last executing test programs: 32.546198632s ago: executing program 4 (id=1144): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r1, 0x0, 0x8000000000004}, 0x18) capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) syz_io_uring_setup(0x3c0c, &(0x7f0000000400)={0x0, 0xc890, 0x4000}, 0x0, 0x0) 32.508518365s ago: executing program 4 (id=1145): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x1ff, 0x1501) ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x80, &(0x7f00000004c0)={0x4b5a9da54893e123, 0x3, 0x18}, 0x8, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0}) close_range(r0, 0xffffffffffffffff, 0x0) 32.404674884s ago: executing program 4 (id=1146): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x18) r1 = io_uring_setup(0x1fb8, &(0x7f0000000540)={0x0, 0x1ae0, 0x400, 0x0, 0xea}) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000940)=[{0x0}], 0x1) syz_clone3(&(0x7f0000000000)={0x285002400, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x46) io_uring_register$IORING_REGISTER_FILES(r1, 0x1e, &(0x7f0000000000)=[r1], 0x1) 32.31638581s ago: executing program 4 (id=1152): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) mount_setattr(r0, &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000080)={0x2, 0xf8, 0x40000, {r0}}, 0x20) 32.316138971s ago: executing program 4 (id=1153): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x7, 0x7ffc, 0xcc, 0x0, 0xffffffffffffffff, 0x8000c}, 0x50) 32.107974647s ago: executing program 4 (id=1165): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300)) 32.097983488s ago: executing program 32 (id=1165): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300)) 18.891430616s ago: executing program 1 (id=1693): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8) sendto$inet6(r1, &(0x7f00000005c0)="f5", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0xfffffffc, @private2}, 0x1c) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8) 18.853699139s ago: executing program 1 (id=1697): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000400000100c280000700030004"], 0x48}}, 0x0) 18.825064131s ago: executing program 1 (id=1698): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c40)={{0x14}, [@NFT_MSG_NEWRULE={0x268, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x23c, 0x4, 0x0, 0x1, [{0x238, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x228, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x214, 0x3, "d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbaddefdaa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c755ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f"}, @NFTA_MATCH_NAME={0x8, 0x1, 'bpf\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x290}}, 0x4048014) 18.772965815s ago: executing program 1 (id=1704): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) mount_setattr(r0, &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000080)={0x2, 0xf8, 0x40000, {r0}}, 0x20) 18.695515792s ago: executing program 1 (id=1708): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) preadv2(0xffffffffffffffff, 0x0, 0x0, 0x8, 0x10001, 0x0) 18.34210559s ago: executing program 1 (id=1710): mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb:\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x000x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=ANY=[@ANYBLOB="5800000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000300012800b00010067656e657665000020000280140007000000000000000000000000000000000105000c000100000008000a00", @ANYRES32=r2], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 1.128424659s ago: executing program 0 (id=2251): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) ioprio_set$uid(0x3, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x800714, &(0x7f0000000180)={[{@dioread_nolock}, {@jqfmt_vfsv0}]}, 0xff, 0x4a9, &(0x7f0000000580)="$eJzs3M9rXNUeAPDvnUnS301eX1/fa1+r0SoWfyRNWrULFyoKLhQEXdRlTNJaO22kiWBLsFGkLqXgXlwK/gXu3Ii6EMGtgkspFA1CUxcSub+aZDKZ5menzXw+MJlz5p6Zc773njNz5p7cCaBt9aZ/koidEfFzRHTn2YUFevO7menJ4ZvTk8NJzM6+9nuSlbsxPTlcFi2ft6PIHKlEVD5K4tlkcb3jFy+dHarVRi8U+f6Jc+/0j1+89MSZc0OnR0+Pnh88ceL4sYGnnxp8cl3iTOO6ceD9sYP7X3rj6ivDJ6+++d2XabP2Hcq3z4/jtm42CKiB3nSv/TGbqd/28Arafi/YNS+ddLSwIaxINSLSw9WZjf/uqMbcweuOFz9saeOADZV+Nm1ZevPULLCJJdHqFgCtUX7Qp99/y9sdmnrcFa4/F9EV+fmKmenJ4Zlb8XdEpSjTuYH190bEyam/PktvsdLzEAAAq5DNbR5vNP+rxL7sPl/r2F2sofRExL8iYk9E/Dsi9kbEfyKysv+NiP/lT57tXmb9vXX5xfOfyrWGbV4n6fzvmZib+83Mi7+466kWuV1Z/J3JqTO10aPFPjkSnVvS/ECTOr5+4adPlto2f/6X3tL6y7lg0YBrHXUn6EaGJobWaydc/yDiQEej+JNbKwFpD9gfEQdi8TpWE7vLxJlHvzi4VKHbx9/EOqwzzX4e8Uh+/KeiLv5S0nx9sn9r1EaP9pe9YrHvf7zy6oIHqnPJNcW/DtLjv31h/68r0f1nkq/XdkatNnphfOV1XPnl4yW/06yk/5ddPu3/Xcnr2Zr1D2/lB+q9oYmJCwMRXcnLWZmuomz2+ODcq5X5snwa/5HDjcf/nuI5aQX/j4i0Ex+KiPsi4v6i7Q9ExIMRcbhJ/N8+/9DbTeJPIomWHv+Rhu9/t/p/TzJ/vX4VierZb75aasV8ecf/eExl77W57P3vNpbbwDXuPgAAALgnVCJiZySVvjzduzMqlb6+/H/498b2Sm1sfOKxU2Pvnh/JrxHoic5Keaare9750IFkqnjFPD9YnCsutx8rzht/Wt2W5fuGx2ojLY4d2t2OheM/yvGf+q3a6tYBG871WtC+6sd/pUXtAO685Xz++y4Am1OD8b+tFe0A7jzf/6F9NRr/l+vy5v+wOXUsSvza4CfrgM3I/B/al/EP7cv4h7a0luv6V58oLxZY/etsXfYV/psmcbl5mfIXLzayGdti7pGo3B27pWHi7+LnLe+W9qw5kY6YBY9EJLGhlc79hgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC97J8AAAD//wHu668=") r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0) pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) 899.680068ms ago: executing program 5 (id=2260): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x2, 0x0) r0 = inotify_init1(0x800) inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x64000000) r1 = syz_open_procfs(0x0, &(0x7f00000006c0)='fdinfo/3\x00') pread64(r1, &(0x7f0000000140)=""/120, 0x78, 0x7) 820.017254ms ago: executing program 5 (id=2262): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000008000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0x4000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a300000000014000780050015000000000008001240000000000d000300686173683a6e657400000000050005000a000000050004"], 0x5c}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0) 732.710481ms ago: executing program 5 (id=2263): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) fcntl$lock(r0, 0x7, &(0x7f0000000080)={0x1, 0x0, 0x7, 0x6}) fcntl$lock(r0, 0x26, &(0x7f00000001c0)={0x1, 0x2, 0x7, 0x7fff800000000}) fcntl$lock(r0, 0x26, &(0x7f0000000140)={0x1, 0x2, 0x6, 0x5}) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) pread64(r1, &(0x7f0000000580)=""/210, 0xd2, 0x697) 730.750711ms ago: executing program 0 (id=2264): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x4, 0xc}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) syz_usb_connect$uac1(0x4, 0x71, &(0x7f0000000580)=ANY=[], 0x0) close_range(r0, 0xffffffffffffffff, 0x200000000000000) 527.853487ms ago: executing program 6 (id=2271): unshare(0x28000600) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'nicvf0\x00', 0x7101}) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002500)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000500000000000e1ff95000000000000002ba7e1d30cb599e83f040000f300000000bd01212fb56f040026fbfefc41056bd8174b79ed317142fa9ea4158123751c5c652fbc1626cca2a2ad75806150ae0209e62f51ee988e6e06c8206ac6939fc404004900c788b277be1cb79b0a4dcf23d410f6accd3641110bec4e90a634199e07f8f6eb968f200e011ea665c45a34b8580218ce740068720000074e8b1715807ea0ca469e468eea3fd2f73902ebcfcf49822775985bf313405b367e81c700000040000000000200000000005335000000143ea70c2ab40c7cb70cc8943a6d60d7c4900282e147d08e0af4b29df814f5691db43a5c00000004000000000089faff01210cce39bf405f1e846c12423a164a330100846f26ad03dd65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d6155102b1ced1e8019e63c850af895abba14f6fbd7fb5e2a431ab914040000000000010092c9f4609646b6c5c29647d2f950a959cf9938d6dfcb8ed2cbdc2ba9d580609e31c3fa90812a533ce206e7e57a79d6fce424c2204dd418c005479ecab19bdfb15a32a4fd67ce446adb431d07db79240acaf091231b986e77d05d988d6efdffdf48dca02113a38300cabf2b5543ffc166955709009e000000000061629d1822f720ec23812770d72c700a44e113d17088fdd00600000f7889b8c7044f56ff030000000000006cd4970400cac6f45a6922ded2e29514af463f747c08f4010586903500000000000000000000be34cf0f9d640dd782ac0cbc46903243d0d0f4bc7f253d0500000032daaf281c450e64c33aac8f23e7d1c94c4505a9839688b008c370494f6734b771546d9552d3bb2da0d000000000000000009125c97f0400f5e1671bc5eb7739daa7820a91cb0e732df2ae0000c747e00a4fbfe8942fa859cd28bdaa1509309926c77fbcb15ec58b42b400005a6b649dd5f13cd776e6c7c4b5c4b0de20e033b378553ead4c8cc530b62c36364e6505992209bdbc6203da7a3797246a6adef071102f0aa2c40095ddd05176f5cb8bd99e1ba0f9568f3e3876bba7bf973334e7919a080000000000000004fb996ad919f7e9672ce107000000ad882f2aead166c94500be902ee7dabc768eb9ec13f334aae90981ecaf5f744f22f2e45afe2c9e8632276cffe5f1fc215c0797d0244cf1ce269d10525745caaa3f77d1b80116cb9a38400242010000000100000091a0116f4693133138583da5e10b434697b0443b7b4ddfb3ace29e16e5a881336aad0974269a1025e2a9a135c0508af1aec2926627b43bba1229a7466bdca64f514b7911458da09fe8681916d408d753226a83ae2434ccd3fc508216aea86833030f569d61dc998620fcf4eeb92e7bc511df63c53b82514493b8f3c74f44ba184d40e87612024da1a1ebe316923865f037c01d71b5de81121046d84b18acb5cbea7eecad9b6dd46ed83515cd9f140e5f00019be25b5910a3193e90be231a05fd82e6003969c31082ff1d0eb50a04d14644234828cbb5aaa0ece702abdd425fa25ae04a2315c89064df633700000000d9e5953ea67310993d01000000000000003ac753358791b1490273ca535e05b11d815237743a5b79ad45de2a3c91257f02c2f30f5513662809073710937ed0055b238f466e1442f8ec7a5b394228035039ceeb452dca75f9ff5332b4c4777a3d19c158a0aa9a821667c68549e9da89ad4274ce2d3d7619936768a84a1465fff4eedba55955434f132ab7b884057aeb68f3d675a79907a72ace70902459f6950a06a03507838231a335ae759ed25534f2e90a7def4b3d4af7fd47ab1a701e4b7a7dfc1d12775ed0a31bc7b5855880aa767e68196c7aa5ac115724b6cb8fcebb67719eccd87b06b38566cf61ad2f307a79d2ce9801837bf0bd3af0271de700eef2795d28cb0017000000000000000000e052d93194121b774d21a0317d0346078400004652c769fd3d3e661a2fb511164f1502ab2ac4eb3f19c042163e0bdb88b82de384a8055e8b1e24294b0546cce481ff5618b7b9585dbb64d66debf219fa479abf22f3d64fe82e466ea6f27859946e72f80bb1c9cfcde57b79625e2979fe689a5a246cbbd488f43f46b2536f175f46dfb27d5229467270246ab53616c46edf34c559d3de0c59ca3305e66825715e5e4cd5b54c1b05c09f04337a76a30373baac3ecec91fd546eb7c32dbecb18a308a0004be94dfab28c2a51dc816df0000000000c12254f041804f7f7074356789b1d4dd55f3e045a48241a4ce04d06acb2cf11eab759ba78da5da0f26126d4cf2c73e5f94030000040000000000000000c301985d603403592486204054be3fdda91f9e315886941928e5a8bc1a00e69a98c0a8f7192f6ee93cc4124cf4e7610915efc08c834a44e1d685d6835a40b5bc615949cbcd98d044fa492aa38717481455e86dcd7816ad8940bd1995369d89ae6eadeb9117e8b94ab422c8d62f858875dccdbc89572231ef5d6df6a9c55f8df763c7c64da7cc017e1e3f5cd4cb9fe6d19b11d4d38239d318016e622b9683b7e46be64dc097982e23462392a0cd05afb2e060fd42ef00dfbd057311aab94f307d10c7a1af0d8e5a0fcb547475d13c0000000000000000f1cc97103d714d1abb901f866d9d629b4fb185f45790517c4a0f5c6a5024e3359e8d83e3f6edf9e2afb5ab59c7b2b45cfb0a3c1303a98e4ed531ac11cca1cd744b431de74c7cd6533adaa8ec749061b2959d53da626aa189781dc1be4d5c81aebc0cada819895b377d6cf0a7878ba99864ae84464744c605646caf2e06b13eba7ba10acf77d91b2297e9573abb0a4da534d735a223626402b308daf7835780fa6f4e410000000000fb00000000000000000000b14952139bd4bdbccc5e334c49584655c4fce8c5bb7c54664aef6d780100358aa54b4b49926c4be9ee4659153d9fa95d07cc4efdab2c5f4503148d0255d0b748366dafe042d78479c21d832e1431ed6d646d13e8e7230300920a5642bbed1dee9b46b6f02e572024ccf3c8edd82660e5d74c52be71d780c300000000000000000000000000000000000044ff72f96f084f4b6cdcb1b4a9d8e9f99f1b85497d0c3df704c8a0034c09caeeb0e34799b755649883539258a7b33dcef15d8fd1953ebaaa3cff81a0de7a05a440f20f6b273ceb8678f10378b670be7504dabd1471355d853292775d0366891f0bcf0a6087ed4f1f25ef52394db3e9d8318bbb9baff3db95bfd68a08ded502cc08a485c804e4fd107a7ca2a64ca081c6b2f7b895cdf98b763ebab9451c65eced6f5f97a541210806d885762ac3150225036c7eccd7a05593abd963f9a02df58085115e54f675e6a08d25b5722cabf989b4bbc562e073b81bae61f05c5e1f90e021340b60cc5fb8fdb09b6d20b0d87a6ed800000000000000000000000000000000006cc6f64f583a26a78f7f417f66c0af32f5194ddfce51e5aff28f621bb2fd2a5ab719823488d6e869b08d3d4ac7950c60144cf77437e29895a23282e3c65e015d1c334832a90ee77d93596e3f12e9ca8c67c7f3c9b66c9cb03edec184ad1d9544c7a3be250e471dca00000078544d79c0efe4094e561eeb26ee4c81106d03c004bc1589ef6e13648999c8735e2634e89aaa90c571fa3c07238697b1db783c52715055445e96995fe3273b0346b03fc742c06aa3947e0d9cf0c99b5e245ede85893112deea8bd3355a32ec15e1242f170a51f28cea4105541e96a52da4984d26bd29cb0623f00c6b0a4c00ad406d729babc9d1550a683c349017a340444000000000000000000000920ca49f7cc8194aaebdcae5a62bb7587b57f41f1c2034911f23e6bd0291b3319f03a0a15dea685a8ab75b3c60391afa5483231305402b52a8f9863800f127d6b4518f73a847ca583e855d70c6a4a53f61ad753d5e740db44afd32b019d9e8b41361c2c104fe52837a19dd6952fe2724c0105ab158a54a6a73000000000000000000"], &(0x7f0000000140)='GPL\x00'}, 0x48) ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f0000000200)=r1) close(0x3) 379.085349ms ago: executing program 6 (id=2275): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000140)={0x4200, 0x3, 0x5}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000a0000000c0000800800", @ANYRES16=r0], 0x20}, 0x1, 0x0, 0x0, 0x20040041}, 0x0) 296.700106ms ago: executing program 2 (id=2277): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x8f0, &(0x7f0000002400)=0x0) io_submit(r2, 0x1, &(0x7f0000000380)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r1, &(0x7f0000000000)="008000000000", 0x6, 0x0, 0x0, 0x2}]) 296.007836ms ago: executing program 6 (id=2278): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = socket$packet(0x11, 0x2, 0x300) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4) syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) 277.591767ms ago: executing program 6 (id=2279): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000240)='nv\x00', 0x2) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0xd1, @ipv4={'\x00', '\xff\xff', @loopback}, 0x104}, 0x1c) r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001940)={0x4c, 0x14, 0x905, 0x50bd25, 0x25dfdbfc, {0xa, 0x6, 0x2, 0x0, {0x4e26, 0x4e23, [0x224e, 0x7, 0x6, 0x5], [0xfffffffe, 0x1, 0x4], 0x0, [0x61, 0xfffffffc]}, 0x8, 0xffffffff}}, 0x4c}}, 0x4814) 239.7253ms ago: executing program 2 (id=2280): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) getpriority(0x2, 0x0) 239.23289ms ago: executing program 3 (id=2290): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) listxattr(0x0, 0x0, 0x0) 216.977352ms ago: executing program 6 (id=2281): syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./file0\x00', 0x0, &(0x7f0000002480)=ANY=[@ANYBLOB="00e789da34e04a1ffb124b2c2fb684c70b90bbb45efd97899a16f2df4fa2e8f06ac2c5352509e3c51d882eb3ec0dd3b1c96e980163890d2d0d1b8d3d62f6d77b0209e166e2ca4c35483d49316daf522556a16cab12d75a852bc680da7ea837480feb2060a1e20a59b7745235030000004ed0351cb5b416ba1c57217be5a338392f831617ee8c35bb61f0a9eeed3b1226b18c4b455ab222d7ae1b5258d5643d70000000000000000000ae468a387d9e63008000000000000063a454d1ab8760076a893752105f030c49caf2fdfe6bc9743a68593b576e2f2f6ab69e1b974ac90855ac250f8f73e16bc593730b88d7a3346b945e276875915040ce4901262cd8ce8191ee84e3ce5526a0a43b707cc711a3311f840cad641a013c6dd783aa895227b3d50a86e15a57e26666aaa296b7ddc4c8f421cf9d76d344bf6522f5d1138659d3de84ce13b085a2ed9d66c93767378423521cc4ea440e0ac3b953e1ca1675a716a97a5c3106aba648f119eeab4747b9b53000475e0a34514ccf397ea6f170e018122a98f135beac48d2ed195e20fdd226c7f5a20000ad1fcfbee59924e161280a8b78fe34b2fa3efa7c1d4268bf090000ecb4ece3234c232659fee3ff9e6d21e008a570bb490a65b84ea8b6d6507355cb1112fae6e3456bf8da53e1df20458e59456822dbb8dbd7ce0f928d5fbd6414fe8ab5277f3fd5ce6be044993f93e697a69484cc0e65ec742443c84e21a440998c8d69c12c2db7aee2872c6e0671d639e8f6bece219dcd0f69b9867dfc3187c882c035809c81832d7416f90c734be30c2faf0c22bfc8d95dfc7b9bac96b838c98ae5a75b9dc9e967ef5edf311bbebd7ca803cea8f5b9ec5b3edd6c44d633b71bde97a3c10a468432ff3d4e63ce3ecfa640d44b70b68744d26e72389e6c61767725d2c692443bc949c28b1a374e541bd352ca2f3bf64d883862dc24d8e27d86b6e38bc269f110c3d563f8e4ec9a98016b6b58157deeefa8fa022514bdc75f794094700cb8fa2b61310cbf9058bce5f2399055929e0fc732e0d5db926fe1b09a2993ff038d8099c229bda0801f8b81719d73b4abac97f704a0942051bae38b00b69d7fa69d738f99f73b19082ec0c99442d97ddbf68a4822aa2a2673478f81f14f67beee619b9d9882f7eabfb5000000000000000000003ff8795b5ec2de11479e781396117c84449647684239c9b9475b389a6a76d36c31f39539d928d2c58f188b4bf713d0915df4cc7de48a930935dbb01c9422d604467d209fd1421c7fc503cabde4bb193ff3654377c6e4fb72dcfc835f760bae7447068c2e43433e3d77c6805b559a04f3ebb741a9bbf57274b1da7800000000000000000000000000000000000000001c4f225672f3465b2638e921d80d58dca4ee4592d8cc0c06b2e390b7b1c713a46bc8ece9be25f055a59032576bc00a844c32b46040a607eaeb886ec0cb8e90c5a4075caa8a358ab81e78ad794a20f772b73466a43cd696401521793e54b1c4aa58d506b661f393e7233337473f36c2dbb15ae673afe82ebe45cc6f776162e43b74d9b9ca6f68d6bc8261600b27431e0f6f4f1e0947f69d2d812ebc9d2a8869b14a84dbdcdc5055b97a241e2f707740bb966b6c58408aceb9f6a943f614d2a6093c60c0dfb511b02f191ef6fa6e5a1a86687a44ec6098439a2ef55a4ba07e2b0f62ae86e1458f63f6b8b2d2b9990495f17b6d1052b19472a97d41204a8be48e380be2e6885c7de0807f2c154ad4f25b16027bc4aeb85dc798e7eef25631bfd79c8e0aff725dcd4b91c61bf8d72f74e4dbae"], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g") r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fallocate(r0, 0x0, 0x0, 0x1000f4) r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r1, &(0x7f0000000e80)=[{0x0}, {&(0x7f0000000f80)="03a5", 0x2}], 0x2, 0x33000, 0x0, 0x3) msgsnd(0x0, 0x0, 0x8, 0x0) 202.577324ms ago: executing program 2 (id=2282): r0 = socket$inet6(0xa, 0x3, 0x5) r1 = socket$xdp(0x2c, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000200)=0x200, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'dummy0\x00', 0x0}) bind$xdp(r1, &(0x7f0000000a80)={0x2c, 0x1, r3, 0xa, r0}, 0x10) 202.362533ms ago: executing program 3 (id=2283): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x70, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @multicast2}}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_ORIG={0xc, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}]}]}, 0x70}}, 0x0) 180.789745ms ago: executing program 2 (id=2284): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x9}}, {{@in=@dev={0xac, 0x14, 0x14, 0x1d}, 0x4d3, 0x6c}, 0x0, @in=@broadcast}}, 0xe8) syz_emit_ethernet(0x3e, &(0x7f00000002c0)={@local, @random="f368656e065b", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x2, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x90, 0x7f, {0x5, 0x4, 0x2, 0x24, 0x5, 0x67, 0x3ff, 0xa7, 0x5c, 0x8, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x34}}}}}}}, 0x0) 154.528097ms ago: executing program 3 (id=2285): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) unshare(0x64000600) 150.823917ms ago: executing program 0 (id=2286): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="00001000252155b21c0012000c000100626f6e64"], 0x3c}}, 0x40000) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x503, 0x0, 0xfffffbfc, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x4000) 42.343286ms ago: executing program 3 (id=2287): r0 = socket$rds(0x15, 0x5, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10) bind$rds(r0, &(0x7f0000001000)={0x2, 0x4e21, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0xfd, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000340)=[@fadd={0x58, 0x114, 0x6, {{0x0, 0x5}, &(0x7f0000000240)=0x70d, 0x0, 0x3, 0x100, 0x7, 0x9, 0x2, 0x7fffffff}}], 0x58}, 0x0) 41.821866ms ago: executing program 3 (id=2288): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 40.784826ms ago: executing program 2 (id=2298): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000001280), 0x6) 5.476679ms ago: executing program 3 (id=2289): timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=0x0) syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82) syz_open_dev$sg(&(0x7f0000000280), 0x80000000002, 0x1) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) 4.875649ms ago: executing program 2 (id=2301): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x4, 0xc}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) syz_usb_connect$uac1(0x4, 0x71, &(0x7f0000000580)=ANY=[], 0x0) close_range(r0, 0xffffffffffffffff, 0x200000000000000) 0s ago: executing program 6 (id=2291): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x18) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = dup(r1) fsetxattr$security_selinux(r2, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0) kernel console output (not intermixed with test programs): k is recommended [ 41.971943][ T4254] EXT4-fs warning (device loop4): read_mmp_block:115: Error -117 while reading MMP block 0 [ 41.998756][ T4254] +}[@ (4254) used greatest stack depth: 9280 bytes left [ 42.019620][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.172226][ T4298] netlink: 8 bytes leftover after parsing attributes in process `syz.3.354'. [ 42.225682][ T4308] loop3: detected capacity change from 0 to 512 [ 42.232837][ T4308] EXT4-fs: Ignoring removed bh option [ 42.239621][ T4308] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 42.248693][ T4308] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 42.262656][ T4312] netlink: 8 bytes leftover after parsing attributes in process `syz.0.362'. [ 42.288041][ T4308] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 42.298857][ T4308] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 42.311487][ T4308] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 42.337141][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.417924][ T4325] netlink: 16 bytes leftover after parsing attributes in process `syz.0.367'. [ 42.495398][ T4334] macvtap0: refused to change device tx_queue_len [ 42.602711][ T4355] 9pnet_fd: Insufficient options for proto=fd [ 42.687341][ T4373] loop3: detected capacity change from 0 to 1024 [ 42.695584][ T4373] EXT4-fs: Ignoring removed oldalloc option [ 42.703307][ T4373] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 42.722948][ T4373] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 42.761603][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.802526][ T29] kauditd_printk_skb: 321 callbacks suppressed [ 42.802544][ T29] audit: type=1400 audit(1755980899.579:646): avc: denied { name_bind } for pid=4382 comm="syz.3.391" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=udp_socket permissive=1 [ 42.859851][ T29] audit: type=1400 audit(1755980899.629:647): avc: denied { read } for pid=4388 comm="syz.4.395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 42.898259][ T29] audit: type=1400 audit(1755980899.669:648): avc: denied { create } for pid=4392 comm="syz.0.397" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 42.919565][ T29] audit: type=1400 audit(1755980899.699:649): avc: denied { setopt } for pid=4388 comm="syz.4.395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 42.957057][ T29] audit: type=1400 audit(1755980899.729:650): avc: denied { write } for pid=4392 comm="syz.0.397" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 43.004924][ T29] audit: type=1326 audit(1755980899.779:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4401 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd126f75ba7 code=0x7ffc0000 [ 43.036079][ T4406] macvtap0: refused to change device tx_queue_len [ 43.037403][ T29] audit: type=1326 audit(1755980899.809:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4401 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd126f1ade9 code=0x7ffc0000 [ 43.065999][ T29] audit: type=1326 audit(1755980899.809:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4401 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd126f7ebe9 code=0x7ffc0000 [ 43.089308][ T29] audit: type=1326 audit(1755980899.809:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4401 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd126f75ba7 code=0x7ffc0000 [ 43.112630][ T29] audit: type=1326 audit(1755980899.809:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4401 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd126f1ade9 code=0x7ffc0000 [ 43.157210][ T4416] netlink: 'syz.0.405': attribute type 10 has an invalid length. [ 43.179825][ T4416] team0: Port device geneve1 added [ 43.405701][ T4449] loop2: detected capacity change from 0 to 1024 [ 43.413463][ T4449] EXT4-fs: Ignoring removed oldalloc option [ 43.441005][ T4449] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 43.469282][ T4453] program syz.4.436 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 43.486256][ T4449] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 43.549163][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.772874][ T4488] loop4: detected capacity change from 0 to 512 [ 43.780043][ T4488] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 43.809175][ T4488] EXT4-fs (loop4): 1 truncate cleaned up [ 43.820306][ T4488] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 43.884449][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.997183][ T4522] program syz.1.463 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 44.026139][ T4525] loop0: detected capacity change from 0 to 128 [ 44.057708][ T4528] loop1: detected capacity change from 0 to 256 [ 44.192743][ T4537] __nla_validate_parse: 13 callbacks suppressed [ 44.192758][ T4537] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'. [ 44.208018][ T4537] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'. [ 44.218208][ T4537] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'. [ 44.278752][ T4537] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'. [ 44.287665][ T4537] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'. [ 44.322736][ T4537] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'. [ 44.483138][ T4549] loop1: detected capacity change from 0 to 512 [ 44.496113][ T4549] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 44.515680][ T4537] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'. [ 44.524582][ T4537] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'. [ 44.535058][ T4537] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'. [ 44.561360][ T4549] EXT4-fs (loop1): 1 truncate cleaned up [ 44.567611][ T4549] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 44.880305][ T4525] syz.0.466: attempt to access beyond end of device [ 44.880305][ T4525] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 44.893889][ T4525] Buffer I/O error on dev loop0, logical block 128, lost async page write [ 44.915240][ T4539] syz.0.466: attempt to access beyond end of device [ 44.915240][ T4539] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 44.928769][ T4539] Buffer I/O error on dev loop0, logical block 128, lost async page write [ 44.939221][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.987430][ T4525] syz.0.466: attempt to access beyond end of device [ 44.987430][ T4525] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 45.001067][ T4525] Buffer I/O error on dev loop0, logical block 128, lost async page write [ 45.060669][ T4567] loop2: detected capacity change from 0 to 512 [ 45.071792][ T4567] EXT4-fs (loop2): too many log groups per flexible block group [ 45.079659][ T4567] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 45.091320][ T4567] EXT4-fs (loop2): mount failed [ 45.172929][ T4579] loop1: detected capacity change from 0 to 128 [ 45.185585][ T4579] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 45.202859][ T4579] System zones: 1-3, 19-19, 35-36 [ 45.214004][ T4579] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 45.239721][ T4579] ext4 filesystem being mounted at /83/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 45.350421][ T4591] loop0: detected capacity change from 0 to 512 [ 45.364061][ T4591] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 45.375072][ T3311] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 45.391682][ T4591] EXT4-fs (loop0): 1 truncate cleaned up [ 45.405339][ T4591] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 45.421610][ T4594] netlink: 8 bytes leftover after parsing attributes in process `syz.4.484'. [ 45.531523][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.829093][ T4627] loop3: detected capacity change from 0 to 128 [ 45.839243][ T4627] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 45.848306][ T4627] System zones: 1-3, 19-19, 35-36 [ 45.856194][ T4627] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 45.879767][ T4627] ext4 filesystem being mounted at /111/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 45.976186][ T3309] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 46.247541][ T4664] loop2: detected capacity change from 0 to 128 [ 46.269291][ T4664] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 46.280401][ T4664] System zones: 1-3, 19-19, 35-36 [ 46.287941][ T4664] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 46.305270][ T4664] ext4 filesystem being mounted at /101/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 46.372795][ T3308] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 46.446796][ T4684] loop3: detected capacity change from 0 to 128 [ 46.474335][ T4684] syz.3.521: attempt to access beyond end of device [ 46.474335][ T4684] loop3: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 46.750371][ T4711] loop3: detected capacity change from 0 to 1024 [ 46.768629][ T4711] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.807880][ T4719] loop0: detected capacity change from 0 to 128 [ 46.834436][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.896923][ T4731] macvtap0: refused to change device tx_queue_len [ 46.947747][ T4740] loop3: detected capacity change from 0 to 512 [ 46.955684][ T4740] EXT4-fs: Ignoring removed oldalloc option [ 46.964632][ T4740] EXT4-fs (loop3): 1 truncate cleaned up [ 46.971034][ T4740] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.988759][ T4740] EXT4-fs (loop3): shut down requested (2) [ 46.995079][ T4740] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=12 [ 47.004078][ T4740] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=12 [ 47.025131][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.026685][ T4745] hub 6-0:1.0: USB hub found [ 47.041411][ T4745] hub 6-0:1.0: 8 ports detected [ 47.076115][ T4749] loop3: detected capacity change from 0 to 128 [ 47.094846][ T4752] loop4: detected capacity change from 0 to 128 [ 47.106614][ T4752] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 47.115148][ T4752] System zones: 1-3, 19-19, 35-36 [ 47.121938][ T4752] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 47.137867][ T4752] ext4 filesystem being mounted at /105/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 47.188047][ T3304] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 47.262336][ T4767] loop4: detected capacity change from 0 to 512 [ 47.287212][ T4767] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 47.316534][ T4767] EXT4-fs (loop4): 1 orphan inode deleted [ 47.329161][ T4767] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.330549][ T269] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:4: Failed to release dquot type 1 [ 47.353680][ T4767] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 47.399419][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.475661][ T4789] hub 6-0:1.0: USB hub found [ 47.482534][ T4789] hub 6-0:1.0: 8 ports detected [ 47.704194][ T4817] bridge0: port 3(vlan2) entered blocking state [ 47.710661][ T4817] bridge0: port 3(vlan2) entered disabled state [ 47.717730][ T4817] vlan2: entered allmulticast mode [ 47.723089][ T4817] bridge0: entered allmulticast mode [ 47.740427][ T4817] vlan2: left allmulticast mode [ 47.745370][ T4817] bridge0: left allmulticast mode [ 47.785770][ T4823] loop0: detected capacity change from 0 to 128 [ 47.798580][ T4824] loop4: detected capacity change from 0 to 1024 [ 47.801347][ T4823] syz.0.586: attempt to access beyond end of device [ 47.801347][ T4823] loop0: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 47.843295][ T4824] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002] [ 47.852185][ T4824] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.864990][ T29] kauditd_printk_skb: 288 callbacks suppressed [ 47.865007][ T29] audit: type=1400 audit(1755980904.639:943): avc: denied { mount } for pid=4821 comm="syz.4.587" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 47.868744][ T4824] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.587: bg 0: block 88: padding at end of block bitmap is not set [ 47.871268][ T29] audit: type=1400 audit(1755980904.639:944): avc: denied { add_name } for pid=4821 comm="syz.4.587" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 47.871301][ T29] audit: type=1400 audit(1755980904.639:945): avc: denied { create } for pid=4821 comm="syz.4.587" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 47.871333][ T29] audit: type=1400 audit(1755980904.639:946): avc: denied { read write } for pid=4821 comm="syz.4.587" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 47.970079][ T29] audit: type=1400 audit(1755980904.639:947): avc: denied { open } for pid=4821 comm="syz.4.587" path="/112/file1/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 48.004609][ T29] audit: type=1400 audit(1755980904.779:948): avc: denied { unmount } for pid=3304 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 48.006165][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.053779][ T29] audit: type=1400 audit(1755980904.829:949): avc: denied { unmount } for pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 48.091309][ T29] audit: type=1400 audit(1755980904.869:950): avc: denied { write } for pid=4827 comm="syz.0.588" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 48.120125][ T29] audit: type=1400 audit(1755980904.899:951): avc: denied { lock } for pid=4831 comm="syz.4.592" path="socket:[8955]" dev="sockfs" ino=8955 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 48.157779][ T4830] hub 6-0:1.0: USB hub found [ 48.166138][ T4830] hub 6-0:1.0: 8 ports detected [ 48.172811][ T29] audit: type=1400 audit(1755980904.949:952): avc: denied { read } for pid=4833 comm="syz.3.593" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 48.243130][ T4841] netlink: 'syz.3.596': attribute type 6 has an invalid length. [ 48.289124][ T4839] veth1_macvtap: left promiscuous mode [ 48.294810][ T4839] macsec0: entered promiscuous mode [ 48.662556][ T4867] SELinux: policydb table sizes (2,655368) do not match mine (8,7) [ 48.691503][ T4867] SELinux: failed to load policy [ 48.867017][ T4882] loop3: detected capacity change from 0 to 512 [ 48.900322][ T4882] EXT4-fs (loop3): too many log groups per flexible block group [ 48.908137][ T4882] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 48.915390][ T4882] EXT4-fs (loop3): mount failed [ 48.928259][ T4890] loop0: detected capacity change from 0 to 256 [ 49.167123][ T4918] loop1: detected capacity change from 0 to 256 [ 49.226628][ T4926] veth1_macvtap: left promiscuous mode [ 49.232093][ T4927] loop1: detected capacity change from 0 to 1024 [ 49.241709][ T4926] macsec0: entered promiscuous mode [ 49.243367][ T2957] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=2957 comm=kworker/0:2 [ 49.260068][ T4930] 9pnet: p9_errstr2errno: server reported unknown error 1844674 [ 49.262278][ T4927] EXT4-fs: Ignoring removed orlov option [ 49.275144][ T4927] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 49.296227][ T4927] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.360094][ T4940] loop0: detected capacity change from 0 to 1024 [ 49.369727][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.383025][ T4940] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002] [ 49.392083][ T4940] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.407217][ T4940] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.637: bg 0: block 88: padding at end of block bitmap is not set [ 49.463279][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.484269][ T4956] loop2: detected capacity change from 0 to 1024 [ 49.508476][ T4962] SELinux: policydb table sizes (2,655368) do not match mine (8,7) [ 49.516781][ T4962] SELinux: failed to load policy [ 49.522242][ T4956] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002] [ 49.541171][ T4956] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.554255][ T4968] __nla_validate_parse: 17 callbacks suppressed [ 49.554274][ T4968] netlink: 32 bytes leftover after parsing attributes in process `syz.0.649'. [ 49.572188][ T4970] netlink: 12 bytes leftover after parsing attributes in process `syz.1.650'. [ 49.572461][ T4956] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.655: bg 0: block 88: padding at end of block bitmap is not set [ 49.581229][ T4970] netlink: 28 bytes leftover after parsing attributes in process `syz.1.650'. [ 49.581249][ T4970] netlink: 12 bytes leftover after parsing attributes in process `syz.1.650'. [ 49.581754][ T4970] netlink: 28 bytes leftover after parsing attributes in process `syz.1.650'. [ 49.622172][ T4970] netlink: 'syz.1.650': attribute type 6 has an invalid length. [ 49.646970][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.675803][ T4974] loop2: detected capacity change from 0 to 1024 [ 49.692108][ T4974] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.731690][ T4984] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) ! [ 49.740079][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.853968][ T4999] loop1: detected capacity change from 0 to 128 [ 49.889172][ T5001] loop3: detected capacity change from 0 to 1024 [ 49.924747][ T5003] netlink: 136 bytes leftover after parsing attributes in process `syz.2.664'. [ 49.933799][ T5003] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 49.973673][ T5001] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002] [ 49.982373][ T5001] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 50.000314][ T5001] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.663: bg 0: block 88: padding at end of block bitmap is not set [ 50.091555][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.130397][ T5020] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5020 comm=syz.0.673 [ 50.252970][ T5032] loop0: detected capacity change from 0 to 512 [ 50.267911][ T5034] loop2: detected capacity change from 0 to 256 [ 50.275087][ T5031] batman_adv: batadv0: Adding interface: ipvlan2 [ 50.281533][ T5031] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.306884][ T5031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.317340][ T5031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.328106][ T5031] batman_adv: batadv0: Interface activated: ipvlan2 [ 50.358679][ T5032] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.359390][ T5008] syz.1.662: attempt to access beyond end of device [ 50.359390][ T5008] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 50.376629][ T5032] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 50.384574][ T5008] Buffer I/O error on dev loop1, logical block 128, lost async page write [ 50.406632][ T4999] syz.1.662: attempt to access beyond end of device [ 50.406632][ T4999] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 50.420125][ T4999] Buffer I/O error on dev loop1, logical block 128, lost async page write [ 50.429390][ T5008] syz.1.662: attempt to access beyond end of device [ 50.429390][ T5008] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 50.442848][ T5008] Buffer I/O error on dev loop1, logical block 128, lost async page write [ 50.477289][ T37] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 50.492008][ T37] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 7 with error 28 [ 50.504345][ T37] EXT4-fs (loop0): This should not happen!! Data will be lost [ 50.504345][ T37] [ 50.514082][ T37] EXT4-fs (loop0): Total free blocks count 0 [ 50.520111][ T37] EXT4-fs (loop0): Free/Dirty block details [ 50.526020][ T37] EXT4-fs (loop0): free_blocks=65280 [ 50.531403][ T37] EXT4-fs (loop0): dirty_blocks=7 [ 50.536451][ T37] EXT4-fs (loop0): Block reservation details [ 50.542475][ T37] EXT4-fs (loop0): i_reserved_data_blocks=7 [ 50.549360][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.576902][ T5042] netlink: 'syz.4.684': attribute type 1 has an invalid length. [ 50.605943][ T5050] pimreg: entered allmulticast mode [ 50.612743][ T5048] loop1: detected capacity change from 0 to 1024 [ 50.614033][ T5050] pimreg: left allmulticast mode [ 50.647661][ T5048] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002] [ 50.657067][ T5048] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 50.672467][ T5048] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.681: bg 0: block 88: padding at end of block bitmap is not set [ 50.714249][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.823884][ T5077] loop3: detected capacity change from 0 to 512 [ 50.850314][ T5077] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.863580][ T5077] ext4 filesystem being mounted at /148/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 50.915919][ T5077] syz.3.698 (5077) used greatest stack depth: 8960 bytes left [ 50.938964][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.975342][ T5091] loop2: detected capacity change from 0 to 1024 [ 50.988184][ T5092] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5092 comm=syz.3.702 [ 51.003295][ T5091] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002] [ 51.015324][ T5091] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.703: bg 0: block 88: padding at end of block bitmap is not set [ 51.087766][ T5105] SELinux: Context system_u:object_r:getty_exec_t:s0 is not valid (left unmapped). [ 51.118582][ T5108] netlink: 'syz.3.709': attribute type 1 has an invalid length. [ 51.299243][ T5127] loop2: detected capacity change from 0 to 1024 [ 51.312020][ T5127] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002] [ 51.322965][ T5127] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.717: bg 0: block 88: padding at end of block bitmap is not set [ 51.364392][ T5131] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5131 comm=syz.2.718 [ 51.433431][ T5139] pimreg: entered allmulticast mode [ 51.438971][ T5138] random: crng reseeded on system resumption [ 51.463732][ T5139] pimreg: left allmulticast mode [ 51.732824][ T5185] netlink: 'syz.0.744': attribute type 1 has an invalid length. [ 51.783463][ T5194] hub 9-0:1.0: USB hub found [ 51.788302][ T5194] hub 9-0:1.0: 8 ports detected [ 51.813776][ T5198] loop4: detected capacity change from 0 to 512 [ 51.831352][ T5198] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 51.934908][ T5209] SELinux: failed to load policy [ 52.019027][ T5225] netlink: 'syz.0.762': attribute type 1 has an invalid length. [ 52.066444][ T5232] netlink: 8 bytes leftover after parsing attributes in process `syz.3.765'. [ 52.084660][ T5232] IPVS: Error joining to the multicast group [ 52.221293][ T5266] netlink: 'syz.1.780': attribute type 1 has an invalid length. [ 52.382548][ T5292] loop4: detected capacity change from 0 to 1024 [ 52.404057][ T5292] EXT4-fs: Ignoring removed orlov option [ 52.455633][ T5292] EXT4-fs: Ignoring sb option on remount [ 52.461376][ T5292] EXT4-fs: Ignoring removed orlov option [ 52.475688][ T5292] EXT4-fs: Ignoring removed nomblk_io_submit option [ 52.482458][ T5292] EXT4-fs: Remounting fs w/o journal so ignoring data_err option [ 52.513121][ T5292] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 52.538809][ T5304] netlink: 4 bytes leftover after parsing attributes in process `syz.3.797'. [ 52.547697][ T5304] netlink: 4 bytes leftover after parsing attributes in process `syz.3.797'. [ 52.556950][ T5304] netlink: 4 bytes leftover after parsing attributes in process `syz.3.797'. [ 52.595572][ T5311] loop0: detected capacity change from 0 to 1024 [ 52.606243][ T5311] EXT4-fs: Ignoring removed bh option [ 52.612765][ T5311] EXT4-fs: Ignoring removed nobh option [ 52.692324][ T5333] batadv1: entered promiscuous mode [ 52.853110][ T5363] loop3: detected capacity change from 0 to 164 [ 52.872073][ T29] kauditd_printk_skb: 323 callbacks suppressed [ 52.872091][ T29] audit: type=1400 audit(1755980909.649:1276): avc: denied { execute } for pid=5361 comm="syz.3.822" dev="tmpfs" ino=1063 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 52.872864][ T5363] syz.3.822: attempt to access beyond end of device [ 52.872864][ T5363] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 52.878352][ T29] audit: type=1400 audit(1755980909.649:1277): avc: denied { execute_no_trans } for pid=5361 comm="syz.3.822" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1063 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 52.943439][ T5363] syz.3.822: attempt to access beyond end of device [ 52.943439][ T5363] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 52.957229][ T29] audit: type=1326 audit(1755980909.679:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5367 comm="syz.4.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb4c89ebe9 code=0x7ffc0000 [ 52.980877][ T29] audit: type=1326 audit(1755980909.679:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5367 comm="syz.4.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb4c89ebe9 code=0x7ffc0000 [ 53.004420][ T29] audit: type=1326 audit(1755980909.679:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5367 comm="syz.4.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb4c89ebe9 code=0x7ffc0000 [ 53.028093][ T29] audit: type=1326 audit(1755980909.679:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5367 comm="syz.4.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb4c89ebe9 code=0x7ffc0000 [ 53.051772][ T29] audit: type=1326 audit(1755980909.679:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5367 comm="syz.4.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb4c89ebe9 code=0x7ffc0000 [ 53.057591][ T5373] loop0: detected capacity change from 0 to 128 [ 53.075439][ T29] audit: type=1326 audit(1755980909.679:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5367 comm="syz.4.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb4c89ebe9 code=0x7ffc0000 [ 53.105049][ T29] audit: type=1400 audit(1755980909.719:1284): avc: denied { read write } for pid=5327 comm="syz.2.808" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 53.128622][ T29] audit: type=1400 audit(1755980909.719:1285): avc: denied { open } for pid=5327 comm="syz.2.808" path="/dev/raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 53.192470][ T5383] loop0: detected capacity change from 0 to 128 [ 53.211064][ T5386] loop9: detected capacity change from 0 to 7 [ 53.217372][ T5386] Buffer I/O error on dev loop9, logical block 0, async page read [ 53.225435][ T5386] Buffer I/O error on dev loop9, logical block 0, async page read [ 53.225503][ T5387] loop4: detected capacity change from 0 to 512 [ 53.233340][ T5386] loop9: unable to read partition table [ 53.233470][ T5386] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ â·û [ 53.233470][ T5386] ) failed (rc=-5) [ 53.397062][ T5403] capability: warning: `syz.0.841' uses deprecated v2 capabilities in a way that may be insecure [ 53.521243][ T5421] loop0: detected capacity change from 0 to 512 [ 53.541824][ T5421] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 53.564487][ T5421] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.851: Failed to acquire dquot type 1 [ 53.576478][ T5421] EXT4-fs (loop0): 1 truncate cleaned up [ 53.782775][ T5464] loop2: detected capacity change from 0 to 512 [ 53.802592][ T5464] ext4 filesystem being mounted at /162/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 53.838984][ T5473] loop4: detected capacity change from 0 to 164 [ 54.015493][ T5504] loop2: detected capacity change from 0 to 512 [ 54.034280][ T5504] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 54.056118][ T5504] EXT4-fs (loop2): mount failed [ 54.071856][ T5512] netlink: 'syz.0.891': attribute type 3 has an invalid length. [ 54.108240][ T5519] netlink: 'syz.4.894': attribute type 3 has an invalid length. [ 54.122986][ T5519] netlink: 'syz.4.894': attribute type 3 has an invalid length. [ 54.200438][ T5531] SELinux: failed to load policy [ 54.508273][ T5568] ALSA: seq fatal error: cannot create timer (-19) [ 54.550660][ T5578] loop0: detected capacity change from 0 to 128 [ 54.561143][ T5580] loop3: detected capacity change from 0 to 256 [ 54.570620][ T5580] vfat: Deprecated parameter 'posix' [ 54.576189][ T5580] FAT-fs: "posix" option is obsolete, not supported now [ 54.595846][ T5578] FAT-fs (loop0): error, invalid FAT chain (i_pos 548, last_block 8) [ 54.612537][ T5578] FAT-fs (loop0): Filesystem has been set read-only [ 54.637317][ T5578] FAT-fs (loop0): error, corrupted file size (i_pos 548, 522) [ 54.677673][ T5594] loop1: detected capacity change from 0 to 128 [ 54.689203][ T5594] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.853102][ T5629] netlink: 'syz.1.943': attribute type 4 has an invalid length. [ 54.983042][ T5645] loop0: detected capacity change from 0 to 256 [ 55.074724][ T5656] loop0: detected capacity change from 0 to 1024 [ 55.082112][ T5655] loop4: detected capacity change from 0 to 256 [ 55.106115][ T5656] ext4 filesystem being mounted at /216/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 55.126997][ T5663] __nla_validate_parse: 13 callbacks suppressed [ 55.127018][ T5663] netlink: 20 bytes leftover after parsing attributes in process `syz.4.959'. [ 55.159522][ T5666] rdma_op ffff8881283f4980 conn xmit_rdma 0000000000000000 [ 55.193666][ T5668] loop4: detected capacity change from 0 to 512 [ 55.210673][ T5668] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 55.238084][ T5668] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 55.361719][ T5689] loop4: detected capacity change from 0 to 1024 [ 55.391695][ T5689] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities [ 55.403795][ T5688] loop1: detected capacity change from 0 to 4096 [ 55.420706][ T5694] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 55.465267][ T5697] loop3: detected capacity change from 0 to 512 [ 55.472653][ T5697] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 55.521238][ T5697] EXT4-fs (loop3): 1 orphan inode deleted [ 55.527053][ T5697] EXT4-fs (loop3): 1 truncate cleaned up [ 55.541621][ T5708] netlink: 48 bytes leftover after parsing attributes in process `syz.4.978'. [ 55.554837][ T5697] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 55.570443][ T5697] EXT4-fs (loop3): Remounting filesystem read-only [ 55.875819][ T5756] loop2: detected capacity change from 0 to 128 [ 55.961167][ T5770] netlink: 'syz.0.1009': attribute type 3 has an invalid length. [ 55.967937][ T5764] SELinux: failed to load policy [ 56.172422][ T5800] loop3: detected capacity change from 0 to 512 [ 56.179226][ T5800] EXT4-fs: Ignoring removed mblk_io_submit option [ 56.190647][ T5800] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 56.204895][ T5800] EXT4-fs (loop3): 1 truncate cleaned up [ 56.227711][ T5800] EXT4-fs error (device loop3): ext4_ext_precache:632: inode #15: comm +}[@: pblk 0 bad header/extent: invalid magic - magic 7973, entries 27514, max 27745(0), depth 25964(25964) [ 56.307877][ T5811] netlink: 'syz.0.1026': attribute type 2 has an invalid length. [ 56.315720][ T5811] netlink: 'syz.0.1026': attribute type 1 has an invalid length. [ 56.323723][ T5811] netlink: 199820 bytes leftover after parsing attributes in process `syz.0.1026'. [ 56.485034][ T5820] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1032'. [ 56.519383][ T5822] loop4: detected capacity change from 0 to 2048 [ 57.047516][ T5858] loop0: detected capacity change from 0 to 32768 [ 57.136368][ T5883] SELinux: ebitmap: truncated map [ 57.143268][ T5883] SELinux: failed to load policy [ 57.188020][ T5891] netlink: 'syz.3.1063': attribute type 1 has an invalid length. [ 57.306643][ T5906] SELinux: Context system_u:object_r:init_var_run_t:s0 is not valid (left unmapped). [ 57.441640][ T5908] loop3: detected capacity change from 0 to 32768 [ 57.817496][ T5942] syz_tun: entered promiscuous mode [ 57.869246][ T5942] batadv_slave_0: entered promiscuous mode [ 57.891503][ T5942] hsr1: entered allmulticast mode [ 57.896664][ T5942] syz_tun: entered allmulticast mode [ 57.902152][ T5942] batadv_slave_0: entered allmulticast mode [ 57.927953][ T5952] loop0: detected capacity change from 0 to 512 [ 57.956027][ T5956] 9pnet_fd: Insufficient options for proto=fd [ 57.987563][ T29] kauditd_printk_skb: 258 callbacks suppressed [ 57.987581][ T29] audit: type=1400 audit(1755980914.759:1541): avc: denied { read } for pid=5961 comm="syz.4.1096" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 58.035053][ T29] audit: type=1400 audit(1755980914.809:1542): avc: denied { read write } for pid=5967 comm="syz.0.1099" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 58.059504][ T29] audit: type=1400 audit(1755980914.809:1543): avc: denied { open } for pid=5967 comm="syz.0.1099" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 58.126246][ T29] audit: type=1400 audit(1755980914.899:1544): avc: denied { prog_load } for pid=5973 comm="syz.4.1102" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 58.145476][ T29] audit: type=1400 audit(1755980914.899:1545): avc: denied { bpf } for pid=5973 comm="syz.4.1102" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 58.166233][ T29] audit: type=1400 audit(1755980914.899:1546): avc: denied { perfmon } for pid=5973 comm="syz.4.1102" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 58.187763][ T29] audit: type=1400 audit(1755980914.919:1547): avc: denied { read write } for pid=3311 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 58.212041][ T29] audit: type=1400 audit(1755980914.919:1548): avc: denied { open } for pid=3311 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 58.236256][ T29] audit: type=1400 audit(1755980914.919:1549): avc: denied { ioctl } for pid=3311 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 58.261933][ T29] audit: type=1400 audit(1755980914.919:1550): avc: denied { map_create } for pid=5975 comm="syz.3.1103" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 58.418625][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 58.469794][ T6002] netlink: 'syz.1.1115': attribute type 3 has an invalid length. [ 58.520980][ T6010] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1119'. [ 58.530052][ T6010] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1119'. [ 58.560837][ T6014] loop4: detected capacity change from 0 to 1024 [ 58.567742][ T6014] EXT4-fs: Ignoring removed bh option [ 58.754607][ T6039] loop3: detected capacity change from 0 to 1024 [ 58.762654][ T6039] EXT4-fs: Ignoring removed nobh option [ 58.768260][ T6039] EXT4-fs: Ignoring removed bh option [ 59.038755][ T6056] netlink: 6 bytes leftover after parsing attributes in process `syz.0.1137'. [ 59.132326][ T6063] dummy0: entered allmulticast mode [ 59.142000][ T6063] dummy0: left allmulticast mode [ 59.191405][ T6068] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1142'. [ 59.231822][ T6071] loop0: detected capacity change from 0 to 128 [ 59.237962][ C0] hrtimer: interrupt took 25739 ns [ 59.256718][ T6071] ext4 filesystem being mounted at /250/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 59.295143][ T6076] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 59.304285][ T6077] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 59.386714][ T6031] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1127: Allocating blocks 497-513 which overlap fs metadata [ 59.470968][ T6039] EXT4-fs (loop3): pa ffff888106dfb000: logic 1024, phys. 465, len 3 [ 59.479134][ T6039] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1 [ 59.522702][ T6094] loop2: detected capacity change from 0 to 512 [ 59.560254][ T6094] ext4 filesystem being mounted at /221/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 59.601723][ T6105] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 649 [ 59.665805][ T3438] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.724448][ T6122] loop0: detected capacity change from 0 to 512 [ 59.770220][ T3438] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.811747][ T6122] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 59.858822][ T6122] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.1167: corrupted in-inode xattr: overlapping e_value [ 59.860467][ T3438] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.889689][ T6122] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1167: couldn't read orphan inode 15 (err -117) [ 60.033834][ T3438] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.115852][ T6171] netlink: 20 bytes leftover after parsing attributes in process `+}[@'. [ 60.198594][ T3438] bridge_slave_1: left allmulticast mode [ 60.204445][ T3438] bridge_slave_1: left promiscuous mode [ 60.210149][ T3438] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.229365][ T3438] bridge_slave_0: left allmulticast mode [ 60.235137][ T3438] bridge_slave_0: left promiscuous mode [ 60.240919][ T3438] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.354310][ T3438] team0: Port device geneve1 removed [ 60.412996][ T3438] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 60.430781][ T3438] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 60.440577][ T3438] bond0 (unregistering): Released all slaves [ 60.452917][ T6195] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2 [ 60.463797][ T6203] vlan2: entered allmulticast mode [ 60.538082][ T3438] hsr_slave_0: left promiscuous mode [ 60.568604][ T3438] hsr_slave_1: left promiscuous mode [ 60.586502][ T6206] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 60.596386][ T3438] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 60.603861][ T3438] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 60.616017][ T6206] vhci_hcd: default hub control req: 2314 v0008 i0002 l0 [ 60.662559][ T3438] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 60.670154][ T3438] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 60.680697][ T3438] batman_adv: batadv0: Interface deactivated: ipvlan2 [ 60.687622][ T3438] batman_adv: batadv0: Removing interface: ipvlan2 [ 60.709633][ T3438] veth0_macvtap: left promiscuous mode [ 60.723150][ T3438] veth1_vlan: left promiscuous mode [ 60.728489][ T3438] veth0_vlan: left promiscuous mode [ 60.744568][ T6226] netlink: 204 bytes leftover after parsing attributes in process `syz.3.1211'. [ 60.846728][ T3438] team0 (unregistering): Port device team_slave_1 removed [ 60.860759][ T3438] team0 (unregistering): Port device team_slave_0 removed [ 60.916316][ T6224] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1210'. [ 60.925468][ T6224] netem: unknown loss type 0 [ 60.945364][ T6137] chnl_net:caif_netlink_parms(): no params data found [ 61.004369][ T6239] loop2: detected capacity change from 0 to 512 [ 61.022255][ T6239] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 61.050061][ T6137] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.057178][ T6137] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.090770][ T6137] bridge_slave_0: entered allmulticast mode [ 61.091009][ T6239] EXT4-fs (loop2): 1 truncate cleaned up [ 61.111308][ T6137] bridge_slave_0: entered promiscuous mode [ 61.126016][ T6137] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.133193][ T6137] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.160105][ T6137] bridge_slave_1: entered allmulticast mode [ 61.170875][ T6137] bridge_slave_1: entered promiscuous mode [ 61.212194][ T6137] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.240917][ T6137] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.282691][ T6137] team0: Port device team_slave_0 added [ 61.292930][ T6137] team0: Port device team_slave_1 added [ 61.317780][ T6244] loop1: detected capacity change from 0 to 32768 [ 61.348173][ T6137] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.355251][ T6137] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.381227][ T6137] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.408571][ T6244] loop1: p1 p3 < > [ 61.420119][ T6137] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.427130][ T6137] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.453123][ T6137] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.472053][ T6263] Illegal XDP return value 4294967294 on prog (id 883) dev N/A, expect packet loss! [ 61.529338][ T6137] hsr_slave_0: entered promiscuous mode [ 61.535739][ T6137] hsr_slave_1: entered promiscuous mode [ 61.600092][ T6273] pim6reg1: entered promiscuous mode [ 61.605622][ T6273] pim6reg1: entered allmulticast mode [ 61.713652][ T6289] netlink: 830 bytes leftover after parsing attributes in process `syz.2.1237'. [ 61.758295][ T6293] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1238'. [ 61.762556][ T6137] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 61.779588][ T6137] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 61.807307][ T6137] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 61.820616][ T6137] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 61.836769][ T3390] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 61.844282][ T3390] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 61.851759][ T3390] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 61.859317][ T3390] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 61.863633][ T6306] loop1: detected capacity change from 0 to 512 [ 61.866851][ T3390] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 61.880570][ T3390] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 61.888073][ T3390] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 61.895533][ T3390] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 61.903026][ T3390] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 61.905255][ T6306] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 61.910535][ T3390] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 61.927700][ T6306] EXT4-fs (loop1): mount failed [ 61.934125][ T3390] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [sy] on syz0 [ 61.976059][ T6137] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.997256][ T6137] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.007598][ T3438] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.014793][ T3438] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.029541][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.036750][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.075766][ T6137] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 62.152698][ T6137] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.194234][ T6137] veth0_vlan: entered promiscuous mode [ 62.204850][ T6137] veth1_vlan: entered promiscuous mode [ 62.238713][ T6137] veth0_macvtap: entered promiscuous mode [ 62.247268][ T6137] veth1_macvtap: entered promiscuous mode [ 62.261007][ T6137] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.272354][ T6137] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.283503][ T3438] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.299352][ T3438] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.315004][ T3438] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.327270][ T37] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.357299][ T6347] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1266'. [ 62.429894][ T6355] pimreg: entered allmulticast mode [ 62.452902][ T6355] pimreg: left allmulticast mode [ 62.595998][ T6364] loop2: detected capacity change from 0 to 512 [ 62.604706][ T6366] loop3: detected capacity change from 0 to 128 [ 62.613491][ T6364] ext4 filesystem being mounted at /251/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 62.824197][ T1406] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 62.881793][ T6379] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1271'. [ 62.891771][ T1406] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 7 with error 28 [ 62.904125][ T1406] EXT4-fs (loop2): This should not happen!! Data will be lost [ 62.904125][ T1406] [ 62.913862][ T1406] EXT4-fs (loop2): Total free blocks count 0 [ 62.919998][ T1406] EXT4-fs (loop2): Free/Dirty block details [ 62.925909][ T1406] EXT4-fs (loop2): free_blocks=65280 [ 62.931327][ T1406] EXT4-fs (loop2): dirty_blocks=7 [ 62.936377][ T1406] EXT4-fs (loop2): Block reservation details [ 62.942494][ T1406] EXT4-fs (loop2): i_reserved_data_blocks=7 [ 62.999631][ T29] kauditd_printk_skb: 310 callbacks suppressed [ 62.999649][ T29] audit: type=1400 audit(1755981175.773:1860): avc: denied { create } for pid=6384 comm="syz.0.1273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 63.051643][ T29] audit: type=1400 audit(1755981175.833:1861): avc: denied { write } for pid=6384 comm="syz.0.1273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 63.072534][ T29] audit: type=1400 audit(1755981175.833:1862): avc: denied { read } for pid=6384 comm="syz.0.1273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 63.106638][ T6369] syz.3.1261: attempt to access beyond end of device [ 63.106638][ T6369] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 63.120196][ T6369] Buffer I/O error on dev loop3, logical block 128, lost async page write [ 63.129180][ T6366] syz.3.1261: attempt to access beyond end of device [ 63.129180][ T6366] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 63.142858][ T6366] Buffer I/O error on dev loop3, logical block 128, lost async page write [ 63.154519][ T29] audit: type=1400 audit(1755981175.933:1863): avc: denied { open } for pid=6389 comm="syz.0.1275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 63.176019][ T6366] syz.3.1261: attempt to access beyond end of device [ 63.176019][ T6366] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 63.189568][ T6366] Buffer I/O error on dev loop3, logical block 128, lost async page write [ 63.198653][ T29] audit: type=1400 audit(1755981175.933:1864): avc: denied { kernel } for pid=6389 comm="syz.0.1275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 63.279014][ T29] audit: type=1400 audit(1755981176.053:1865): avc: denied { read } for pid=6392 comm="+}[@" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 63.302088][ T29] audit: type=1400 audit(1755981176.053:1866): avc: denied { open } for pid=6392 comm="+}[@" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 63.326631][ T6394] sd 0:0:1:0: device reset [ 63.328023][ T29] audit: type=1400 audit(1755981176.103:1867): avc: denied { ioctl } for pid=6392 comm="+}[@" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2284 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 63.391878][ T29] audit: type=1400 audit(1755981176.153:1868): avc: denied { name_bind } for pid=6397 comm="syz.2.1278" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 63.413743][ T29] audit: type=1400 audit(1755981176.153:1869): avc: denied { node_bind } for pid=6397 comm="syz.2.1278" saddr=224.0.0.1 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 63.415171][ T6401] random: crng reseeded on system resumption [ 63.496342][ T6408] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1283'. [ 63.509978][ T6407] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1282'. [ 63.534722][ T6411] vhci_hcd: invalid port number 236 [ 63.536679][ T6407] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1282'. [ 63.541037][ T6411] vhci_hcd: invalid port number 236 [ 63.555681][ T6412] 9pnet_fd: Insufficient options for proto=fd [ 63.651347][ T6433] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1293'. [ 63.731333][ T3397] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 63.761143][ T6443] loop3: detected capacity change from 0 to 128 [ 64.065727][ T6463] netlink: 'syz.0.1308': attribute type 3 has an invalid length. [ 64.091613][ T6465] RDS: rds_bind could not find a transport for fe80::28, load rds_tcp or rds_rdma? [ 64.466269][ T6484] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 64.466269][ T6484] program syz.1.1315 not setting count and/or reply_len properly [ 64.553014][ T6497] vhci_hcd: invalid port number 236 [ 64.558464][ T6497] vhci_hcd: invalid port number 236 [ 64.607764][ T6504] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 64.662375][ T6508] SELinux: failed to load policy [ 65.116551][ T6525] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 649 [ 65.177309][ T6533] IPVS: Error joining to the multicast group [ 65.399881][ T6543] loop0: detected capacity change from 0 to 512 [ 65.440843][ T6543] ext4 filesystem being mounted at /306/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 65.505357][ T6559] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 649 [ 65.596252][ T6567] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 65.608555][ T6569] netem: unknown loss type 0 [ 65.613332][ T6569] netem: change failed [ 65.621157][ T6567] vhci_hcd: default hub control req: 2314 v0008 i0002 l0 [ 66.085162][ T6653] __nla_validate_parse: 6 callbacks suppressed [ 66.085177][ T6653] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1407'. [ 66.236465][ T6667] batadv1: entered promiscuous mode [ 66.243672][ T6668] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1414'. [ 66.345836][ T6679] netlink: 20 bytes leftover after parsing attributes in process `+}[@'. [ 66.418132][ T6693] loop5: detected capacity change from 0 to 1024 [ 66.428903][ T6693] EXT4-fs: Ignoring removed bh option [ 66.435709][ T6693] EXT4-fs: Ignoring removed nobh option [ 66.494836][ T6700] loop9: detected capacity change from 0 to 7 [ 66.501229][ T6700] Buffer I/O error on dev loop9, logical block 0, async page read [ 66.510904][ T6700] Buffer I/O error on dev loop9, logical block 0, async page read [ 66.518763][ T6700] loop9: unable to read partition table [ 66.524573][ T6700] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ â·û [ 66.524573][ T6700] ) failed (rc=-5) [ 66.558746][ T6704] loop5: detected capacity change from 0 to 164 [ 66.576277][ T6704] syz.5.1417: attempt to access beyond end of device [ 66.576277][ T6704] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 66.620807][ T6704] syz.5.1417: attempt to access beyond end of device [ 66.620807][ T6704] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 66.642705][ T6706] batadv1: entered promiscuous mode [ 66.679058][ T6712] loop5: detected capacity change from 0 to 128 [ 66.737920][ T6718] loop5: detected capacity change from 0 to 1024 [ 66.751761][ T6718] EXT4-fs: Ignoring removed orlov option [ 66.756086][ T6725] loop2: detected capacity change from 0 to 1024 [ 66.765224][ T6725] EXT4-fs: Ignoring removed bh option [ 66.772146][ T6725] EXT4-fs: Ignoring removed nobh option [ 66.794959][ T6718] EXT4-fs: Ignoring sb option on remount [ 66.800843][ T6718] EXT4-fs: Ignoring removed orlov option [ 66.806706][ T6718] EXT4-fs: Ignoring removed nomblk_io_submit option [ 66.814264][ T6726] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 66.821835][ T6726] vhci_hcd: default hub control req: 2314 v0008 i0002 l0 [ 66.829069][ T6718] EXT4-fs: Remounting fs w/o journal so ignoring data_err option [ 66.840534][ T6718] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000. [ 66.945716][ T6746] loop2: detected capacity change from 0 to 128 [ 66.996740][ T6751] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1441'. [ 67.005763][ T6751] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1441'. [ 67.016191][ T6752] loop2: detected capacity change from 0 to 164 [ 67.034233][ T6752] syz.2.1440: attempt to access beyond end of device [ 67.034233][ T6752] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 67.056966][ T6752] syz.2.1440: attempt to access beyond end of device [ 67.056966][ T6752] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 67.107464][ T6758] batadv1: entered promiscuous mode [ 67.128331][ T6762] loop5: detected capacity change from 0 to 164 [ 67.217947][ T6772] loop9: detected capacity change from 0 to 7 [ 67.226887][ T6774] loop5: detected capacity change from 0 to 128 [ 67.229410][ T6772] Buffer I/O error on dev loop9, logical block 0, async page read [ 67.241300][ T6772] Buffer I/O error on dev loop9, logical block 0, async page read [ 67.249164][ T6772] loop9: unable to read partition table [ 67.259044][ T6772] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ â·û [ 67.259044][ T6772] ) failed (rc=-5) [ 67.734385][ T6784] loop0: detected capacity change from 0 to 164 [ 67.746464][ T6783] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1454'. [ 67.755543][ T6783] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1454'. [ 67.773381][ T6784] syz.0.1455: attempt to access beyond end of device [ 67.773381][ T6784] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 67.811946][ T6789] netlink: 'syz.2.1458': attribute type 3 has an invalid length. [ 67.814149][ T6784] syz.0.1455: attempt to access beyond end of device [ 67.814149][ T6784] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 68.016456][ T6810] SELinux: failed to load policy [ 68.078449][ T6830] loop0: detected capacity change from 0 to 164 [ 68.094665][ T6834] loop1: detected capacity change from 0 to 164 [ 68.106587][ T6834] syz.1.1477: attempt to access beyond end of device [ 68.106587][ T6834] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 68.143604][ T6834] syz.1.1477: attempt to access beyond end of device [ 68.143604][ T6834] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 68.193771][ T29] kauditd_printk_skb: 167 callbacks suppressed [ 68.193789][ T29] audit: type=1400 audit(1755981180.973:2037): avc: denied { mount } for pid=6843 comm="syz.1.1483" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 68.253132][ T29] audit: type=1400 audit(1755981181.033:2038): avc: denied { unmount } for pid=3311 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 68.300957][ T29] audit: type=1326 audit(1755981181.063:2039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6853 comm="syz.2.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd126f7ebe9 code=0x7ffc0000 [ 68.324589][ T29] audit: type=1326 audit(1755981181.063:2040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6853 comm="syz.2.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd126f7ebe9 code=0x7ffc0000 [ 68.348053][ T29] audit: type=1326 audit(1755981181.063:2041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6853 comm="syz.2.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd126f7ebe9 code=0x7ffc0000 [ 68.371623][ T29] audit: type=1326 audit(1755981181.063:2042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6853 comm="syz.2.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd126f7ebe9 code=0x7ffc0000 [ 68.395229][ T29] audit: type=1326 audit(1755981181.063:2043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6853 comm="syz.2.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd126f7ebe9 code=0x7ffc0000 [ 68.408283][ T6857] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1489'. [ 68.418682][ T29] audit: type=1326 audit(1755981181.063:2044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6853 comm="syz.2.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd126f7ebe9 code=0x7ffc0000 [ 68.427618][ T6857] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1489'. [ 68.451040][ T29] audit: type=1326 audit(1755981181.063:2045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6853 comm="syz.2.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd126f7ebe9 code=0x7ffc0000 [ 68.483300][ T29] audit: type=1326 audit(1755981181.063:2046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6853 comm="syz.2.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd126f7ebe9 code=0x7ffc0000 [ 68.503765][ T6860] loop1: detected capacity change from 0 to 128 [ 68.689871][ T6882] loop3: detected capacity change from 0 to 512 [ 68.712463][ T6884] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1503'. [ 68.824498][ T6900] loop5: detected capacity change from 0 to 256 [ 68.835784][ T6898] SELinux: failed to load policy [ 68.896332][ T6903] netlink: 'syz.3.1513': attribute type 4 has an invalid length. [ 68.911436][ T6909] loop2: detected capacity change from 0 to 256 [ 69.139194][ T6929] loop3: detected capacity change from 0 to 128 [ 69.154098][ T6928] loop1: detected capacity change from 0 to 512 [ 69.161400][ T6928] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 69.193420][ T6928] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.1521: Failed to acquire dquot type 1 [ 69.218600][ T6928] EXT4-fs (loop1): 1 truncate cleaned up [ 69.225442][ T6928] EXT4-fs mount: 48 callbacks suppressed [ 69.225461][ T6928] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.230254][ T6937] loop5: detected capacity change from 0 to 164 [ 69.258088][ T6937] syz.5.1524: attempt to access beyond end of device [ 69.258088][ T6937] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 69.274279][ T6937] syz.5.1524: attempt to access beyond end of device [ 69.274279][ T6937] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 69.288679][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.340981][ T6948] loop0: detected capacity change from 0 to 164 [ 69.360697][ T6948] syz.0.1540: attempt to access beyond end of device [ 69.360697][ T6948] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 69.387932][ T6948] syz.0.1540: attempt to access beyond end of device [ 69.387932][ T6948] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 69.481372][ T6959] loop0: detected capacity change from 0 to 164 [ 69.508012][ T6959] syz.0.1548: attempt to access beyond end of device [ 69.508012][ T6959] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 69.543327][ T6959] syz.0.1548: attempt to access beyond end of device [ 69.543327][ T6959] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 69.603932][ T6970] loop5: detected capacity change from 0 to 512 [ 69.611171][ T6970] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 69.634690][ T6970] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.1539: Failed to acquire dquot type 1 [ 69.646943][ T6970] EXT4-fs (loop5): 1 truncate cleaned up [ 69.653442][ T6970] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.678411][ T6137] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.823412][ T6981] loop2: detected capacity change from 0 to 128 [ 69.967635][ T7002] loop3: detected capacity change from 0 to 512 [ 69.978455][ T7002] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 70.004824][ T7002] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1556: Failed to acquire dquot type 1 [ 70.020589][ T7002] EXT4-fs (loop3): 1 truncate cleaned up [ 70.029024][ T7002] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.167432][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.182328][ T7014] SELinux: failed to load policy [ 70.428065][ T7047] loop1: detected capacity change from 0 to 512 [ 70.466714][ T7047] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.480930][ T7047] ext4 filesystem being mounted at /299/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 70.495792][ T7055] netlink: 'syz.2.1581': attribute type 2 has an invalid length. [ 70.503648][ T7055] netlink: 'syz.2.1581': attribute type 1 has an invalid length. [ 70.536883][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.720864][ T7080] loop0: detected capacity change from 0 to 512 [ 70.737309][ T7083] loop5: detected capacity change from 0 to 128 [ 70.754101][ T7080] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.767319][ T7080] ext4 filesystem being mounted at /343/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 70.796735][ T7083] FAT-fs (loop5): error, invalid FAT chain (i_pos 548, last_block 8) [ 70.805584][ T7083] FAT-fs (loop5): Filesystem has been set read-only [ 70.817146][ T7083] FAT-fs (loop5): error, corrupted file size (i_pos 548, 522) [ 70.836122][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.924988][ T7105] netlink: 'syz.3.1603': attribute type 3 has an invalid length. [ 70.934130][ T7105] netlink: 'syz.3.1603': attribute type 3 has an invalid length. [ 70.965102][ T7111] netlink: 'syz.1.1616': attribute type 1 has an invalid length. [ 71.090541][ T7127] loop2: detected capacity change from 0 to 256 [ 71.097562][ T7127] vfat: Deprecated parameter 'posix' [ 71.102963][ T7127] FAT-fs: "posix" option is obsolete, not supported now [ 71.170894][ T7132] loop2: detected capacity change from 0 to 256 [ 71.511977][ T7165] loop0: detected capacity change from 0 to 128 [ 71.514366][ T7166] loop3: detected capacity change from 0 to 256 [ 71.544769][ T7165] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 71.558546][ T7165] ext4 filesystem being mounted at /352/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 71.632460][ T3302] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 71.664392][ T7178] 9pnet_fd: Insufficient options for proto=fd [ 71.671137][ T7180] syz_tun: entered promiscuous mode [ 71.683343][ T7180] batadv_slave_0: entered promiscuous mode [ 71.702638][ T7180] debugfs: 'hsr1' already exists in 'hsr' [ 71.708434][ T7180] Cannot create hsr debugfs directory [ 71.714656][ T7180] hsr1: entered allmulticast mode [ 71.719797][ T7180] syz_tun: entered allmulticast mode [ 71.725148][ T7180] batadv_slave_0: entered allmulticast mode [ 71.759828][ T7193] rdma_op ffff8881279f4d80 conn xmit_rdma 0000000000000000 [ 71.815915][ T7201] loop0: detected capacity change from 0 to 1024 [ 71.831874][ T7203] loop1: detected capacity change from 0 to 256 [ 71.837129][ T7201] EXT4-fs: Ignoring removed bh option [ 71.861235][ T7201] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.902244][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.097034][ T7235] loop1: detected capacity change from 0 to 512 [ 72.113199][ T7235] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 72.141733][ T7235] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 72.157761][ T7235] ext4 filesystem being mounted at /320/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.168461][ T7214] loop3: detected capacity change from 0 to 32768 [ 72.196362][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 72.397934][ T7278] loop1: detected capacity change from 0 to 128 [ 72.426616][ T7281] loop2: detected capacity change from 0 to 1024 [ 72.434024][ T7281] EXT4-fs: Ignoring removed bh option [ 72.451514][ T7281] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.489089][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.517976][ T7290] loop2: detected capacity change from 0 to 128 [ 72.537106][ T7290] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 72.551504][ T7290] ext4 filesystem being mounted at /348/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.599131][ T7296] loop0: detected capacity change from 0 to 1024 [ 72.606313][ T7296] EXT4-fs: Ignoring removed nobh option [ 72.606744][ T3308] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 72.612558][ T7296] EXT4-fs: Ignoring removed bh option [ 72.632395][ T7296] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.657111][ T7295] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.1687: Allocating blocks 497-513 which overlap fs metadata [ 72.709824][ T7300] __nla_validate_parse: 15 callbacks suppressed [ 72.709843][ T7300] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1700'. [ 72.747571][ T7301] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 72.784680][ T7295] EXT4-fs (loop0): pa ffff888106dfb1c0: logic 0, phys. 113, len 25 [ 72.792953][ T7295] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 22, pa_free 23 [ 72.807500][ T7304] loop2: detected capacity change from 0 to 512 [ 72.818009][ T7304] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 72.840797][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.853908][ T7304] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 72.873912][ T7304] ext4 filesystem being mounted at /349/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.905829][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 72.945035][ T7323] netlink: 'syz.1.1697': attribute type 3 has an invalid length. [ 73.122332][ T7341] loop0: detected capacity change from 0 to 4096 [ 73.132436][ T7341] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.159103][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.256409][ T7340] loop5: detected capacity change from 0 to 1024 [ 73.264435][ T7340] EXT4-fs: Ignoring removed nobh option [ 73.270064][ T7340] EXT4-fs: Ignoring removed bh option [ 73.290736][ T7340] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.413656][ T7346] loop0: detected capacity change from 0 to 512 [ 73.427382][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.442348][ T7346] EXT4-fs: Ignoring removed mblk_io_submit option [ 73.456176][ T29] kauditd_printk_skb: 206 callbacks suppressed [ 73.456192][ T29] audit: type=1400 audit(1755981186.233:2247): avc: denied { execmem } for pid=7347 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 73.462879][ T7346] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 73.503967][ T7346] EXT4-fs (loop0): 1 truncate cleaned up [ 73.510364][ T7346] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.526514][ T29] audit: type=1400 audit(1755981186.303:2248): avc: denied { mounton } for pid=7349 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 73.548327][ T29] audit: type=1400 audit(1755981186.303:2249): avc: denied { module_request } for pid=7349 comm="syz-executor" kmod="netdev-nr6" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 73.552689][ T7346] EXT4-fs error (device loop0): ext4_ext_precache:632: inode #15: comm +}[@: pblk 0 bad header/extent: invalid magic - magic 7973, entries 27514, max 27745(0), depth 25964(25964) [ 73.590362][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.604788][ T29] audit: type=1400 audit(1755981186.323:2250): avc: denied { ioctl } for pid=7345 comm="+}[@" path="/370/bus/file1" dev="loop0" ino=15 ioctlcmd=0x660b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 73.631706][ T29] audit: type=1400 audit(1755981186.383:2251): avc: denied { sys_module } for pid=7349 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 73.672189][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.686057][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.712379][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.727864][ T7337] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.1706: Allocating blocks 497-513 which overlap fs metadata [ 73.807645][ T7349] chnl_net:caif_netlink_parms(): no params data found [ 73.814872][ T7336] EXT4-fs (loop5): pa ffff888106dfb1c0: logic 560, phys. 305, len 13 [ 73.823073][ T7336] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1 [ 73.844789][ T12] bridge_slave_1: left allmulticast mode [ 73.850526][ T12] bridge_slave_1: left promiscuous mode [ 73.856278][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.870646][ T12] bridge_slave_0: left allmulticast mode [ 73.870821][ T6137] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.876371][ T12] bridge_slave_0: left promiscuous mode [ 73.891036][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.963124][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 73.973354][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 73.983219][ T12] bond0 (unregistering): Released all slaves [ 74.009324][ T7349] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.016447][ T7349] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.023803][ T7349] bridge_slave_0: entered allmulticast mode [ 74.030349][ T7349] bridge_slave_0: entered promiscuous mode [ 74.037078][ T7349] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.044231][ T7349] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.051663][ T7349] bridge_slave_1: entered allmulticast mode [ 74.058274][ T12] IPVS: stopping backup sync thread 7301 ... [ 74.058570][ T7349] bridge_slave_1: entered promiscuous mode [ 74.083934][ T12] hsr_slave_0: left promiscuous mode [ 74.090550][ T12] hsr_slave_1: left promiscuous mode [ 74.096210][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 74.103732][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 74.111386][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 74.118776][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 74.128670][ T12] veth1_macvtap: left promiscuous mode [ 74.134237][ T12] veth0_macvtap: left promiscuous mode [ 74.139823][ T12] veth1_vlan: left promiscuous mode [ 74.145055][ T12] veth0_vlan: left promiscuous mode [ 74.208430][ T12] team0 (unregistering): Port device team_slave_1 removed [ 74.218310][ T12] team0 (unregistering): Port device team_slave_0 removed [ 74.251459][ T7349] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.261954][ T7349] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.281578][ T7349] team0: Port device team_slave_0 added [ 74.288110][ T7349] team0: Port device team_slave_1 added [ 74.305527][ T7349] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.312571][ T7349] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.338509][ T7349] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.349884][ T7349] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.356917][ T7349] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.382995][ T7349] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.408886][ T7349] hsr_slave_0: entered promiscuous mode [ 74.415223][ T7349] hsr_slave_1: entered promiscuous mode [ 74.421217][ T7349] debugfs: 'hsr0' already exists in 'hsr' [ 74.426973][ T7349] Cannot create hsr debugfs directory [ 74.493675][ T7349] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 74.502697][ T7349] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 74.512574][ T7349] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 74.522801][ T7349] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 74.538069][ T7349] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.545265][ T7349] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.552537][ T7349] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.559677][ T7349] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.588600][ T7349] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.598488][ T1406] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.606692][ T1406] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.620451][ T7349] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.630781][ T3438] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.637949][ T3438] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.648700][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.655799][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.716257][ T7349] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.822481][ T7349] veth0_vlan: entered promiscuous mode [ 74.830431][ T7349] veth1_vlan: entered promiscuous mode [ 74.845170][ T7349] veth0_macvtap: entered promiscuous mode [ 74.852515][ T7349] veth1_macvtap: entered promiscuous mode [ 74.863704][ T7349] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.874425][ T7349] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.884836][ T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.893840][ T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.903574][ T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.913643][ T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.930761][ T29] audit: type=1400 audit(1755981187.713:2252): avc: denied { mounton } for pid=7349 comm="syz-executor" path="/root/syzkaller.3Ayefe/syz-tmp" dev="sda1" ino=2049 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 74.955201][ T29] audit: type=1400 audit(1755981187.713:2253): avc: denied { mount } for pid=7349 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 74.977765][ T29] audit: type=1400 audit(1755981187.733:2254): avc: denied { mount } for pid=7349 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 74.999948][ T29] audit: type=1400 audit(1755981187.733:2255): avc: denied { mounton } for pid=7349 comm="syz-executor" path="/root/syzkaller.3Ayefe/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 75.026912][ T29] audit: type=1400 audit(1755981187.733:2256): avc: denied { mounton } for pid=7349 comm="syz-executor" path="/root/syzkaller.3Ayefe/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=18239 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 75.066703][ T7394] netlink: 204 bytes leftover after parsing attributes in process `syz.2.1723'. [ 75.483851][ T7432] loop2: detected capacity change from 0 to 1024 [ 75.530245][ T7432] EXT4-fs: Ignoring removed nobh option [ 75.536073][ T7432] EXT4-fs: Ignoring removed bh option [ 75.542092][ T7434] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2 [ 75.633462][ T7432] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.049657][ T7476] loop0: detected capacity change from 0 to 128 [ 76.114384][ T7431] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.1729: Allocating blocks 497-513 which overlap fs metadata [ 76.276054][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.304161][ T7501] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1763'. [ 76.357804][ T7509] loop6: detected capacity change from 0 to 512 [ 76.366909][ T7509] EXT4-fs: Ignoring removed mblk_io_submit option [ 76.374256][ T7509] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 76.393245][ T7509] EXT4-fs (loop6): 1 truncate cleaned up [ 76.401652][ T7509] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.420760][ T7509] EXT4-fs error (device loop6): ext4_ext_precache:632: inode #15: comm +}[@: pblk 0 bad header/extent: invalid magic - magic 7973, entries 27514, max 27745(0), depth 25964(25964) [ 76.456188][ T7349] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.743127][ T7548] sd 0:0:1:0: device reset [ 76.848469][ T7558] random: crng reseeded on system resumption [ 76.914123][ T7566] 9pnet_fd: Insufficient options for proto=fd [ 76.927443][ T7568] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1792'. [ 77.463108][ T7640] SELinux: ebitmap: truncated map [ 77.470612][ T7640] SELinux: failed to load policy [ 77.518384][ T7644] netlink: 'syz.2.1828': attribute type 1 has an invalid length. [ 77.861008][ T7675] loop2: detected capacity change from 0 to 32768 [ 78.272659][ T7703] syz_tun: entered promiscuous mode [ 78.278919][ T7703] batadv_slave_0: entered promiscuous mode [ 78.286192][ T7703] debugfs: 'hsr1' already exists in 'hsr' [ 78.292041][ T7703] Cannot create hsr debugfs directory [ 78.297990][ T7703] hsr1: entered allmulticast mode [ 78.303100][ T7703] syz_tun: entered allmulticast mode [ 78.308436][ T7703] batadv_slave_0: entered allmulticast mode [ 78.339107][ T7707] 9pnet_fd: Insufficient options for proto=fd [ 78.536542][ T29] kauditd_printk_skb: 205 callbacks suppressed [ 78.536560][ T29] audit: type=1326 audit(1755981447.304:2462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7722 comm="syz.6.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0aa8ebe9 code=0x7ffc0000 [ 78.599794][ T29] audit: type=1326 audit(1755981447.344:2463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7722 comm="syz.6.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0aa8ebe9 code=0x7ffc0000 [ 78.623309][ T29] audit: type=1326 audit(1755981447.344:2464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7722 comm="syz.6.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f8b0aa8ebe9 code=0x7ffc0000 [ 78.699043][ T29] audit: type=1400 audit(1755981447.434:2465): avc: denied { map_create } for pid=7725 comm="syz.2.1866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 78.718417][ T29] audit: type=1400 audit(1755981447.434:2466): avc: denied { map_read map_write } for pid=7725 comm="syz.2.1866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 78.738387][ T29] audit: type=1400 audit(1755981447.434:2467): avc: denied { prog_load } for pid=7725 comm="syz.2.1866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 78.757688][ T29] audit: type=1400 audit(1755981447.444:2468): avc: denied { bpf } for pid=7725 comm="syz.2.1866" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 78.779149][ T29] audit: type=1400 audit(1755981447.444:2469): avc: denied { perfmon } for pid=7725 comm="syz.2.1866" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 78.800192][ T29] audit: type=1400 audit(1755981447.444:2470): avc: denied { prog_run } for pid=7725 comm="syz.2.1866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 78.819309][ T29] audit: type=1400 audit(1755981447.444:2471): avc: denied { read write } for pid=3309 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 79.048701][ T7738] netlink: 'syz.2.1870': attribute type 3 has an invalid length. [ 79.053497][ T7737] loop3: detected capacity change from 0 to 2048 [ 79.097698][ T7741] loop6: detected capacity change from 0 to 1024 [ 79.117617][ T7741] EXT4-fs: Ignoring removed nobh option [ 79.123278][ T7741] EXT4-fs: Ignoring removed bh option [ 79.143276][ T7745] netlink: 6 bytes leftover after parsing attributes in process `syz.3.1874'. [ 79.143408][ T7741] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.364595][ T7736] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.1869: Allocating blocks 497-513 which overlap fs metadata [ 79.418191][ T7741] EXT4-fs (loop6): pa ffff888106e9d7e0: logic 480, phys. 209, len 19 [ 79.426405][ T7741] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1 [ 79.490045][ T7349] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.741095][ T7758] loop6: detected capacity change from 0 to 32768 [ 79.798391][ T3302] syz_tun (unregistering): left promiscuous mode [ 79.888450][ T7779] netdevsim netdevsim5: Direct firmware load for ./file0 failed with error -2 [ 79.967418][ T31] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.013286][ T31] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.042685][ T7780] loop3: detected capacity change from 0 to 128 [ 80.077730][ T31] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.110000][ T7793] netlink: 204 bytes leftover after parsing attributes in process `syz.5.1895'. [ 80.129020][ T7780] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 80.149946][ T31] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.163431][ T7780] ext4 filesystem being mounted at /374/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.216314][ T7780] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 80.234515][ T31] bridge_slave_1: left allmulticast mode [ 80.240456][ T31] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.248190][ T31] bridge_slave_0: left promiscuous mode [ 80.253999][ T31] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.312357][ T31] team0: Port device geneve1 removed [ 80.353007][ T31] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 80.365688][ T31] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 80.376994][ T31] bond0 (unregistering): Released all slaves [ 80.387495][ T31] bond1 (unregistering): Released all slaves [ 80.398921][ T31] bond2 (unregistering): Released all slaves [ 80.419838][ T7804] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1896'. [ 80.428832][ T7804] netem: unknown loss type 0 [ 80.433513][ T7804] netem: change failed [ 80.462259][ T31] batadv_slave_0: left promiscuous mode [ 80.494640][ T31] hsr_slave_0: left promiscuous mode [ 80.504546][ T31] hsr_slave_1: left promiscuous mode [ 80.510731][ T31] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 80.518160][ T31] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 80.525941][ T31] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 80.533567][ T31] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 80.544915][ T31] veth0_macvtap: left promiscuous mode [ 80.550582][ T31] veth1_vlan: left promiscuous mode [ 80.555830][ T31] veth0_vlan: left promiscuous mode [ 80.652340][ T7832] loop6: detected capacity change from 0 to 512 [ 80.662127][ T7832] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 80.687593][ T7832] EXT4-fs (loop6): 1 truncate cleaned up [ 80.699401][ T7832] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.713170][ T7819] loop5: detected capacity change from 0 to 32768 [ 80.738071][ T31] team0 (unregistering): Port device team_slave_1 removed [ 80.745726][ T7819] loop5: p1 p3 < > [ 80.768236][ T31] team0 (unregistering): Port device team_slave_0 removed [ 80.809885][ T7349] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.830327][ T7829] pim6reg1: entered promiscuous mode [ 80.835717][ T7829] pim6reg1: entered allmulticast mode [ 80.995401][ T7838] loop6: detected capacity change from 0 to 128 [ 80.999775][ T7846] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1910'. [ 81.026733][ T7794] chnl_net:caif_netlink_parms(): no params data found [ 81.102914][ T7838] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 81.148952][ T7848] loop5: detected capacity change from 0 to 32768 [ 81.156612][ T7838] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.179246][ T2957] hid_parser_main: 23 callbacks suppressed [ 81.179342][ T2957] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 81.180625][ T7794] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.185290][ T2957] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 81.192635][ T7794] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.199794][ T2957] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 81.221620][ T2957] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 81.224988][ T7794] bridge_slave_0: entered allmulticast mode [ 81.230219][ T2957] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 81.230247][ T2957] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 81.230316][ T2957] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 81.243679][ T7794] bridge_slave_0: entered promiscuous mode [ 81.251085][ T2957] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 81.251115][ T2957] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 81.270681][ T7794] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.271810][ T2957] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 81.279123][ T7794] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.287791][ T2957] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [sy] on syz0 [ 81.310810][ T7794] bridge_slave_1: entered allmulticast mode [ 81.317371][ T7794] bridge_slave_1: entered promiscuous mode [ 81.318252][ T7838] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 81.342542][ T7794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.360799][ T7794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.386066][ T7794] team0: Port device team_slave_0 added [ 81.393001][ T7794] team0: Port device team_slave_1 added [ 81.412273][ T7794] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.419298][ T7794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.445348][ T7794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.462329][ T7794] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.469363][ T7794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.495609][ T7794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.562786][ T7794] hsr_slave_0: entered promiscuous mode [ 81.568985][ T7794] hsr_slave_1: entered promiscuous mode [ 81.576114][ T7794] debugfs: 'hsr0' already exists in 'hsr' [ 81.582051][ T7794] Cannot create hsr debugfs directory [ 81.663484][ T7882] loop3: detected capacity change from 0 to 512 [ 81.670645][ T7882] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 81.687726][ T7882] EXT4-fs (loop3): 1 truncate cleaned up [ 81.698372][ T7882] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.842386][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.866865][ T7885] loop5: detected capacity change from 0 to 32768 [ 81.897387][ T7794] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 81.912021][ T7794] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 81.922024][ T7794] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 81.944192][ T7794] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 82.033338][ T7794] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.051394][ T7794] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.063725][ T1406] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.070866][ T1406] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.083372][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.090491][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.153876][ T7915] random: crng reseeded on system resumption [ 82.192936][ T7794] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.238493][ T7923] 9pnet_fd: Insufficient options for proto=fd [ 82.253031][ T7929] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1941'. [ 82.271506][ T7929] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1941'. [ 82.324317][ T7936] vhci_hcd: invalid port number 236 [ 82.329918][ T7936] vhci_hcd: invalid port number 236 [ 82.337729][ T7794] veth0_vlan: entered promiscuous mode [ 82.360538][ T7794] veth1_vlan: entered promiscuous mode [ 82.378859][ T7794] veth0_macvtap: entered promiscuous mode [ 82.386494][ T7794] veth1_macvtap: entered promiscuous mode [ 82.399235][ T7794] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.416653][ T7794] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.428547][ T31] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.438581][ T31] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.448197][ T31] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.459587][ T31] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.586544][ T7946] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1904'. [ 82.613905][ T7950] loop5: detected capacity change from 0 to 512 [ 82.625929][ T7950] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 82.637525][ T7950] EXT4-fs (loop5): 1 truncate cleaned up [ 82.645042][ T7950] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.729567][ T6137] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.750738][ T7947] loop3: detected capacity change from 0 to 32768 [ 82.910892][ T7967] random: crng reseeded on system resumption [ 82.930739][ T2957] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 82.968790][ T7974] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1955'. [ 82.997318][ T7975] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1967'. [ 83.080305][ T23] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 83.080946][ T7990] vlan2: entered promiscuous mode [ 83.095127][ T7990] macvtap0: entered promiscuous mode [ 83.105464][ T7985] loop0: detected capacity change from 0 to 512 [ 83.124133][ T7985] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 83.136656][ T7985] EXT4-fs (loop0): 1 truncate cleaned up [ 83.143183][ T7985] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.231415][ T7794] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.233040][ T7987] loop2: detected capacity change from 0 to 128 [ 83.275869][ T7987] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 83.320745][ T7987] ext4 filesystem being mounted at /409/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.424356][ T7987] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 83.525979][ T8013] random: crng reseeded on system resumption [ 83.611679][ T8020] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1974'. [ 83.632291][ T29] kauditd_printk_skb: 122 callbacks suppressed [ 83.632308][ T29] audit: type=1400 audit(1755981708.407:2594): avc: denied { write } for pid=8021 comm="syz.3.1975" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 83.662284][ T29] audit: type=1400 audit(1755981708.407:2595): avc: denied { open } for pid=8021 comm="syz.3.1975" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 83.691658][ T29] audit: type=1400 audit(1755981708.467:2596): avc: denied { ioctl } for pid=8021 comm="syz.3.1975" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 83.719712][ T8022] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 83.719712][ T8022] program syz.3.1975 not setting count and/or reply_len properly [ 83.757006][ T29] audit: type=1400 audit(1755981708.517:2597): avc: denied { watch watch_reads } for pid=8026 comm="syz.5.1977" path="/144" dev="tmpfs" ino=755 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 83.780139][ T29] audit: type=1400 audit(1755981708.527:2598): avc: denied { write } for pid=8023 comm="syz.6.1976" path="socket:[20673]" dev="sockfs" ino=20673 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 83.824503][ T8006] loop0: detected capacity change from 0 to 32768 [ 83.845523][ T29] audit: type=1400 audit(1755981708.617:2599): avc: denied { create } for pid=8034 comm="syz.6.1982" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 83.922428][ T29] audit: type=1400 audit(1755981708.647:2600): avc: denied { setopt } for pid=8034 comm="syz.6.1982" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 83.942092][ T29] audit: type=1400 audit(1755981708.647:2601): avc: denied { bind } for pid=8034 comm="syz.6.1982" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 84.057516][ T8037] loop5: detected capacity change from 0 to 128 [ 84.103411][ T8037] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 84.128484][ T8037] ext4 filesystem being mounted at /146/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.175087][ T8037] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 84.201728][ T29] audit: type=1326 audit(1755981708.967:2602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8052 comm="syz.3.1988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b178febe9 code=0x7ffc0000 [ 84.202938][ T8053] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1998'. [ 84.225257][ T29] audit: type=1326 audit(1755981708.977:2603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8052 comm="syz.3.1988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b178febe9 code=0x7ffc0000 [ 84.264579][ T8051] loop2: detected capacity change from 0 to 512 [ 84.293498][ T8047] loop0: detected capacity change from 0 to 32768 [ 84.295204][ T8053] netem: change failed [ 84.305452][ T8051] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #3: comm syz.2.1987: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0) [ 84.325041][ T8051] EXT4-fs error (device loop2): ext4_quota_enable:7131: comm syz.2.1987: Bad quota inode: 3, type: 0 [ 84.336358][ T8051] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 84.351448][ T8051] EXT4-fs (loop2): mount failed [ 84.391821][ T8061] loop5: detected capacity change from 0 to 128 [ 84.461138][ T8070] syz.5.2002: attempt to access beyond end of device [ 84.461138][ T8070] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 84.491270][ T8070] syz.5.2002: attempt to access beyond end of device [ 84.491270][ T8070] loop5: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 84.525253][ T8070] syz.5.2002: attempt to access beyond end of device [ 84.525253][ T8070] loop5: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 84.542044][ T8070] syz.5.2002: attempt to access beyond end of device [ 84.542044][ T8070] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 84.557959][ T8075] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 84.557959][ T8075] program syz.6.1994 not setting count and/or reply_len properly [ 84.581402][ T8080] vlan2: entered promiscuous mode [ 84.586512][ T8080] macvtap0: entered promiscuous mode [ 84.611673][ T8070] syz.5.2002: attempt to access beyond end of device [ 84.611673][ T8070] loop5: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 84.644944][ T8070] syz.5.2002: attempt to access beyond end of device [ 84.644944][ T8070] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 84.665855][ T8090] vhci_hcd: default hub control req: 8208 v0000 i0000 l0 [ 84.673339][ T8070] syz.5.2002: attempt to access beyond end of device [ 84.673339][ T8070] loop5: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 84.699337][ T8070] syz.5.2002: attempt to access beyond end of device [ 84.699337][ T8070] loop5: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 84.713051][ T8070] syz.5.2002: attempt to access beyond end of device [ 84.713051][ T8070] loop5: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 84.728142][ T8070] syz.5.2002: attempt to access beyond end of device [ 84.728142][ T8070] loop5: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 84.786409][ T8097] loop6: detected capacity change from 0 to 512 [ 84.849077][ T8097] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #3: comm syz.6.2008: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0) [ 84.963314][ T8097] EXT4-fs error (device loop6): ext4_quota_enable:7131: comm syz.6.2008: Bad quota inode: 3, type: 0 [ 84.974772][ T8097] EXT4-fs warning (device loop6): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 84.990549][ T8097] EXT4-fs (loop6): mount failed [ 85.007808][ T8111] netlink: 5 bytes leftover after parsing attributes in process `syz.5.2014'. [ 85.030740][ T8111] 0ªî{X¹¦: renamed from gretap0 (while UP) [ 85.038949][ T8111] 0ªî{X¹¦: entered allmulticast mode [ 85.048755][ T8111] A link change request failed with some changes committed already. Interface 30ªî{X¹¦ may have been left with an inconsistent configuration, please check. [ 85.084114][ T8119] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2018'. [ 85.093091][ T8119] netlink: 'syz.3.2018': attribute type 19 has an invalid length. [ 85.100985][ T8119] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2018'. [ 85.118044][ T31] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 85.130973][ T8123] loop5: detected capacity change from 0 to 128 [ 85.137462][ T31] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 85.149938][ T31] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 85.183280][ T31] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 85.496546][ T8157] loop5: detected capacity change from 0 to 8192 [ 85.513103][ T8157] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 85.541889][ T8157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 85.550570][ T8157] FAT-fs (loop5): Filesystem has been set read-only [ 85.551751][ T8161] sd 0:0:1:0: device reset [ 85.731379][ T8183] netlink: 'syz.0.2046': attribute type 21 has an invalid length. [ 85.739503][ T8183] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2046'. [ 85.748621][ T8183] netlink: 'syz.0.2046': attribute type 1 has an invalid length. [ 86.288093][ T8228] random: crng reseeded on system resumption [ 86.295477][ T8230] loop0: detected capacity change from 0 to 164 [ 86.302859][ T8230] rock: directory entry would overflow storage [ 86.309084][ T8230] rock: sig=0x66, size=4, remaining=3 [ 86.432193][ T8243] loop3: detected capacity change from 0 to 512 [ 86.452558][ T8243] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 86.466195][ T8243] EXT4-fs (loop3): orphan cleanup on readonly fs [ 86.478288][ T8243] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 86.503376][ T8243] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 86.535824][ T8243] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2074: bg 0: block 40: padding at end of block bitmap is not set [ 86.550747][ T8243] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 86.569649][ T8243] EXT4-fs (loop3): 1 truncate cleaned up [ 86.580292][ T8254] SELinux: failed to load policy [ 86.581149][ T8243] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 86.633261][ T8266] atomic_op ffff88810d18c928 conn xmit_atomic 0000000000000000 [ 86.647933][ T8268] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2085'. [ 86.671143][ T8268] vlan2: entered promiscuous mode [ 86.676235][ T8268] 0ªî{X¹¦: entered promiscuous mode [ 86.690952][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.844386][ T8291] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2095'. [ 86.929067][ T8297] ref_ctr_offset mismatch. inode: 0x8d2 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 86.995992][ T8317] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2109'. [ 87.010899][ T8317] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2109'. [ 87.161447][ T8335] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2117'. [ 87.206472][ T8337] SELinux: ebitmap: map size 4160 does not match my size 64 (high bit was 0) [ 87.218229][ T8337] SELinux: failed to load policy [ 87.248790][ T8350] loop0: detected capacity change from 0 to 512 [ 87.261308][ T8350] EXT4-fs: Ignoring removed i_version option [ 87.267397][ T8350] EXT4-fs: Ignoring removed nobh option [ 87.274012][ T8350] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 87.302367][ T8350] EXT4-fs (loop0): 1 truncate cleaned up [ 87.311073][ T8350] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.391606][ T7794] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.483643][ T8383] netlink: 'syz.0.2135': attribute type 6 has an invalid length. [ 87.546612][ T8387] random: crng reseeded on system resumption [ 87.851987][ T8403] loop0: detected capacity change from 0 to 8192 [ 88.038255][ T8412] loop5: detected capacity change from 0 to 1024 [ 88.046419][ T8412] EXT4-fs: Ignoring removed bh option [ 88.111268][ T8412] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.156259][ T6137] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.195274][ T8422] sctp: [Deprecated]: syz.6.2154 (pid 8422) Use of struct sctp_assoc_value in delayed_ack socket option. [ 88.195274][ T8422] Use struct sctp_sack_info instead [ 88.342249][ T8447] netlink: 'syz.0.2163': attribute type 1 has an invalid length. [ 88.356900][ T8447] 8021q: adding VLAN 0 to HW filter on device bond1 [ 88.374291][ T8447] bond1: (slave geneve2): making interface the new active one [ 88.383324][ T8447] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 88.415805][ T8454] sctp: [Deprecated]: syz.0.2166 (pid 8454) Use of struct sctp_assoc_value in delayed_ack socket option. [ 88.415805][ T8454] Use struct sctp_sack_info instead [ 88.436260][ T8456] mmap: syz.2.2167 (8456) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 88.533480][ T8466] loop0: detected capacity change from 0 to 512 [ 88.551489][ T8466] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.564328][ T8466] ext4 filesystem being mounted at /68/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.590294][ T8470] loop2: detected capacity change from 0 to 512 [ 88.597222][ T8470] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 88.607404][ T8470] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.2173: corrupted in-inode xattr: overlapping e_value [ 88.607633][ T7794] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.630415][ T8470] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2173: couldn't read orphan inode 15 (err -117) [ 88.643103][ T8470] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.737191][ T8473] SELinux: ebitmap: map size 4160 does not match my size 64 (high bit was 0) [ 88.747038][ T8473] SELinux: failed to load policy [ 88.790424][ T8476] ref_ctr_offset mismatch. inode: 0x1f3 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 88.802386][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.830966][ T8486] sctp: [Deprecated]: syz.3.2178 (pid 8486) Use of struct sctp_assoc_value in delayed_ack socket option. [ 88.830966][ T8486] Use struct sctp_sack_info instead [ 88.898513][ T8493] loop2: detected capacity change from 0 to 1024 [ 88.910266][ T8493] EXT4-fs: Ignoring removed bh option [ 88.934224][ T8493] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 88.949022][ T29] kauditd_printk_skb: 274 callbacks suppressed [ 88.949039][ T29] audit: type=1400 audit(1755981713.727:2877): avc: denied { ioctl } for pid=8498 comm="syz.6.2183" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 89.001558][ T8493] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.088753][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.117780][ T29] audit: type=1400 audit(1755981713.887:2878): avc: denied { bind } for pid=8514 comm="syz.6.2195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 89.137544][ T8515] vcan0: tx drop: invalid da for name 0xfffffffffffffffb [ 89.166489][ T29] audit: type=1400 audit(1755981713.887:2879): avc: denied { write } for pid=8514 comm="syz.6.2195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 89.186816][ T8519] sctp: [Deprecated]: syz.5.2193 (pid 8519) Use of struct sctp_assoc_value in delayed_ack socket option. [ 89.186816][ T8519] Use struct sctp_sack_info instead [ 89.363035][ T8539] random: crng reseeded on system resumption [ 89.426419][ T8547] loop5: detected capacity change from 0 to 512 [ 89.434778][ T8547] EXT4-fs: Ignoring removed i_version option [ 89.440920][ T8547] EXT4-fs: Ignoring removed nobh option [ 89.447159][ T8547] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 89.461501][ T8547] EXT4-fs (loop5): 1 truncate cleaned up [ 89.480267][ T29] audit: type=1326 audit(1755981714.257:2880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8554 comm="syz.3.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b178febe9 code=0x7ffc0000 [ 89.523061][ T29] audit: type=1326 audit(1755981714.277:2881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8554 comm="syz.3.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b178febe9 code=0x7ffc0000 [ 89.546793][ T29] audit: type=1326 audit(1755981714.277:2882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8554 comm="syz.3.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b178febe9 code=0x7ffc0000 [ 89.570411][ T29] audit: type=1326 audit(1755981714.277:2883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8554 comm="syz.3.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b178febe9 code=0x7ffc0000 [ 89.593966][ T29] audit: type=1326 audit(1755981714.277:2884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8554 comm="syz.3.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b178febe9 code=0x7ffc0000 [ 89.617409][ T29] audit: type=1326 audit(1755981714.277:2885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8554 comm="syz.3.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b178febe9 code=0x7ffc0000 [ 89.640979][ T29] audit: type=1326 audit(1755981714.277:2886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8554 comm="syz.3.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b178febe9 code=0x7ffc0000 [ 89.668357][ T8557] __nla_validate_parse: 10 callbacks suppressed [ 89.668375][ T8557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2211'. [ 89.695019][ T8562] loop0: detected capacity change from 0 to 1024 [ 89.709205][ T8562] EXT4-fs: Ignoring removed bh option [ 89.715539][ T8562] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 89.726200][ T8557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2211'. [ 89.802847][ T8574] loop0: detected capacity change from 0 to 1024 [ 89.809980][ T8574] EXT4-fs: Ignoring removed bh option [ 89.828540][ T8580] random: crng reseeded on system resumption [ 89.844784][ T8578] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2220'. [ 89.896322][ T8578] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2220'. [ 89.954285][ T8584] loop3: detected capacity change from 0 to 8192 [ 90.165654][ T8602] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2229'. [ 90.178551][ T8608] netlink: 'syz.2.2230': attribute type 1 has an invalid length. [ 90.195416][ T8606] loop3: detected capacity change from 0 to 1024 [ 90.202059][ T8608] 8021q: adding VLAN 0 to HW filter on device bond1 [ 90.206134][ T8606] EXT4-fs: Ignoring removed bh option [ 90.222395][ T8602] vlan2: entered promiscuous mode [ 90.226794][ T8606] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 90.227466][ T8602] gretap0: entered promiscuous mode [ 90.237403][ T8604] loop5: detected capacity change from 0 to 8192 [ 90.263881][ T8608] bond1: (slave geneve2): making interface the new active one [ 90.278020][ T8608] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 90.368041][ C0] vcan0: j1939_tp_rxtimer: 0xffff8881191f1a00: rx timeout, send abort [ 90.379472][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8881191f1a00: 0x10000: (3) A timeout occurred and this is the connection abort to close the session. [ 90.493343][ T8632] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2244'. [ 90.586956][ T8640] loop3: detected capacity change from 0 to 512 [ 90.594317][ T8637] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2247'. [ 90.606859][ T8637] vlan3: entered promiscuous mode [ 90.612078][ T8637] gretap0: entered promiscuous mode [ 90.622045][ T8640] ext4 filesystem being mounted at /446/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.664981][ T8648] netlink: 'syz.5.2250': attribute type 1 has an invalid length. [ 90.679240][ T8650] loop0: detected capacity change from 0 to 512 [ 90.686368][ T8650] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 90.693729][ T8648] 8021q: adding VLAN 0 to HW filter on device bond1 [ 90.708149][ T8650] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.2251: corrupted in-inode xattr: overlapping e_value [ 90.717411][ T8648] bond1: (slave geneve2): making interface the new active one [ 90.729927][ T8650] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.2251: couldn't read orphan inode 15 (err -117) [ 90.731602][ T8648] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 90.800274][ T8656] atomic_op ffff888119da6528 conn xmit_atomic 0000000000000000 [ 90.978802][ T8669] loop2: detected capacity change from 0 to 8192 [ 91.083408][ T8680] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2265'. [ 91.100087][ T8680] vlan3: entered promiscuous mode [ 91.105192][ T8680] gretap0: entered promiscuous mode [ 91.174866][ T8691] loop3: detected capacity change from 0 to 512 [ 91.181973][ T8691] EXT4-fs: Ignoring removed i_version option [ 91.188014][ T8691] EXT4-fs: Ignoring removed nobh option [ 91.196292][ T8693] loop6: detected capacity change from 0 to 512 [ 91.203226][ T8691] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 91.216395][ T8691] EXT4-fs (loop3): 1 truncate cleaned up [ 91.231443][ T8693] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.623380][ T8726] loop6: detected capacity change from 0 to 8192 [ 91.659173][ T8736] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2286'. [ 91.697256][ T8736] bond2: (slave wireguard0): The slave device specified does not support setting the MAC address [ 91.708936][ T8736] bond2: (slave wireguard0): Error -95 calling set_mac_address [ 91.729983][ T8741] atomic_op ffff888120e14528 conn xmit_atomic 0000000000000000 [ 91.797600][ T7349] ================================================================== [ 91.805761][ T7349] BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked [ 91.813174][ T7349] [ 91.815511][ T7349] read-write to 0xffff888106f956b8 of 8 bytes by interrupt on cpu 0: [ 91.823584][ T7349] __xa_clear_mark+0xf5/0x1e0 [ 91.828292][ T7349] __folio_end_writeback+0x177/0x470 [ 91.833604][ T7349] folio_end_writeback+0x71/0x3d0 [ 91.838657][ T7349] mpage_write_end_io+0x274/0x390 [ 91.843702][ T7349] bio_endio+0x33d/0x3e0 [ 91.847976][ T7349] blk_update_request+0x336/0x730 [ 91.853022][ T7349] blk_mq_end_request+0x26/0x50 [ 91.857893][ T7349] lo_complete_rq+0x98/0x140 [ 91.862503][ T7349] blk_done_softirq+0x74/0xb0 [ 91.867207][ T7349] handle_softirqs+0xba/0x290 [ 91.871908][ T7349] run_ksoftirqd+0x1c/0x30 [ 91.876336][ T7349] smpboot_thread_fn+0x328/0x530 [ 91.881298][ T7349] kthread+0x486/0x510 [ 91.885377][ T7349] ret_from_fork+0xda/0x150 [ 91.889893][ T7349] ret_from_fork_asm+0x1a/0x30 [ 91.894697][ T7349] [ 91.897024][ T7349] read to 0xffff888106f956b8 of 8 bytes by task 7349 on cpu 1: [ 91.904574][ T7349] xas_find_marked+0x218/0x620 [ 91.909351][ T7349] find_get_entry+0x5d/0x380 [ 91.913997][ T7349] filemap_get_folios_tag+0x13b/0x210 [ 91.919495][ T7349] filemap_fdatawait_keep_errors+0x6c/0x180 [ 91.925406][ T7349] sync_inodes_sb+0x39c/0x440 [ 91.930102][ T7349] sync_filesystem+0x102/0x190 [ 91.934878][ T7349] generic_shutdown_super+0x44/0x210 [ 91.940192][ T7349] kill_block_super+0x2a/0x70 [ 91.944881][ T7349] deactivate_locked_super+0x72/0x1c0 [ 91.950276][ T7349] deactivate_super+0x97/0xa0 [ 91.954979][ T7349] cleanup_mnt+0x269/0x2e0 [ 91.959411][ T7349] __cleanup_mnt+0x19/0x20 [ 91.963851][ T7349] task_work_run+0x131/0x1a0 [ 91.968455][ T7349] exit_to_user_mode_loop+0xe4/0x100 [ 91.973753][ T7349] do_syscall_64+0x1d6/0x200 [ 91.978373][ T7349] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.984288][ T7349] [ 91.986630][ T7349] value changed: 0xffffffffe0000000 -> 0xfffffe0000000000 [ 91.993746][ T7349] [ 91.996076][ T7349] Reported by Kernel Concurrency Sanitizer on: [ 92.002238][ T7349] CPU: 1 UID: 0 PID: 7349 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) [ 92.012139][ T7349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 92.022201][ T7349] ==================================================================