last executing test programs: 1m42.32592642s ago: executing program 2 (id=960): msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000000)=""/96) r0 = socket$inet(0x2, 0x3, 0x33) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffffffb}]}) getsockopt$inet_mreqsrc(r0, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28) 1m42.246757322s ago: executing program 2 (id=1065): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x12, 0xf, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r1}, &(0x7f0000000440), &(0x7f0000000480)=r0}, 0x20) bpf$MAP_DELETE_ELEM(0x4, &(0x7f00000000c0)={r1, &(0x7f0000000080)="b574e661d9ca", 0x20000000}, 0x20) 1m42.246380762s ago: executing program 2 (id=1066): r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=@newqdisc={0xa4, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2, 0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0x8, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x2]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x5, 0x5, 0x5}]}}]}, 0xa4}}, 0x0) 1m42.127720995s ago: executing program 2 (id=1068): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x33, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffbff, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r1}, 0x10) syz_io_uring_setup(0x7616, &(0x7f0000000100)={0x0, 0x0, 0x10100, 0x3, 0x2f7, 0x0, r0}, &(0x7f0000000040), &(0x7f00000003c0)) 1m42.046838496s ago: executing program 2 (id=1071): r0 = socket$unix(0x1, 0x2, 0x0) r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000200)=0x10) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 1m42.01632287s ago: executing program 2 (id=1073): r0 = syz_io_uring_setup(0xeec, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f00000001c0)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0xffffffffffffffff, &(0x7f00000004c0)=[{0x0}], 0x1}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000180)={[{@data_journal}, {@jqfmt_vfsv0}, {@errors_continue}, {@nodelalloc}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@acl}]}, 0x1, 0x42f, &(0x7f0000000280)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0) 1m36.512674116s ago: executing program 32 (id=1283): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) mq_unlink(0x0) 1m27.00485464s ago: executing program 33 (id=1073): r0 = syz_io_uring_setup(0xeec, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f00000001c0)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0xffffffffffffffff, &(0x7f00000004c0)=[{0x0}], 0x1}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000180)={[{@data_journal}, {@jqfmt_vfsv0}, {@errors_continue}, {@nodelalloc}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@acl}]}, 0x1, 0x42f, &(0x7f0000000280)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0) 1m13.901683795s ago: executing program 3 (id=2381): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x1b, &(0x7f0000000c80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000182a0000", @ANYRES32=r0, @ANYBLOB="000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000000008500000086000000186000000b000000000000000800000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf93000000000000b7020000010000007800000084000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 1m13.869215988s ago: executing program 3 (id=2385): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="70000000100003042abd70009da1d2b900000004", @ANYRES32=0x0, @ANYBLOB="0000000000000000500012800b0001006272696467650000400002800800050000000000050029000100000006002700"], 0x70}}, 0x0) 1m13.844516572s ago: executing program 3 (id=2388): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = socket$inet(0x2, 0x3, 0x3) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000001ec0)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x400000001900], 0xff00, 0x0, &(0x7f0000001900)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff000000000000000000000000000000000000000000000000000000000000000000000000b80a52410406630000000000000000fe"]}, 0x108) 1m13.831093959s ago: executing program 3 (id=2390): munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='ns\x00') getdents64(r0, &(0x7f0000000180)=""/55, 0x37) getdents64(r0, &(0x7f0000002f40)=""/4098, 0x1002) 1m13.715800312s ago: executing program 3 (id=2394): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x10) r1 = syz_create_resource$binfmt(&(0x7f0000000080)='./file0\x00') openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff) 1m13.66043557s ago: executing program 3 (id=2397): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x18) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="b90103600040f000009e0ff00800", 0x0, 0x104, 0x6000000000000000, 0xc1, 0x0, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab30", 0x0}, 0x50) 1m10.044988746s ago: executing program 5 (id=2559): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000007c0)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000ffff00000000000000bd0000000000000000000000e4ec01000000004000000000fc00000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000006000000000000000005"], 0x310) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f00000005c0)={0x1, {{0xa, 0x4000, 0x1b, @mcast1}}, {{0xa, 0x0, 0x855b, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1ff}}}, 0x108) 1m10.044742396s ago: executing program 5 (id=2561): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a385000000700000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000020900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000029680000001e0a05010000000000000000070000000900020073797a31000000000900010073797a30000000003c00038038000080340001802d0001"], 0xec}}, 0x0) 1m10.044416776s ago: executing program 5 (id=2563): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18) sendmmsg$inet6(r0, &(0x7f0000000400)=[{{&(0x7f0000000080)={0xa, 0x4e22, 0x4, @dev={0xfe, 0x80, '\x00', 0xa}, 0xa}, 0x1c, &(0x7f0000000280)=[{&(0x7f00000022c0)='t', 0x1}], 0x1}}], 0x1, 0x48081) 1m9.996354715s ago: executing program 5 (id=2565): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) chroot(&(0x7f0000000140)='./file0/file0\x00') mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) 1m9.933524141s ago: executing program 5 (id=2576): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000002304e800000000000000ea850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@gettaction={0x28, 0x30, 0x1, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}]}]}, 0x28}}, 0x0) 1m9.744995088s ago: executing program 5 (id=2570): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="9000000010000305000000000000000000cf0000", @ANYBLOB="000000000000000030001280080001006772650024000280060002000600000008000700e000000208000200", @ANYRES32, @ANYBLOB="060011004e2100003800128008000100736974002c0002800800140006000000050009002900000006000e0009000000050009000400000008000200ac1e000108000a"], 0x90}}, 0x0) 1m9.733234625s ago: executing program 34 (id=2570): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="9000000010000305000000000000000000cf0000", @ANYBLOB="000000000000000030001280080001006772650024000280060002000600000008000700e000000208000200", @ANYRES32, @ANYBLOB="060011004e2100003800128008000100736974002c0002800800140006000000050009002900000006000e0009000000050009000400000008000200ac1e000108000a"], 0x90}}, 0x0) 58.627977766s ago: executing program 35 (id=2397): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x18) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="b90103600040f000009e0ff00800", 0x0, 0x104, 0x6000000000000000, 0xc1, 0x0, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab30", 0x0}, 0x50) 45.497266914s ago: executing program 6 (id=3590): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000600)="f0caac48bbcd57762a3936d4d89d8be8", 0x10) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 45.462774226s ago: executing program 6 (id=3603): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x18) r1 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x18a}, 0x401a, 0x0, 0x0, 0x8, 0x0, 0x2, 0x201, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x2) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000000)='cpu<=0||!') 45.39140811s ago: executing program 6 (id=3597): pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',debug=0']) 45.297733309s ago: executing program 6 (id=3604): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) 45.252287528s ago: executing program 6 (id=3605): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0) mmap(&(0x7f0000275000/0x2000)=nil, 0x2000, 0xb, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) 44.898951568s ago: executing program 6 (id=3625): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0xe, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000000180), &(0x7f0000000100)=r0}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r1, &(0x7f0000000300), 0x0}, 0x20) 44.877784223s ago: executing program 36 (id=3625): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0xe, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000000180), &(0x7f0000000100)=r0}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r1, &(0x7f0000000300), 0x0}, 0x20) 38.282799961s ago: executing program 4 (id=3936): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="280000002100010002000000000000000a00000000000001016200000c00148008"], 0x28}], 0x1}, 0x0) 37.994609445s ago: executing program 4 (id=3938): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1018ed8, &(0x7f0000000000)={[{@dioread_nolock}, {@noload}, {@nobh}, {@jqfmt_vfsv0}, {@journal_dev={'journal_dev', 0x3d, 0x17}}, {@norecovery}, {@errors_continue}, {@quota}]}, 0x6, 0x644, &(0x7f00000006c0)="$eJzs3c9rHG0dAPDvzCZ5kzS+6SsiNigGPLQgTZNarHqxrQd7KFiwBxEPDU1SQ7c/SFKwtdAEPCgoiHgt0ov/gHfp3ZsI6s2zUEUqFrR0ZWZnm81mN7ttsrtJ5vOBzT7zzLN5nm9mn8wzM/vsBFBas9mPNOJUxNubScR007qpqK+cLcq9+teTW9kjiVrtu/9MIinyGuWT4vlEsTAeEX+8EvHpyu561x89vrNYrdU9jTi3cffBufVHj8+u3l28vXx7+d7C+a9duDj/9YULC00N/XAniuer177z+V/85IdfXflT9WwSl+LG6I+XoiWOgzIbs/G2CLE5fyQiLmaJNn+Xo+YYhFBqleL9OBoRn43pqORLddOx+vOhNg7oq1olora3pFsB4KjSvaGsGuOAxrF9b8fBN/o8Khmcl5frB0C74x8pTjmM58dGk6+SpiOj+rmNkwdQf1bHmyfjz948mXkWO85DvH63dUYOoJ5ONrci4nPt4k/ytp3MI83iT3cc6ycRMR8RY0X7vrWPNiRN6X6ch9lLj/FXsvibt0MaEZeK5yz/ygfW33paa9DxA1BOLy4XO/LNbGl7/5eNPRrjn9ge/zxtvG5q/5dkcsPe/3Ue/zX29+P5uCdtGYdlY5br7X/laGvG33529Ved6q+P/2aeNR5Z/Y2x4CC83IqYaYn/p1mwxfgniz9pM/7Nity81Fsd3/7zP652Wjfs+GvPI063Pf7ZHpVmqT2uT55bWa0uz9d/tq3j93/4wW871d8+/o/6EGl72faf7BB/0/ZPW1+X/U0etP+VW60Zv7v+/G6n+qe6bv/072NJ/XhzrMj50dbGxtpCxFhyrShS5C9ubKyd3zveepnXtfx5oR7/mS+17/873v8tUU00/mX24MH37rzqtO5D3v9NF5Pf1npsQydZ/Evdt/+u/p/l/bLHOv7z/Ydf6LSuffzJvmICAAAAAACAskrza7BJOvcunaZzc/X5sp+JybR6f33jyyv3H95bijiTfx5yNI00yT8yMl1fTlZWq8sLxedhG8vnW5a/EhGfRMSvKxP58tyt+9WlYQcPAAAAAAAAAAAAAAAAAAAAh8SJYv5/4z7V/67U5/8DJdH9BnO77v8AHBP9vMEkcLjl/X+vXfzHg2sLMFj2/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMCx9MkXX/w1iYjNb0zkj8xYsc6kXzjeRt+rdKVv7QAGT4+G8np36d9gH0qnp/H/f4svB+x/c4AhSNpl5oOD2t6d/0XbV27b2n/bAAAAAAAAAAAAAIC606c6z/9/v7nBwFFj2h+U1z7m//vqADjifPU/lJdjfKDLLP4Y77Si2/x/AAAAAAAAAAAAAODATOWPJJ0r5gJPRZrOzUV8KiJOxmiyslpdno+IjyPiL5XRj7LlhWE3GgAAAAAAAAAAAAAAAAAAAI6Z9UeP7yxWq8trzYn/7co53onGXVC7F671UGbPxDfjPV8VyeD/LBMRMfSN0rfESFNOErGZbflD0bC19TgczcgTQ/7HBAAAAAAAAAAAAAAAAAAAJdQ097i9md8MuEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMHjb9//vkliarL+gp8I7E8OOEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4mv4fAAD//6AzO/k=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000002540)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000140)={0x0, 0x2, 0x6, 0x7ed, 0x1000, 0x2000000000002, 0x7, 0x4, 0x7ffd}) pivot_root(&(0x7f0000000140)='./file1\x00', 0x0) 37.79401958s ago: executing program 4 (id=3947): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x90a2, 0x2, &(0x7f0000006680)) setxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x835, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) lstat(0x0, 0x0) 37.760505342s ago: executing program 4 (id=3951): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x3127099, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 37.720433453s ago: executing program 4 (id=3953): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x48, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x48}}, 0x0) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0) 37.514780796s ago: executing program 4 (id=3966): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000600)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x16, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x0) 37.494960822s ago: executing program 37 (id=3966): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000600)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x16, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x0) 3.860022179s ago: executing program 1 (id=5765): bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r0}, 0x10) setitimer(0x0, 0x0, 0x0) 3.833917693s ago: executing program 1 (id=5767): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000070080000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000780)='mm_page_free\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="18020000fcffffff00000000000000008500000041000000850000007d00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x2111, 0x300, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 3.769158388s ago: executing program 1 (id=5770): mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0xd4) r1 = dup2(r0, r0) ioctl$BLKTRACESETUP(r1, 0x40081271, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8}) 3.740227522s ago: executing program 1 (id=5775): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='mm_page_free\x00', r0, 0x0, 0x3}, 0x18) prlimit64(0x0, 0x9, &(0x7f0000000d80)={0x3, 0x7fff}, 0x0) io_setup(0xffff, &(0x7f0000001080)) 3.59975495s ago: executing program 1 (id=5780): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000c80)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x2e0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x3f0, 0x3d8, 0x3d8, 0x4c0, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x4001, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x4001, 0x1, 0x3, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x565) 3.540305396s ago: executing program 1 (id=5783): ptrace(0x10, 0x1) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0) sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0) 815.916636ms ago: executing program 8 (id=5934): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'syz_tun\x00', 0x0}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="1802000000000000000000007a000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000700)={r2, r1}, 0x40) syz_emit_ethernet(0x3a, &(0x7f00000005c0)={@local, @link_local, @val={@void, {0x8100, 0x0, 0x0, 0x1}}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x32, 0x0, @empty, @broadcast}, @timestamp_reply={0x11}}}}}, 0x0) 734.161527ms ago: executing program 8 (id=5940): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0) 677.784774ms ago: executing program 8 (id=5944): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000060000000800000001"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000a40)=ANY=[@ANYBLOB="1801000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000006000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) 639.390736ms ago: executing program 8 (id=5946): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10) kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) 616.51914ms ago: executing program 8 (id=5949): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) capget(&(0x7f0000000240)={0x20071026}, 0x0) 560.604598ms ago: executing program 8 (id=5953): r0 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x18, r2, 0x7, 0x70bd25, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8081}, 0x24000800) 356.782711ms ago: executing program 9 (id=5969): io_setup(0x7, &(0x7f00000000c0)=0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) rseq(&(0x7f0000000440)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f0000000000)={0x0, 0xea60}, 0x10) io_submit(r0, 0x1, &(0x7f0000000380)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x1, r1, &(0x7f0000000100)="02", 0x1}]) 276.991553ms ago: executing program 0 (id=5978): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0) close_range(r2, 0xffffffffffffffff, 0x200000000000000) 223.727821ms ago: executing program 0 (id=5980): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000e40)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000a40)='GPL\x00') semctl$IPC_RMID(0x0, 0x0, 0x0) process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 210.254458ms ago: executing program 9 (id=5982): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) 203.804386ms ago: executing program 0 (id=5983): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r1}, 0x18) lsetxattr$security_selinux(&(0x7f00000001c0)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000200), &(0x7f0000000240)='system_u:object_r:net_conf_t:s0\x00', 0x20, 0x0) 124.845448ms ago: executing program 0 (id=5984): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8) 124.466598ms ago: executing program 9 (id=5985): r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x200) close(r2) 124.225338ms ago: executing program 7 (id=5986): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00') r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=@deltaction={0x44, 0x18, 0x1, 0x0, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x30, 0x1, [{0x10, 0x80, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x43}}]}]}, 0x44}}, 0x0) 123.905588ms ago: executing program 0 (id=5987): r0 = socket$kcm(0x11, 0xa, 0x300) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001540)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000500000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e34ff65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd086004c4a56c6cce6e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e430a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b051f47db7aa110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c0000000000000000000a000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3938e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea875583e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba46cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5ccb9f10f615c87c441dc50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f246e891e20ecaad7059866506c3000000000c3230e901e885b7a4a36bdfdb5ce7a2e5807a0f4c1d461d1243fccf51b875b49490cd7d044e7a1e1a4c013fae1f070a8a37ab90da2efc6c875b3aab34b75a252072691fc97bef0fed8ee597ab83bb53f89c36bc2ee3ad54904542f66dc94132df75fc9944882d6f2e13b7057e0000000000000000000000000000000000001b726c0ccd24000000000000cfd2f4d005578b9ed06e1c41ef3b411066739de953d39b968caaca1507928d68c8f052"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000000)=r1, 0x4) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2608024c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 89.53873ms ago: executing program 7 (id=5988): r0 = syz_io_uring_setup(0x237, &(0x7f0000000480)={0x0, 0x8100, 0x0, 0x0, 0x2cf}, &(0x7f0000000040)=0x0, &(0x7f0000000600)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) r3 = socket$inet_smc(0x2b, 0x1, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000240)=@hci={0x1f, 0x4}, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0) 67.174915ms ago: executing program 7 (id=5989): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000880)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x84}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) sysfs$1(0x1, 0x0) 49.295011ms ago: executing program 7 (id=5990): r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) fcntl$notify(r0, 0x402, 0x29) readlink(0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') pread64(r1, &(0x7f000001a240)=""/102386, 0x18ff2, 0x5) 39.355109ms ago: executing program 0 (id=5991): r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0x14) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x1}, 0x1320, 0xffffffff, 0x3, 0x5, 0x0, 0x1088f109, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) close(r0) 24.511515ms ago: executing program 9 (id=5992): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x40840, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0xcf5) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000018c0)=0x13) 24.051216ms ago: executing program 7 (id=5993): dup(0xffffffffffffffff) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) fstatfs(0xffffffffffffffff, 0x0) 7.989642ms ago: executing program 9 (id=5994): r0 = timerfd_create(0x9, 0x0) r1 = timerfd_create(0x9, 0x0) timerfd_settime(r1, 0x1, &(0x7f0000000080)={{}, {0x77359400}}, 0x0) timerfd_settime(r0, 0x1, &(0x7f0000007000)={{0x77359400}, {0x0, 0x989680}}, 0x0) readv(r0, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/183, 0xb7}], 0x1) 7.589542ms ago: executing program 7 (id=5995): r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18) r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0) r2 = dup3(r0, r1, 0x0) ioctl$MON_IOCG_STATS(r2, 0xc0109207, &(0x7f0000000180)) 0s ago: executing program 9 (id=5996): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x9c, 0xb, 0x0, 0xffffffffffffffff, 0x7fffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000f00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x306, 0xffff, 0x0, 0xfffffffd, 0x0}) kernel console output (not intermixed with test programs): ly fs [ 114.069602][ T9271] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.077688][ T9271] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.102801][T11990] EXT4-fs warning (device loop7): ext4_enable_quotas:7145: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 114.121194][T11990] EXT4-fs (loop7): Cannot turn on quotas: error -22 [ 114.129486][T11990] EXT4-fs error (device loop7): ext4_orphan_get:1415: comm syz.7.3714: bad orphan inode 768 [ 114.150565][ T9271] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.159136][ T9271] bridge0: port 2(bridge_slave_1) entered forwarding state [ 114.175287][T11777] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 114.190227][T11777] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 114.241991][T11998] loop7: detected capacity change from 0 to 1024 [ 114.254541][T12000] loop4: detected capacity change from 0 to 128 [ 114.276101][T11998] EXT4-fs: Ignoring removed nomblk_io_submit option [ 114.288635][T12003] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=12003 comm=syz.8.3720 [ 114.358567][T12008] loop8: detected capacity change from 0 to 8192 [ 114.394026][T11777] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 114.503372][T12034] loop0: detected capacity change from 0 to 1024 [ 114.531221][T11777] veth0_vlan: entered promiscuous mode [ 114.540085][T12034] EXT4-fs: Ignoring removed nobh option [ 114.558919][T11777] veth1_vlan: entered promiscuous mode [ 114.565152][T12034] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 114.591609][T12034] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 114.599962][T11777] veth0_macvtap: entered promiscuous mode [ 114.627044][T12034] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #11: comm syz.0.3730: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 114.627896][T11777] veth1_macvtap: entered promiscuous mode [ 114.669534][T12034] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.3730: couldn't read orphan inode 11 (err -117) [ 114.691215][T12034] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.3730: Invalid block bitmap block 0 in block_group 0 [ 114.707272][T11777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.718266][T11777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.728306][T11777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.737026][T12034] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.3730: Failed to acquire dquot type 0 [ 114.739607][T11777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.762950][T11777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.773945][T11777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.784393][T11777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.795423][T11777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.809499][T11777] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.822422][T11777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.837487][T11777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.849311][T11777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.860480][T11777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.871585][T11777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.883389][T11777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.893895][ T8610] EXT4-fs error (device loop0): ext4_release_dquot:6950: comm kworker/u8:26: Failed to release dquot type 0 [ 114.894621][T11777] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.934623][T11777] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.944948][T11777] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.945232][T12053] loop8: detected capacity change from 0 to 1024 [ 114.955204][T11777] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.973151][T11777] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.021220][T12053] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002] [ 115.069105][T12053] System zones: 0-1, 3-12 [ 115.185295][T12084] sctp: [Deprecated]: syz.0.3748 (pid 12084) Use of int in maxseg socket option. [ 115.185295][T12084] Use struct sctp_assoc_value instead [ 115.249917][T12094] netlink: 'syz.7.3752': attribute type 14 has an invalid length. [ 115.266475][T12096] veth1_macvtap: left promiscuous mode [ 115.423135][T12128] loop8: detected capacity change from 0 to 1024 [ 115.435084][T12128] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 115.446827][T12128] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 115.463940][T12128] JBD2: no valid journal superblock found [ 115.470368][T12128] EXT4-fs (loop8): Could not load journal inode [ 115.499176][T12134] loop9: detected capacity change from 0 to 1024 [ 115.526452][T12134] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 115.537330][T12134] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 115.547921][T12134] EXT4-fs (loop9): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 115.579455][T12134] EXT4-fs error (device loop9): ext4_get_journal_inode:5798: inode #5: comm syz.9.3774: unexpected bad inode w/o EXT4_IGET_BAD [ 115.600240][T12134] EXT4-fs (loop9): no journal found [ 115.606618][T12134] EXT4-fs (loop9): can't get journal size [ 115.711820][T12160] loop8: detected capacity change from 0 to 512 [ 115.985063][T12180] loop7: detected capacity change from 0 to 8192 [ 116.036641][T12180] loop7: p1 p3 [ 116.041120][T12180] loop7: p1 size 8388608 extends beyond EOD, truncated [ 116.051360][T12180] loop7: p3 size 589824 extends beyond EOD, truncated [ 116.095605][T12206] netlink: 'syz.9.3806': attribute type 10 has an invalid length. [ 116.110845][T12206] team0: Port device netdevsim1 added [ 116.127396][T12206] netlink: 'syz.9.3806': attribute type 10 has an invalid length. [ 116.145344][T12206] team0: Port device netdevsim1 removed [ 116.166487][T12206] bond0: (slave netdevsim1): Enslaving as an active interface with an up link [ 116.466055][T12249] netlink: 'syz.7.3825': attribute type 1 has an invalid length. [ 116.494271][T12251] netlink: 'syz.4.3826': attribute type 30 has an invalid length. [ 116.666507][T12257] usb usb6: usbfs: process 12257 (syz.7.3829) did not claim interface 0 before use [ 116.704692][T12265] loop7: detected capacity change from 0 to 512 [ 116.725292][T12265] ext4: Unknown parameter 'noacl' [ 116.790329][T12272] loop7: detected capacity change from 0 to 1764 [ 116.898904][T12293] syz.0.3846: attempt to access beyond end of device [ 116.898904][T12293] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 116.987608][ T29] kauditd_printk_skb: 93 callbacks suppressed [ 116.987622][ T29] audit: type=1400 audit(262772.972:2635): avc: denied { create } for pid=12310 comm="syz.9.3855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 117.028748][ T29] audit: type=1400 audit(262773.002:2636): avc: denied { write } for pid=12310 comm="syz.9.3855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 117.061440][ T29] audit: type=1400 audit(262773.042:2637): avc: denied { bind } for pid=12316 comm="syz.8.3859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 117.081517][ T29] audit: type=1400 audit(262773.042:2638): avc: denied { listen } for pid=12316 comm="syz.8.3859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 117.104662][ T29] audit: type=1400 audit(262773.072:2639): avc: denied { write } for pid=12317 comm="syz.0.3857" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 117.139683][ T29] audit: type=1400 audit(262773.122:2640): avc: denied { setopt } for pid=12323 comm="syz.0.3861" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 117.238921][ T29] audit: type=1326 audit(262773.222:2641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12340 comm="syz.9.3869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 117.279592][ T29] audit: type=1326 audit(262773.222:2642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12340 comm="syz.9.3869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 117.305109][ T29] audit: type=1326 audit(262773.222:2643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12340 comm="syz.9.3869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 117.334955][ T29] audit: type=1326 audit(262773.222:2644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12340 comm="syz.9.3869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 117.481279][T12366] __nla_validate_parse: 18 callbacks suppressed [ 117.481296][T12366] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3881'. [ 117.533239][T12371] tmpfs: Bad value for 'mpol' [ 117.614893][T12376] hugetlbfs: syz.0.3885 (12376): Using mlock ulimits for SHM_HUGETLB is obsolete [ 117.653172][T12382] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 117.696165][T12392] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3893'. [ 117.803152][T12392] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3893'. [ 117.841558][T12401] netlink: 56 bytes leftover after parsing attributes in process `syz.9.3897'. [ 117.852189][T12401] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3897'. [ 117.920492][T12416] xt_hashlimit: max too large, truncated to 1048576 [ 117.930099][T12416] xt_limit: Overflow, try lower: 0/0 [ 118.055448][T12448] loop4: detected capacity change from 0 to 764 [ 118.070419][T12450] SELinux: syz.9.3921 (12450) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 118.092727][T12452] netlink: 'syz.4.3922': attribute type 10 has an invalid length. [ 118.101199][T12452] netlink: 'syz.4.3922': attribute type 10 has an invalid length. [ 118.748414][T12485] loop4: detected capacity change from 0 to 1024 [ 118.755338][T12485] EXT4-fs: Ignoring removed nobh option [ 118.762248][T12485] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 118.781322][T12485] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 118.805153][T12485] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #11: comm syz.4.3938: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 118.827426][T12485] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.3938: couldn't read orphan inode 11 (err -117) [ 118.845490][T12485] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.3938: Invalid block bitmap block 0 in block_group 0 [ 118.861580][T12500] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3944'. [ 118.870756][T12500] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3944'. [ 118.873449][T12485] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.3938: Failed to acquire dquot type 0 [ 118.880690][T12500] netlink: 'syz.0.3944': attribute type 1 has an invalid length. [ 118.906446][T12485] EXT4-fs error (device loop4): __ext4_get_inode_loc:4435: comm syz.4.3938: Invalid inode table block 8589934593 in block_group 0 [ 118.931201][ T9271] EXT4-fs error (device loop4): __ext4_get_inode_loc:4435: comm kworker/u8:51: Invalid inode table block 8589934593 in block_group 0 [ 118.970881][T12503] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3945'. [ 119.002634][T12507] loop0: detected capacity change from 0 to 8192 [ 119.017611][T12515] netlink: 16 bytes leftover after parsing attributes in process `syz.9.3950'. [ 119.047925][T12507] loop0: p1 p3 [ 119.052245][T12507] loop0: p1 size 8388608 extends beyond EOD, truncated [ 119.079289][T12507] loop0: p3 size 589824 extends beyond EOD, truncated [ 119.119486][T12527] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3957'. [ 119.125513][T12526] team0: Device ipvlan2 failed to register rx_handler [ 119.148250][T12529] loop9: detected capacity change from 0 to 512 [ 119.177505][T12529] EXT4-fs warning (device loop9): verify_group_input:137: Cannot add at group 49 (only 1 groups) [ 119.430946][T12585] program syz.7.3981 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 119.461000][T12553] chnl_net:caif_netlink_parms(): no params data found [ 119.513830][T12553] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.521360][T12553] bridge0: port 1(bridge_slave_0) entered disabled state [ 119.529355][T12553] bridge_slave_0: entered allmulticast mode [ 119.536368][T12553] bridge_slave_0: entered promiscuous mode [ 119.543498][T12553] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.551874][T12553] bridge0: port 2(bridge_slave_1) entered disabled state [ 119.560127][T12553] bridge_slave_1: entered allmulticast mode [ 119.567915][T12553] bridge_slave_1: entered promiscuous mode [ 119.606988][T12553] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 119.628042][T12602] loop0: detected capacity change from 0 to 1024 [ 119.635595][T12602] EXT4-fs: inline encryption not supported [ 119.639157][T12553] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 119.643011][T12602] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 119.667669][T12602] EXT4-fs error (device loop0): ext4_map_blocks:705: inode #3: block 1: comm syz.0.3987: lblock 1 mapped to illegal pblock 1 (length 1) [ 119.687610][T12602] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.3987: Failed to acquire dquot type 0 [ 119.709446][T12602] EXT4-fs error (device loop0): ext4_free_blocks:6589: comm syz.0.3987: Freeing blocks not in datazone - block = 0, count = 4096 [ 119.735205][T12602] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.3987: Invalid inode bitmap blk 0 in block_group 0 [ 119.760582][T12624] loop8: detected capacity change from 0 to 128 [ 119.763638][T12553] team0: Port device team_slave_0 added [ 119.768121][T12624] EXT4-fs: Ignoring removed nobh option [ 119.774300][ T9282] EXT4-fs error (device loop0): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:62: lblock 1 mapped to illegal pblock 1 (length 1) [ 119.795256][T12602] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem [ 119.797523][T12553] team0: Port device team_slave_1 added [ 119.812540][T12602] EXT4-fs (loop0): 1 orphan inode deleted [ 119.825962][ T9282] EXT4-fs error (device loop0): ext4_release_dquot:6950: comm kworker/u8:62: Failed to release dquot type 0 [ 119.866427][T12602] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 119.878915][T12553] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 119.886141][T12553] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 119.915128][T12553] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 119.930770][T12553] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 119.939864][T12553] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 119.971329][T12553] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 120.007923][T12553] hsr_slave_0: entered promiscuous mode [ 120.014451][T12553] hsr_slave_1: entered promiscuous mode [ 120.047468][T12634] loop7: detected capacity change from 0 to 8192 [ 120.055603][T12553] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 120.063489][T12553] Cannot create hsr debugfs directory [ 120.107598][T12634] loop7: p1 p3 [ 120.112920][T12634] loop7: p1 size 8388608 extends beyond EOD, truncated [ 120.128471][T12634] loop7: p3 size 589824 extends beyond EOD, truncated [ 120.184825][T12645] pim6reg: tun_chr_ioctl cmd 1074025677 [ 120.191348][T12645] pim6reg: linktype set to 804 [ 120.243370][T12650] loop8: detected capacity change from 0 to 128 [ 120.250649][T12650] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 120.265444][T12650] EXT4-fs error (device loop8): __ext4_find_entry:1652: inode #2: comm syz.8.4007: checksumming directory block 0 [ 120.353158][T12667] loop7: detected capacity change from 0 to 4096 [ 120.394004][T12670] loop7: detected capacity change from 0 to 128 [ 120.400742][T12670] EXT4-fs: Ignoring removed nobh option [ 120.420123][T12553] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 120.430155][T12553] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 120.439978][T12553] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 120.449346][T12553] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 120.481805][T12675] loop8: detected capacity change from 0 to 512 [ 120.503164][T12553] 8021q: adding VLAN 0 to HW filter on device bond0 [ 120.514107][T12675] EXT4-fs (loop8): shut down requested (0) [ 120.527249][T12553] 8021q: adding VLAN 0 to HW filter on device team0 [ 120.536456][ T9271] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.543604][ T9271] bridge0: port 1(bridge_slave_0) entered forwarding state [ 120.553586][T12675] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop8 ino=12 [ 120.560754][T12553] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 120.572789][T12553] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 120.589391][ T9282] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.595159][T12675] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop8 ino=12 [ 120.596672][ T9282] bridge0: port 2(bridge_slave_1) entered forwarding state [ 120.670462][T12553] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 120.736975][T12712] loop9: detected capacity change from 0 to 2048 [ 120.746669][T12712] EXT4-fs: Ignoring removed bh option [ 120.759535][T12553] veth0_vlan: entered promiscuous mode [ 120.768903][T12553] veth1_vlan: entered promiscuous mode [ 120.780492][T12553] veth0_macvtap: entered promiscuous mode [ 120.787541][T12712] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 120.788251][T12553] veth1_macvtap: entered promiscuous mode [ 120.826213][T12553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 120.832389][T12723] loop8: detected capacity change from 0 to 764 [ 120.836705][T12553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.852760][T12553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 120.863189][T12553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.873031][T12553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 120.883489][T12553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.893468][T12553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 120.903932][T12553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.913861][T12553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 120.924360][T12553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.935072][T12553] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 120.945385][T12553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 120.955978][T12553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.965835][T12553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 120.976381][T12553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.986290][T12553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 120.996901][T12553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 121.006871][T12553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 121.017359][T12553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 121.032827][T12553] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 121.054707][T12553] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 121.063527][T12553] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 121.072328][T12553] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 121.081254][T12553] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 121.122567][T12728] SELinux: syz.8.4036 (12728) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 121.193726][T12741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 121.204367][T12741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 121.214376][T12741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 121.222953][T12745] loop9: detected capacity change from 0 to 512 [ 121.224858][T12741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 121.241114][T12741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 121.241331][T12745] EXT4-fs (loop9): couldn't mount as ext2 due to feature incompatibilities [ 121.251954][T12741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 121.270497][T12741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 121.281194][T12741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 121.291053][T12741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 121.301480][T12741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 121.311679][T12741] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 121.319202][T12741] batadv_slave_0: entered promiscuous mode [ 121.325094][T12741] batadv_slave_0: entered allmulticast mode [ 121.395399][T12751] xt_CT: No such helper "syz0" [ 121.423713][T12759] loop9: detected capacity change from 0 to 764 [ 121.541617][T12780] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 121.555811][T12780] syzkaller0: linktype set to 776 [ 121.598974][T12796] loop7: detected capacity change from 0 to 128 [ 121.733220][T12819] loop8: detected capacity change from 0 to 1024 [ 121.807185][T12831] loop0: detected capacity change from 0 to 512 [ 121.831762][T12835] loop1: detected capacity change from 0 to 512 [ 121.847575][T12835] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 121.859940][T12835] EXT4-fs (loop1): orphan cleanup on readonly fs [ 121.867110][T12835] EXT4-fs warning (device loop1): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 121.886261][T12835] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 121.897187][T12835] ------------[ cut here ]------------ [ 121.902771][T12835] bad length passed for symlink [ [ 121.902771][T12835] ó] (got 9000, expected 3) [ 121.903041][T12835] WARNING: CPU: 0 PID: 12835 at ./include/linux/fs.h:803 inode_set_cached_link+0xc4/0xd0 [ 121.922719][T12835] Modules linked in: [ 121.926901][T12835] CPU: 0 UID: 0 PID: 12835 Comm: syz.1.4083 Not tainted 6.14.0-rc4-syzkaller-00015-g2a1944bff549 #0 [ 121.930621][T12831] EXT4-fs (loop0): shut down requested (0) [ 121.937735][T12835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 121.937763][T12835] RIP: 0010:inode_set_cached_link+0xc4/0xd0 [ 121.937796][T12835] Code: ff 48 c7 c7 1d f5 b2 86 e8 39 62 c4 ff c6 05 8f 72 0b 05 01 90 48 c7 c7 20 31 1b 86 4c 89 f6 89 ea 44 89 f9 e8 ed b6 8c ff 90 <0f> 0b 90 90 eb 84 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 [ 121.979482][T12835] RSP: 0018:ffffc90001d3fa00 EFLAGS: 00010246 [ 121.985640][T12835] RAX: 546e0b7572741b00 RBX: ffff8881106632a8 RCX: 0000000000080000 [ 121.993647][T12835] RDX: ffffc90007f9c000 RSI: 0000000000007407 RDI: 0000000000007408 [ 122.001735][T12835] RBP: 0000000000002328 R08: ffffffff81343af7 R09: 0000000000000000 [ 122.009925][T12835] R10: 0001ffffffffffff R11: ffff88815020b180 R12: ffff8881106632a8 [ 122.017926][T12835] R13: ffff8881106632d0 R14: ffff888110663180 R15: 0000000000000003 [ 122.026048][T12835] FS: 00007f98879516c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000 [ 122.035007][T12835] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.041623][T12835] CR2: 00007f6dfe967d38 CR3: 0000000113e00000 CR4: 00000000003506f0 [ 122.049641][T12835] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 122.057621][T12835] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 122.065585][T12835] Call Trace: [ 122.068961][T12835] [ 122.071900][T12835] ? __warn+0x141/0x350 [ 122.076084][T12835] ? report_bug+0x315/0x420 [ 122.080673][T12835] ? inode_set_cached_link+0xc4/0xd0 [ 122.086135][T12835] ? handle_bug+0x60/0x90 [ 122.090485][T12835] ? exc_invalid_op+0x1a/0x50 [ 122.095152][T12835] ? asm_exc_invalid_op+0x1a/0x20 [ 122.100272][T12835] ? __warn_printk+0x167/0x1b0 [ 122.105136][T12835] ? inode_set_cached_link+0xc4/0xd0 [ 122.110641][T12835] __ext4_iget+0x1bb5/0x1e20 [ 122.115235][T12835] ext4_orphan_get+0x140/0x3e0 [ 122.120108][T12835] ext4_orphan_cleanup+0x5df/0x9e0 [ 122.125337][T12835] ? ext4_register_li_request+0xf2/0x660 [ 122.130996][T12835] ext4_fill_super+0x32ec/0x3630 [ 122.135952][T12835] ? set_blocksize+0x196/0x270 [ 122.140760][T12835] ? sb_set_blocksize+0x95/0xb0 [ 122.145642][T12835] ? setup_bdev_super+0x318/0x370 [ 122.150734][T12835] ? __pfx_ext4_fill_super+0x10/0x10 [ 122.156100][T12835] get_tree_bdev_flags+0x29f/0x310 [ 122.161217][T12835] ? __pfx_ext4_fill_super+0x10/0x10 [ 122.166536][T12835] get_tree_bdev+0x1f/0x30 [ 122.170956][T12835] ext4_get_tree+0x1c/0x30 [ 122.175409][T12835] vfs_get_tree+0x56/0x1e0 [ 122.179893][T12835] do_new_mount+0x227/0x690 [ 122.184385][T12835] path_mount+0x49b/0xb30 [ 122.188730][T12835] __se_sys_mount+0x27f/0x2d0 [ 122.193424][T12835] __x64_sys_mount+0x67/0x80 [ 122.198083][T12835] x64_sys_call+0x2c84/0x2dc0 [ 122.202784][T12835] do_syscall_64+0xc9/0x1c0 [ 122.207348][T12835] ? clear_bhb_loop+0x55/0xb0 [ 122.212018][T12835] ? clear_bhb_loop+0x55/0xb0 [ 122.216715][T12835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.222656][T12835] RIP: 0033:0x7f98892ee90a [ 122.227168][T12835] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 122.246960][T12835] RSP: 002b:00007f9887950e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 122.255468][T12835] RAX: ffffffffffffffda RBX: 00007f9887950ef0 RCX: 00007f98892ee90a [ 122.263451][T12835] RDX: 0000400000000080 RSI: 0000400000000000 RDI: 00007f9887950eb0 [ 122.271489][T12835] RBP: 0000400000000080 R08: 00007f9887950ef0 R09: 000000000200801f [ 122.279505][T12835] R10: 000000000200801f R11: 0000000000000246 R12: 0000400000000000 [ 122.287494][T12835] R13: 00007f9887950eb0 R14: 00000000000004fb R15: 00004000000002c0 [ 122.295455][T12835] [ 122.298532][T12835] ---[ end trace 0000000000000000 ]--- [ 122.305354][T12835] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2977: inode #16: comm syz.1.4083: corrupted xattr block 31: invalid header [ 122.307502][T12848] Cannot find add_set index 0 as target [ 122.320502][T12835] EXT4-fs warning (device loop1): ext4_evict_inode:276: xattr delete (err -117) [ 122.333520][T12835] EXT4-fs (loop1): 1 orphan inode deleted [ 122.357080][T12835] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 122.399881][T12854] 9pnet: p9_errstr2errno: server reported unknown error [ 122.451333][T12870] loop7: detected capacity change from 0 to 512 [ 122.458975][T12870] EXT4-fs: inline encryption not supported [ 122.465372][T12870] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem [ 122.476816][ T29] kauditd_printk_skb: 109 callbacks suppressed [ 122.476829][ T29] audit: type=1400 audit(263034.460:2749): avc: denied { bind } for pid=12873 comm="syz.8.4101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 122.515453][T12870] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2240: inode #15: comm syz.7.4098: corrupted in-inode xattr: e_value size too large [ 122.532172][T12870] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.4098: couldn't read orphan inode 15 (err -117) [ 122.545867][ T29] audit: type=1326 audit(263034.490:2750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12878 comm="syz.9.4102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 122.569251][ T29] audit: type=1326 audit(263034.490:2751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12878 comm="syz.9.4102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 122.592554][ T29] audit: type=1326 audit(263034.490:2752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12878 comm="syz.9.4102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 122.615798][ T29] audit: type=1326 audit(263034.490:2753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12878 comm="syz.9.4102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 122.639857][ T29] audit: type=1400 audit(263034.530:2754): avc: denied { setopt } for pid=12880 comm="syz.8.4103" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 122.667580][ T29] audit: type=1326 audit(263034.650:2755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12885 comm="syz.8.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f604f524127 code=0x7ffc0000 [ 122.690756][ T29] audit: type=1326 audit(263034.650:2756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12885 comm="syz.8.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f604f4c9359 code=0x7ffc0000 [ 122.713943][ T29] audit: type=1326 audit(263034.650:2757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12885 comm="syz.8.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f604f524127 code=0x7ffc0000 [ 122.737220][ T29] audit: type=1326 audit(263034.650:2758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12885 comm="syz.8.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f604f4c9359 code=0x7ffc0000 [ 122.817037][T12899] __nla_validate_parse: 6 callbacks suppressed [ 122.817051][T12899] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4110'. [ 122.859911][T12905] netlink: 'syz.7.4114': attribute type 1 has an invalid length. [ 122.870785][T12905] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 122.878157][T12905] IPv6: NLM_F_CREATE should be set when creating new route [ 122.980837][T12926] loop0: detected capacity change from 0 to 2048 [ 123.100821][T12949] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4132'. [ 123.112633][T12949] macsec0: entered promiscuous mode [ 123.229009][T12967] loop9: detected capacity change from 0 to 128 [ 123.556013][T13000] loop1: detected capacity change from 0 to 128 [ 123.572643][T13005] loop9: detected capacity change from 0 to 512 [ 123.583100][T13005] EXT4-fs error (device loop9): ext4_orphan_get:1389: inode #15: comm syz.9.4158: casefold flag without casefold feature [ 123.596342][T13005] EXT4-fs error (device loop9): ext4_orphan_get:1394: comm syz.9.4158: couldn't read orphan inode 15 (err -117) [ 123.686979][T13023] loop7: detected capacity change from 0 to 512 [ 123.694121][T13023] EXT4-fs: Ignoring removed i_version option [ 123.702742][T13023] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 123.717055][T13023] EXT4-fs (loop7): 1 truncate cleaned up [ 123.729948][T13028] loop1: detected capacity change from 0 to 128 [ 123.773949][T13035] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4173'. [ 123.783044][T13035] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4173'. [ 123.792164][T13035] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4173'. [ 123.819359][T13035] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4173'. [ 123.828418][T13035] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4173'. [ 123.837563][T13035] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4173'. [ 123.879898][T13035] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4173'. [ 123.889065][T13035] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4173'. [ 123.960645][T13063] SELinux: policydb table sizes (0,0) do not match mine (8,7) [ 123.968937][T13063] SELinux: failed to load policy [ 124.071424][T13091] loop0: detected capacity change from 0 to 1024 [ 124.078328][T13091] EXT4-fs: Ignoring removed nobh option [ 124.102322][T13096] loop1: detected capacity change from 0 to 1024 [ 124.291843][T13137] loop8: detected capacity change from 0 to 512 [ 124.299886][T13137] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended [ 124.309160][T13137] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem [ 124.320533][T13137] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 124.328609][T13137] System zones: 0-2, 18-18, 34-34 [ 124.334069][T13137] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 124.348936][T13137] EXT4-fs (loop8): 1 truncate cleaned up [ 124.429170][T13159] xt_hashlimit: overflow, try lower: 18446744073709551615/7 [ 124.467711][T13168] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2580 sclass=netlink_route_socket pid=13168 comm=syz.8.4231 [ 124.485801][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 124.567682][T13187] ip6gretap0: entered promiscuous mode [ 124.668498][T13208] Invalid logical block size (131072) [ 124.784091][T13229] loop0: detected capacity change from 0 to 512 [ 124.951704][T13265] loop0: detected capacity change from 0 to 512 [ 124.960554][T13265] journal_path: Non-blockdev passed as './bus' [ 124.966890][T13265] EXT4-fs: error: could not find journal device path [ 125.021222][T13276] program syz.1.4282 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 125.078937][T13293] loop1: detected capacity change from 0 to 512 [ 125.130698][T13293] EXT4-fs (loop1): 1 orphan inode deleted [ 125.219375][T13324] rdma_op ffff88811ea94980 conn xmit_rdma 0000000000000000 [ 125.287037][T13339] loop1: detected capacity change from 0 to 128 [ 125.345351][T13348] 9pnet: Could not find request transport: r [ 125.384529][T13359] Â: renamed from pim6reg1 [ 125.455584][T13367] loop8: detected capacity change from 0 to 1024 [ 125.467119][T13367] EXT4-fs: Ignoring removed nobh option [ 125.472736][T13367] EXT4-fs: Ignoring removed bh option [ 125.484354][T13371] random: crng reseeded on system resumption [ 125.548305][T13377] EXT4-fs error (device loop8): mb_free_blocks:1948: group 0, inode 15: block 161:freeing already freed block (bit 10); block bitmap corrupt. [ 125.567556][T13371] Unrecognized hibernate image header format! [ 125.573725][T13371] PM: hibernation: Image mismatch: architecture specific data [ 125.639090][T13387] loop8: detected capacity change from 0 to 512 [ 125.645578][T13387] EXT4-fs: Ignoring removed i_version option [ 125.660207][T13387] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 125.672487][T13389] loop9: detected capacity change from 0 to 1024 [ 125.689258][T13389] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869) [ 125.707156][T13387] EXT4-fs error (device loop8): ext4_orphan_get:1389: inode #15: comm syz.8.4331: iget: bad extra_isize 15 (inode size 256) [ 125.716542][T13389] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 125.720520][T13387] EXT4-fs error (device loop8): ext4_orphan_get:1394: comm syz.8.4331: couldn't read orphan inode 15 (err -117) [ 125.752893][T13389] EXT4-fs (loop9): invalid journal inode [ 125.760793][T13389] EXT4-fs (loop9): can't get journal size [ 125.777670][T13389] EXT4-fs error (device loop9): ext4_protect_reserved_inode:182: inode #2: comm syz.9.4333: blocks 48-48 from inode overlap system zone [ 125.795538][T13389] EXT4-fs (loop9): failed to initialize system zone (-117) [ 125.804259][T13389] EXT4-fs (loop9): mount failed [ 125.961327][T13435] netlink: 'syz.7.4355': attribute type 1 has an invalid length. [ 125.969120][T13435] netlink: 'syz.7.4355': attribute type 2 has an invalid length. [ 126.000596][T13443] loop9: detected capacity change from 0 to 128 [ 126.070862][T13458] loop0: detected capacity change from 0 to 128 [ 126.119578][T13467] batadv_slave_1: entered promiscuous mode [ 126.126050][T13466] batadv_slave_1: left promiscuous mode [ 126.267559][T13497] loop7: detected capacity change from 0 to 512 [ 126.298474][T13497] EXT4-fs (loop7): 1 orphan inode deleted [ 126.316809][ T9282] EXT4-fs error (device loop7): ext4_release_dquot:6950: comm kworker/u8:62: Failed to release dquot type 1 [ 126.430457][T13525] loop7: detected capacity change from 0 to 128 [ 126.692647][T13573] netlink: 'syz.9.4418': attribute type 1 has an invalid length. [ 126.797574][T13591] random: crng reseeded on system resumption [ 126.883748][T13600] SELinux: ebitmap: map size 149 does not match my size 64 (high bit was 0) [ 126.893858][T13600] SELinux: failed to load policy [ 126.918618][T13606] loop0: detected capacity change from 0 to 256 [ 126.931698][T13606] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 126.963439][T13612] loop1: detected capacity change from 0 to 512 [ 126.971311][T13612] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 126.980416][T13612] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 126.995219][T13612] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 127.007775][T13612] System zones: 0-2, 18-18, 34-34 [ 127.014828][T13612] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 127.030847][T13612] EXT4-fs (loop1): 1 truncate cleaned up [ 127.108870][T13631] netlink: 'syz.0.4444': attribute type 13 has an invalid length. [ 127.128448][T13631] gretap0: refused to change device tx_queue_len [ 127.136842][T13631] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 127.157882][T13637] vhci_hcd: invalid port number 255 [ 127.163162][T13637] vhci_hcd: default hub control req: 0006 v0309 i00ff l0 [ 127.192249][T13642] loop0: detected capacity change from 0 to 512 [ 127.195565][T13643] loop8: detected capacity change from 0 to 512 [ 127.198904][T13642] EXT4-fs: Ignoring removed i_version option [ 127.211679][T13642] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 127.213383][T13643] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 127.232585][T13642] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.4449: iget: bad extra_isize 15 (inode size 256) [ 127.234594][T13647] loop5: detected capacity change from 0 to 7 [ 127.249533][T13643] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2240: inode #15: comm syz.8.4450: corrupted in-inode xattr: e_name out of bounds [ 127.252621][T13647] Buffer I/O error on dev loop5, logical block 0, async page read [ 127.266105][T13642] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.4449: couldn't read orphan inode 15 (err -117) [ 127.274794][T13647] Buffer I/O error on dev loop5, logical block 0, async page read [ 127.294513][T13647] loop5: unable to read partition table [ 127.302673][T13643] EXT4-fs (loop8): Remounting filesystem read-only [ 127.309326][T13643] EXT4-fs (loop8): 1 truncate cleaned up [ 127.310348][T13647] loop_reread_partitions: partition scan of loop5 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨â·û [ 127.310348][T13647] ) failed (rc=-5) [ 127.315454][T13643] SELinux: (dev loop8, type ext4) getxattr errno 5 [ 127.351000][T13649] loop0: detected capacity change from 0 to 512 [ 127.360577][T13649] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 127.369853][T13649] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 127.399180][T13649] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 127.411408][T13649] System zones: 0-2, 18-18, 34-34 [ 127.426306][T13649] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 127.449827][T13649] EXT4-fs (loop0): 1 truncate cleaned up [ 127.451024][T13665] tipc: Started in network mode [ 127.460646][T13665] tipc: Node identity ac14140f, cluster identity 4711 [ 127.473203][T13665] tipc: New replicast peer: 255.255.255.255 [ 127.479480][T13665] tipc: Enabled bearer , priority 10 [ 127.514833][T13672] loop7: detected capacity change from 0 to 512 [ 127.536107][T13672] EXT4-fs: Ignoring removed i_version option [ 127.561826][T13672] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 127.583617][T13672] EXT4-fs error (device loop7): ext4_orphan_get:1389: inode #15: comm syz.7.4463: iget: bad extra_isize 15 (inode size 256) [ 127.617313][T13672] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.4463: couldn't read orphan inode 15 (err -117) [ 127.662521][ T29] kauditd_printk_skb: 370 callbacks suppressed [ 127.662536][ T29] audit: type=1400 audit(263039.640:3128): avc: denied { execmem } for pid=13689 comm="syz.9.4471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 127.763494][T13698] loop0: detected capacity change from 0 to 512 [ 127.775526][ T29] audit: type=1400 audit(263039.700:3129): avc: denied { create } for pid=13687 comm="syz.0.4470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 127.794830][ T29] audit: type=1400 audit(263039.700:3130): avc: denied { setopt } for pid=13687 comm="syz.0.4470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 127.835574][T13708] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551615) [ 127.846128][T13708] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 127.856043][ T29] audit: type=1400 audit(263039.780:3131): avc: denied { name_connect } for pid=13703 comm="syz.9.4477" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 127.917087][T13720] loop0: detected capacity change from 0 to 512 [ 127.941320][ T29] audit: type=1400 audit(263039.920:3132): avc: denied { create } for pid=13722 comm="syz.1.4485" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 127.976783][T13720] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.4483: casefold flag without casefold feature [ 127.986213][ T29] audit: type=1400 audit(263039.940:3133): avc: denied { write } for pid=13722 comm="syz.1.4485" path="socket:[40495]" dev="sockfs" ino=40495 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 128.024116][T13720] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.4483: couldn't read orphan inode 15 (err -117) [ 128.077610][T13726] loop7: detected capacity change from 0 to 2048 [ 128.094914][ T29] audit: type=1400 audit(263040.070:3134): avc: denied { ioctl } for pid=13732 comm="syz.1.4489" path="socket:[41420]" dev="sockfs" ino=41420 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 128.095154][T13733] netlink: 'syz.1.4489': attribute type 1 has an invalid length. [ 128.121987][ T29] audit: type=1400 audit(263040.110:3135): avc: denied { setattr } for pid=13719 comm="syz.0.4483" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 128.150718][ T29] audit: type=1400 audit(263040.130:3136): avc: denied { create } for pid=13719 comm="syz.0.4483" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 128.204960][ T29] audit: type=1400 audit(263040.170:3137): avc: denied { write } for pid=13719 comm="syz.0.4483" path="/858/file0/file1" dev="loop0" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 128.286267][T13742] loop1: detected capacity change from 0 to 4096 [ 128.321847][T13761] loop9: detected capacity change from 0 to 512 [ 128.364252][T13764] loop0: detected capacity change from 0 to 512 [ 128.371141][T13761] EXT4-fs: inline encryption not supported [ 128.378394][T13761] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem [ 128.389410][T13764] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 128.410866][T13761] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2240: inode #15: comm syz.9.4502: corrupted in-inode xattr: e_value size too large [ 128.425070][T13764] EXT4-fs (loop0): orphan cleanup on readonly fs [ 128.432459][T13764] EXT4-fs warning (device loop0): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 128.447540][T13764] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 128.459594][T13772] __nla_validate_parse: 19 callbacks suppressed [ 128.459610][T13772] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4507'. [ 128.475404][T13764] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2977: inode #16: comm syz.0.4503: corrupted xattr block 31: invalid header [ 128.485836][T13761] EXT4-fs error (device loop9): ext4_orphan_get:1394: comm syz.9.4502: couldn't read orphan inode 15 (err -117) [ 128.508301][T13764] EXT4-fs warning (device loop0): ext4_evict_inode:276: xattr delete (err -117) [ 128.520264][T13761] EXT4-fs mount: 82 callbacks suppressed [ 128.520279][T13761] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 128.521279][T13764] EXT4-fs (loop0): 1 orphan inode deleted [ 128.544068][T13764] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 128.590176][T13780] No such timeout policy "syz0" [ 128.595783][ T3378] tipc: Node number set to 2886997007 [ 128.603559][T13764] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 128.615163][T11777] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.669998][T13790] loop9: detected capacity change from 0 to 512 [ 128.678016][T13790] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 35: padding at end of block bitmap is not set [ 128.694952][ T5742] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.713766][T13793] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4516'. [ 128.740911][T13799] loop1: detected capacity change from 0 to 512 [ 128.771358][T13790] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 128.785370][T13799] EXT4-fs: Ignoring removed i_version option [ 128.791636][T13799] EXT4-fs: Ignoring removed mblk_io_submit option [ 128.805325][T13804] loop7: detected capacity change from 0 to 128 [ 128.808346][T13790] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm +}[@: invalid indirect mapped block 4294967295 (level 1) [ 128.825245][T13790] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm +}[@: invalid indirect mapped block 4294967295 (level 2) [ 128.841615][T13790] EXT4-fs (loop9): 1 truncate cleaned up [ 128.849279][T13799] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 128.860051][T13804] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 128.860302][T13790] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 128.894719][T13799] EXT4-fs (loop1): 1 truncate cleaned up [ 128.900920][T13799] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 128.916838][ T9335] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 128.946476][T11777] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.021699][T12553] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.047655][T13825] loop7: detected capacity change from 0 to 512 [ 129.059237][T13830] netlink: 'syz.9.4531': attribute type 13 has an invalid length. [ 129.068036][T13825] EXT4-fs (loop7): revision level too high, forcing read-only mode [ 129.076189][T13830] gretap0: refused to change device tx_queue_len [ 129.076950][T13825] EXT4-fs (loop7): orphan cleanup on readonly fs [ 129.083199][T13830] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 129.089651][T13825] EXT4-fs warning (device loop7): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 129.133758][T13825] EXT4-fs (loop7): Cannot turn on quotas: error -22 [ 129.136167][T13836] loop0: detected capacity change from 0 to 512 [ 129.142906][T13825] EXT4-fs error (device loop7): ext4_xattr_delete_inode:2977: inode #16: comm syz.7.4529: corrupted xattr block 31: invalid header [ 129.147487][T13836] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 129.170537][T13825] EXT4-fs warning (device loop7): ext4_evict_inode:276: xattr delete (err -117) [ 129.179864][T13825] EXT4-fs (loop7): 1 orphan inode deleted [ 129.180273][T13837] SELinux: policydb table sizes (0,0) do not match mine (8,7) [ 129.186120][T13825] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 129.194398][T13837] SELinux: failed to load policy [ 129.211124][T13836] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.234972][T13825] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 129.264521][ T9335] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.281143][ T5742] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.315434][T13853] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4536'. [ 129.344419][ T3361] IPVS: starting estimator thread 0... [ 129.384071][T13868] loop0: detected capacity change from 0 to 1024 [ 129.391891][T13868] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869) [ 129.401596][T13868] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 129.413172][T13868] EXT4-fs (loop0): invalid journal inode [ 129.418946][T13868] EXT4-fs (loop0): can't get journal size [ 129.425200][T13868] EXT4-fs error (device loop0): ext4_protect_reserved_inode:182: inode #2: comm syz.0.4547: blocks 48-48 from inode overlap system zone [ 129.440275][T13868] EXT4-fs (loop0): failed to initialize system zone (-117) [ 129.447814][T13860] IPVS: using max 2880 ests per chain, 144000 per kthread [ 129.447914][T13868] EXT4-fs (loop0): mount failed [ 129.820924][T13904] No such timeout policy "syz0" [ 129.995538][T13919] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4570'. [ 130.004574][T13919] netlink: 20 bytes leftover after parsing attributes in process `syz.8.4570'. [ 130.030750][T13921] loop1: detected capacity change from 0 to 512 [ 130.041116][T13921] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 35: padding at end of block bitmap is not set [ 130.068031][T13921] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 130.077835][T13921] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm +}[@: invalid indirect mapped block 4294967295 (level 1) [ 130.098937][T13921] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm +}[@: invalid indirect mapped block 4294967295 (level 2) [ 130.113529][T13921] EXT4-fs (loop1): 1 truncate cleaned up [ 130.126255][T13921] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.149380][T13932] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4578'. [ 130.160467][T12553] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.328518][T13967] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4596'. [ 130.340543][T13967] veth0_macvtap: left promiscuous mode [ 130.374363][T13975] loop9: detected capacity change from 0 to 1024 [ 130.381603][T13975] EXT4-fs: Ignoring removed nobh option [ 130.407839][T13975] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.464679][T13995] loop7: detected capacity change from 0 to 128 [ 130.517722][T14004] loop1: detected capacity change from 0 to 256 [ 130.524711][T11777] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.572818][T14004] FAT-fs (loop1): Directory bread(block 64) failed [ 130.581032][T14004] FAT-fs (loop1): Directory bread(block 65) failed [ 130.588600][T14004] FAT-fs (loop1): Directory bread(block 66) failed [ 130.599221][T14004] FAT-fs (loop1): Directory bread(block 67) failed [ 130.608344][T14004] FAT-fs (loop1): Directory bread(block 68) failed [ 130.615777][T14004] FAT-fs (loop1): Directory bread(block 69) failed [ 130.628999][T14004] FAT-fs (loop1): Directory bread(block 70) failed [ 130.646953][T14004] FAT-fs (loop1): Directory bread(block 71) failed [ 130.653948][T14004] FAT-fs (loop1): Directory bread(block 72) failed [ 130.667173][T14028] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14028 comm=syz.8.4624 [ 130.681454][T14004] FAT-fs (loop1): Directory bread(block 73) failed [ 130.690355][T14031] netlink: 'syz.9.4625': attribute type 1 has an invalid length. [ 130.734701][T14040] sch_tbf: burst 1656 is lower than device lo mtu (65550) ! [ 130.790250][T14054] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4636'. [ 130.869489][T14070] Cannot find add_set index 0 as target [ 130.905381][T14082] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4650'. [ 130.914347][T14082] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4650'. [ 131.056495][T14113] Cannot find del_set index 4 as target [ 131.162489][T14126] loop8: detected capacity change from 0 to 1024 [ 131.179978][T14126] EXT4-fs: Ignoring removed nobh option [ 131.185596][T14126] EXT4-fs: Ignoring removed bh option [ 131.203029][T14131] loop1: detected capacity change from 0 to 256 [ 131.218539][T14126] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 131.264758][T14126] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4115: comm syz.8.4671: Allocating blocks 497-513 which overlap fs metadata [ 131.286032][T14126] EXT4-fs (loop8): pa ffff8881068b8380: logic 256, phys. 385, len 8 [ 131.294109][T14126] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 1 [ 131.306493][T14144] EXT4-fs error (device loop8): mb_free_blocks:1948: group 0, inode 15: block 129:freeing already freed block (bit 8); block bitmap corrupt. [ 131.335429][T10291] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.465459][T14161] loop8: detected capacity change from 0 to 2048 [ 131.560351][T14182] loop1: detected capacity change from 0 to 256 [ 131.675339][T14201] netlink: 'syz.0.4704': attribute type 25 has an invalid length. [ 131.683347][T14201] netlink: 'syz.0.4704': attribute type 7 has an invalid length. [ 131.820492][T14215] loop7: detected capacity change from 0 to 1764 [ 131.879656][T14225] loop9: detected capacity change from 0 to 8192 [ 131.995649][T14244] Cannot find add_set index 0 as target [ 132.319640][T14299] loop8: detected capacity change from 0 to 512 [ 132.383626][T14299] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 132.397766][T14299] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 132.488240][T10291] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.601573][T14339] SELinux: Context Œ= is not valid (left unmapped). [ 132.603244][T14341] loop8: detected capacity change from 0 to 256 [ 132.843092][T14366] netlink: 'syz.0.4779': attribute type 1 has an invalid length. [ 132.914921][ T29] kauditd_printk_skb: 161 callbacks suppressed [ 132.914951][ T29] audit: type=1400 audit(263044.890:3299): avc: denied { mount } for pid=14373 comm="syz.0.4783" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 132.943391][ T29] audit: type=1400 audit(263044.890:3300): avc: denied { unmount } for pid=14373 comm="syz.0.4783" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 133.067364][T14381] loop0: detected capacity change from 0 to 2048 [ 133.088296][T14381] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.160340][ T5742] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.242391][T14398] loop0: detected capacity change from 0 to 256 [ 133.302142][ T29] audit: type=1326 audit(263045.280:3301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14405 comm="syz.9.4797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 133.325577][ T29] audit: type=1326 audit(263045.280:3302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14405 comm="syz.9.4797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 133.353535][ T29] audit: type=1326 audit(263045.280:3303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14405 comm="syz.9.4797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 133.376948][ T29] audit: type=1326 audit(263045.280:3304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14405 comm="syz.9.4797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 133.400257][ T29] audit: type=1326 audit(263045.280:3305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14405 comm="syz.9.4797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 133.423536][ T29] audit: type=1326 audit(263045.280:3306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14405 comm="syz.9.4797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 133.455736][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 133.464579][ T29] audit: type=1326 audit(263045.390:3307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14405 comm="syz.9.4797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 133.487965][ T29] audit: type=1326 audit(263045.390:3308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14405 comm="syz.9.4797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dfe77d169 code=0x7ffc0000 [ 133.652602][T14433] __nla_validate_parse: 10 callbacks suppressed [ 133.652617][T14433] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4810'. [ 133.689385][T14435] netlink: 180900 bytes leftover after parsing attributes in process `syz.7.4811'. [ 133.699661][T14435] netlink: zone id is out of range [ 133.704996][T14435] netlink: zone id is out of range [ 133.720179][T14435] netlink: zone id is out of range [ 133.731088][T14435] netlink: set zone limit has 8 unknown bytes [ 133.739793][T14447] netlink: 'syz.0.4816': attribute type 9 has an invalid length. [ 133.755936][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 133.781601][T14445] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 133.798498][T14445] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 133.837341][T14459] loop8: detected capacity change from 0 to 2048 [ 133.852585][T14459] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.889699][T14470] loop9: detected capacity change from 0 to 128 [ 133.903167][T14470] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 133.915681][T14470] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 133.925084][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 133.933895][T10291] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.951494][ T8610] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 133.991357][T14483] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in; [ 133.991357][T14483] program syz.7.4834 not setting count and/or reply_len properly [ 134.077413][ T9271] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 134.160124][T14512] netlink: 'syz.9.4848': attribute type 3 has an invalid length. [ 134.168016][T14512] netlink: 666 bytes leftover after parsing attributes in process `syz.9.4848'. [ 134.190503][ T9271] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.225822][T14516] loop9: detected capacity change from 0 to 164 [ 134.266467][ T9271] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.370011][ T9271] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.434378][ T9271] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.479002][T14521] chnl_net:caif_netlink_parms(): no params data found [ 134.529667][T14570] loop9: detected capacity change from 0 to 1024 [ 134.537800][T14570] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 134.552237][T14570] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 134.566529][T14570] EXT4-fs error (device loop9): ext4_get_journal_inode:5798: comm syz.9.4872: inode #1: comm syz.9.4872: iget: illegal inode # [ 134.570195][T14521] bridge0: port 1(bridge_slave_0) entered blocking state [ 134.586173][T14570] EXT4-fs (loop9): no journal found [ 134.586865][T14521] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.591985][T14570] EXT4-fs (loop9): can't get journal size [ 134.607846][T14521] bridge_slave_0: entered allmulticast mode [ 134.614562][T14521] bridge_slave_0: entered promiscuous mode [ 134.622416][T14521] bridge0: port 2(bridge_slave_1) entered blocking state [ 134.629709][T14521] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.636875][T14570] EXT4-fs (loop9): failed to initialize system zone (-22) [ 134.645407][T14521] bridge_slave_1: entered allmulticast mode [ 134.652597][T14521] bridge_slave_1: entered promiscuous mode [ 134.659140][T14570] EXT4-fs (loop9): mount failed [ 134.691071][ T9271] bridge_slave_1: left allmulticast mode [ 134.696840][ T9271] bridge_slave_1: left promiscuous mode [ 134.702582][ T9271] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.719718][ T9271] bridge_slave_0: left promiscuous mode [ 134.725521][ T9271] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.847475][T14604] loop1: detected capacity change from 0 to 512 [ 134.849945][T14606] loop8: detected capacity change from 0 to 512 [ 134.861868][T14606] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.4885: bg 0: block 418: padding at end of block bitmap is not set [ 134.876550][ T9271] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 134.876765][T14606] EXT4-fs (loop8): Remounting filesystem read-only [ 134.891785][T14606] EXT4-fs (loop8): 1 truncate cleaned up [ 134.897035][T14604] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.898036][T14606] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 134.912247][ T9271] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 134.921931][T14606] SELinux: (dev loop8, type ext4) getxattr errno 5 [ 134.937344][T14606] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.937942][ T9271] bond0 (unregistering): Released all slaves [ 134.954506][T14604] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 134.966372][T14521] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 134.988155][T14521] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 135.007024][ T9271] hsr_slave_0: left promiscuous mode [ 135.012861][ T9271] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 135.020541][ T9271] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 135.028332][ T9271] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 135.056240][ T9271] bridge_slave_0: left allmulticast mode [ 135.062844][ T9271] veth1_macvtap: left promiscuous mode [ 135.068443][ T9271] veth0_macvtap: left promiscuous mode [ 135.074367][ T9271] veth1_vlan: left promiscuous mode [ 135.079796][ T9271] veth0_vlan: left promiscuous mode [ 135.080156][T12553] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.193084][T14623] loop1: detected capacity change from 0 to 2048 [ 135.211034][T14521] team0: Port device team_slave_0 added [ 135.221908][T14521] team0: Port device team_slave_1 added [ 135.262737][T14521] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 135.265841][T14632] loop7: detected capacity change from 0 to 512 [ 135.269772][T14521] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 135.302166][T14521] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 135.320712][T14635] lo: entered promiscuous mode [ 135.325519][T14635] lo: entered allmulticast mode [ 135.335515][T14632] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 135.352824][T14521] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 135.360264][T14521] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 135.386487][T14521] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 135.408833][ T9335] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.428801][T14521] hsr_slave_0: entered promiscuous mode [ 135.434925][T14521] hsr_slave_1: entered promiscuous mode [ 135.445825][T14521] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 135.465448][T14521] Cannot create hsr debugfs directory [ 135.490384][T14645] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4903'. [ 135.593087][ T9271] IPVS: stop unused estimator thread 0... [ 135.692367][T14670] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4913'. [ 135.722127][T14672] loop9: detected capacity change from 0 to 128 [ 135.853927][T14521] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 135.877617][T14521] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 135.899586][T14521] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 135.923901][T14521] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 136.266849][T14521] 8021q: adding VLAN 0 to HW filter on device bond0 [ 136.309486][T14521] 8021q: adding VLAN 0 to HW filter on device team0 [ 136.348953][ T8626] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.356063][ T8626] bridge0: port 1(bridge_slave_0) entered forwarding state [ 136.394435][T14695] loop7: detected capacity change from 0 to 512 [ 136.410798][ T8626] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.417909][ T8626] bridge0: port 2(bridge_slave_1) entered forwarding state [ 136.426653][T14695] EXT4-fs (loop7): revision level too high, forcing read-only mode [ 136.436791][T14695] EXT4-fs (loop7): orphan cleanup on readonly fs [ 136.453310][T14695] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.4924: invalid indirect mapped block 256 (level 2) [ 136.484323][T14521] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 136.494873][T14521] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 136.529987][T14704] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 136.547261][T14704] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.555342][T14695] EXT4-fs (loop7): 2 truncates cleaned up [ 136.570062][T14695] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 136.598437][ T9335] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.644758][T14521] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 136.732400][T14521] veth0_vlan: entered promiscuous mode [ 136.742731][T14521] veth1_vlan: entered promiscuous mode [ 136.767808][T14521] veth0_macvtap: entered promiscuous mode [ 136.774909][T14521] veth1_macvtap: entered promiscuous mode [ 136.790965][T14521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.801572][T14521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.811806][T14521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.822303][T14521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.832234][T14521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.837817][T14743] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4943'. [ 136.842743][T14521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.851601][T14743] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4943'. [ 136.861420][T14521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.861436][T14521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.866497][T14521] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 136.871863][T14743] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4943'. [ 136.884018][T14521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 136.917349][T14521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.927270][T14521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 136.937686][T14521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.947518][T14521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 136.958026][T14521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.968051][T14521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 136.978506][T14521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.988387][T14521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 136.998813][T14521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.014781][T14521] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 137.014847][T14743] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4943'. [ 137.031017][T14743] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4943'. [ 137.045331][T14521] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.054169][T14521] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.063051][T14521] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.071791][T14521] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.222625][T14774] loop8: detected capacity change from 0 to 512 [ 137.223632][T14773] virt_wifi0: tun_chr_ioctl cmd 1074025681 [ 137.240669][T14774] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.269877][T10291] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.305041][T14787] loop9: detected capacity change from 0 to 512 [ 137.363788][T14795] loop1: detected capacity change from 0 to 2048 [ 137.384489][T14803] loop8: detected capacity change from 0 to 512 [ 137.392129][T14803] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 137.412490][T14803] EXT4-fs (loop8): orphan cleanup on readonly fs [ 137.413113][T14795] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842e02c, mo2=0002] [ 137.419605][T14803] EXT4-fs error (device loop8): ext4_acquire_dquot:6927: comm syz.8.4966: Failed to acquire dquot type 1 [ 137.440560][T14795] System zones: 0-7 [ 137.441934][T14803] EXT4-fs (loop8): 1 truncate cleaned up [ 137.450762][T14795] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.450903][T14803] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 137.487839][T10291] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.513482][T14795] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4962: bg 0: block 234: padding at end of block bitmap is not set [ 137.539063][T14795] EXT4-fs (loop1): Remounting filesystem read-only [ 137.623207][T12553] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.777480][T14858] loop1: detected capacity change from 0 to 1024 [ 137.784194][T14859] tmpfs: Bad value for 'mpol' [ 137.784613][T14858] EXT4-fs: Ignoring removed bh option [ 137.797261][T14858] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 137.817341][T14858] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 137.838802][T14858] EXT4-fs error (device loop1): ext4_map_blocks:671: inode #3: block 2: comm syz.1.4992: lblock 2 mapped to illegal pblock 2 (length 1) [ 137.855973][T14858] EXT4-fs error (device loop1): ext4_map_blocks:671: inode #3: block 48: comm syz.1.4992: lblock 0 mapped to illegal pblock 48 (length 1) [ 137.877699][T14858] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.4992: Failed to acquire dquot type 0 [ 137.906457][T14858] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5838: Corrupt filesystem [ 137.918562][T14858] EXT4-fs error (device loop1): ext4_evict_inode:256: inode #11: comm syz.1.4992: mark_inode_dirty error [ 137.933827][T14858] EXT4-fs warning (device loop1): ext4_evict_inode:259: couldn't mark inode dirty (err -117) [ 137.944602][T14858] EXT4-fs (loop1): 1 orphan inode deleted [ 137.950698][T14858] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.964314][ T311] EXT4-fs error (device loop1): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1) [ 137.987029][ T29] kauditd_printk_skb: 137 callbacks suppressed [ 137.987044][ T29] audit: type=1400 audit(263049.970:3442): avc: denied { write } for pid=14885 comm="syz.8.5005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 138.015632][ T311] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 138.024253][ T311] EXT4-fs error (device loop1): ext4_release_dquot:6950: comm kworker/u8:5: Failed to release dquot type 0 [ 138.053142][T12553] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.062894][T12553] EXT4-fs error (device loop1): __ext4_get_inode_loc:4435: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 138.075804][ T29] audit: type=1400 audit(263050.040:3443): avc: denied { connect } for pid=14891 comm="syz.8.5009" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 138.079258][T14894] loop7: detected capacity change from 0 to 1024 [ 138.103940][T12553] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5838: Corrupt filesystem [ 138.114785][T12553] EXT4-fs error (device loop1): ext4_quota_off:7194: inode #3: comm syz-executor: mark_inode_dirty error [ 138.129900][T14894] EXT4-fs: Ignoring removed nomblk_io_submit option [ 138.152226][ T29] audit: type=1400 audit(263050.130:3444): avc: denied { setopt } for pid=14902 comm="syz.1.5008" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 138.176666][T14894] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 138.214379][T14894] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 138.232297][T14910] loop0: detected capacity change from 0 to 128 [ 138.263173][T14894] EXT4-fs error (device loop7): ext4_expand_extra_isize_ea:2793: inode #2: comm syz.7.5010: corrupted in-inode xattr: bad e_name length [ 138.277958][T14910] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 138.302955][T14894] EXT4-fs (loop7): Remounting filesystem read-only [ 138.358260][T14521] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 138.389492][ T9335] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.427795][ T29] audit: type=1400 audit(263050.410:3445): avc: granted { setsecparam } for pid=14923 comm="syz.0.5021" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security [ 138.577041][T14934] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 138.597194][T14934] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.604463][T14934] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.049831][ T29] audit: type=1326 audit(263051.030:3446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14952 comm="syz.8.5037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f604f52d169 code=0x7ffc0000 [ 139.073061][ T29] audit: type=1326 audit(263051.030:3447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14952 comm="syz.8.5037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f604f52d169 code=0x7ffc0000 [ 139.148952][T14969] loop0: detected capacity change from 0 to 512 [ 139.158373][T14969] EXT4-fs: Ignoring removed oldalloc option [ 139.164914][ T29] audit: type=1326 audit(263051.080:3448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14952 comm="syz.8.5037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f604f52d169 code=0x7ffc0000 [ 139.188225][ T29] audit: type=1326 audit(263051.080:3449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14952 comm="syz.8.5037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f604f52d169 code=0x7ffc0000 [ 139.218457][T14969] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.5044: Parent and EA inode have the same ino 15 [ 139.255923][ T29] audit: type=1400 audit(263051.240:3450): avc: denied { read } for pid=14975 comm="syz.9.5048" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 139.279172][T14969] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.5044: Parent and EA inode have the same ino 15 [ 139.296881][T14969] EXT4-fs (loop0): 1 orphan inode deleted [ 139.303040][T14969] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 139.379772][T14521] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.466876][T15018] SELinux: policydb table sizes (0,0) do not match mine (8,7) [ 139.491345][T15018] SELinux: failed to load policy [ 139.498501][T15026] __nla_validate_parse: 5 callbacks suppressed [ 139.498517][T15026] netlink: 48 bytes leftover after parsing attributes in process `syz.8.5071'. [ 139.578740][T15040] loop9: detected capacity change from 0 to 512 [ 139.604120][T15040] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.669370][T11777] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.910558][T15090] loop9: detected capacity change from 0 to 512 [ 139.920688][T15090] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 139.947486][T15090] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #16: comm syz.9.5101: invalid indirect mapped block 4294967295 (level 0) [ 139.964838][T15099] netlink: 'syz.8.5105': attribute type 1 has an invalid length. [ 139.972841][T15099] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5105'. [ 140.004048][T15090] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #16: comm syz.9.5101: invalid indirect mapped block 4294967295 (level 1) [ 140.026673][T15090] EXT4-fs (loop9): 1 orphan inode deleted [ 140.033230][T15090] EXT4-fs (loop9): 1 truncate cleaned up [ 140.086984][T15090] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 140.139385][T15119] bond1: entered promiscuous mode [ 140.144513][T15119] bond1: entered allmulticast mode [ 140.163507][T11777] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.176540][T15123] xt_connbytes: Forcing CT accounting to be enabled [ 140.176631][T15119] 8021q: adding VLAN 0 to HW filter on device bond1 [ 140.183196][T15123] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 140.220029][T15119] bond1 (unregistering): Released all slaves [ 140.447420][T15164] infiniband syz1: set active [ 140.447515][T15175] netlink: 56 bytes leftover after parsing attributes in process `syz.9.5139'. [ 140.452162][T15164] infiniband syz1: added team_slave_0 [ 140.461128][T15175] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5139'. [ 140.484977][T15164] RDS/IB: syz1: added [ 140.521410][T15164] smc: adding ib device syz1 with port count 1 [ 140.547819][T15164] smc: ib device syz1 port 1 has pnetid [ 140.558277][T15188] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=41664 sclass=netlink_route_socket pid=15188 comm=syz.7.5144 [ 140.659576][T15190] loop9: detected capacity change from 0 to 8192 [ 140.755851][T15196] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 140.917521][T15223] tap0: tun_chr_ioctl cmd 1074025677 [ 140.922980][T15223] tap0: linktype set to 270 [ 140.975921][T15231] xt_hashlimit: max too large, truncated to 1048576 [ 141.062572][T15251] loop1: detected capacity change from 0 to 1024 [ 141.069744][T15251] EXT4-fs: Ignoring removed bh option [ 141.075203][T15251] EXT4-fs: Ignoring removed mblk_io_submit option [ 141.081793][T15251] EXT4-fs: inline encryption not supported [ 141.089613][T15251] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 141.104468][T15251] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 141.114683][T15251] EXT4-fs error (device loop1): ext4_map_blocks:671: inode #3: block 2: comm syz.1.5174: lblock 2 mapped to illegal pblock 2 (length 1) [ 141.134522][T15251] EXT4-fs error (device loop1): ext4_map_blocks:671: inode #3: block 48: comm syz.1.5174: lblock 0 mapped to illegal pblock 48 (length 1) [ 141.154777][T15251] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.5174: Failed to acquire dquot type 0 [ 141.176493][T15251] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5838: Corrupt filesystem [ 141.186148][T15251] EXT4-fs error (device loop1): ext4_evict_inode:256: inode #11: comm syz.1.5174: mark_inode_dirty error [ 141.206211][T15251] EXT4-fs warning (device loop1): ext4_evict_inode:259: couldn't mark inode dirty (err -117) [ 141.218165][T15251] EXT4-fs (loop1): 1 orphan inode deleted [ 141.224298][T15251] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.305833][ T311] EXT4-fs error (device loop1): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1) [ 141.321984][ T311] EXT4-fs error (device loop1): ext4_release_dquot:6950: comm kworker/u8:5: Failed to release dquot type 0 [ 141.348752][T12553] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.360238][T12553] EXT4-fs error (device loop1): __ext4_get_inode_loc:4435: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 141.374070][T15269] loop0: detected capacity change from 0 to 128 [ 141.383532][T12553] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5838: Corrupt filesystem [ 141.393448][T12553] EXT4-fs error (device loop1): ext4_quota_off:7194: inode #3: comm syz-executor: mark_inode_dirty error [ 141.457881][T15277] loop0: detected capacity change from 0 to 256 [ 141.972451][T15297] 9pnet: Could not find request transport: f [ 141.995324][T15300] loop7: detected capacity change from 0 to 512 [ 142.003079][T15300] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem [ 142.014130][T15300] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 142.022301][T15300] System zones: 1-12 [ 142.028104][T15300] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2240: inode #15: comm syz.7.5195: corrupted in-inode xattr: e_value size too large [ 142.042794][T15300] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.5195: couldn't read orphan inode 15 (err -117) [ 142.055353][T15300] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.092913][T15307] loop9: detected capacity change from 0 to 1024 [ 142.099847][T15307] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 142.121632][T15307] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.149959][T11777] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.261336][T15320] netlink: 536 bytes leftover after parsing attributes in process `syz.9.5204'. [ 142.297485][T15322] netlink: 'syz.1.5206': attribute type 9 has an invalid length. [ 142.305256][T15322] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5206'. [ 142.398693][T15300] EXT4-fs error (device loop7): ext4_add_entry:2444: inode #2: comm syz.7.5195: Directory hole found for htree leaf block 0 [ 142.418276][T15336] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5212'. [ 142.430345][T15336] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 142.446437][T15338] loop1: detected capacity change from 0 to 512 [ 142.456437][ T9335] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.491309][T15338] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.513518][T15338] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #2: comm syz.1.5213: corrupted inode contents [ 142.526219][T15349] 9pnet_fd: Insufficient options for proto=fd [ 142.532626][T15338] EXT4-fs error (device loop1): ext4_dirty_inode:6042: inode #2: comm syz.1.5213: mark_inode_dirty error [ 142.545191][T15338] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #2: comm syz.1.5213: corrupted inode contents [ 142.559587][T15338] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #2: comm syz.1.5213: mark_inode_dirty error [ 142.609104][T12553] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.691279][T15374] loop0: detected capacity change from 0 to 128 [ 143.019392][ T29] kauditd_printk_skb: 189 callbacks suppressed [ 143.019406][ T29] audit: type=1400 audit(263055.000:3637): avc: denied { cpu } for pid=15415 comm="syz.9.5249" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 143.055828][ T29] audit: type=1400 audit(263055.020:3638): avc: denied { egress } for pid=15421 comm="syz.0.5252" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1 [ 143.079205][ T29] audit: type=1400 audit(263055.020:3639): avc: denied { sendto } for pid=15421 comm="syz.0.5252" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1 [ 143.087652][ T3378] hid-generic 0000:0003:0000.0002: unknown main item tag 0x0 [ 143.102738][ T29] audit: type=1400 audit(263055.070:3640): avc: denied { read write } for pid=15427 comm="syz.0.5255" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 143.109860][ T3378] hid-generic 0000:0003:0000.0002: unknown main item tag 0x0 [ 143.109884][ T3378] hid-generic 0000:0003:0000.0002: unknown main item tag 0x0 [ 143.133204][ T29] audit: type=1400 audit(263055.070:3641): avc: denied { open } for pid=15427 comm="syz.0.5255" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 143.140689][ T3378] hid-generic 0000:0003:0000.0002: unknown main item tag 0x0 [ 143.149169][T15398] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 143.171742][ T3378] hid-generic 0000:0003:0000.0002: unknown main item tag 0x0 [ 143.171767][ T3378] hid-generic 0000:0003:0000.0002: unknown main item tag 0x0 [ 143.182577][T15398] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 143.187485][ T3378] hid-generic 0000:0003:0000.0002: unknown main item tag 0x0 [ 143.200196][ T29] audit: type=1400 audit(263055.140:3642): avc: denied { read write } for pid=15397 comm="syz.8.5240" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 143.202326][ T3378] hid-generic 0000:0003:0000.0002: unknown main item tag 0x0 [ 143.210046][ T29] audit: type=1400 audit(263055.140:3643): avc: denied { open } for pid=15397 comm="syz.8.5240" path="/dev/raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 143.217353][ T3378] hid-generic 0000:0003:0000.0002: unknown main item tag 0x0 [ 143.240544][ T29] audit: type=1400 audit(263055.140:3644): avc: denied { ioctl } for pid=15397 comm="syz.8.5240" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 143.251468][ T3378] hid-generic 0000:0003:0000.0002: hidraw0: HID v0.00 Device [syz0] on syz1 [ 143.317015][ T29] audit: type=1400 audit(263055.300:3645): avc: denied { audit_read } for pid=15430 comm="syz.1.5256" capability=37 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 143.355662][T15433] loop0: detected capacity change from 0 to 2048 [ 143.362115][ T29] audit: type=1400 audit(263055.330:3646): avc: denied { create } for pid=15434 comm="syz.1.5259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 143.418218][T15433] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 143.483488][T15455] loop9: detected capacity change from 0 to 512 [ 143.493265][T14521] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.514836][T15455] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.564418][T15469] 8021q: adding VLAN 0 to HW filter on device bond1 [ 143.573842][T11777] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.574930][T15469] bond0: (slave bond1): Enslaving as an active interface with an up link [ 143.801587][T15511] IPv6: NLM_F_CREATE should be specified when creating new route [ 143.869436][T15526] loop7: detected capacity change from 0 to 512 [ 143.972428][T15540] usb usb6: usbfs: process 15540 (syz.8.5304) did not claim interface 0 before use [ 143.992879][T15549] netlink: 'syz.1.5309': attribute type 3 has an invalid length. [ 144.000798][T15549] netlink: 666 bytes leftover after parsing attributes in process `syz.1.5309'. [ 144.165978][T15571] bond2: entered promiscuous mode [ 144.171126][T15571] bond2: entered allmulticast mode [ 144.204595][T15571] 8021q: adding VLAN 0 to HW filter on device bond2 [ 144.243397][T15571] bond2 (unregistering): Released all slaves [ 144.680643][T15628] netlink: 36 bytes leftover after parsing attributes in process `syz.9.5355'. [ 144.732681][T15625] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 144.754462][T15625] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 144.883496][T15648] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5364'. [ 145.005405][T15661] loop9: detected capacity change from 0 to 512 [ 145.232640][T15666] loop7: detected capacity change from 0 to 512 [ 145.267767][T15666] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.5362: bg 0: block 418: padding at end of block bitmap is not set [ 145.366062][T15666] EXT4-fs (loop7): Remounting filesystem read-only [ 145.375872][T15666] EXT4-fs (loop7): 1 truncate cleaned up [ 145.381800][T15666] SELinux: (dev loop7, type ext4) getxattr errno 5 [ 145.435488][T15677] lo: entered promiscuous mode [ 145.440475][T15677] lo: entered allmulticast mode [ 145.453835][T15676] loop0: detected capacity change from 0 to 1024 [ 145.468424][T15676] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 145.478452][T15676] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 145.488917][T15676] EXT4-fs error (device loop0): ext4_get_journal_inode:5798: comm syz.0.5365: inode #1: comm syz.0.5365: iget: illegal inode # [ 145.502701][T15676] EXT4-fs (loop0): no journal found [ 145.507989][T15676] EXT4-fs (loop0): can't get journal size [ 145.522015][T15676] EXT4-fs (loop0): failed to initialize system zone (-22) [ 145.529440][T15676] EXT4-fs (loop0): mount failed [ 145.586826][T15695] loop1: detected capacity change from 0 to 128 [ 145.734308][T15728] loop0: detected capacity change from 0 to 512 [ 145.990173][T15749] lo: entered promiscuous mode [ 145.994983][T15749] lo: entered allmulticast mode [ 146.160396][T15760] loop8: detected capacity change from 0 to 128 [ 146.826784][T15808] loop8: detected capacity change from 0 to 512 [ 146.901211][T15814] loop7: detected capacity change from 0 to 128 [ 146.961898][T15824] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=41664 sclass=netlink_route_socket pid=15824 comm=syz.9.5434 [ 147.326864][T15862] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=41664 sclass=netlink_route_socket pid=15862 comm=syz.8.5451 [ 147.413635][T15877] loop1: detected capacity change from 0 to 512 [ 147.430498][T15877] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 147.440146][T15877] EXT4-fs (loop1): orphan cleanup on readonly fs [ 147.447796][T15877] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.5458: Failed to acquire dquot type 1 [ 147.461071][T15877] EXT4-fs (loop1): 1 truncate cleaned up [ 147.490300][T15882] loop7: detected capacity change from 0 to 256 [ 147.680448][T15909] loop8: detected capacity change from 0 to 2048 [ 147.698897][T15913] loop0: detected capacity change from 0 to 512 [ 147.716902][T15909] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842e02c, mo2=0002] [ 147.725964][T15909] System zones: 0-7 [ 147.735418][T15909] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.5470: bg 0: block 234: padding at end of block bitmap is not set [ 147.755640][T15909] EXT4-fs (loop8): Remounting filesystem read-only [ 147.872823][T15924] 9pnet_fd: Insufficient options for proto=fd [ 147.915829][T15932] netlink: 'syz.0.5481': attribute type 9 has an invalid length. [ 147.923791][T15932] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5481'. [ 147.946242][T15934] loop8: detected capacity change from 0 to 1024 [ 147.953021][T15934] EXT4-fs: Ignoring removed bh option [ 147.967401][T15934] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 147.986401][T15934] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 147.995533][T15934] EXT4-fs error (device loop8): ext4_map_blocks:671: inode #3: block 2: comm syz.8.5484: lblock 2 mapped to illegal pblock 2 (length 1) [ 148.011713][T15934] EXT4-fs error (device loop8): ext4_map_blocks:671: inode #3: block 48: comm syz.8.5484: lblock 0 mapped to illegal pblock 48 (length 1) [ 148.027212][T15934] __quota_error: 139 callbacks suppressed [ 148.027227][T15934] Quota error (device loop8): v2_write_file_info: Can't write info structure [ 148.041967][T15934] EXT4-fs error (device loop8): ext4_acquire_dquot:6927: comm syz.8.5484: Failed to acquire dquot type 0 [ 148.064104][T15942] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 148.073027][T15934] EXT4-fs error (device loop8) in ext4_reserve_inode_write:5838: Corrupt filesystem [ 148.073134][T15942] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 148.095539][T15934] EXT4-fs error (device loop8): ext4_evict_inode:256: inode #11: comm syz.8.5484: mark_inode_dirty error [ 148.107622][T15934] EXT4-fs warning (device loop8): ext4_evict_inode:259: couldn't mark inode dirty (err -117) [ 148.118912][T15934] EXT4-fs (loop8): 1 orphan inode deleted [ 148.136246][ T8597] EXT4-fs error (device loop8): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:15: lblock 1 mapped to illegal pblock 1 (length 1) [ 148.153384][ T8597] Quota error (device loop8): remove_tree: Can't read quota data block 1 [ 148.162460][ T8597] EXT4-fs error (device loop8): ext4_release_dquot:6950: comm kworker/u8:15: Failed to release dquot type 0 [ 148.177092][T10291] EXT4-fs error (device loop8): __ext4_get_inode_loc:4435: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 148.191088][T10291] EXT4-fs error (device loop8) in ext4_reserve_inode_write:5838: Corrupt filesystem [ 148.200992][T10291] EXT4-fs error (device loop8): ext4_quota_off:7194: inode #3: comm syz-executor: mark_inode_dirty error [ 148.244852][ T29] audit: type=1400 audit(263060.220:3783): avc: denied { create } for pid=15948 comm="syz.1.5491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 148.290894][ T29] audit: type=1400 audit(263060.240:3784): avc: denied { connect } for pid=15948 comm="syz.1.5491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 148.310383][ T29] audit: type=1400 audit(263060.240:3785): avc: denied { write } for pid=15948 comm="syz.1.5491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 148.340829][T15958] loop9: detected capacity change from 0 to 2048 [ 148.350441][T15959] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5493'. [ 148.370470][T15958] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842e02c, mo2=0002] [ 148.379314][T15961] loop8: detected capacity change from 0 to 1024 [ 148.389328][T15959] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 148.410492][T15958] System zones: 0-7 [ 148.415134][T15961] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 148.429621][T15958] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5490: bg 0: block 234: padding at end of block bitmap is not set [ 148.444255][T15958] EXT4-fs (loop9): Remounting filesystem read-only [ 148.477661][ T29] audit: type=1400 audit(263060.460:3786): avc: denied { write } for pid=15960 comm="syz.8.5495" name="file" dev="loop8" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 148.499104][ T29] audit: type=1400 audit(263060.460:3787): avc: denied { add_name } for pid=15960 comm="syz.8.5495" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 148.583392][ T29] audit: type=1400 audit(263060.560:3788): avc: denied { unmount } for pid=11777 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 148.603284][ T29] audit: type=1400 audit(263060.560:3789): avc: denied { read write } for pid=10291 comm="syz-executor" name="loop8" dev="devtmpfs" ino=108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 148.627250][ T29] audit: type=1400 audit(263060.560:3790): avc: denied { open } for pid=10291 comm="syz-executor" path="/dev/loop8" dev="devtmpfs" ino=108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 148.661013][T15975] loop1: detected capacity change from 0 to 128 [ 148.822260][T16000] loop7: detected capacity change from 0 to 1024 [ 148.835430][T16000] EXT4-fs: Ignoring removed bh option [ 148.845171][T16000] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 148.866457][T16002] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 148.874882][T16002] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 148.882835][T16006] loop8: detected capacity change from 0 to 512 [ 148.891579][T16000] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 148.894581][T16008] loop0: detected capacity change from 0 to 2048 [ 148.901690][T16000] EXT4-fs error (device loop7): ext4_map_blocks:671: inode #3: block 2: comm syz.7.5513: lblock 2 mapped to illegal pblock 2 (length 1) [ 148.907989][T16006] EXT4-fs: Ignoring removed oldalloc option [ 148.922001][T16000] EXT4-fs error (device loop7): ext4_map_blocks:671: inode #3: block 48: comm syz.7.5513: lblock 0 mapped to illegal pblock 48 (length 1) [ 148.941576][T16000] EXT4-fs error (device loop7): ext4_acquire_dquot:6927: comm syz.7.5513: Failed to acquire dquot type 0 [ 148.953226][T16000] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5838: Corrupt filesystem [ 148.957611][T16006] EXT4-fs error (device loop8): ext4_xattr_inode_iget:436: comm syz.8.5517: Parent and EA inode have the same ino 15 [ 148.981107][T16006] EXT4-fs error (device loop8): ext4_xattr_inode_iget:436: comm syz.8.5517: Parent and EA inode have the same ino 15 [ 148.993593][T16000] EXT4-fs error (device loop7): ext4_evict_inode:256: inode #11: comm syz.7.5513: mark_inode_dirty error [ 148.994189][T16008] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842e02c, mo2=0002] [ 149.014773][T16006] EXT4-fs (loop8): 1 orphan inode deleted [ 149.016109][T16008] System zones: 0-7 [ 149.024414][T16000] EXT4-fs warning (device loop7): ext4_evict_inode:259: couldn't mark inode dirty (err -117) [ 149.055105][T16000] EXT4-fs (loop7): 1 orphan inode deleted [ 149.066714][ T9282] EXT4-fs error (device loop7): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:62: lblock 1 mapped to illegal pblock 1 (length 1) [ 149.084001][ T9282] EXT4-fs error (device loop7): ext4_release_dquot:6950: comm kworker/u8:62: Failed to release dquot type 0 [ 149.105391][T16008] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5516: bg 0: block 234: padding at end of block bitmap is not set [ 149.123220][T16008] EXT4-fs (loop0): Remounting filesystem read-only [ 149.131097][ T9335] EXT4-fs error (device loop7): __ext4_get_inode_loc:4435: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 149.151955][ T9335] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5838: Corrupt filesystem [ 149.162009][ T9335] EXT4-fs error (device loop7): ext4_quota_off:7194: inode #3: comm syz-executor: mark_inode_dirty error [ 149.190538][T16028] loop8: detected capacity change from 0 to 512 [ 149.197554][T16024] loop7: detected capacity change from 0 to 512 [ 149.203969][T16028] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem [ 149.234486][T16028] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 149.246413][T16028] System zones: 1-12 [ 149.262251][T16028] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2240: inode #15: comm syz.8.5527: corrupted in-inode xattr: e_value size too large [ 149.277401][T16028] EXT4-fs error (device loop8): ext4_orphan_get:1394: comm syz.8.5527: couldn't read orphan inode 15 (err -117) [ 149.531356][T16075] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5547'. [ 149.610907][T16083] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 149.626988][T16083] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 149.720097][T16028] EXT4-fs error (device loop8): ext4_add_entry:2444: inode #2: comm syz.8.5527: Directory hole found for htree leaf block 0 [ 149.724749][T16099] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5559'. [ 149.742094][T16099] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5559'. [ 149.805038][T16106] loop0: detected capacity change from 0 to 512 [ 149.860017][T16116] netdevsim netdevsim7 netdevsim2: Unsupported IPsec algorithm [ 150.042137][T16133] loop8: detected capacity change from 0 to 512 [ 150.126873][T16142] loop8: detected capacity change from 0 to 128 [ 150.740184][T16209] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5611'. [ 150.810731][T16219] SELinux: Context system_u:object_r:ipmi_device_t:s0 is not valid (left unmapped). [ 150.872789][T16231] 9pnet: Could not find request transport: t [ 150.912040][T16238] loop0: detected capacity change from 0 to 256 [ 150.924344][T16238] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 150.949889][T16238] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 150.958510][T16238] FAT-fs (loop0): Filesystem has been set read-only [ 150.968547][T16244] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5637'. [ 150.994870][T16246] loop7: detected capacity change from 0 to 256 [ 151.001492][T16246] vfat: Unknown parameter '18446744073709551615' [ 151.250919][T16280] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5655'. [ 151.293068][ T35] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 151.301748][ T35] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 151.340453][T16295] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5652'. [ 151.356190][T16298] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5654'. [ 151.365175][T16298] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5654'. [ 151.403236][T16305] loop8: detected capacity change from 0 to 1024 [ 151.440137][T16316] dccp_v4_rcv: dropped packet with invalid checksum [ 151.465478][T16319] vlan2: entered promiscuous mode [ 151.470592][T16319] dummy0: entered promiscuous mode [ 151.477016][T16319] dummy0: left promiscuous mode [ 151.538154][T16331] loop8: detected capacity change from 0 to 512 [ 151.550747][T16334] loop9: detected capacity change from 0 to 512 [ 151.560833][T16334] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 151.571953][T16331] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 151.586913][T16331] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 31 with error 28 [ 151.593696][T16334] EXT4-fs (loop9): 1 truncate cleaned up [ 151.599279][T16331] EXT4-fs (loop8): This should not happen!! Data will be lost [ 151.599279][T16331] [ 151.599310][T16331] EXT4-fs (loop8): Total free blocks count 0 [ 151.599321][T16331] EXT4-fs (loop8): Free/Dirty block details [ 151.599332][T16331] EXT4-fs (loop8): free_blocks=65280 [ 151.599342][T16331] EXT4-fs (loop8): dirty_blocks=31 [ 151.599381][T16331] EXT4-fs (loop8): Block reservation details [ 151.599391][T16331] EXT4-fs (loop8): i_reserved_data_blocks=31 [ 151.699018][T16353] syz.0.5677: attempt to access beyond end of device [ 151.699018][T16353] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 151.771629][T16368] loop8: detected capacity change from 0 to 512 [ 151.799990][T16368] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.5684: bg 0: block 248: padding at end of block bitmap is not set [ 151.817350][T16368] EXT4-fs error (device loop8): ext4_acquire_dquot:6927: comm syz.8.5684: Failed to acquire dquot type 1 [ 151.834743][T16368] EXT4-fs (loop8): 1 truncate cleaned up [ 151.896177][ T9271] EXT4-fs error (device loop8): ext4_release_dquot:6950: comm kworker/u8:51: Failed to release dquot type 1 [ 151.915656][ T3379] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 151.930646][ T3379] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 151.972601][T16409] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5700'. [ 151.993093][T16413] loop1: detected capacity change from 0 to 512 [ 152.001785][T16378] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 152.011284][T16412] netlink: 68 bytes leftover after parsing attributes in process `syz.8.5702'. [ 152.014523][T16378] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 152.073479][T16423] dccp_v4_rcv: dropped packet with invalid checksum [ 152.088310][T16429] loop0: detected capacity change from 0 to 512 [ 152.088914][T16413] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 152.095412][T16429] EXT4-fs: Ignoring removed i_version option [ 152.111606][T16413] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 22 with error 28 [ 152.115648][T16429] EXT4-fs: Ignoring removed mblk_io_submit option [ 152.128037][T16413] EXT4-fs (loop1): This should not happen!! Data will be lost [ 152.128037][T16413] [ 152.135630][T16429] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 152.144084][T16413] EXT4-fs (loop1): Total free blocks count 0 [ 152.160014][T16413] EXT4-fs (loop1): Free/Dirty block details [ 152.165916][T16413] EXT4-fs (loop1): free_blocks=65280 [ 152.171432][T16413] EXT4-fs (loop1): dirty_blocks=22 [ 152.176631][T16413] EXT4-fs (loop1): Block reservation details [ 152.182606][T16413] EXT4-fs (loop1): i_reserved_data_blocks=22 [ 152.191151][T16429] EXT4-fs (loop0): 1 truncate cleaned up [ 152.299782][T16451] loop1: detected capacity change from 0 to 1024 [ 152.358924][T16464] loop7: detected capacity change from 0 to 512 [ 152.387419][T16464] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 152.420874][T16464] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 22 with error 28 [ 152.433323][T16464] EXT4-fs (loop7): This should not happen!! Data will be lost [ 152.433323][T16464] [ 152.443233][T16464] EXT4-fs (loop7): Total free blocks count 0 [ 152.449326][T16464] EXT4-fs (loop7): Free/Dirty block details [ 152.455265][T16464] EXT4-fs (loop7): free_blocks=65280 [ 152.460632][T16464] EXT4-fs (loop7): dirty_blocks=22 [ 152.465782][T16464] EXT4-fs (loop7): Block reservation details [ 152.471807][T16464] EXT4-fs (loop7): i_reserved_data_blocks=22 [ 152.481980][T16483] loop0: detected capacity change from 0 to 512 [ 152.500529][T16483] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5731: bg 0: block 248: padding at end of block bitmap is not set [ 152.515297][T16483] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.5731: Failed to acquire dquot type 1 [ 152.528514][T16483] EXT4-fs (loop0): 1 truncate cleaned up [ 152.603013][ T8626] EXT4-fs error (device loop0): ext4_release_dquot:6950: comm kworker/u8:37: Failed to release dquot type 1 [ 152.618563][T16502] serio: Serial port ptm0 [ 152.857804][T16563] loop9: detected capacity change from 0 to 512 [ 153.027565][T16596] loop0: detected capacity change from 0 to 164 [ 153.037926][ T29] kauditd_printk_skb: 218 callbacks suppressed [ 153.037939][ T29] audit: type=1400 audit(263065.020:4000): avc: denied { mount } for pid=16595 comm="syz.0.5777" name="/" dev="loop0" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 153.078302][ T29] audit: type=1400 audit(263065.060:4001): avc: denied { unmount } for pid=14521 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 153.124830][T16599] loop7: detected capacity change from 0 to 2048 [ 153.147485][T16600] loop0: detected capacity change from 0 to 8192 [ 153.158129][ T29] audit: type=1400 audit(263065.140:4002): avc: denied { mounton } for pid=16597 comm="syz.7.5778" path="/694/file0" dev="tmpfs" ino=3583 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 153.250681][T16614] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 153.265142][T16614] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 153.290924][T16620] loop8: detected capacity change from 0 to 256 [ 153.298315][T16620] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 153.312944][T16620] FAT-fs (loop8): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 153.321578][T16620] FAT-fs (loop8): Filesystem has been set read-only [ 153.371276][T16631] syz.9.5802: attempt to access beyond end of device [ 153.371276][T16631] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 153.453033][T16636] netlink: 'syz.9.5794': attribute type 280 has an invalid length. [ 153.663041][ T29] audit: type=1326 audit(263065.640:4003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16659 comm="syz.8.5806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f604f52d169 code=0x7ffc0000 [ 153.687919][ T29] audit: type=1326 audit(263065.640:4004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16659 comm="syz.8.5806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f604f52d169 code=0x7ffc0000 [ 153.711151][ T29] audit: type=1326 audit(263065.640:4005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16659 comm="syz.8.5806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f604f52d169 code=0x7ffc0000 [ 153.734361][ T29] audit: type=1326 audit(263065.640:4006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16659 comm="syz.8.5806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f604f52d169 code=0x7ffc0000 [ 153.757645][ T29] audit: type=1326 audit(263065.670:4007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16659 comm="syz.8.5806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f604f52d169 code=0x7ffc0000 [ 153.806086][ T29] audit: type=1400 audit(263065.780:4008): avc: denied { read } for pid=16669 comm="syz.8.5811" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 153.829682][ T29] audit: type=1400 audit(263065.790:4009): avc: denied { open } for pid=16669 comm="syz.8.5811" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 153.875885][T16676] serio: Serial port ptm0 [ 153.899266][T16681] loop7: detected capacity change from 0 to 164 [ 154.016982][T16700] syz.7.5825: attempt to access beyond end of device [ 154.016982][T16700] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 154.063256][T16702] loop8: detected capacity change from 0 to 8192 [ 154.083150][T16706] loop9: detected capacity change from 0 to 2048 [ 154.097368][T16708] netlink: 'syz.8.5828': attribute type 13 has an invalid length. [ 154.128863][ T9282] tipc: Subscription rejected, illegal request [ 154.184868][T16718] netlink: 'syz.7.5831': attribute type 280 has an invalid length. [ 154.229805][T16708] bridge0: port 2(bridge_slave_1) entered disabled state [ 154.237202][T16708] bridge0: port 1(bridge_slave_0) entered disabled state [ 154.332198][T16708] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 154.378634][T16708] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.387736][T16708] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.396824][T16708] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.405859][T16708] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.433871][T16753] 9pnet: Could not find request transport: f [ 154.562943][T16764] veth0_to_bond: entered promiscuous mode [ 154.583009][T16763] veth0_to_bond: left promiscuous mode [ 154.717807][T16784] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 154.760544][T16790] 9pnet: Could not find request transport: f [ 154.790859][T16799] __nla_validate_parse: 19 callbacks suppressed [ 154.790874][T16799] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5860'. [ 154.847289][T16802] veth0_to_bond: entered promiscuous mode [ 154.857772][T16801] veth0_to_bond: left promiscuous mode [ 154.936458][T16822] serio: Serial port ptm0 [ 154.937195][T16821] loop8: detected capacity change from 0 to 1024 [ 154.974372][T16830] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=16830 comm=syz.9.5874 [ 154.987117][T16830] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=16830 comm=syz.9.5874 [ 155.097954][T16841] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5877'. [ 155.280311][T16871] serio: Serial port ptm0 [ 155.328282][T16882] netlink: 'syz.9.5897': attribute type 21 has an invalid length. [ 155.336152][T16882] netlink: 'syz.9.5897': attribute type 20 has an invalid length. [ 155.343972][T16882] IPv6: NLM_F_CREATE should be specified when creating new route [ 155.350646][T16884] loop0: detected capacity change from 0 to 512 [ 155.363320][T16884] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5899: bg 0: block 35: padding at end of block bitmap is not set [ 155.379460][T16884] EXT4-fs (loop0): Remounting filesystem read-only [ 155.387148][T16884] EXT4-fs (loop0): 1 truncate cleaned up [ 155.393383][T16884] SELinux: (dev loop0, type ext4) getxattr errno 5 [ 155.434817][T16893] loop0: detected capacity change from 0 to 164 [ 155.549391][T16913] netlink: 'syz.7.5911': attribute type 21 has an invalid length. [ 155.560264][T16913] netlink: 'syz.7.5911': attribute type 20 has an invalid length. [ 155.568132][T16913] IPv6: NLM_F_CREATE should be specified when creating new route [ 155.570120][T16915] program syz.0.5913 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 155.605183][T16925] loop7: detected capacity change from 0 to 164 [ 155.631017][T16931] loop0: detected capacity change from 0 to 512 [ 155.775607][T16943] netlink: 'syz.0.5932': attribute type 4 has an invalid length. [ 155.813770][T16952] netlink: 'syz.0.5927': attribute type 21 has an invalid length. [ 155.821663][T16952] netlink: 'syz.0.5927': attribute type 20 has an invalid length. [ 155.829542][T16952] IPv6: NLM_F_CREATE should be specified when creating new route [ 155.877805][T16955] program syz.7.5928 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 155.912823][T16960] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5930'. [ 155.945995][T16966] Illegal XDP return value 1311484455 on prog (id 2616) dev syz_tun, expect packet loss! [ 155.966940][T16968] loop7: detected capacity change from 0 to 764 [ 155.989548][T16970] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5936'. [ 156.081956][T16987] xt_CT: You must specify a L4 protocol and not use inversions on it [ 156.155535][T17000] pim6reg: entered allmulticast mode [ 156.162734][T17000] pim6reg: left allmulticast mode [ 156.180640][T17002] loop9: detected capacity change from 0 to 256 [ 156.196239][T17002] syz.9.5952: attempt to access beyond end of device [ 156.196239][T17002] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 156.227944][T17010] netlink: 64 bytes leftover after parsing attributes in process `syz.9.5955'. [ 156.271167][T17019] loop7: detected capacity change from 0 to 1024 [ 156.278138][T17019] EXT4-fs: Ignoring removed bh option [ 156.551619][T17069] loop7: detected capacity change from 0 to 512 [ 156.562133][T17069] EXT4-fs error (device loop7): ext4_xattr_block_get:596: inode #2: comm syz.7.5981: corrupted xattr block 255: invalid header [ 156.576970][T17069] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -117 [ 156.585435][T17069] EXT4-fs error (device loop7): ext4_xattr_block_get:596: inode #2: comm syz.7.5981: corrupted xattr block 255: invalid header [ 156.599370][T17069] SELinux: (dev loop7, type ext4) getxattr errno 117 [ 156.628746][T17080] IPv6: NLM_F_CREATE should be specified when creating new route [ 156.751862][ C1] ================================================================== [ 156.759981][ C1] BUG: KCSAN: data-race in __usb_hcd_giveback_urb / mon_reader_del [ 156.767886][ C1] [ 156.770194][ C1] write to 0xffff8881013cd088 of 4 bytes by task 17096 on cpu 0: [ 156.777899][ C1] mon_reader_del+0x1bd/0x260 [ 156.782569][ C1] mon_bin_release+0x66/0x120 [ 156.787240][ C1] __fput+0x2ac/0x640 [ 156.791214][ C1] ____fput+0x1c/0x30 [ 156.795185][ C1] task_work_run+0x13a/0x1a0 [ 156.799774][ C1] syscall_exit_to_user_mode+0xa8/0x120 [ 156.805318][ C1] do_syscall_64+0xd6/0x1c0 [ 156.809863][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.815775][ C1] [ 156.818089][ C1] read to 0xffff8881013cd088 of 4 bytes by interrupt on cpu 1: [ 156.825618][ C1] __usb_hcd_giveback_urb+0x13d/0x370 [ 156.830990][ C1] usb_giveback_urb_bh+0x170/0x280 [ 156.836111][ C1] process_scheduled_works+0x4db/0xa20 [ 156.841561][ C1] bh_worker+0x21f/0x370 [ 156.845804][ C1] workqueue_softirq_action+0xaa/0xc0 [ 156.851172][ C1] tasklet_action+0xb/0x30 [ 156.855586][ C1] handle_softirqs+0xbf/0x280 [ 156.860255][ C1] run_ksoftirqd+0x1c/0x30 [ 156.864668][ C1] smpboot_thread_fn+0x31c/0x4c0 [ 156.869598][ C1] kthread+0x4ae/0x520 [ 156.873749][ C1] ret_from_fork+0x4b/0x60 [ 156.878161][ C1] ret_from_fork_asm+0x1a/0x30 [ 156.882942][ C1] [ 156.885248][ C1] value changed: 0x00000001 -> 0x00000000 [ 156.890949][ C1] [ 156.893258][ C1] Reported by Kernel Concurrency Sanitizer on: [ 156.899405][ C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Tainted: G W 6.14.0-rc4-syzkaller-00015-g2a1944bff549 #0 [ 156.911471][ C1] Tainted: [W]=WARN [ 156.915272][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 156.925340][ C1] ==================================================================