T16571] usb usb1: usbfs: process 16571 (syz.5.5687) did not claim interface 0 before use [ 178.574276][T16587] loop3: detected capacity change from 0 to 512 [ 178.589644][T16590] netlink: 96 bytes leftover after parsing attributes in process `syz.5.5696'. [ 178.600899][T16587] EXT4-fs warning (device loop3): ext4_enable_quotas:7178: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 178.611134][T16595] loop1: detected capacity change from 0 to 512 [ 178.625662][T16587] EXT4-fs (loop3): mount failed [ 178.666386][T16595] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 178.682203][T16595] ext4 filesystem being mounted at /1168/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 178.725186][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.783253][T16612] vlan0: entered allmulticast mode [ 178.897760][T16629] SELinux: failed to load policy [ 179.257571][T16657] loop2: detected capacity change from 0 to 2048 [ 179.280074][T16657] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 179.312029][T16657] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 179.327385][T16667] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5729'. [ 179.348006][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.397014][T16672] netlink: 'syz.2.5731': attribute type 10 has an invalid length. [ 179.429545][T16672] dummy0: entered promiscuous mode [ 179.439641][T16672] $H: (slave dummy0): Enslaving as an active interface with an up link [ 179.537184][T16692] SELinux: failed to load policy [ 179.668888][T16715] netlink: 'syz.3.5752': attribute type 10 has an invalid length. [ 179.712195][T16722] netlink: 'syz.4.5751': attribute type 1 has an invalid length. [ 179.750997][T16726] vlan2: entered allmulticast mode [ 179.966932][T16757] netlink: 9286 bytes leftover after parsing attributes in process `syz.1.5771'. [ 179.981899][T16760] loop4: detected capacity change from 0 to 164 [ 179.997855][T16760] isofs_fill_super: root inode is not a directory. Corrupted media? [ 180.130042][ T3374] kernel write not supported for file /register (pid: 3374 comm: kworker/0:3) [ 180.198481][T16788] IPv6: Can't replace route, no match found [ 180.338201][ T23] kernel write not supported for file /register (pid: 23 comm: kworker/1:0) [ 180.413201][T16827] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5802'. [ 180.608146][T16853] netlink: 'syz.4.5814': attribute type 4 has an invalid length. [ 180.643683][T16856] loop5: detected capacity change from 0 to 164 [ 180.658826][T16857] netlink: 'syz.4.5814': attribute type 4 has an invalid length. [ 180.692374][T16856] isofs_fill_super: root inode is not a directory. Corrupted media? [ 180.858680][T16880] netlink: 'syz.5.5823': attribute type 1 has an invalid length. [ 181.080567][T16903] bridge2: entered promiscuous mode [ 181.133990][T16914] pim6reg1: entered promiscuous mode [ 181.139498][T16914] pim6reg1: entered allmulticast mode [ 181.361907][T16937] loop2: detected capacity change from 0 to 736 [ 181.420398][T16945] bridge2: entered promiscuous mode [ 181.432172][T16947] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5855'. [ 181.530582][T16962] lo speed is unknown, defaulting to 1000 [ 181.657634][T16962] netlink: 'syz.5.5862': attribute type 17 has an invalid length. [ 181.687526][T16962] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 181.735551][T16979] bridge2: entered promiscuous mode [ 181.923982][T17001] loop1: detected capacity change from 0 to 512 [ 181.957170][T17001] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 181.976120][T17001] ext4 filesystem being mounted at /1207/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 182.057710][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.184353][T17049] loop3: detected capacity change from 0 to 512 [ 182.199550][T17049] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 182.214438][T17049] ext4 filesystem being mounted at /1179/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 182.245720][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.377817][T17074] loop1: detected capacity change from 0 to 2048 [ 182.530311][T17082] loop1: detected capacity change from 0 to 736 [ 182.683423][ T29] kauditd_printk_skb: 288 callbacks suppressed [ 182.683443][ T29] audit: type=1326 audit(2000000055.270:6367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17098 comm="syz.4.5923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 182.714631][ T29] audit: type=1326 audit(2000000055.290:6368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17098 comm="syz.4.5923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 182.738202][ C1] vcan0: j1939_tp_rxtimer: 0xffff8881033c6000: rx timeout, send abort [ 182.746421][ T29] audit: type=1326 audit(2000000055.290:6369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17098 comm="syz.4.5923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 182.746602][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8881033c6000: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 182.784506][ T29] audit: type=1326 audit(2000000055.290:6370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17098 comm="syz.4.5923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 182.808249][ T29] audit: type=1326 audit(2000000055.290:6371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17098 comm="syz.4.5923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 182.810978][T17103] vhci_hcd: invalid port number 96 [ 182.832651][ T29] audit: type=1326 audit(2000000055.290:6372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17098 comm="syz.4.5923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 182.838220][T17103] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 182.861347][ T29] audit: type=1326 audit(2000000055.290:6373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17098 comm="syz.4.5923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 182.891917][ T29] audit: type=1326 audit(2000000055.300:6374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17098 comm="syz.4.5923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 182.915969][ T29] audit: type=1326 audit(2000000055.300:6375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17098 comm="syz.4.5923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 182.939736][ T29] audit: type=1326 audit(2000000055.300:6376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17098 comm="syz.4.5923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 182.964047][T17107] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17107 comm=syz.2.5925 [ 182.976690][T17107] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=17107 comm=syz.2.5925 [ 183.054384][T17119] __nla_validate_parse: 4 callbacks suppressed [ 183.054401][T17119] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5932'. [ 183.069790][T17119] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5932'. [ 183.078884][T17119] netlink: 'syz.2.5932': attribute type 18 has an invalid length. [ 183.089316][T17119] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5932'. [ 183.098426][T17119] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5932'. [ 183.107462][T17119] netlink: 'syz.2.5932': attribute type 18 has an invalid length. [ 183.444441][T17156] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17156 comm=syz.1.5950 [ 183.457243][T17156] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=17156 comm=syz.1.5950 [ 183.482169][T17158] lo speed is unknown, defaulting to 1000 [ 183.612969][T17169] lo speed is unknown, defaulting to 1000 [ 183.630318][ T3374] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=3374 comm=kworker/0:3 [ 183.646362][T17175] 9pnet: p9_errstr2errno: server reported unknown error 18446 [ 183.881536][T17158] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5951'. [ 183.897188][T17158] netlink: 'syz.3.5951': attribute type 17 has an invalid length. [ 183.906685][T17158] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 183.939177][T17214] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5975'. [ 183.948307][T17214] netlink: 212 bytes leftover after parsing attributes in process `syz.4.5975'. [ 184.029983][T17224] loop4: detected capacity change from 0 to 512 [ 184.043124][T17224] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.5979: bad orphan inode 15 [ 184.054776][T17224] ext4_test_bit(bit=14, block=5) = 0 [ 184.061677][T17224] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 184.075746][T17224] EXT4-fs error (device loop4): __ext4_new_inode:1073: comm syz.4.5979: reserved inode found cleared - inode=1 [ 184.135370][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.287425][T17253] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5990'. [ 184.296570][T17253] netlink: 212 bytes leftover after parsing attributes in process `syz.5.5990'. [ 184.340345][T17259] loop9: detected capacity change from 0 to 7 [ 184.347604][T17259] Buffer I/O error on dev loop9, logical block 0, async page read [ 184.355727][T17259] Buffer I/O error on dev loop9, logical block 0, async page read [ 184.363634][T17259] loop9: unable to read partition table [ 184.369597][T17259] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 184.369597][T17259] ) failed (rc=-5) [ 184.405562][T17262] lo speed is unknown, defaulting to 1000 [ 184.883622][T17324] loop4: detected capacity change from 0 to 512 [ 184.899060][T17324] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002] [ 184.913270][T17324] System zones: 0-2, 18-18, 34-35 [ 184.916910][T17328] lo speed is unknown, defaulting to 1000 [ 184.921388][T17324] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 184.939603][T17324] ext4 filesystem being mounted at /1227/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 184.970272][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.138525][T17355] netlink: 96 bytes leftover after parsing attributes in process `syz.4.6035'. [ 185.229299][T17368] loop3: detected capacity change from 0 to 512 [ 185.243214][T17372] program syz.5.6041 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 185.262149][T17368] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.6044: bad orphan inode 15 [ 185.272652][T17368] ext4_test_bit(bit=14, block=5) = 0 [ 185.288868][T17368] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 185.302042][T17378] loop5: detected capacity change from 0 to 512 [ 185.308732][T17380] SELinux: failed to load policy [ 185.317456][T17368] EXT4-fs error (device loop3): __ext4_new_inode:1073: comm syz.3.6044: reserved inode found cleared - inode=1 [ 185.348835][T17378] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002] [ 185.358765][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.383526][T17378] System zones: 0-2, 18-18, 34-35 [ 185.399462][T17378] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 185.426723][T17378] ext4 filesystem being mounted at /491/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 185.482436][T12249] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.521645][T17404] netlink: 'syz.5.6056': attribute type 4 has an invalid length. [ 185.648790][T17420] netlink: 'syz.2.6066': attribute type 153 has an invalid length. [ 185.670171][T17423] loop3: detected capacity change from 0 to 512 [ 185.701807][T17423] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002] [ 185.719343][T17423] System zones: 0-2, 18-18, 34-35 [ 185.725475][T17423] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 185.739989][T17423] ext4 filesystem being mounted at /1201/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 185.776751][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.820789][T17437] sg_write: data in/out 987/8 bytes for SCSI command 0xfd-- guessing data in; [ 185.820789][T17437] program syz.1.6073 not setting count and/or reply_len properly [ 185.997155][T17467] netlink: 'syz.4.6084': attribute type 16 has an invalid length. [ 186.160838][T17484] SELinux: failed to load policy [ 186.237718][T17496] loop2: detected capacity change from 0 to 512 [ 186.301109][T17501] netlink: 'syz.1.6102': attribute type 153 has an invalid length. [ 186.402689][T17524] sd 0:0:1:0: device reset [ 186.420819][T17526] loop4: detected capacity change from 0 to 1024 [ 186.427842][T17526] EXT4-fs: Ignoring removed orlov option [ 186.434156][T17526] EXT4-fs: Ignoring removed nobh option [ 186.439875][T17526] EXT4-fs: Ignoring removed bh option [ 186.450410][T17526] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 186.490162][T17526] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.6114: Allocating blocks 481-513 which overlap fs metadata [ 186.591131][T17526] EXT4-fs (loop4): pa ffff8881072077e0: logic 352, phys. 465, len 3 [ 186.599323][T17526] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1 [ 186.694133][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.898247][T17584] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 186.904879][T17584] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 186.912431][T17584] vhci_hcd vhci_hcd.0: Device attached [ 186.921473][T17586] vhci_hcd: connection closed [ 186.921752][ T3624] vhci_hcd: stop threads [ 186.930822][ T3624] vhci_hcd: release socket [ 186.935258][ T3624] vhci_hcd: disconnect device [ 187.212883][T17605] loop1: detected capacity change from 0 to 1024 [ 187.219839][T17605] EXT4-fs: Ignoring removed orlov option [ 187.225593][T17605] EXT4-fs: Ignoring removed nobh option [ 187.231238][T17605] EXT4-fs: Ignoring removed bh option [ 187.258760][T17605] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 187.276507][T17605] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.6147: Allocating blocks 481-513 which overlap fs metadata [ 187.308249][T17605] EXT4-fs (loop1): pa ffff8881055483f0: logic 352, phys. 465, len 3 [ 187.316383][T17605] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1 [ 187.357378][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.486121][T17634] syzkaller1: tun_chr_ioctl cmd 1074025678 [ 187.492241][T17634] syzkaller1: group set to 0 [ 187.506058][T17637] lo speed is unknown, defaulting to 1000 [ 187.781619][T17662] netlink: 'syz.1.6173': attribute type 6 has an invalid length. [ 187.799208][ T29] kauditd_printk_skb: 93 callbacks suppressed [ 187.799227][ T29] audit: type=1326 audit(2000000060.390:6470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17665 comm="syz.4.6175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 187.831282][ T29] audit: type=1326 audit(2000000060.390:6471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17665 comm="syz.4.6175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 187.854972][ T29] audit: type=1326 audit(2000000060.390:6472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17665 comm="syz.4.6175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 187.879053][ T29] audit: type=1326 audit(2000000060.390:6473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17665 comm="syz.4.6175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 187.902656][ T29] audit: type=1326 audit(2000000060.390:6474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17665 comm="syz.4.6175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 187.926302][ T29] audit: type=1326 audit(2000000060.390:6475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17665 comm="syz.4.6175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 187.949895][ T29] audit: type=1326 audit(2000000060.390:6476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17665 comm="syz.4.6175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 187.973520][ T29] audit: type=1326 audit(2000000060.390:6477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17665 comm="syz.4.6175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 187.997297][ T29] audit: type=1326 audit(2000000060.500:6478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17665 comm="syz.4.6175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 188.021000][ T29] audit: type=1326 audit(2000000060.520:6479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17665 comm="syz.4.6175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f536b8feec9 code=0x7ffc0000 [ 188.050687][T17671] netlink: 'syz.2.6177': attribute type 10 has an invalid length. [ 188.059368][T17671] team0: Device hsr_slave_0 failed to register rx_handler [ 188.413769][T17731] __nla_validate_parse: 8 callbacks suppressed [ 188.413787][T17731] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6205'. [ 188.465354][T17739] loop5: detected capacity change from 0 to 512 [ 188.498890][T17739] EXT4-fs warning (device loop5): ext4_enable_quotas:7178: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 188.521245][T17739] EXT4-fs (loop5): mount failed [ 188.544681][T17751] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6215'. [ 188.553813][T17751] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6215'. [ 188.574960][T17753] SELinux: security policydb version 16 (MLS) not backwards compatible [ 188.585184][T17753] SELinux: failed to load policy [ 188.712146][T17783] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6228'. [ 188.721253][T17783] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6228'. [ 188.736019][T17783] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6228'. [ 188.745087][T17783] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6228'. [ 188.838479][T17796] uprobe: syz.5.6231:17796 failed to unregister, leaking uprobe [ 188.984544][T17802] netlink: 'syz.3.6237': attribute type 1 has an invalid length. [ 188.992480][T17802] netlink: 199820 bytes leftover after parsing attributes in process `syz.3.6237'. [ 189.018189][T17813] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6241'. [ 189.250520][T17831] netdevsim netdevsim5: Direct firmware load for .. failed with error -2 [ 189.297295][T17838] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6255'. [ 189.379516][T17845] batadv_slave_1: entered promiscuous mode [ 189.386344][T17844] batadv_slave_1: left promiscuous mode [ 189.658574][T17891] netlink: 'syz.4.6273': attribute type 1 has an invalid length. [ 189.837627][T17919] lo speed is unknown, defaulting to 1000 [ 190.030562][T17937] batadv_slave_1: entered promiscuous mode [ 190.045494][T17936] batadv_slave_1: left promiscuous mode [ 190.382177][T17950] program syz.1.6295 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 190.459536][T17965] netlink: 'syz.2.6300': attribute type 9 has an invalid length. [ 190.467843][T17965] netlink: 'syz.2.6300': attribute type 6 has an invalid length. [ 190.721571][T18004] netlink: 'syz.4.6318': attribute type 9 has an invalid length. [ 190.729488][T18004] netlink: 'syz.4.6318': attribute type 6 has an invalid length. [ 190.849319][T18024] batadv1: entered promiscuous mode [ 190.854654][T18024] batadv1: entered allmulticast mode [ 190.972750][T18040] sctp: [Deprecated]: syz.4.6342 (pid 18040) Use of struct sctp_assoc_value in delayed_ack socket option. [ 190.972750][T18040] Use struct sctp_sack_info instead [ 191.026840][T18043] netlink: 'syz.1.6333': attribute type 9 has an invalid length. [ 191.034653][T18043] netlink: 'syz.1.6333': attribute type 6 has an invalid length. [ 191.201718][T18069] netlink: 'syz.5.6346': attribute type 9 has an invalid length. [ 191.209681][T18069] netlink: 'syz.5.6346': attribute type 6 has an invalid length. [ 191.315137][T18083] rdma_op ffff88811a45fd80 conn xmit_rdma 0000000000000000 [ 191.611796][T18105] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0 [ 191.611897][T18102] IPVS: stopping backup sync thread 18105 ... [ 191.674196][T18104] netlink: 'syz.5.6359': attribute type 3 has an invalid length. [ 191.704958][T18113] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 191.843159][T18133] loop1: detected capacity change from 0 to 2048 [ 191.882010][T18133] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 191.899084][T18145] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 191.943688][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.172088][T18172] loop3: detected capacity change from 0 to 512 [ 192.216284][T18172] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 192.252695][T18172] ext4 filesystem being mounted at /1265/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 192.283755][T18172] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 192.310444][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.597034][T18216] ALSA: seq fatal error: cannot create timer (-19) [ 192.921396][ T29] kauditd_printk_skb: 149 callbacks suppressed [ 192.921414][ T29] audit: type=1326 audit(2000000065.510:6628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18275 comm="syz.5.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 192.981446][ T29] audit: type=1326 audit(2000000065.510:6629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18275 comm="syz.5.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 193.005081][ T29] audit: type=1326 audit(2000000065.510:6630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18275 comm="syz.5.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 193.028675][ T29] audit: type=1326 audit(2000000065.510:6631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18275 comm="syz.5.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 193.052211][ T29] audit: type=1326 audit(2000000065.510:6632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18275 comm="syz.5.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 193.061910][T18278] netlink: 'syz.4.6442': attribute type 1 has an invalid length. [ 193.075958][ T29] audit: type=1326 audit(2000000065.510:6633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18275 comm="syz.5.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 193.107296][ T29] audit: type=1326 audit(2000000065.510:6634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18275 comm="syz.5.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 193.130939][ T29] audit: type=1326 audit(2000000065.510:6635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18275 comm="syz.5.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 193.154579][ T29] audit: type=1326 audit(2000000065.510:6636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18275 comm="syz.5.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 193.178087][ T29] audit: type=1326 audit(2000000065.510:6637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18275 comm="syz.5.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 193.391575][T18318] loop1: detected capacity change from 0 to 1024 [ 193.398894][T18318] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 193.409943][T18318] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 193.420965][T18318] JBD2: no valid journal superblock found [ 193.426796][T18318] EXT4-fs (loop1): Could not load journal inode [ 193.436808][T18318] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 193.503855][T18332] __nla_validate_parse: 11 callbacks suppressed [ 193.503876][T18332] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6466'. [ 193.628733][T18347] netlink: 100 bytes leftover after parsing attributes in process `syz.2.6472'. [ 193.686394][T18354] tmpfs: Bad value for 'mpol' [ 194.226188][T18366] netlink: 268 bytes leftover after parsing attributes in process `syz.3.6482'. [ 194.398947][T18396] netlink: 64 bytes leftover after parsing attributes in process `syz.5.6496'. [ 194.597843][T18433] loop4: detected capacity change from 0 to 128 [ 194.609266][T18433] bio_check_eod: 1 callbacks suppressed [ 194.609284][T18433] syz.4.6514: attempt to access beyond end of device [ 194.609284][T18433] loop4: rw=0, sector=2072, nr_sectors = 1 limit=128 [ 195.011879][T18469] loop4: detected capacity change from 0 to 2048 [ 195.041600][T18469] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 195.127981][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.255062][T18482] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6532'. [ 195.264297][T18482] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6532'. [ 195.291192][T18482] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6532'. [ 195.300336][T18482] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6532'. [ 195.408161][T18493] loop5: detected capacity change from 0 to 1024 [ 195.440163][T18493] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 195.491926][T18500] program syz.2.6540 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 195.513579][T12249] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 195.682308][T18528] loop5: detected capacity change from 0 to 512 [ 195.717308][T18531] netlink: 48 bytes leftover after parsing attributes in process `syz.2.6556'. [ 195.796336][T18528] EXT4-fs (loop5): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 195.816870][T18528] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 195.852956][T12249] EXT4-fs (loop5): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 196.063539][T18573] netlink: 'syz.4.6572': attribute type 6 has an invalid length. [ 196.848382][ T3627] nci: nci_ntf_packet: unsupported ntf opcode 0xf06 [ 196.914573][T18629] IPv6: sit1: Disabled Multicast RS [ 196.921119][T18629] sit1: entered allmulticast mode [ 197.044001][T18637] IPv6: Can't replace route, no match found [ 197.068068][T18639] sg_write: data in/out 2012/14 bytes for SCSI command 0x3-- guessing data in; [ 197.068068][T18639] program syz.3.6599 not setting count and/or reply_len properly [ 197.169480][T18649] bridge0: entered promiscuous mode [ 197.174886][T18649] macvtap0: entered allmulticast mode [ 197.180509][T18649] bridge0: entered allmulticast mode [ 197.188313][T18649] bridge0: port 3(macvtap0) entered blocking state [ 197.194938][T18649] bridge0: port 3(macvtap0) entered disabled state [ 197.202622][T18649] bridge0: left allmulticast mode [ 197.207916][T18649] bridge0: left promiscuous mode [ 197.358526][T18661] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6608'. [ 197.935854][ T29] kauditd_printk_skb: 121 callbacks suppressed [ 197.935870][ T29] audit: type=1400 audit(2000000070.520:6759): avc: denied { read } for pid=18707 comm="syz.4.6627" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 197.972785][ T29] audit: type=1326 audit(2000000070.560:6760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18710 comm="syz.5.6628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 197.997747][ T29] audit: type=1326 audit(2000000070.560:6761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18710 comm="syz.5.6628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 198.021469][ T29] audit: type=1326 audit(2000000070.560:6762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18710 comm="syz.5.6628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 198.045147][ T29] audit: type=1326 audit(2000000070.560:6763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18710 comm="syz.5.6628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 198.068798][ T29] audit: type=1326 audit(2000000070.560:6764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18710 comm="syz.5.6628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 198.092498][ T29] audit: type=1326 audit(2000000070.560:6765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18710 comm="syz.5.6628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 198.116236][ T29] audit: type=1326 audit(2000000070.560:6766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18710 comm="syz.5.6628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 198.139986][ T29] audit: type=1326 audit(2000000070.560:6767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18710 comm="syz.5.6628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 198.163646][ T29] audit: type=1326 audit(2000000070.560:6768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18710 comm="syz.5.6628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f840750eec9 code=0x7ffc0000 [ 198.264531][T18731] netem: incorrect gi model size [ 198.269861][T18731] netem: change failed [ 198.302987][T18734] netlink: 'syz.4.6640': attribute type 1 has an invalid length. [ 198.310980][T18734] netlink: 'syz.4.6640': attribute type 2 has an invalid length. [ 198.710464][T18796] SELinux: policydb version -299076691 does not match my version range 15-35 [ 198.720958][T18796] SELinux: failed to load policy [ 198.743100][T18802] netlink: 'syz.1.6671': attribute type 1 has an invalid length. [ 198.760448][T18802] bond4: entered promiscuous mode [ 198.771881][T18803] loop5: detected capacity change from 0 to 1024 [ 198.780359][T18802] 8021q: adding VLAN 0 to HW filter on device bond4 [ 198.791019][T18803] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 198.802074][T18803] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 198.829283][T18802] 8021q: adding VLAN 0 to HW filter on device bond5 [ 198.836145][T18803] JBD2: no valid journal superblock found [ 198.841991][T18803] EXT4-fs (loop5): Could not load journal inode [ 198.846661][T18802] bond4: (slave bond5): making interface the new active one [ 198.855563][T18802] bond5: entered promiscuous mode [ 198.862472][T18802] bond4: (slave bond5): Enslaving as an active interface with an up link [ 198.885050][T18803] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 199.138564][T18843] lo speed is unknown, defaulting to 1000 [ 199.180896][T18850] __nla_validate_parse: 1 callbacks suppressed [ 199.180988][T18850] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6690'. [ 199.197280][T18850] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6690'. [ 199.262922][T18860] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6695'. [ 199.402115][T18878] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 199.836887][T18942] netlink: 'syz.3.6734': attribute type 12 has an invalid length. [ 199.935481][T18960] option changes via remount are deprecated (pid=18959 comm=syz.3.6743) [ 199.970354][T18964] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6745'. [ 200.017076][ T10] Process accounting resumed [ 200.115647][T18984] netlink: 'syz.3.6754': attribute type 10 has an invalid length. [ 200.124073][T18984] netlink: 40 bytes leftover after parsing attributes in process `syz.3.6754'. [ 200.230404][T18995] rdma_op ffff88811be78180 conn xmit_rdma 0000000000000000 [ 200.272373][T18997] netlink: 256 bytes leftover after parsing attributes in process `syz.1.6760'. [ 200.413547][T19016] program syz.1.6767 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 200.595989][T19031] 9pnet_fd: Insufficient options for proto=fd [ 200.606654][T19033] netlink: 'syz.1.6776': attribute type 1 has an invalid length. [ 200.625375][T19033] 8021q: adding VLAN 0 to HW filter on device bond6 [ 200.646892][T19036] netlink: 'syz.5.6778': attribute type 19 has an invalid length. [ 200.654779][T19036] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6778'. [ 200.666230][T19033] bond6: (slave geneve3): making interface the new active one [ 200.676578][T19033] bond6: (slave geneve3): Enslaving as an active interface with an up link [ 200.693829][T19036] netlink: 'syz.5.6778': attribute type 19 has an invalid length. [ 200.701835][T19036] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6778'. [ 200.740810][ T3641] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 200.750994][ T3627] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 200.759939][ T3627] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 200.769082][ T3627] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 200.944842][ T3658] nci: nci_ntf_packet: unsupported ntf opcode 0xf06 [ 201.804877][T19088] rdma_op ffff88811ce9ad80 conn xmit_rdma 0000000000000000 [ 201.931238][T19113] loop5: detected capacity change from 0 to 1024 [ 201.938472][T19113] EXT4-fs: Ignoring removed orlov option [ 201.959695][T19113] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 201.972136][T19113] ext4 filesystem being mounted at /641/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 202.004263][T12249] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 202.025179][T19126] netlink: 'syz.5.6815': attribute type 1 has an invalid length. [ 202.033146][T19126] netlink: 224 bytes leftover after parsing attributes in process `syz.5.6815'. [ 202.408869][T19149] bridge0: entered promiscuous mode [ 202.414190][T19149] macsec1: entered promiscuous mode [ 202.420414][T19149] bridge0: port 3(macsec1) entered blocking state [ 202.427085][T19149] bridge0: port 3(macsec1) entered disabled state [ 202.433701][T19149] macsec1: entered allmulticast mode [ 202.439106][T19149] bridge0: entered allmulticast mode [ 202.445356][T19149] macsec1: left allmulticast mode [ 202.450543][T19149] bridge0: left allmulticast mode [ 202.456994][T19149] bridge0: left promiscuous mode [ 202.729571][T19178] netlink: 'syz.4.6838': attribute type 1 has an invalid length. [ 202.737516][T19178] netlink: 'syz.4.6838': attribute type 6 has an invalid length. [ 202.745290][T19178] netlink: 'syz.4.6838': attribute type 3 has an invalid length. [ 202.753226][T19178] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6838'. [ 202.785699][T19182] raw_sendmsg: syz.4.6840 forgot to set AF_INET. Fix it! [ 202.946381][ T29] kauditd_printk_skb: 190 callbacks suppressed [ 202.946402][ T29] audit: type=1326 audit(2000000075.520:6959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19194 comm="syz.3.6847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 202.976338][ T29] audit: type=1326 audit(2000000075.520:6960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19194 comm="syz.3.6847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 202.999959][ T29] audit: type=1326 audit(2000000075.520:6961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19194 comm="syz.3.6847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 203.023544][ T29] audit: type=1326 audit(2000000075.520:6962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19194 comm="syz.3.6847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 203.047092][ T29] audit: type=1326 audit(2000000075.520:6963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19194 comm="syz.3.6847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 203.070927][ T29] audit: type=1326 audit(2000000075.530:6964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19194 comm="syz.3.6847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 203.094596][ T29] audit: type=1326 audit(2000000075.530:6965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19194 comm="syz.3.6847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 203.118241][ T29] audit: type=1326 audit(2000000075.530:6966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19194 comm="syz.3.6847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 203.170997][T19206] SELinux: failed to load policy [ 203.230352][ T29] audit: type=1326 audit(2000000075.820:6967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19209 comm="syz.3.6853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 203.253954][ T29] audit: type=1326 audit(2000000075.820:6968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19209 comm="syz.3.6853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 203.469729][T19238] rdma_op ffff88811bb21d80 conn xmit_rdma 0000000000000000 [ 203.503841][T19242] loop5: detected capacity change from 0 to 512 [ 203.522236][T19242] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 203.539474][T19242] ext4 filesystem being mounted at /656/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 203.578310][T19242] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 203.618437][T12249] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.787117][T19265] 9pnet: Could not find request transport: r [ 203.809215][T19278] dummy0: entered allmulticast mode [ 203.836793][T19278] dummy0: left allmulticast mode [ 204.355374][T19334] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 204.367762][T19334] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 204.491431][T19354] __nla_validate_parse: 3 callbacks suppressed [ 204.491451][T19354] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6919'. [ 204.506841][T19354] netlink: 348 bytes leftover after parsing attributes in process `syz.5.6919'. [ 204.515893][T19354] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6919'. [ 204.524901][T19354] netlink: 348 bytes leftover after parsing attributes in process `syz.5.6919'. [ 204.534104][T19354] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6919'. [ 204.567185][T19358] vhci_hcd: invalid port number 11 [ 204.572342][T19358] vhci_hcd: default hub control req: 6031 v0000 i000b l2 [ 204.983133][T19383] netlink: 100 bytes leftover after parsing attributes in process `syz.1.6933'. [ 205.339753][T19395] netlink: 'syz.3.6938': attribute type 1 has an invalid length. [ 205.418547][T19399] netlink: 40 bytes leftover after parsing attributes in process `syz.5.6940'. [ 205.482963][T19401] tmpfs: Bad value for 'mpol' [ 205.753692][T19435] loop5: detected capacity change from 0 to 128 [ 205.763218][T19437] netlink: 64 bytes leftover after parsing attributes in process `syz.2.6959'. [ 205.766279][T19435] syz.5.6958: attempt to access beyond end of device [ 205.766279][T19435] loop5: rw=0, sector=2072, nr_sectors = 1 limit=128 [ 206.026072][T19467] SELinux: Context system_u:object_r:modules_conf_t:s0 is not valid (left unmapped). [ 206.056972][T19471] loop5: detected capacity change from 0 to 512 [ 206.079876][T19471] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 206.094512][T19471] ext4 filesystem being mounted at /695/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 206.154747][T12249] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.335911][T19514] program syz.2.6991 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 206.400497][T19527] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6996'. [ 206.409628][T19527] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6996'. [ 206.552304][T19553] loop4: detected capacity change from 0 to 1024 [ 206.577948][T19553] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 206.588747][T19562] program syz.3.7008 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 206.653628][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 206.739000][T19585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 206.763416][T19585] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 207.438176][T19657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 207.447057][T19657] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 208.021701][ T29] kauditd_printk_skb: 151 callbacks suppressed [ 208.021720][ T29] audit: type=1107 audit(2000000080.610:7120): pid=19693 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 208.269990][ T29] audit: type=1400 audit(2000000080.860:7121): avc: denied { mount } for pid=19706 comm="syz.5.7076" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 208.397254][T19710] IPv6: sit1: Disabled Multicast RS [ 208.403362][T19710] sit1: entered allmulticast mode [ 208.531689][T19718] IPv6: Can't replace route, no match found [ 209.161671][T19737] bridge0: entered promiscuous mode [ 209.168539][T19737] macvtap1: entered allmulticast mode [ 209.173987][T19737] bridge0: entered allmulticast mode [ 209.186781][T19737] bridge0: port 3(macvtap1) entered blocking state [ 209.188578][ T29] audit: type=1326 audit(2000000081.780:7122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19738 comm="syz.3.7089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 209.193534][T19737] bridge0: port 3(macvtap1) entered disabled state [ 209.217044][ T29] audit: type=1326 audit(2000000081.780:7123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19739 comm="syz.1.7090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa398eec9 code=0x7ffc0000 [ 209.247097][ T29] audit: type=1326 audit(2000000081.780:7124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19739 comm="syz.1.7090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa398eec9 code=0x7ffc0000 [ 209.288214][T19737] bridge0: left allmulticast mode [ 209.293620][T19737] bridge0: left promiscuous mode [ 209.321353][ T29] audit: type=1326 audit(2000000081.810:7125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19738 comm="syz.3.7089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 209.328529][T19745] netem: change failed [ 209.345011][ T29] audit: type=1326 audit(2000000081.810:7126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19738 comm="syz.3.7089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 209.372559][ T29] audit: type=1326 audit(2000000081.810:7127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19738 comm="syz.3.7089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 209.396157][ T29] audit: type=1326 audit(2000000081.810:7128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19738 comm="syz.3.7089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 209.419871][ T29] audit: type=1326 audit(2000000081.810:7129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19738 comm="syz.3.7089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 209.520615][T19756] program syz.4.7098 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 209.535186][T19756] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 209.763276][T19786] $H: (slave dummy0): Releasing backup interface [ 209.772275][T19786] dummy0: left promiscuous mode [ 209.782258][T19786] bridge_slave_0: left promiscuous mode [ 209.788099][T19786] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.797823][T19786] bridge_slave_1: left allmulticast mode [ 209.803489][T19786] bridge_slave_1: left promiscuous mode [ 209.809228][T19786] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.821870][T19786] $H: (slave bond_slave_0): Releasing backup interface [ 209.830561][T19786] bond_slave_0: left promiscuous mode [ 209.851263][T19786] $H: (slave bond_slave_1): Releasing backup interface [ 209.865470][T19786] bond_slave_1: left promiscuous mode [ 209.876456][T19786] team0: Port device team_slave_0 removed [ 209.885774][T19786] team0: Port device team_slave_1 removed [ 209.894260][T19786] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 209.901730][T19786] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 209.910601][T19786] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 209.918078][T19786] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 210.038848][T19809] netlink: 'syz.1.7119': attribute type 1 has an invalid length. [ 210.046674][T19809] netlink: 'syz.1.7119': attribute type 2 has an invalid length. [ 210.056361][T19809] __nla_validate_parse: 5 callbacks suppressed [ 210.056378][T19809] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7119'. [ 210.101652][T19819] netlink: 'syz.2.7122': attribute type 1 has an invalid length. [ 210.109523][T19819] netlink: 224 bytes leftover after parsing attributes in process `syz.2.7122'. [ 210.140986][T19823] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 210.147557][T19823] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 210.155416][T19823] vhci_hcd vhci_hcd.0: Device attached [ 210.165397][T19825] vhci_hcd: connection closed [ 210.165569][ T3439] vhci_hcd: stop threads [ 210.174844][ T3439] vhci_hcd: release socket [ 210.179382][ T3439] vhci_hcd: disconnect device [ 210.573170][T19863] loop5: detected capacity change from 0 to 1024 [ 210.588623][T19863] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 210.612913][T19863] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 18: block 177:freeing already freed block (bit 11); block bitmap corrupt. [ 210.642715][T12249] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.675999][T19870] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 210.739589][T19883] macvtap0: refused to change device tx_queue_len [ 210.778370][T19889] netlink: 64 bytes leftover after parsing attributes in process `syz.5.7153'. [ 210.992156][T19910] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7162'. [ 211.001779][T19906] lo speed is unknown, defaulting to 1000 [ 211.001856][T19910] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7162'. [ 211.127213][T19919] openvswitch: netlink: Message has 6 unknown bytes. [ 211.393504][T19945] netlink: 'syz.1.7179': attribute type 1 has an invalid length. [ 211.413269][T19945] 8021q: adding VLAN 0 to HW filter on device bond7 [ 211.432892][T19948] netlink: 44 bytes leftover after parsing attributes in process `syz.5.7181'. [ 211.444784][T19945] bond7: (slave macvlan0): making interface the new active one [ 211.454675][T19945] bond7: (slave macvlan0): Enslaving as an active interface with an up link [ 211.727949][T19994] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7202'. [ 211.771636][T20002] option changes via remount are deprecated (pid=20000 comm=syz.1.7204) [ 211.838662][ T1035] Process accounting resumed [ 211.915233][T20027] netlink: 'syz.1.7216': attribute type 10 has an invalid length. [ 211.923206][T20027] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7216'. [ 211.932960][T20027] vlan0: entered promiscuous mode [ 211.938336][T20027] vlan0: entered allmulticast mode [ 211.943602][T20027] veth0_vlan: entered allmulticast mode [ 211.950352][T20027] bridge0: port 4(vlan0) entered blocking state [ 211.956867][T20027] bridge0: port 4(vlan0) entered disabled state [ 211.964746][T20027] bridge0: port 4(vlan0) entered blocking state [ 211.971083][T20027] bridge0: port 4(vlan0) entered forwarding state [ 211.996142][T20036] netlink: 1902 bytes leftover after parsing attributes in process `syz.5.7223'. [ 212.081669][T20050] rdma_op ffff88810237ad80 conn xmit_rdma 0000000000000000 [ 212.254633][T20079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 212.264054][T20079] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 212.274420][T20079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 212.283097][T20079] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 212.530944][T20103] 9pnet_fd: Insufficient options for proto=fd [ 212.847834][T20118] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7261'. [ 213.052071][T20133] vlan2: entered allmulticast mode [ 213.076075][T20133] dummy0: entered allmulticast mode [ 213.232541][T20139] loop4: detected capacity change from 0 to 2048 [ 213.259982][T20139] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 213.360552][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 213.546507][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 213.569809][ T29] kauditd_printk_skb: 163 callbacks suppressed [ 213.569890][ T29] audit: type=1326 audit(2000000086.160:7293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20167 comm="syz.3.7280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 213.638822][T20175] bond2: entered promiscuous mode [ 213.644287][T20175] 8021q: adding VLAN 0 to HW filter on device bond2 [ 213.658129][ T29] audit: type=1326 audit(2000000086.190:7294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20167 comm="syz.3.7280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f78481cd710 code=0x7ffc0000 [ 213.681737][ T29] audit: type=1326 audit(2000000086.190:7295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20167 comm="syz.3.7280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f78481cd710 code=0x7ffc0000 [ 213.705385][ T29] audit: type=1326 audit(2000000086.190:7296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20167 comm="syz.3.7280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 213.729000][ T29] audit: type=1326 audit(2000000086.200:7297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20167 comm="syz.3.7280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 213.752516][ T29] audit: type=1326 audit(2000000086.200:7298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20167 comm="syz.3.7280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 213.776143][ T29] audit: type=1326 audit(2000000086.200:7299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20167 comm="syz.3.7280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78481ceec9 code=0x7ffc0000 [ 214.150414][ T29] audit: type=1400 audit(2000000086.740:7300): avc: denied { setopt } for pid=20200 comm="syz.1.7294" lport=47695 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 214.338399][T20223] SELinux: failed to load policy [ 214.388438][ T29] audit: type=1107 audit(2000000086.970:7301): pid=20218 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 214.480274][ T29] audit: type=1326 audit(2000000087.040:7302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20232 comm="syz.1.7310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa398eec9 code=0x7ffc0000 [ 214.553581][T20238] netlink: 'syz.1.7312': attribute type 3 has an invalid length. [ 214.858905][T20284] rdma_op ffff88810237bd80 conn xmit_rdma 0000000000000000 [ 215.041325][T20311] loop4: detected capacity change from 0 to 128 [ 215.048084][T20311] EXT4-fs: Ignoring removed nobh option [ 215.061579][T20311] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 215.078869][T20311] ext4 filesystem being mounted at /1477/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 215.155556][ T3299] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 215.302132][T20348] loop4: detected capacity change from 0 to 128 [ 215.437307][ T23] hid_parser_main: 29 callbacks suppressed [ 215.437331][ T23] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x4 [ 215.451120][ T23] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x2 [ 215.508726][ T23] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 215.516547][ T23] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 215.524376][ T23] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 215.532274][ T23] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 215.540274][ T23] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 215.548237][ T23] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 215.556290][ T23] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 215.564218][ T23] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 215.576191][ T23] hid-generic 0000:3000000:0000.000C: hidraw0: HID v0.00 Device [sy] on syz0 [ 215.634897][T20381] loop5: detected capacity change from 0 to 1024 [ 215.697369][T20381] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 215.740700][T12249] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.189225][T20483] netlink: 'syz.1.7380': attribute type 39 has an invalid length. [ 216.439268][T20528] __nla_validate_parse: 4 callbacks suppressed [ 216.439316][T20528] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7394'. [ 216.454495][T20528] netlink: 348 bytes leftover after parsing attributes in process `syz.4.7394'. [ 216.463598][T20528] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7394'. [ 216.472511][T20528] netlink: 348 bytes leftover after parsing attributes in process `syz.4.7394'. [ 216.485014][T20528] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7394'. [ 216.559543][T20540] netlink: 100 bytes leftover after parsing attributes in process `syz.4.7397'. [ 216.648475][T20549] 9pnet: Could not find request transport: r [ 217.010607][T20605] IPVS: stopping master sync thread 20606 ... [ 217.017210][T20606] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 217.278571][T20629] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 217.287269][T20629] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 217.339518][T20637] netlink: 'syz.2.7441': attribute type 1 has an invalid length. [ 217.940195][T20675] netlink: 268 bytes leftover after parsing attributes in process `syz.5.7459'. [ 218.072097][T20686] netlink: 64 bytes leftover after parsing attributes in process `syz.4.7464'. [ 218.109621][T20691] loop4: detected capacity change from 0 to 512 [ 218.129072][T20691] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 218.141904][T20691] ext4 filesystem being mounted at /1500/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 218.189613][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.355819][T20723] loop5: detected capacity change from 0 to 512 [ 218.362778][T20723] EXT4-fs: Ignoring removed mblk_io_submit option [ 218.371518][T20723] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 218.394169][T20723] EXT4-fs (loop5): 1 truncate cleaned up [ 218.400447][T20723] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 219.161935][T20723] ================================================================== [ 219.170152][T20723] BUG: KCSAN: data-race in filemap_write_and_wait_range / xas_set_mark [ 219.178417][T20723] [ 219.180753][T20723] write to 0xffff8881072b93ec of 4 bytes by task 20740 on cpu 0: [ 219.188484][T20723] xas_set_mark+0x12b/0x140 [ 219.193002][T20723] tag_pages_for_writeback+0xc2/0x290 [ 219.198480][T20723] ext4_do_writepages+0x6b2/0x2750 [ 219.203619][T20723] ext4_writepages+0x176/0x300 [ 219.208396][T20723] do_writepages+0x1c3/0x310 [ 219.213020][T20723] file_write_and_wait_range+0x156/0x2c0 [ 219.218787][T20723] generic_buffers_fsync_noflush+0x45/0x120 [ 219.224713][T20723] ext4_sync_file+0x1ab/0x690 [ 219.229436][T20723] vfs_fsync_range+0x10d/0x130 [ 219.234224][T20723] ext4_buffered_write_iter+0x34f/0x3c0 [ 219.239846][T20723] ext4_file_write_iter+0xdbf/0xf00 [ 219.245102][T20723] iter_file_splice_write+0x663/0xa60 [ 219.250577][T20723] direct_splice_actor+0x153/0x2a0 [ 219.255737][T20723] splice_direct_to_actor+0x30f/0x680 [ 219.261145][T20723] do_splice_direct+0xda/0x150 [ 219.265933][T20723] do_sendfile+0x380/0x650 [ 219.270371][T20723] __x64_sys_sendfile64+0x105/0x150 [ 219.275607][T20723] x64_sys_call+0x2bb0/0x2ff0 [ 219.280295][T20723] do_syscall_64+0xd2/0x200 [ 219.284807][T20723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.290713][T20723] [ 219.293044][T20723] read to 0xffff8881072b93ec of 4 bytes by task 20723 on cpu 1: [ 219.300679][T20723] filemap_write_and_wait_range+0xfc/0x340 [ 219.306520][T20723] filemap_invalidate_pages+0xa4/0x1a0 [ 219.312011][T20723] kiocb_invalidate_pages+0x6e/0x80 [ 219.317229][T20723] __iomap_dio_rw+0x5d1/0x1240 [ 219.322009][T20723] iomap_dio_rw+0x40/0x90 [ 219.326360][T20723] ext4_file_write_iter+0xad9/0xf00 [ 219.331642][T20723] iter_file_splice_write+0x663/0xa60 [ 219.337044][T20723] direct_splice_actor+0x153/0x2a0 [ 219.342166][T20723] splice_direct_to_actor+0x30f/0x680 [ 219.347557][T20723] do_splice_direct+0xda/0x150 [ 219.352331][T20723] do_sendfile+0x380/0x650 [ 219.356768][T20723] __x64_sys_sendfile64+0x105/0x150 [ 219.361989][T20723] x64_sys_call+0x2bb0/0x2ff0 [ 219.366696][T20723] do_syscall_64+0xd2/0x200 [ 219.371212][T20723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.377129][T20723] [ 219.379555][T20723] value changed: 0x02000021 -> 0x04000021 [ 219.385276][T20723] [ 219.387602][T20723] Reported by Kernel Concurrency Sanitizer on: [ 219.393825][T20723] CPU: 1 UID: 0 PID: 20723 Comm: syz.5.7483 Not tainted syzkaller #0 PREEMPT(voluntary) [ 219.403653][T20723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 219.413812][T20723] ================================================================== [ 219.558901][T12249] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.