last executing test programs: 3.00679344s ago: executing program 4 (id=1298): r0 = socket$l2tp(0x2, 0x2, 0x73) bind$l2tp(r0, &(0x7f0000000300)={0x2, 0x0, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @remote}, 0x10) connect$inet(r0, &(0x7f00000003c0)={0x2, 0x0, @broadcast}, 0x10) 2.958681225s ago: executing program 4 (id=1303): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2}}, {@noauto_da_alloc}, {@inlinecrypt}, {@init_itable}, {@nogrpid}, {@debug}]}, 0x1, 0x54c, &(0x7f0000000fc0)="$eJzs3c9vI1cdAPDvTH443W6bXSgSVMAuUFjQau3E20ZVL+1eQKiqhKg4IA7bkHijEDsOsVOaEIlU/AkgFYkT/AkckDgg9cSBG0ckDgipHJAWiEAbJJCMZuxkvVmHdWvXZuPPR5qdefM8831vveP35tk7L4CJdTUiDiJiNiLeiIj5zv6ks8Qr7SV73b3D/ZWjw/2VJFqt1/+W5PnZvug6JvNk55xzEfH1r0R8O3k4bmN3b2O5Wq1sd9KlZm2r1Njdu7FeW16rrFU2y+WlxaWFF2++UB5aXa/UfnH3y+uvfuPXv/rUe787+NL3s2Jd7OR112MghQeT7arPnMTJTEfEq0MJNn5TnfXsmMvBB5NGxEci4rP59T8fU/m/TgDgPGu15qM1350GAM67NB8DS9JiRKRp/PBjWSeg2B7DeyYupNV6o3n9Tn1nc7U9VnYpZtI769XKwuXCH76b9xhmkiy9mOfl+Xm6fCp9MyIuR8SPC0/k6eJKvbo6tl4PAEy2J7vb/4j4ZyFNi8W+Du3xrR4A8NiYG3cBAICR0/4DwOTR/gPA5Omj/e982X/woZcFABgN9/8AMHneb/vvYU8A8Phz/w8AE+Vrr72WLa2jzvOvV9/c3dmov3ljtdLYKNZ2Voor9e2t4lq9vpY/s6f2qPNV6/Wtxedj561Ss9Jolhq7e7dr9Z3N5u38ud63KzMjqRUA8L9cvvLu75OIOHjpiXyJruF9bTWcb+m4CwCMzdQgB+sgwGPNbF8wufpqwvNOwm8/9LIA49HzYd5zPTcf9JP3EcTvjOD/yrVP9D/+72f/cL4Y/4fJ9cHG/18eejmA0TP+D5Or1UpOz/k/e5IFAJxLA/yEr/WDYXVCgLF61GTeQ/n+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM6ZixHxnUjSYj4XeJr9mRaLEU9FxKWYSe6sVysLEfF0XImImUKWXhx3oQGAAaV/STrzf12bf+7i6dzZ5F+FfB0R3/vp6++8tdxsbi9m+/9+sr9wPH1Y+f5xA8wrCAAMWd5+lzvrrhv5e4f7K8fLKMtz91b8pzMV8crR4X6+tHOmI9sZMZf3JS78I4npzjFzEfFsREwNIf7B2xHx8V71T/KxkUudmU+740cn9lMjjZ8+ED/N89rrrPP10SGUBSbNu7ci4pVe118aV/N17+t/Lv+EGtzdW+2THX/2HXXFn+5EmuoRP7vmr/Yb4/nffPWhna35dt7bEc9O94qfnMRPzoj/XJ/x//jJT//o5TPyWj+LuBa943fHKjVrW6XG7t6N9dryWmWtslkuLy0uLbx484VyKR+jLh2PVD/sry9df/qssmX1v3BG/Lme9Z89Ofbzfdb/5/9+41ufuZ8snI7/xc/1fv+f6Rm/LWsTv9Bn/OULvzxz+u4s/uoZ9X/U+3+9z/jv/Xlvtc+XAgAj0Njd21iuVivbA21kd6H9H/XOxb7PnBWxvxcfdxcHq86fYgh/G8PamBm4OuPamD7pKw73zN/Mzjji6qRDr8VAG/dGFWt8n0nAaNy/6MddEgAAAAAAAAAAAAAA4Cyj+K9L464jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59d/AwAA///dAs1L") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) lseek(r0, 0x7fff, 0x0) getdents(r0, 0x0, 0x58) 2.197791536s ago: executing program 0 (id=1358): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001440)={&(0x7f0000001480)='sched_switch\x00', r0}, 0x10) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) 2.152543219s ago: executing program 4 (id=1361): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x1, 0x8e, 0xe7c9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xe30a, r1}, 0x38) 2.058163988s ago: executing program 4 (id=1367): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310) 1.990646725s ago: executing program 0 (id=1368): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a2824734ca454088df95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b2120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06de269e97fbb0776bf56dd022c074eb8a322fb0bf47c0a8d154b405c305eaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f01000080000000004febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5001000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2e9a20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1015ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846899c6b23c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33694f40000000000005d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b95bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8504611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c01446234437b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c64cd14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e87973d574ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7430100bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb150963b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b16500000000000000000000000000cbf5e55f5adc0a7459f94def8b303c3db48ec4cbf211fbabb0559abb1a14edcb9d6aaf566ce5fc325c60a97a50a42ad405caaf3477ffad000000000000000000"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2004000, &(0x7f0000000100), 0x2, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=") setxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000100)='system_u:object_r:initctl_t:s0\x00', 0x83c0, 0x0) 1.989990605s ago: executing program 4 (id=1370): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000100)=@bpf_lsm={0x1d, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa0) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000240)={0x0, r0}, 0x10) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000002c0)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000380)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa0) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000400)={0x0, r1}, 0x10) 1.971059916s ago: executing program 4 (id=1371): ptrace(0x10, 0x1) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0) sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0) 1.882416645s ago: executing program 0 (id=1375): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffc}]}) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) set_tid_address(0x0) 1.875597775s ago: executing program 0 (id=1376): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) r2 = add_key$keyring(&(0x7f00000001c0), &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000340)="01000722625a900ede290f00015b097ead85847837353d2dbad05d", 0x1b, r2) 1.865726276s ago: executing program 0 (id=1377): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x100000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 1.810718382s ago: executing program 0 (id=1378): socket$inet_icmp_raw(0x2, 0x3, 0x1) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa5c}, 0x0, 0x1, 0x3}, 0x0, 0x9, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) kexec_load(0x0, 0x10, &(0x7f0000000140)=[{0x0, 0x2, 0x0, 0x3e0000}], 0x0) 1.295676939s ago: executing program 1 (id=1411): r0 = io_uring_setup(0x26fd, &(0x7f0000000000)={0x0, 0x0, 0x40, 0x2, 0x40}) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) socket$nl_generic(0x10, 0x3, 0x10) close_range(r0, 0xffffffffffffffff, 0x0) 486.637814ms ago: executing program 1 (id=1444): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x1f4, 0x0, 0x0, 0x0, 0x0, 0x300, 0x300, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x50) 389.992283ms ago: executing program 1 (id=1447): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") 213.94985ms ago: executing program 3 (id=1450): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000160a0103000000000000000002000000540003804000038014000100626f6e645f736c6176655f300000000014000100736974300000000000000000000000001400010073697430000000000000000000000000080002400000000008000140000000000900020073797a31000000000900010073797a30"], 0xa8}}, 0x0) 126.970888ms ago: executing program 3 (id=1452): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 126.641368ms ago: executing program 3 (id=1453): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r0, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000300), 0x4) 126.335838ms ago: executing program 2 (id=1454): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x20, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) r1 = socket(0x2b, 0x80801, 0x1) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x278, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x2d8) 74.708083ms ago: executing program 3 (id=1455): r0 = socket(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'macvlan0\x00', 0x0}) setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000080)={0x0, 0x0, 0x0, r1}, 0xc) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000bc0)=@dellink={0x34, 0x11, 0x1, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'macvlan0\x00'}]}, 0x34}}, 0x0) 74.380283ms ago: executing program 1 (id=1456): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 74.174043ms ago: executing program 2 (id=1457): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="6d93b8330000feffffff01"], 0x1c}, 0x1, 0x0, 0x0, 0x8810}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r0) 73.928373ms ago: executing program 2 (id=1458): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000ffff0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r2, &(0x7f0000004440)={&(0x7f0000000ec0)=@name={0x1e, 0x2, 0x3, {{0x0, 0x3}, 0x4}}, 0x10, &(0x7f0000004340), 0x0, 0x0, 0x0, 0xc000}, 0x0) 67.971773ms ago: executing program 1 (id=1459): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) pipe(&(0x7f0000005880)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$security_selinux(r2, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0xfdc1, 0x0) 42.381755ms ago: executing program 2 (id=1460): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x10) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000002100)={0x1, 'ip6gre0\x00'}, 0x18) setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f0000000000)={0x1, 'dummy0\x00'}, 0x18) 952.639µs ago: executing program 1 (id=1461): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, 0x0, 0x0) poll(&(0x7f0000000100)=[{r0}], 0x1, 0x9d) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8) 691.029µs ago: executing program 3 (id=1462): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000300)={0xfffffffffffffffc, 0x1207000, 0x800, 0x6, 0x1}, 0x20) 566.7µs ago: executing program 2 (id=1463): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='workqueue_activate_work\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) close(r1) 422.77µs ago: executing program 2 (id=1464): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) recvmmsg(r0, &(0x7f00000036c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/4, 0x4}, 0xe}, {{0x0, 0x0, 0x0}, 0x5}], 0x2, 0x0, 0x0) 0s ago: executing program 3 (id=1465): syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x1}) r0 = memfd_secret(0x0) r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$SCSI_IOCTL_GET_PCI(r2, 0x2284, &(0x7f0000000000)) kernel console output (not intermixed with test programs): -0000-000000000000 r/w without journal. Quota mode: writeback. [ 37.425161][ T4137] loop4: detected capacity change from 0 to 1024 [ 37.438213][ T3994] loop3: p230 size 520093696 extends beyond EOD, truncated [ 37.446106][ T3267] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.446468][ T3994] loop3: p231 size 108986237 extends beyond EOD, truncated [ 37.463101][ T3994] loop3: p232 size 520093696 extends beyond EOD, truncated [ 37.471239][ T3994] loop3: p233 size 108986237 extends beyond EOD, truncated [ 37.479033][ T3994] loop3: p234 size 520093696 extends beyond EOD, truncated [ 37.487061][ T3994] loop3: p235 size 108986237 extends beyond EOD, truncated [ 37.487708][ T4137] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 37.503430][ T4141] hub 2-0:1.0: USB hub found [ 37.511942][ T3994] loop3: p236 size 520093696 extends beyond EOD, truncated [ 37.519873][ T4141] hub 2-0:1.0: 8 ports detected [ 37.525621][ T3994] loop3: p237 size 108986237 extends beyond EOD, truncated [ 37.533626][ T3994] loop3: p238 size 520093696 extends beyond EOD, truncated [ 37.534881][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.541958][ T3994] loop3: p239 size 108986237 extends beyond EOD, truncated [ 37.558512][ T3994] loop3: p240 size 520093696 extends beyond EOD, truncated [ 37.566663][ T3994] loop3: p241 size 108986237 extends beyond EOD, truncated [ 37.576262][ T3994] loop3: p242 size 520093696 extends beyond EOD, truncated [ 37.585193][ T3994] loop3: p243 size 108986237 extends beyond EOD, truncated [ 37.593143][ T3994] loop3: p244 size 520093696 extends beyond EOD, truncated [ 37.601049][ T3994] loop3: p245 size 108986237 extends beyond EOD, truncated [ 37.609509][ T3994] loop3: p246 size 520093696 extends beyond EOD, truncated [ 37.617522][ T3994] loop3: p247 size 108986237 extends beyond EOD, truncated [ 37.625663][ T3994] loop3: p248 size 520093696 extends beyond EOD, truncated [ 37.633401][ T3994] loop3: p249 size 108986237 extends beyond EOD, truncated [ 37.641091][ T3994] loop3: p250 size 520093696 extends beyond EOD, truncated [ 37.649326][ T3994] loop3: p251 size 108986237 extends beyond EOD, truncated [ 37.657238][ T3994] loop3: p252 size 520093696 extends beyond EOD, truncated [ 37.665209][ T3994] loop3: p253 size 108986237 extends beyond EOD, truncated [ 37.673014][ T3994] loop3: p254 size 520093696 extends beyond EOD, truncated [ 37.680991][ T3994] loop3: p255 size 108986237 extends beyond EOD, truncated [ 37.990205][ T4165] tap0: tun_chr_ioctl cmd 1074025677 [ 37.995715][ T4165] tap0: linktype set to 769 [ 38.209571][ T4182] loop3: detected capacity change from 0 to 164 [ 38.220392][ T4182] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 38.264881][ T4188] syz.3.331[4188] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 38.264937][ T4188] syz.3.331[4188] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 38.276380][ T4188] syz.3.331[4188] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 38.292399][ T4188] loop3: detected capacity change from 0 to 512 [ 38.321893][ T4188] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.331: bg 0: block 393: padding at end of block bitmap is not set [ 38.336704][ T4188] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 38.346008][ T4188] EXT4-fs (loop3): 2 truncates cleaned up [ 38.352184][ T4188] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.373673][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.499366][ T4214] loop7: detected capacity change from 0 to 7 [ 38.506363][ T4214] Buffer I/O error on dev loop7, logical block 0, async page read [ 38.514701][ T4214] Buffer I/O error on dev loop7, logical block 0, async page read [ 38.522800][ T4214] loop7: unable to read partition table [ 38.529046][ T4214] loop_reread_partitions: partition scan of loop7 (被xڬdƤݡ [ 38.529046][ T4214] ) failed (rc=-5) [ 38.540995][ T4217] netlink: 12 bytes leftover after parsing attributes in process `syz.1.344'. [ 38.594601][ T4227] loop1: detected capacity change from 0 to 512 [ 38.627912][ T4227] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.628705][ T4221] loop3: detected capacity change from 0 to 4096 [ 38.651985][ T4227] EXT4-fs (loop1): shut down requested (0) [ 38.666991][ T3267] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.679192][ T4221] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.692517][ T4221] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.806635][ T4246] loop4: detected capacity change from 0 to 512 [ 38.815420][ T4246] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 38.830901][ T4246] EXT4-fs (loop4): 1 truncate cleaned up [ 38.837869][ T4246] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 38.853664][ T4246] SELinux: Context system_u:object_r:crond_initrc_exec_t:s0 is not valid (left unmapped). [ 38.875535][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.893411][ T4250] netlink: 'syz.4.357': attribute type 2 has an invalid length. [ 38.972142][ T4266] loop4: detected capacity change from 0 to 512 [ 38.985755][ T4266] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.062721][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.230610][ T4306] syz.3.383[4306] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 39.230671][ T4306] syz.3.383[4306] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 39.242379][ T4306] syz.3.383[4306] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 39.256015][ T4306] SELinux: policydb version 207 does not match my version range 15-33 [ 39.276628][ T4306] SELinux: failed to load policy [ 39.386107][ T4337] syz.4.399[4337] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 39.386167][ T4337] syz.4.399[4337] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 39.397741][ T4337] syz.4.399[4337] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 39.411873][ T4337] SELinux: policydb version 207 does not match my version range 15-33 [ 39.432138][ T4337] SELinux: failed to load policy [ 39.625964][ T4362] loop3: detected capacity change from 0 to 512 [ 39.647442][ T4362] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.730435][ T4381] loop4: detected capacity change from 0 to 512 [ 39.749239][ T4386] netlink: 'syz.1.418': attribute type 2 has an invalid length. [ 39.756707][ T4381] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.773821][ T4381] EXT4-fs (loop4): shut down requested (0) [ 39.786356][ T4388] loop1: detected capacity change from 0 to 512 [ 39.793954][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.796034][ T4388] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 39.818976][ T4388] EXT4-fs (loop1): 1 truncate cleaned up [ 39.819485][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.825467][ T4388] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 39.834982][ T40] __quota_error: 82 callbacks suppressed [ 39.834993][ T40] Quota error (device loop4): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync! [ 39.877399][ T3267] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.896477][ T4394] netlink: 12 bytes leftover after parsing attributes in process `syz.3.433'. [ 39.934510][ T4401] loop7: detected capacity change from 0 to 7 [ 39.940790][ T4401] Buffer I/O error on dev loop7, logical block 0, async page read [ 39.964367][ T4401] Buffer I/O error on dev loop7, logical block 0, async page read [ 39.972467][ T4401] loop7: unable to read partition table [ 39.985725][ T4401] loop_reread_partitions: partition scan of loop7 (被xڬdƤݡ [ 39.985725][ T4401] ) failed (rc=-5) [ 40.105887][ T4415] loop4: detected capacity change from 0 to 4096 [ 40.124575][ T4415] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.140050][ T4415] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.881178][ T4423] loop3: detected capacity change from 0 to 512 [ 40.903492][ T4423] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.920073][ T4423] EXT4-fs (loop3): shut down requested (0) [ 40.934468][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.944114][ T11] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync! [ 40.956418][ T29] audit: type=1107 audit(40.934:419): pid=4429 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 40.980033][ T4433] loop3: detected capacity change from 0 to 512 [ 40.982219][ T4435] loop7: detected capacity change from 0 to 7 [ 40.989399][ T4433] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 40.992700][ T4435] Buffer I/O error on dev loop7, logical block 0, async page read [ 41.009490][ T4433] EXT4-fs (loop3): 1 truncate cleaned up [ 41.021236][ T4433] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 41.037222][ T4435] Buffer I/O error on dev loop7, logical block 0, async page read [ 41.045124][ T4435] loop7: unable to read partition table [ 41.055637][ T4435] loop_reread_partitions: partition scan of loop7 (被xڬdƤݡ [ 41.055637][ T4435] ) failed (rc=-5) [ 41.069945][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.315286][ T4459] syz.4.451[4459] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 41.319933][ T4459] loop4: detected capacity change from 0 to 512 [ 41.341784][ T4459] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.451: bg 0: block 393: padding at end of block bitmap is not set [ 41.357508][ T4459] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 41.369570][ T29] audit: type=1400 audit(41.354:420): avc: denied { mounton } for pid=4463 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 41.374395][ T4459] EXT4-fs (loop4): 2 truncates cleaned up [ 41.397010][ T4459] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.445844][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.466023][ T4475] loop4: detected capacity change from 0 to 164 [ 41.499564][ T4475] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 41.529024][ T1869] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.574480][ T29] audit: type=1107 audit(41.564:421): pid=4487 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 41.595138][ T1869] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.639676][ T1869] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.685447][ T4463] chnl_net:caif_netlink_parms(): no params data found [ 41.699619][ T1869] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.803496][ T4463] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.811103][ T4463] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.818574][ T4463] bridge_slave_0: entered allmulticast mode [ 41.825363][ T4463] bridge_slave_0: entered promiscuous mode [ 41.832449][ T4463] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.839772][ T4463] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.847393][ T4463] bridge_slave_1: entered allmulticast mode [ 41.854527][ T4463] bridge_slave_1: entered promiscuous mode [ 41.861140][ T4520] tap0: tun_chr_ioctl cmd 1074025677 [ 41.869371][ T4520] tap0: linktype set to 769 [ 41.895190][ T4481] chnl_net:caif_netlink_parms(): no params data found [ 41.912314][ T4463] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 41.951705][ T4463] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 41.969159][ T1869] bridge_slave_1: left allmulticast mode [ 41.974871][ T1869] bridge_slave_1: left promiscuous mode [ 41.980634][ T1869] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.989725][ T1869] bridge_slave_0: left allmulticast mode [ 41.995577][ T1869] bridge_slave_0: left promiscuous mode [ 42.001353][ T1869] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.078061][ T1869] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 42.088493][ T1869] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 42.098592][ T1869] bond0 (unregistering): Released all slaves [ 42.116531][ T4463] team0: Port device team_slave_0 added [ 42.127500][ T4463] team0: Port device team_slave_1 added [ 42.141934][ T4481] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.149079][ T4481] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.156464][ T4481] bridge_slave_0: entered allmulticast mode [ 42.162827][ T4481] bridge_slave_0: entered promiscuous mode [ 42.171809][ T1869] hsr_slave_0: left promiscuous mode [ 42.177708][ T1869] hsr_slave_1: left promiscuous mode [ 42.183458][ T1869] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 42.190938][ T1869] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 42.198639][ T1869] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 42.206213][ T1869] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 42.215355][ T1869] veth1_macvtap: left promiscuous mode [ 42.220900][ T1869] veth0_macvtap: left promiscuous mode [ 42.226588][ T1869] veth1_vlan: left promiscuous mode [ 42.231948][ T1869] veth0_vlan: left promiscuous mode [ 42.311663][ T1869] team0 (unregistering): Port device team_slave_1 removed [ 42.322184][ T1869] team0 (unregistering): Port device team_slave_0 removed [ 42.361808][ T4481] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.368973][ T4481] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.376160][ T4481] bridge_slave_1: entered allmulticast mode [ 42.382759][ T4481] bridge_slave_1: entered promiscuous mode [ 42.394248][ T4463] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 42.401345][ T4463] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.427861][ T4463] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 42.446132][ T4463] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 42.453278][ T4463] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.479929][ T4463] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 42.492259][ T4481] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 42.507058][ T4481] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 42.536094][ T4481] team0: Port device team_slave_0 added [ 42.543818][ T4463] hsr_slave_0: entered promiscuous mode [ 42.550225][ T4463] hsr_slave_1: entered promiscuous mode [ 42.556582][ T4463] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 42.564239][ T4463] Cannot create hsr debugfs directory [ 42.570325][ T4481] team0: Port device team_slave_1 added [ 42.590817][ T4481] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 42.598147][ T4481] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.624639][ T4481] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 42.639996][ T4481] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 42.647140][ T4481] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.673805][ T4481] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 42.709855][ T4481] hsr_slave_0: entered promiscuous mode [ 42.716185][ T4481] hsr_slave_1: entered promiscuous mode [ 42.722446][ T4481] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 42.730221][ T4481] Cannot create hsr debugfs directory [ 42.838327][ T28] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.928021][ T28] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.977497][ T28] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.066961][ T28] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.136966][ T28] bridge_slave_1: left allmulticast mode [ 43.142910][ T28] bridge_slave_1: left promiscuous mode [ 43.149856][ T28] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.158514][ T28] bridge_slave_0: left allmulticast mode [ 43.164209][ T28] bridge_slave_0: left promiscuous mode [ 43.170013][ T28] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.266951][ T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 43.277429][ T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 43.287856][ T28] bond0 (unregistering): Released all slaves [ 43.356976][ T28] hsr_slave_0: left promiscuous mode [ 43.362695][ T28] hsr_slave_1: left promiscuous mode [ 43.368458][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 43.375962][ T28] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 43.383673][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 43.391502][ T28] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 43.400639][ T28] veth1_macvtap: left promiscuous mode [ 43.406344][ T28] veth0_macvtap: left promiscuous mode [ 43.411958][ T28] veth1_vlan: left promiscuous mode [ 43.417446][ T28] veth0_vlan: left promiscuous mode [ 43.496915][ T28] team0 (unregistering): Port device team_slave_1 removed [ 43.508728][ T28] team0 (unregistering): Port device team_slave_0 removed [ 43.766662][ T4463] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 43.775611][ T4463] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 43.785813][ T4463] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 43.797419][ T4463] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 43.815401][ T4481] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 43.823899][ T4481] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 43.832736][ T4481] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 43.842494][ T4481] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 43.875867][ T4463] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.895073][ T4463] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.906032][ T40] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.913085][ T40] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.935537][ T143] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.942766][ T143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.965782][ T4481] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.980501][ T4481] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.990194][ T40] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.997277][ T40] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.015166][ T143] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.022470][ T143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.050657][ T4463] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.096929][ T4481] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.129348][ T4463] veth0_vlan: entered promiscuous mode [ 44.138152][ T4463] veth1_vlan: entered promiscuous mode [ 44.156842][ T4463] veth0_macvtap: entered promiscuous mode [ 44.165014][ T4463] veth1_macvtap: entered promiscuous mode [ 44.179529][ T4481] veth0_vlan: entered promiscuous mode [ 44.190640][ T4463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.201138][ T4463] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.210986][ T4463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.221451][ T4463] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.231293][ T4463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.241792][ T4463] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.252739][ T4463] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 44.262402][ T4481] veth1_vlan: entered promiscuous mode [ 44.269911][ T4463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.280372][ T4463] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.290528][ T4463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.300946][ T4463] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.310763][ T4463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.321212][ T4463] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.331915][ T4463] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 44.345019][ T4463] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.353747][ T4463] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.362581][ T4463] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.371417][ T4463] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.394276][ T4481] veth0_macvtap: entered promiscuous mode [ 44.401805][ T4481] veth1_macvtap: entered promiscuous mode [ 44.411679][ T29] audit: type=1400 audit(44.394:422): avc: denied { mount } for pid=4463 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 44.415499][ T4481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.444422][ T4481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.446210][ T29] audit: type=1400 audit(44.394:423): avc: denied { mounton } for pid=4463 comm="syz-executor" path="/root/syzkaller.X09OZe/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 44.454391][ T4481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.454407][ T4481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.454417][ T4481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.454475][ T4481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.454491][ T4481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.454581][ T4481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.457232][ T4481] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 44.554501][ T4481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.565071][ T4481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.572526][ T4557] loop0: detected capacity change from 0 to 512 [ 44.574975][ T4481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.574991][ T4481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.575006][ T4481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.606499][ T4557] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.612214][ T4481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.612233][ T4481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.612248][ T4481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.613680][ T4481] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 44.640473][ T4557] EXT4-fs (loop0): shut down requested (0) [ 44.646686][ T4481] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.677002][ T4481] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.685727][ T4481] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.694448][ T4481] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.723390][ T4463] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.735446][ T40] Quota error (device loop0): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync! [ 44.749122][ T4565] loop4: detected capacity change from 0 to 1024 [ 44.752330][ T4567] loop3: detected capacity change from 0 to 1024 [ 44.760548][ T4565] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 44.776319][ T4567] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.801409][ T4565] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.820218][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.840319][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.961358][ T4592] tap0: tun_chr_ioctl cmd 1074025677 [ 44.967099][ T4592] tap0: linktype set to 769 [ 44.979278][ T4589] hub 2-0:1.0: USB hub found [ 44.984256][ T4589] hub 2-0:1.0: 8 ports detected [ 45.010716][ T4599] loop0: detected capacity change from 0 to 128 [ 45.027666][ T4599] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 45.035858][ T4599] FAT-fs (loop0): Filesystem has been set read-only [ 45.042856][ T4599] syz.0.487: attempt to access beyond end of device [ 45.042856][ T4599] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 45.057464][ T4599] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 45.065994][ T4599] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 45.087531][ T4599] syz.0.487: attempt to access beyond end of device [ 45.087531][ T4599] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 45.111758][ T4599] syz.0.487: attempt to access beyond end of device [ 45.111758][ T4599] loop0: rw=0, sector=2065, nr_sectors = 1 limit=128 [ 45.127186][ T29] audit: type=1400 audit(45.094:424): avc: denied { sqpoll } for pid=4611 comm="syz.2.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 45.151985][ T4599] syz.0.487: attempt to access beyond end of device [ 45.151985][ T4599] loop0: rw=0, sector=2065, nr_sectors = 1 limit=128 [ 45.205146][ T29] audit: type=1326 audit(45.174:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4621 comm="syz.2.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f770340dff9 code=0x7ffc0000 [ 45.228395][ T29] audit: type=1326 audit(45.174:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4621 comm="syz.2.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f770340dff9 code=0x7ffc0000 [ 45.251795][ T29] audit: type=1326 audit(45.174:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4621 comm="syz.2.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7f770340dff9 code=0x7ffc0000 [ 45.275009][ T29] audit: type=1326 audit(45.174:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4621 comm="syz.2.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f770340dff9 code=0x7ffc0000 [ 45.360312][ T4632] hub 2-0:1.0: USB hub found [ 45.369426][ T4632] hub 2-0:1.0: 8 ports detected [ 45.399708][ T4636] netlink: 'syz.0.500': attribute type 1 has an invalid length. [ 45.414775][ T4639] tap0: tun_chr_ioctl cmd 1074025677 [ 45.420419][ T4639] tap0: linktype set to 769 [ 45.481339][ T4653] loop3: detected capacity change from 0 to 128 [ 45.507631][ T4653] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 45.515752][ T4653] FAT-fs (loop3): Filesystem has been set read-only [ 45.522555][ T4653] syz.3.510: attempt to access beyond end of device [ 45.522555][ T4653] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 45.536905][ T4653] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 45.544828][ T4653] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 45.565013][ T4653] syz.3.510: attempt to access beyond end of device [ 45.565013][ T4653] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 45.579253][ T4653] syz.3.510: attempt to access beyond end of device [ 45.579253][ T4653] loop3: rw=0, sector=2065, nr_sectors = 1 limit=128 [ 45.596809][ T4653] syz.3.510: attempt to access beyond end of device [ 45.596809][ T4653] loop3: rw=0, sector=2065, nr_sectors = 1 limit=128 [ 45.610321][ T4666] netlink: 'syz.2.519': attribute type 1 has an invalid length. [ 45.644137][ T4675] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 45.676262][ T4677] netlink: 14 bytes leftover after parsing attributes in process `syz.1.523'. [ 45.832906][ T4713] netlink: 14 bytes leftover after parsing attributes in process `syz.2.539'. [ 45.910221][ T4735] bpf_get_probe_write_proto: 2 callbacks suppressed [ 45.910291][ T4735] syz.2.549[4735] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 45.917417][ T4735] syz.2.549[4735] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 45.929343][ T4735] syz.2.549[4735] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 45.983318][ T4745] loop2: detected capacity change from 0 to 512 [ 46.006253][ T4745] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.553: corrupted in-inode xattr: invalid ea_ino [ 46.031352][ T4745] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.553: couldn't read orphan inode 15 (err -117) [ 46.054293][ T4748] loop4: detected capacity change from 0 to 8192 [ 46.056321][ T4745] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.104008][ T4481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.111603][ T4756] loop3: detected capacity change from 0 to 512 [ 46.122025][ T4748] loop4: p1 p2 p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 [ 46.122180][ T4748] loop4: p1 size 108986237 extends beyond EOD, [ 46.141955][ T4756] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.215720][ T4748] truncated [ 46.275152][ T4748] loop4: p2 size 520093696 extends beyond EOD, truncated [ 46.282980][ T4748] loop4: p3 size 131072 extends beyond EOD, truncated [ 46.283048][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.290736][ T4748] loop4: p5 size 108986237 extends beyond EOD, truncated [ 46.306504][ T4748] loop4: p6 size 520093696 extends beyond EOD, truncated [ 46.314349][ T4748] loop4: p7 size 108986237 extends beyond EOD, truncated [ 46.321917][ T4748] loop4: p8 size 520093696 extends beyond EOD, truncated [ 46.331373][ T4748] loop4: p9 size 108986237 extends beyond EOD, truncated [ 46.343794][ T4748] loop4: p10 size 520093696 extends beyond EOD, truncated [ 46.357490][ T4768] loop3: detected capacity change from 0 to 512 [ 46.362316][ T4748] loop4: p11 size 108986237 extends beyond EOD, truncated [ 46.372092][ T4748] loop4: p12 size 520093696 extends beyond EOD, truncated [ 46.379890][ T4748] loop4: p13 size 108986237 extends beyond EOD, truncated [ 46.388858][ T4768] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 46.399186][ T4768] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 46.409364][ T4768] EXT4-fs error (device loop3): ext4_acquire_dquot:6879: comm syz.3.564: Failed to acquire dquot type 1 [ 46.415392][ T4748] loop4: p14 size 520093696 extends beyond EOD, truncated [ 46.428451][ T4768] EXT4-fs (loop3): 1 truncate cleaned up [ 46.428567][ T4748] loop4: p15 size 108986237 extends beyond EOD, truncated [ 46.442483][ T4748] loop4: p16 size 520093696 extends beyond EOD, truncated [ 46.447165][ T4768] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.463505][ T4748] loop4: p17 size 108986237 extends beyond EOD, truncated [ 46.476537][ T4748] loop4: p18 size 520093696 extends beyond EOD, truncated [ 46.485758][ T4748] loop4: p19 size 108986237 extends beyond EOD, truncated [ 46.493966][ T4748] loop4: p20 size 520093696 extends beyond EOD, truncated [ 46.494235][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.502140][ T4748] loop4: p21 size 108986237 extends beyond EOD, truncated [ 46.518393][ T4748] loop4: p22 size 520093696 extends beyond EOD, truncated [ 46.526252][ T4748] loop4: p23 size 108986237 extends beyond EOD, truncated [ 46.527129][ T4778] program syz.3.568 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 46.534434][ T4748] loop4: p24 size 520093696 extends beyond EOD, truncated [ 46.551323][ T4748] loop4: p25 size 108986237 extends beyond EOD, truncated [ 46.559042][ T4748] loop4: p26 size 520093696 extends beyond EOD, truncated [ 46.569920][ T4748] loop4: p27 size 108986237 extends beyond EOD, truncated [ 46.579458][ T4748] loop4: p28 size 520093696 extends beyond EOD, truncated [ 46.593782][ T4748] loop4: p29 size 108986237 extends beyond EOD, truncated [ 46.605066][ T4748] loop4: p30 size 520093696 extends beyond EOD, truncated [ 46.613047][ T4748] loop4: p31 size 108986237 extends beyond EOD, truncated [ 46.613536][ T4781] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 46.626129][ T4785] loop3: detected capacity change from 0 to 512 [ 46.637912][ T4748] loop4: p32 size 520093696 extends beyond EOD, truncated [ 46.638117][ T4785] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.571: corrupted in-inode xattr: invalid ea_ino [ 46.658498][ T4748] loop4: p33 size 108986237 extends beyond EOD, truncated [ 46.659864][ T4748] loop4: p34 size 520093696 extends beyond EOD, truncated [ 46.666542][ T4785] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.571: couldn't read orphan inode 15 (err -117) [ 46.675059][ T4788] ref_ctr_offset mismatch. inode: 0x358 offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x0 [ 46.689240][ T4785] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.707495][ T4748] loop4: p35 size 108986237 extends beyond EOD, truncated [ 46.717758][ T4748] loop4: p36 size 520093696 extends beyond EOD, truncated [ 46.725792][ T4748] loop4: p37 size 108986237 extends beyond EOD, truncated [ 46.733690][ T4748] loop4: p38 size 520093696 extends beyond EOD, truncated [ 46.742370][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.742904][ T4748] loop4: p39 size 108986237 extends beyond EOD, truncated [ 46.764633][ T4748] loop4: p40 size 520093696 extends beyond EOD, truncated [ 46.772935][ T4748] loop4: p41 size 108986237 extends beyond EOD, truncated [ 46.782700][ T4748] loop4: p42 size 520093696 extends beyond EOD, truncated [ 46.791008][ T4748] loop4: p43 size 108986237 extends beyond EOD, truncated [ 46.800934][ T4748] loop4: p44 size 520093696 extends beyond EOD, truncated [ 46.803144][ T4792] program syz.1.574 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 46.809248][ T4748] loop4: p45 size 108986237 extends beyond EOD, truncated [ 46.841482][ T4794] netlink: 16 bytes leftover after parsing attributes in process `syz.1.575'. [ 46.844962][ T4748] loop4: p46 size 520093696 extends beyond EOD, [ 46.850391][ T4794] netlink: 16 bytes leftover after parsing attributes in process `syz.1.575'. [ 46.866267][ T4748] truncated [ 46.879919][ T4748] loop4: p47 size 108986237 extends beyond EOD, truncated [ 46.893424][ T4796] loop3: detected capacity change from 0 to 512 [ 46.908991][ T4748] loop4: p48 size 520093696 extends beyond EOD, truncated [ 46.916822][ T4796] EXT4-fs: Ignoring removed mblk_io_submit option [ 46.921795][ T4748] loop4: p49 size 108986237 extends beyond EOD, truncated [ 46.937126][ T4748] loop4: p50 size 520093696 extends beyond EOD, truncated [ 46.959292][ T4748] loop4: p51 size 108986237 extends beyond EOD, truncated [ 46.963108][ T4796] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.967964][ T4748] loop4: p52 size 520093696 extends beyond EOD, truncated [ 46.988933][ T4748] loop4: p53 size 108986237 extends beyond EOD, truncated [ 46.997320][ T4748] loop4: p54 size 520093696 extends beyond EOD, truncated [ 47.005552][ T4748] loop4: p55 size 108986237 extends beyond EOD, truncated [ 47.013389][ T4748] loop4: p56 size 520093696 extends beyond EOD, truncated [ 47.021703][ T4748] loop4: p57 size 108986237 extends beyond EOD, truncated [ 47.029671][ T4748] loop4: p58 size 520093696 extends beyond EOD, truncated [ 47.038124][ T4748] loop4: p59 size 108986237 extends beyond EOD, truncated [ 47.038507][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.046255][ T4748] loop4: p60 size 520093696 extends beyond EOD, truncated [ 47.065583][ T4748] loop4: p61 size 108986237 extends beyond EOD, truncated [ 47.073500][ T4748] loop4: p62 size 520093696 extends beyond EOD, truncated [ 47.082678][ T4748] loop4: p63 size 108986237 extends beyond EOD, truncated [ 47.091133][ T4748] loop4: p64 size 520093696 extends beyond EOD, truncated [ 47.099227][ T4748] loop4: p65 size 108986237 extends beyond EOD, truncated [ 47.110019][ T4820] loop0: detected capacity change from 0 to 512 [ 47.110951][ T4748] loop4: p66 size 520093696 extends beyond EOD, truncated [ 47.118773][ T4820] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.583: corrupted in-inode xattr: invalid ea_ino [ 47.124607][ T4822] ref_ctr_offset mismatch. inode: 0xbc offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x0 [ 47.138700][ T4820] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.583: couldn't read orphan inode 15 (err -117) [ 47.159340][ T4748] loop4: p67 size 108986237 extends beyond EOD, truncated [ 47.161224][ T4820] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.168143][ T4748] loop4: p68 size 520093696 extends beyond EOD, truncated [ 47.188864][ T4748] loop4: p69 size 108986237 extends beyond EOD, truncated [ 47.197003][ T4748] loop4: p70 size 520093696 extends beyond EOD, truncated [ 47.205177][ T4748] loop4: p71 size 108986237 extends beyond EOD, truncated [ 47.213602][ T4748] loop4: p72 size 520093696 extends beyond EOD, truncated [ 47.214186][ T4463] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.221843][ T4748] loop4: p73 size 108986237 extends beyond EOD, truncated [ 47.238381][ T4748] loop4: p74 size 520093696 extends beyond EOD, truncated [ 47.246755][ T4748] loop4: p75 size 108986237 extends beyond EOD, truncated [ 47.254749][ T4748] loop4: p76 size 520093696 extends beyond EOD, truncated [ 47.265667][ T4829] loop0: detected capacity change from 0 to 1024 [ 47.272597][ T4829] EXT4-fs: Ignoring removed orlov option [ 47.278441][ T4831] loop2: detected capacity change from 0 to 128 [ 47.281221][ T4748] loop4: p77 size 108986237 extends beyond EOD, truncated [ 47.286854][ T4831] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 47.304849][ T4748] loop4: p78 size 520093696 extends beyond EOD, truncated [ 47.312769][ T4748] loop4: p79 size 108986237 extends beyond EOD, truncated [ 47.320810][ T4748] loop4: p80 size 520093696 extends beyond EOD, truncated [ 47.328568][ T4748] loop4: p81 size 108986237 extends beyond EOD, truncated [ 47.330207][ T4481] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 47.336222][ T4748] loop4: p82 size 520093696 extends beyond EOD, truncated [ 47.347851][ T4829] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.352564][ T4748] loop4: p83 size 108986237 extends beyond EOD, truncated [ 47.374238][ T4748] loop4: p84 size 520093696 extends beyond EOD, truncated [ 47.381961][ T4748] loop4: p85 size 108986237 extends beyond EOD, truncated [ 47.389703][ T4748] loop4: p86 size 520093696 extends beyond EOD, truncated [ 47.397286][ T4748] loop4: p87 size 108986237 extends beyond EOD, truncated [ 47.398025][ T4463] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.406092][ T4748] loop4: p88 size 520093696 extends beyond EOD, truncated [ 47.421351][ T4748] loop4: p89 size 108986237 extends beyond EOD, truncated [ 47.428866][ T4748] loop4: p90 size 520093696 extends beyond EOD, truncated [ 47.436531][ T4748] loop4: p91 size 108986237 extends beyond EOD, truncated [ 47.440703][ T4838] bridge0: entered allmulticast mode [ 47.445428][ T4748] loop4: p92 size 520093696 extends beyond EOD, truncated [ 47.458126][ T4748] loop4: p93 size 108986237 extends beyond EOD, truncated [ 47.472565][ T4748] loop4: p94 size 520093696 extends beyond EOD, truncated [ 47.481187][ T4748] loop4: p95 size 108986237 extends beyond EOD, truncated [ 47.488774][ T4748] loop4: p96 size 520093696 extends beyond EOD, truncated [ 47.500825][ T4748] loop4: p97 size 108986237 extends beyond EOD, truncated [ 47.510655][ T4748] loop4: p98 size 520093696 extends beyond EOD, truncated [ 47.519276][ T4748] loop4: p99 size 108986237 extends beyond EOD, truncated [ 47.527088][ T4748] loop4: p100 size 520093696 extends beyond EOD, truncated [ 47.535093][ T4748] loop4: p101 size 108986237 extends beyond EOD, truncated [ 47.536557][ T4846] loop0: detected capacity change from 0 to 512 [ 47.542907][ T4748] loop4: p102 size 520093696 extends beyond EOD, truncated [ 47.552014][ T4846] EXT4-fs: Ignoring removed mblk_io_submit option [ 47.556996][ T4748] loop4: p103 size 108986237 extends beyond EOD, truncated [ 47.570798][ T4748] loop4: p104 size 520093696 extends beyond EOD, truncated [ 47.578807][ T4748] loop4: p105 size 108986237 extends beyond EOD, truncated [ 47.588042][ T4748] loop4: p106 size 520093696 extends beyond EOD, truncated [ 47.596093][ T4748] loop4: p107 size 108986237 extends beyond EOD, truncated [ 47.597666][ T4846] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.603906][ T4748] loop4: p108 size 520093696 extends beyond EOD, truncated [ 47.625471][ T4748] loop4: p109 size 108986237 extends beyond EOD, truncated [ 47.633410][ T4748] loop4: p110 size 520093696 extends beyond EOD, truncated [ 47.641532][ T4748] loop4: p111 size 108986237 extends beyond EOD, truncated [ 47.650288][ T4748] loop4: p112 size 520093696 extends beyond EOD, truncated [ 47.658412][ T4748] loop4: p113 size 108986237 extends beyond EOD, truncated [ 47.667222][ T4748] loop4: p114 size 520093696 extends beyond EOD, truncated [ 47.675450][ T4748] loop4: p115 size 108986237 extends beyond EOD, truncated [ 47.683301][ T4748] loop4: p116 size 520093696 extends beyond EOD, truncated [ 47.691689][ T4748] loop4: p117 size 108986237 extends beyond EOD, truncated [ 47.703478][ T4748] loop4: p118 size 520093696 extends beyond EOD, truncated [ 47.707930][ T4857] netlink: 'syz.1.599': attribute type 21 has an invalid length. [ 47.714884][ T4748] loop4: p119 size 108986237 extends beyond EOD, truncated [ 47.719228][ T4857] netlink: 156 bytes leftover after parsing attributes in process `syz.1.599'. [ 47.728237][ T4748] loop4: p120 size 520093696 extends beyond EOD, truncated [ 47.743907][ T4748] loop4: p121 size 108986237 extends beyond EOD, truncated [ 47.752523][ T4748] loop4: p122 size 520093696 extends beyond EOD, truncated [ 47.760261][ T4859] loop1: detected capacity change from 0 to 128 [ 47.770014][ T4748] loop4: p123 size 108986237 extends beyond EOD, truncated [ 47.775676][ T4859] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 47.791512][ T4463] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.800770][ T4748] loop4: p124 size 520093696 extends beyond EOD, truncated [ 47.810261][ T4748] loop4: p125 size 108986237 extends beyond EOD, truncated [ 47.817997][ T4748] loop4: p126 size 520093696 extends beyond EOD, truncated [ 47.832100][ T4748] loop4: p127 size 108986237 extends beyond EOD, truncated [ 47.833839][ T3267] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 47.854928][ T4748] loop4: p128 size 520093696 extends beyond EOD, truncated [ 47.866627][ T4748] loop4: p129 size 108986237 extends beyond EOD, truncated [ 47.876760][ T4748] loop4: p130 size 520093696 extends beyond EOD, truncated [ 47.884828][ T4748] loop4: p131 size 108986237 extends beyond EOD, truncated [ 47.892928][ T4748] loop4: p132 size 520093696 extends beyond EOD, truncated [ 47.901399][ T4748] loop4: p133 size 108986237 extends beyond EOD, truncated [ 47.913366][ T4748] loop4: p134 size 520093696 extends beyond EOD, truncated [ 47.923777][ T29] audit: type=1326 audit(47.904:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4870 comm="syz.1.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe02e87dff9 code=0x7ffc0000 [ 47.963535][ T4748] loop4: p135 size 108986237 extends beyond EOD, truncated [ 47.974179][ T29] audit: type=1326 audit(47.934:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4870 comm="syz.1.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7fe02e87dff9 code=0x7ffc0000 [ 47.997368][ T29] audit: type=1326 audit(47.934:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4870 comm="syz.1.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe02e87dff9 code=0x7ffc0000 [ 48.018331][ T4748] loop4: p136 size 520093696 extends beyond EOD, truncated [ 48.042897][ T4748] loop4: p137 size 108986237 extends beyond EOD, truncated [ 48.050650][ T4748] loop4: p138 size 520093696 extends beyond EOD, truncated [ 48.059620][ T4748] loop4: p139 size 108986237 extends beyond EOD, truncated [ 48.068123][ T4748] loop4: p140 size 520093696 extends beyond EOD, truncated [ 48.078152][ T4748] loop4: p141 size 108986237 extends beyond EOD, truncated [ 48.098162][ T4748] loop4: p142 size 520093696 extends beyond EOD, truncated [ 48.107314][ T4748] loop4: p143 size 108986237 extends beyond EOD, truncated [ 48.115847][ T4748] loop4: p144 size 520093696 extends beyond EOD, truncated [ 48.123924][ T4748] loop4: p145 size 108986237 extends beyond EOD, truncated [ 48.133662][ T4748] loop4: p146 size 520093696 extends beyond EOD, truncated [ 48.142070][ T4748] loop4: p147 size 108986237 extends beyond EOD, truncated [ 48.151417][ T4748] loop4: p148 size 520093696 extends beyond EOD, truncated [ 48.159685][ T4748] loop4: p149 size 108986237 extends beyond EOD, truncated [ 48.169050][ T4748] loop4: p150 size 520093696 extends beyond EOD, truncated [ 48.177297][ T4748] loop4: p151 size 108986237 extends beyond EOD, truncated [ 48.187923][ T4748] loop4: p152 size 520093696 extends beyond EOD, truncated [ 48.196130][ T4748] loop4: p153 size 108986237 extends beyond EOD, truncated [ 48.204505][ T4748] loop4: p154 size 520093696 extends beyond EOD, truncated [ 48.212448][ T4748] loop4: p155 size 108986237 extends beyond EOD, truncated [ 48.221502][ T4748] loop4: p156 size 520093696 extends beyond EOD, truncated [ 48.231888][ T4898] netlink: 16 bytes leftover after parsing attributes in process `syz.0.613'. [ 48.237569][ T4748] loop4: p157 size 108986237 extends beyond EOD, truncated [ 48.244862][ T4892] loop1: detected capacity change from 0 to 512 [ 48.249295][ T4748] loop4: p158 size 520093696 extends beyond EOD, truncated [ 48.255489][ T4892] EXT4-fs: Ignoring removed mblk_io_submit option [ 48.268762][ T4748] loop4: p159 size 108986237 extends beyond EOD, truncated [ 48.277003][ T4748] loop4: p160 size 520093696 extends beyond EOD, truncated [ 48.284656][ T4898] netlink: 16 bytes leftover after parsing attributes in process `syz.0.613'. [ 48.285073][ T4748] loop4: p161 size 108986237 extends beyond EOD, truncated [ 48.301405][ T4748] loop4: p162 size 520093696 extends beyond EOD, truncated [ 48.305758][ T4892] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.322808][ T4748] loop4: p163 size 108986237 extends beyond EOD, truncated [ 48.331943][ T4898] netlink: 16 bytes leftover after parsing attributes in process `syz.0.613'. [ 48.342426][ T4748] loop4: p164 size 520093696 extends beyond EOD, truncated [ 48.351013][ T4748] loop4: p165 size 108986237 extends beyond EOD, truncated [ 48.358910][ T4748] loop4: p166 size 520093696 extends beyond EOD, truncated [ 48.367768][ T4748] loop4: p167 size 108986237 extends beyond EOD, truncated [ 48.375630][ T4748] loop4: p168 size 520093696 extends beyond EOD, truncated [ 48.383444][ T4748] loop4: p169 size 108986237 extends beyond EOD, truncated [ 48.393091][ T4748] loop4: p170 size 520093696 extends beyond EOD, truncated [ 48.398563][ T3267] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.405873][ T4748] loop4: p171 size 108986237 extends beyond EOD, truncated [ 48.422071][ T4908] netlink: 4 bytes leftover after parsing attributes in process `syz.0.615'. [ 48.423658][ T4748] loop4: p172 size 520093696 extends beyond EOD, truncated [ 48.439616][ T4748] loop4: p173 size 108986237 extends beyond EOD, truncated [ 48.457148][ T4910] netlink: 32 bytes leftover after parsing attributes in process `syz.1.614'. [ 48.466180][ T4748] loop4: p174 size 520093696 extends beyond EOD, truncated [ 48.478267][ T4748] loop4: p175 size 108986237 extends beyond EOD, truncated [ 48.493030][ T4748] loop4: p176 size 520093696 extends beyond EOD, truncated [ 48.506834][ T4748] loop4: p177 size 108986237 extends beyond EOD, truncated [ 48.517800][ T4748] loop4: p178 size 520093696 extends beyond EOD, truncated [ 48.527666][ T4748] loop4: p179 size 108986237 extends beyond EOD, truncated [ 48.535614][ T4748] loop4: p180 size 520093696 extends beyond EOD, truncated [ 48.543802][ T4748] loop4: p181 size 108986237 extends beyond EOD, truncated [ 48.551825][ T4748] loop4: p182 size 520093696 extends beyond EOD, truncated [ 48.559739][ T4748] loop4: p183 size 108986237 extends beyond EOD, truncated [ 48.567666][ T4748] loop4: p184 size 520093696 extends beyond EOD, truncated [ 48.575477][ T4748] loop4: p185 size 108986237 extends beyond EOD, truncated [ 48.583241][ T4748] loop4: p186 size 520093696 extends beyond EOD, truncated [ 48.591638][ T4748] loop4: p187 size 108986237 extends beyond EOD, truncated [ 48.599590][ T4748] loop4: p188 size 520093696 extends beyond EOD, truncated [ 48.607545][ T4748] loop4: p189 size 108986237 extends beyond EOD, truncated [ 48.615625][ T4748] loop4: p190 size 520093696 extends beyond EOD, truncated [ 48.623347][ T4748] loop4: p191 size 108986237 extends beyond EOD, truncated [ 48.631112][ T4748] loop4: p192 size 520093696 extends beyond EOD, truncated [ 48.638819][ T4748] loop4: p193 size 108986237 extends beyond EOD, truncated [ 48.646760][ T4748] loop4: p194 size 520093696 extends beyond EOD, truncated [ 48.654483][ T4748] loop4: p195 size 108986237 extends beyond EOD, truncated [ 48.662235][ T4748] loop4: p196 size 520093696 extends beyond EOD, truncated [ 48.670092][ T4748] loop4: p197 size 108986237 extends beyond EOD, truncated [ 48.677784][ T4748] loop4: p198 size 520093696 extends beyond EOD, truncated [ 48.685516][ T4748] loop4: p199 size 108986237 extends beyond EOD, truncated [ 48.693163][ T4748] loop4: p200 size 520093696 extends beyond EOD, truncated [ 48.701161][ T4748] loop4: p201 size 108986237 extends beyond EOD, truncated [ 48.709167][ T4748] loop4: p202 size 520093696 extends beyond EOD, truncated [ 48.716930][ T4748] loop4: p203 size 108986237 extends beyond EOD, truncated [ 48.724753][ T4748] loop4: p204 size 520093696 extends beyond EOD, truncated [ 48.732564][ T4748] loop4: p205 size 108986237 extends beyond EOD, truncated [ 48.740312][ T4748] loop4: p206 size 520093696 extends beyond EOD, truncated [ 48.748323][ T4748] loop4: p207 size 108986237 extends beyond EOD, truncated [ 48.756639][ T4748] loop4: p208 size 520093696 extends beyond EOD, truncated [ 48.764596][ T4748] loop4: p209 size 108986237 extends beyond EOD, truncated [ 48.772478][ T4748] loop4: p210 size 520093696 extends beyond EOD, truncated [ 48.780538][ T4748] loop4: p211 size 108986237 extends beyond EOD, truncated [ 48.788555][ T4748] loop4: p212 size 520093696 extends beyond EOD, truncated [ 48.796499][ T4748] loop4: p213 size 108986237 extends beyond EOD, truncated [ 48.804363][ T4748] loop4: p214 size 520093696 extends beyond EOD, truncated [ 48.812137][ T4748] loop4: p215 size 108986237 extends beyond EOD, truncated [ 48.820102][ T4748] loop4: p216 size 520093696 extends beyond EOD, truncated [ 48.828327][ T4748] loop4: p217 size 108986237 extends beyond EOD, truncated [ 48.836243][ T4748] loop4: p218 size 520093696 extends beyond EOD, truncated [ 48.843957][ T4748] loop4: p219 size 108986237 extends beyond EOD, truncated [ 48.851828][ T4748] loop4: p220 size 520093696 extends beyond EOD, truncated [ 48.860034][ T4748] loop4: p221 size 108986237 extends beyond EOD, truncated [ 48.868517][ T4748] loop4: p222 size 520093696 extends beyond EOD, truncated [ 48.876405][ T4748] loop4: p223 size 108986237 extends beyond EOD, truncated [ 48.884380][ T4748] loop4: p224 size 520093696 extends beyond EOD, truncated [ 48.892267][ T4748] loop4: p225 size 108986237 extends beyond EOD, truncated [ 48.900447][ T4748] loop4: p226 size 520093696 extends beyond EOD, truncated [ 48.908649][ T4748] loop4: p227 size 108986237 extends beyond EOD, truncated [ 48.916752][ T4748] loop4: p228 size 520093696 extends beyond EOD, truncated [ 48.924784][ T4748] loop4: p229 size 108986237 extends beyond EOD, truncated [ 48.932704][ T4748] loop4: p230 size 520093696 extends beyond EOD, truncated [ 48.940657][ T4748] loop4: p231 size 108986237 extends beyond EOD, truncated [ 48.948587][ T4748] loop4: p232 size 520093696 extends beyond EOD, truncated [ 48.956843][ T4748] loop4: p233 size 108986237 extends beyond EOD, truncated [ 48.964598][ T4748] loop4: p234 size 520093696 extends beyond EOD, truncated [ 48.972263][ T4748] loop4: p235 size 108986237 extends beyond EOD, truncated [ 48.980603][ T4748] loop4: p236 size 520093696 extends beyond EOD, truncated [ 48.988590][ T4748] loop4: p237 size 108986237 extends beyond EOD, truncated [ 48.996322][ T4748] loop4: p238 size 520093696 extends beyond EOD, truncated [ 49.003994][ T4748] loop4: p239 size 108986237 extends beyond EOD, truncated [ 49.011771][ T4748] loop4: p240 size 520093696 extends beyond EOD, truncated [ 49.019447][ T4748] loop4: p241 size 108986237 extends beyond EOD, truncated [ 49.027271][ T4748] loop4: p242 size 520093696 extends beyond EOD, truncated [ 49.035136][ T4748] loop4: p243 size 108986237 extends beyond EOD, truncated [ 49.042902][ T4748] loop4: p244 size 520093696 extends beyond EOD, truncated [ 49.051248][ T4748] loop4: p245 size 108986237 extends beyond EOD, truncated [ 49.059056][ T4748] loop4: p246 size 520093696 extends beyond EOD, truncated [ 49.067194][ T4748] loop4: p247 size 108986237 extends beyond EOD, truncated [ 49.075443][ T4748] loop4: p248 size 520093696 extends beyond EOD, truncated [ 49.083166][ T4748] loop4: p249 size 108986237 extends beyond EOD, truncated [ 49.091542][ T4748] loop4: p250 size 520093696 extends beyond EOD, truncated [ 49.099423][ T4748] loop4: p251 size 108986237 extends beyond EOD, truncated [ 49.107358][ T4748] loop4: p252 size 520093696 extends beyond EOD, truncated [ 49.115252][ T4748] loop4: p253 size 108986237 extends beyond EOD, truncated [ 49.123238][ T4748] loop4: p254 size 520093696 extends beyond EOD, truncated [ 49.131067][ T4748] loop4: p255 size 108986237 extends beyond EOD, truncated [ 49.266676][ T4931] can0: slcan on ttyS3. [ 49.334348][ T4931] can0 (unregistered): slcan off ttyS3. [ 49.668828][ T4942] loop2: detected capacity change from 0 to 512 [ 49.685827][ T4942] EXT4-fs: Ignoring removed mblk_io_submit option [ 49.732825][ T4942] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.769870][ T4481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.778057][ T4965] loop1: detected capacity change from 0 to 1024 [ 49.797686][ T4965] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 49.839654][ T4979] can0: slcan on ttyS3. [ 49.868057][ T4965] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2792: inode #12: comm syz.1.636: corrupted in-inode xattr: bad magic number in in-inode xattr [ 49.934511][ T4979] can0 (unregistered): slcan off ttyS3. [ 50.012316][ T5009] syz.0.662[5009] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.012402][ T5009] syz.0.662[5009] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.049247][ T5009] syz.0.662[5009] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.106573][ T5025] loop2: detected capacity change from 0 to 1024 [ 50.151834][ T5025] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 50.190411][ T5025] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2792: inode #12: comm syz.2.668: corrupted in-inode xattr: bad magic number in in-inode xattr [ 50.211244][ T5037] loop0: detected capacity change from 0 to 512 [ 50.218596][ T5037] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 50.260295][ T29] kauditd_printk_skb: 22 callbacks suppressed [ 50.260311][ T29] audit: type=1326 audit(50.244:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5040 comm="syz.4.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644123dff9 code=0x7ffc0000 [ 50.296288][ T29] audit: type=1326 audit(50.244:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5040 comm="syz.4.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644123dff9 code=0x7ffc0000 [ 50.318961][ T29] audit: type=1326 audit(50.244:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5040 comm="syz.4.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f644123dff9 code=0x7ffc0000 [ 50.325826][ T5047] loop2: detected capacity change from 0 to 128 [ 50.342503][ T29] audit: type=1326 audit(50.244:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5040 comm="syz.4.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644123dff9 code=0x7ffc0000 [ 50.371102][ T29] audit: type=1326 audit(50.254:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5040 comm="syz.4.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644123dff9 code=0x7ffc0000 [ 50.998163][ T5053] syz.2.682[5053] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.998232][ T5053] syz.2.682[5053] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 51.014723][ T5053] syz.2.682[5053] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 51.085479][ T5063] loop3: detected capacity change from 0 to 512 [ 51.103358][ T5063] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 51.119221][ T29] audit: type=1400 audit(51.104:459): avc: denied { ioctl } for pid=5065 comm="syz.2.687" path="/61/file2" dev="tmpfs" ino=336 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 51.122763][ T5068] syz.0.697 uses obsolete (PF_INET,SOCK_PACKET) [ 51.177325][ T5080] loop3: detected capacity change from 0 to 128 [ 51.306562][ T5107] __nla_validate_parse: 5 callbacks suppressed [ 51.306583][ T5107] netlink: 4 bytes leftover after parsing attributes in process `syz.2.704'. [ 51.318150][ T5110] loop3: detected capacity change from 0 to 2048 [ 51.323589][ T5107] netlink: 12 bytes leftover after parsing attributes in process `syz.2.704'. [ 51.353371][ T5110] EXT4-fs error (device loop3): ext4_find_extent:938: inode #2: comm syz.3.706: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 51.374194][ T5110] EXT4-fs (loop3): Remounting filesystem read-only [ 51.425033][ T5117] sctp: [Deprecated]: syz.2.708 (pid 5117) Use of struct sctp_assoc_value in delayed_ack socket option. [ 51.425033][ T5117] Use struct sctp_sack_info instead [ 51.464829][ T29] audit: type=1400 audit(51.440:460): avc: denied { write } for pid=5122 comm="syz.2.711" name="event0" dev="devtmpfs" ino=218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 51.495948][ T5129] program syz.0.714 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 51.551305][ T5138] netlink: 'syz.3.717': attribute type 25 has an invalid length. [ 51.559545][ T5138] netlink: 'syz.3.717': attribute type 7 has an invalid length. [ 51.561750][ T5140] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.718'. [ 51.620112][ T5146] netlink: 16 bytes leftover after parsing attributes in process `syz.2.721'. [ 51.649979][ T5150] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 51.661659][ T5152] loop2: detected capacity change from 0 to 1024 [ 51.678389][ T29] audit: type=1400 audit(51.660:461): avc: denied { rename } for pid=5151 comm="syz.2.724" name="file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 51.700577][ T29] audit: type=1400 audit(51.660:462): avc: denied { reparent } for pid=5151 comm="syz.2.724" name="file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 51.771311][ T5166] loop2: detected capacity change from 0 to 512 [ 51.805314][ T5174] SELinux: Context is not valid (left unmapped). [ 51.850084][ T5178] syz.3.734[5178] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 51.850137][ T5178] syz.3.734[5178] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 51.864210][ T5178] syz.3.734[5178] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 51.899183][ T5178] netlink: 72 bytes leftover after parsing attributes in process `syz.3.734'. [ 51.955224][ T29] audit: type=1400 audit(51.920:463): avc: denied { name_bind } for pid=5182 comm="syz.0.736" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 52.025470][ T5195] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.034918][ T5195] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.055375][ T5199] loop2: detected capacity change from 0 to 128 [ 52.090822][ T5208] loop2: detected capacity change from 0 to 128 [ 52.161863][ T5220] batadv_slave_1: vlans aren't supported yet for dev_uc|mc_add() [ 52.242163][ T5239] loop2: detected capacity change from 0 to 512 [ 52.252171][ T5241] loop3: detected capacity change from 0 to 512 [ 52.269709][ T5241] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #2: comm syz.3.764: corrupted inode contents [ 52.282562][ T5241] EXT4-fs error (device loop3): ext4_dirty_inode:5984: inode #2: comm syz.3.764: mark_inode_dirty error [ 52.295127][ T5241] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #2: comm syz.3.764: corrupted inode contents [ 52.307094][ T5241] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #2: comm syz.3.764: mark_inode_dirty error [ 52.337869][ T5252] loop3: detected capacity change from 0 to 128 [ 52.344681][ T5252] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 52.356729][ T5252] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 52.422343][ T5261] syz.3.771[5261] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.422396][ T5261] syz.3.771[5261] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.434815][ T5261] syz.3.771[5261] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.439191][ T5263] Zero length message leads to an empty skb [ 52.468884][ T5263] netlink: 'syz.2.772': attribute type 33 has an invalid length. [ 52.493724][ T5269] netlink: 'syz.2.774': attribute type 29 has an invalid length. [ 52.502054][ T5269] netlink: 'syz.2.774': attribute type 29 has an invalid length. [ 52.510357][ T5269] netlink: 'syz.2.774': attribute type 29 has an invalid length. [ 52.597429][ T5278] loop2: detected capacity change from 0 to 512 [ 52.605839][ T5278] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.779: attempt to clear invalid blocks 1 len 1 [ 52.618924][ T5278] EXT4-fs (loop2): Remounting filesystem read-only [ 52.626353][ T5278] EXT4-fs (loop2): 1 truncate cleaned up [ 52.632480][ T5278] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 52.656322][ T5281] netlink: 24 bytes leftover after parsing attributes in process `syz.2.780'. [ 52.882025][ T5314] loop2: detected capacity change from 0 to 512 [ 52.895517][ T5314] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.796: Failed to acquire dquot type 1 [ 52.907944][ T5314] EXT4-fs (loop2): 1 truncate cleaned up [ 52.992774][ T5320] sctp: [Deprecated]: syz.2.798 (pid 5320) Use of int in maxseg socket option. [ 52.992774][ T5320] Use struct sctp_assoc_value instead [ 53.088082][ T5335] loop0: detected capacity change from 0 to 128 [ 53.167397][ T5344] vxcan1: tx address claim with dlc 1 [ 53.321466][ T5367] program syz.2.820 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 53.343054][ T5369] netlink: 172 bytes leftover after parsing attributes in process `syz.3.821'. [ 53.369350][ T5373] ------------[ cut here ]------------ [ 53.374855][ T5373] Please remove unsupported % in format string [ 53.382134][ T5373] WARNING: CPU: 0 PID: 5373 at lib/vsprintf.c:2659 format_decode+0x87f/0x8a0 [ 53.390963][ T5373] Modules linked in: [ 53.394883][ T5373] CPU: 0 UID: 0 PID: 5373 Comm: syz.3.823 Not tainted 6.11.0-syzkaller-12113-ge7ed34365879 #0 [ 53.405317][ T5373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 53.415467][ T5373] RIP: 0010:format_decode+0x87f/0x8a0 [ 53.420989][ T5373] Code: db b2 86 e8 53 21 1d fc c6 05 36 e6 86 01 01 90 4c 89 ef e8 b3 1f 1d fc 41 0f b6 75 00 48 c7 c7 c0 e1 3b 86 e8 82 00 e6 fb 90 <0f> 0b 90 90 4c 89 ff e8 a5 2d 1d fc 4d 8b 27 e9 a3 fe ff ff e8 98 [ 53.440709][ T5373] RSP: 0018:ffffc900014e7a50 EFLAGS: 00010246 [ 53.446803][ T5373] RAX: c7f5efc23da8a800 RBX: ffff00ffffffffff RCX: 0000000000040000 [ 53.454845][ T5373] RDX: ffffc900060a4000 RSI: 00000000000016fa RDI: 00000000000016fb [ 53.462820][ T5373] RBP: 0000000000000000 R08: ffffffff8111f757 R09: 0000000000000000 [ 53.470818][ T5373] R10: 0001ffffffffffff R11: ffff888102f1a100 R12: ffff0a00ffffff00 [ 53.478804][ T5373] R13: ffffc900014e7bb4 R14: ffff0000ffffff00 R15: ffffc900014e7ad8 [ 53.486795][ T5373] FS: 00007f0eb7b876c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000 [ 53.495741][ T5373] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 53.502539][ T5373] CR2: 0000000020001000 CR3: 000000011a728000 CR4: 00000000003506f0 [ 53.510579][ T5373] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 53.518569][ T5373] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 53.526565][ T5373] Call Trace: [ 53.529844][ T5373] [ 53.532830][ T5373] ? __warn+0x141/0x350 [ 53.537043][ T5373] ? report_bug+0x315/0x420 [ 53.541562][ T5373] ? format_decode+0x87f/0x8a0 [ 53.546461][ T5373] ? handle_bug+0x60/0x90 [ 53.550855][ T5373] ? exc_invalid_op+0x1a/0x50 [ 53.555634][ T5373] ? asm_exc_invalid_op+0x1a/0x20 [ 53.560712][ T5373] ? __warn_printk+0x167/0x1b0 [ 53.565530][ T5373] ? format_decode+0x87f/0x8a0 [ 53.570312][ T5373] bstr_printf+0xb5/0x9e0 [ 53.574708][ T5373] ? bpf_test_run+0x351/0x4a0 [ 53.579491][ T5373] bpf_trace_printk+0xba/0x1d0 [ 53.584283][ T5373] ? bpf_test_run+0x351/0x4a0 [ 53.588980][ T5373] bpf_prog_12183cdb1cd51dab+0x37/0x3b [ 53.594491][ T5373] bpf_test_run+0x360/0x4a0 [ 53.599012][ T5373] ? _raw_spin_unlock_irqrestore+0x2b/0x60 [ 53.604870][ T5373] ? bpf_test_run+0x104/0x4a0 [ 53.609608][ T5373] bpf_prog_test_run_skb+0x830/0xba0 [ 53.615002][ T5373] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 53.620824][ T5373] bpf_prog_test_run+0x20f/0x3a0 [ 53.625881][ T5373] __sys_bpf+0x400/0x7a0 [ 53.630135][ T5373] __x64_sys_bpf+0x43/0x50 [ 53.634673][ T5373] x64_sys_call+0x2625/0x2d60 [ 53.639400][ T5373] do_syscall_64+0xc9/0x1c0 [ 53.643919][ T5373] ? clear_bhb_loop+0x55/0xb0 [ 53.648647][ T5373] ? clear_bhb_loop+0x55/0xb0 [ 53.653347][ T5373] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.659290][ T5373] RIP: 0033:0x7f0eb8f0dff9 [ 53.663795][ T5373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 53.683508][ T5373] RSP: 002b:00007f0eb7b87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 53.692040][ T5373] RAX: ffffffffffffffda RBX: 00007f0eb90c5f80 RCX: 00007f0eb8f0dff9 [ 53.700143][ T5373] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 53.708165][ T5373] RBP: 00007f0eb8f80296 R08: 0000000000000000 R09: 0000000000000000 [ 53.716215][ T5373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 53.724209][ T5373] R13: 0000000000000000 R14: 00007f0eb90c5f80 R15: 00007ffea1586928 [ 53.732240][ T5373] [ 53.735372][ T5373] ---[ end trace 0000000000000000 ]--- [ 53.760831][ T5379] xt_nfacct: accounting object `syz1' does not exists [ 53.971504][ T5398] syz_tun: entered promiscuous mode [ 53.978875][ T5398] syz_tun: left promiscuous mode [ 54.171536][ T5431] netlink: 'syz.3.851': attribute type 10 has an invalid length. [ 54.179930][ T5431] hsr0: entered promiscuous mode [ 54.186155][ T5431] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 54.216871][ T5433] loop0: detected capacity change from 0 to 1764 [ 54.221659][ T5435] loop3: detected capacity change from 0 to 1764 [ 54.233668][ T5435] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 54.255773][ T5437] loop0: detected capacity change from 0 to 1024 [ 54.371522][ T5452] kernel read not supported for file /policy (pid: 5452 comm: syz.0.860) [ 54.391418][ T5454] syz.0.861[5454] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 54.413606][ T5457] loop0: detected capacity change from 0 to 512 [ 54.635461][ T5467] loop0: detected capacity change from 0 to 164 [ 54.643404][ T5467] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet. [ 54.758635][ T5474] netlink: 12 bytes leftover after parsing attributes in process `syz.2.867'. [ 54.767592][ T5474] netlink: 12 bytes leftover after parsing attributes in process `syz.2.867'. [ 54.878693][ T5500] loop2: detected capacity change from 0 to 256 [ 54.886890][ T5500] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 54.914559][ T5503] netlink: 9 bytes leftover after parsing attributes in process `syz.2.880'. [ 54.925576][ T5503] gretap0: entered promiscuous mode [ 55.044441][ T5510] ./file0: Can't lookup blockdev [ 55.070207][ T5514] loop2: detected capacity change from 0 to 512 [ 55.077509][ T5516] loop0: detected capacity change from 0 to 512 [ 55.087934][ T5514] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.885: Failed to acquire dquot type 0 [ 55.117379][ T5522] ucma_write: process 511 (syz.3.888) changed security contexts after opening file descriptor, this is not allowed. [ 55.118409][ T5516] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #2: comm syz.0.886: corrupted inode contents [ 55.145416][ T5516] EXT4-fs error (device loop0): ext4_dirty_inode:5984: inode #2: comm syz.0.886: mark_inode_dirty error [ 55.157449][ T5516] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #2: comm syz.0.886: corrupted inode contents [ 55.171071][ T5516] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #2: comm syz.0.886: mark_inode_dirty error [ 55.266620][ T29] kauditd_printk_skb: 63 callbacks suppressed [ 55.266634][ T29] audit: type=1400 audit(55.252:523): avc: denied { setcheckreqprot } for pid=5546 comm="syz.3.900" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 55.317790][ T5559] bridge_slave_1: left allmulticast mode [ 55.322789][ T5560] loop2: detected capacity change from 0 to 512 [ 55.323458][ T5559] bridge_slave_1: left promiscuous mode [ 55.323618][ T5559] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.344343][ T5559] netlink: 'syz.3.905': attribute type 2 has an invalid length. [ 55.352484][ T5559] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 55.382693][ T5560] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #2: comm syz.2.903: corrupted inode contents [ 55.396920][ T5560] EXT4-fs error (device loop2): ext4_dirty_inode:5984: inode #2: comm syz.2.903: mark_inode_dirty error [ 55.412221][ T5560] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #2: comm syz.2.903: corrupted inode contents [ 55.426940][ T5560] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #2: comm syz.2.903: mark_inode_dirty error [ 55.471997][ T5571] loop0: detected capacity change from 0 to 128 [ 55.504074][ T29] audit: type=1400 audit(55.482:524): avc: denied { mount } for pid=5575 comm="syz.2.911" name="/" dev="ramfs" ino=10858 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 55.526718][ T29] audit: type=1400 audit(55.512:525): avc: denied { unmount } for pid=4481 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 55.561916][ T5581] loop2: detected capacity change from 0 to 1024 [ 55.568989][ T5581] journal_path: Lookup failure for './file0' [ 55.575323][ T5581] EXT4-fs: error: could not find journal device path [ 55.589248][ T29] audit: type=1400 audit(55.572:526): avc: denied { watch } for pid=5580 comm="syz.2.913" path="/154/file0" dev="tmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 55.637714][ T5587] loop0: detected capacity change from 0 to 256 [ 55.658629][ T29] audit: type=1400 audit(55.642:527): avc: denied { write } for pid=5590 comm="syz.2.918" name="ppp" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 55.686239][ T5587] FAT-fs (loop0): Directory bread(block 1285) failed [ 55.696368][ T5587] FAT-fs (loop0): Directory bread(block 1285) failed [ 55.735257][ T5597] program syz.0.921 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 55.739019][ T29] audit: type=1326 audit(55.722:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5598 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 55.767265][ T29] audit: type=1326 audit(55.722:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5598 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 55.790040][ T29] audit: type=1326 audit(55.722:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5598 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 55.814095][ T29] audit: type=1326 audit(55.792:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5598 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 55.836650][ T29] audit: type=1326 audit(55.792:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5598 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 55.889570][ T5612] loop3: detected capacity change from 0 to 1024 [ 55.896312][ T5612] journal_path: Lookup failure for './file0' [ 55.902376][ T5612] EXT4-fs: error: could not find journal device path [ 56.093439][ T5649] loop0: detected capacity change from 0 to 1024 [ 56.102483][ T5649] journal_path: Lookup failure for './file0' [ 56.109064][ T5649] EXT4-fs: error: could not find journal device path [ 60.426049][ T143] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.440037][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 60.440061][ T29] audit: type=1400 audit(60.422:546): avc: denied { create } for pid=5677 comm="syz.0.954" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 60.470953][ T29] audit: type=1400 audit(60.432:547): avc: denied { write } for pid=5677 comm="syz.0.954" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 60.503301][ T29] audit: type=1107 audit(60.482:548): pid=5682 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 60.518285][ T143] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.533889][ T5687] program syz.2.958 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.600275][ T143] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.620545][ T29] audit: type=1400 audit(60.602:549): avc: denied { create } for pid=5700 comm="syz.2.966" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 60.641282][ T29] audit: type=1400 audit(60.622:550): avc: denied { read } for pid=5700 comm="syz.2.966" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 60.668183][ T29] audit: type=1400 audit(60.622:551): avc: denied { ioctl } for pid=5700 comm="syz.2.966" path="socket:[11078]" dev="sockfs" ino=11078 ioctlcmd=0x662b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 60.699874][ T143] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.715075][ T5708] __nla_validate_parse: 1 callbacks suppressed [ 60.715088][ T5708] netlink: 20 bytes leftover after parsing attributes in process `syz.0.968'. [ 60.765314][ T143] bridge_slave_1: left allmulticast mode [ 60.771011][ T143] bridge_slave_1: left promiscuous mode [ 60.776726][ T143] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.780532][ T29] audit: type=1400 audit(60.762:552): avc: denied { unlink } for pid=2949 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 60.809612][ T143] bridge_slave_0: left allmulticast mode [ 60.815426][ T143] bridge_slave_0: left promiscuous mode [ 60.821073][ T143] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.848821][ T29] audit: type=1326 audit(60.832:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5716 comm="syz.0.972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2fdfdff9 code=0x7ffc0000 [ 60.872917][ T29] audit: type=1326 audit(60.832:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5716 comm="syz.0.972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2fdfdff9 code=0x7ffc0000 [ 60.897679][ T5719] bpf_get_probe_write_proto: 5 callbacks suppressed [ 60.897699][ T5719] syz.3.973[5719] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 60.904842][ T5719] syz.3.973[5719] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 60.917780][ T29] audit: type=1326 audit(60.882:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5716 comm="syz.0.972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f5f2fdfdff9 code=0x7ffc0000 [ 60.921372][ T5719] syz.3.973[5719] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 61.064908][ T5735] loop3: detected capacity change from 0 to 2048 [ 61.079784][ T5738] loop0: detected capacity change from 0 to 128 [ 61.093478][ T143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 61.107430][ T143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 61.118535][ T143] bond0 (unregistering): Released all slaves [ 61.141967][ T5735] EXT4-fs error (device loop3): ext4_free_inode:353: comm syz.3.981: bit already cleared for inode 15 [ 61.177566][ T143] hsr_slave_0: left promiscuous mode [ 61.194665][ T143] hsr_slave_1: left promiscuous mode [ 61.204930][ T143] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 61.212440][ T143] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 61.224922][ T143] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 61.232856][ T143] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 61.244381][ T143] veth1_macvtap: left promiscuous mode [ 61.250191][ T143] veth0_macvtap: left promiscuous mode [ 61.255951][ T143] veth1_vlan: left promiscuous mode [ 61.261331][ T143] veth0_vlan: left promiscuous mode [ 61.347081][ T5766] syz.0.991[5766] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 61.347154][ T5766] syz.0.991[5766] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 61.359083][ T5766] syz.0.991[5766] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 61.359297][ T143] team0 (unregistering): Port device team_slave_1 removed [ 61.394305][ T143] team0 (unregistering): Port device team_slave_0 removed [ 61.441188][ T5770] loop0: detected capacity change from 0 to 2048 [ 61.469826][ T5770] EXT4-fs error (device loop0): ext4_free_inode:353: comm syz.0.994: bit already cleared for inode 15 [ 61.483644][ T5775] netlink: 20 bytes leftover after parsing attributes in process `syz.2.995'. [ 61.508594][ T5674] chnl_net:caif_netlink_parms(): no params data found [ 61.576991][ T5674] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.584337][ T5674] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.592642][ T5674] bridge_slave_0: entered allmulticast mode [ 61.605247][ T5674] bridge_slave_0: entered promiscuous mode [ 61.612186][ T5674] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.619251][ T5674] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.627133][ T5674] bridge_slave_1: entered allmulticast mode [ 61.651339][ T5674] bridge_slave_1: entered promiscuous mode [ 61.717620][ T5674] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.746993][ T5674] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.759497][ T5805] syz.2.1002[5805] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 61.759551][ T5805] syz.2.1002[5805] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 61.778412][ T5805] syz.2.1002[5805] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 61.813392][ T5737] chnl_net:caif_netlink_parms(): no params data found [ 61.834338][ T5674] team0: Port device team_slave_0 added [ 61.841133][ T5674] team0: Port device team_slave_1 added [ 61.860011][ T5674] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.867227][ T5674] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.893817][ T5674] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.909009][ T5674] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.916096][ T5674] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.942074][ T5674] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.984268][ T5737] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.991470][ T5737] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.998773][ T5737] bridge_slave_0: entered allmulticast mode [ 62.005638][ T5737] bridge_slave_0: entered promiscuous mode [ 62.018941][ T5674] hsr_slave_0: entered promiscuous mode [ 62.024995][ T5674] hsr_slave_1: entered promiscuous mode [ 62.031755][ T5737] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.039168][ T5737] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.046567][ T5737] bridge_slave_1: entered allmulticast mode [ 62.053121][ T5737] bridge_slave_1: entered promiscuous mode [ 62.072143][ T143] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.082567][ T143] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 62.095741][ T5737] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.112026][ T5737] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.128674][ T143] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.139106][ T143] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 62.162107][ T5737] team0: Port device team_slave_0 added [ 62.170704][ T5737] team0: Port device team_slave_1 added [ 62.194423][ T143] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.204846][ T143] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 62.216199][ T5737] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.223315][ T5737] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.249359][ T5737] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.262572][ T5737] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.269662][ T5737] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.295569][ T5737] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.339397][ T5737] hsr_slave_0: entered promiscuous mode [ 62.346235][ T5737] hsr_slave_1: entered promiscuous mode [ 62.352144][ T5737] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.359852][ T5737] Cannot create hsr debugfs directory [ 62.370263][ T143] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.380664][ T143] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 62.468054][ T143] bridge_slave_1: left allmulticast mode [ 62.473834][ T143] bridge_slave_1: left promiscuous mode [ 62.479714][ T143] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.487622][ T143] bridge_slave_0: left allmulticast mode [ 62.493348][ T143] bridge_slave_0: left promiscuous mode [ 62.499306][ T143] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.597479][ T143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 62.608055][ T143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 62.620129][ T143] bond0 (unregistering): Released all slaves [ 62.646754][ T5822] loop2: detected capacity change from 0 to 2048 [ 62.671718][ T5822] EXT4-fs error (device loop2): ext4_free_inode:353: comm syz.2.1007: bit already cleared for inode 15 [ 62.683943][ T143] hsr_slave_0: left promiscuous mode [ 62.689967][ T143] hsr_slave_1: left promiscuous mode [ 62.699836][ T143] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 62.707265][ T143] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 62.717442][ T143] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 62.724984][ T143] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 62.734117][ T143] veth1_macvtap: left promiscuous mode [ 62.739703][ T143] veth0_macvtap: left promiscuous mode [ 62.745190][ T143] veth1_vlan: left promiscuous mode [ 62.746087][ T5832] vhci_hcd: invalid port number 61 [ 62.750644][ T143] veth0_vlan: left promiscuous mode [ 62.848086][ T143] team0 (unregistering): Port device team_slave_1 removed [ 62.858722][ T143] team0 (unregistering): Port device team_slave_0 removed [ 62.896194][ T5836] netlink: 'syz.2.1016': attribute type 21 has an invalid length. [ 62.904074][ T5836] IPv6: NLM_F_CREATE should be specified when creating new route [ 62.989152][ T5674] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 62.993483][ T5852] loop2: detected capacity change from 0 to 1024 [ 63.002664][ T5852] EXT4-fs: Ignoring removed i_version option [ 63.009275][ T5852] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 63.018509][ T5674] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 63.027568][ T5674] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 63.042705][ T5674] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 63.046694][ T5855] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1025'. [ 63.107267][ T5674] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.120338][ T5674] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.132805][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.140046][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.151586][ T1869] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.158690][ T1869] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.225388][ T5674] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.290101][ T5737] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 63.298698][ T5737] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 63.308034][ T5737] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 63.317130][ T5737] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 63.347219][ T5674] veth0_vlan: entered promiscuous mode [ 63.358229][ T5674] veth1_vlan: entered promiscuous mode [ 63.381628][ T5674] veth0_macvtap: entered promiscuous mode [ 63.392136][ T5674] veth1_macvtap: entered promiscuous mode [ 63.410980][ T5674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.421707][ T5674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.431925][ T5674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.442481][ T5674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.452297][ T5674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.462813][ T5674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.473979][ T5674] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.483070][ T5737] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.497425][ T5674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.507989][ T5674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.517906][ T5674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.528370][ T5674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.538195][ T5674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.548615][ T5674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.559256][ T5674] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.570661][ T5674] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.579689][ T5674] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.588540][ T5674] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.597577][ T5674] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.614408][ T5737] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.627670][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.634967][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.651772][ T28] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.659053][ T28] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.682729][ T5737] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 63.693168][ T5737] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.750791][ T5737] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.779246][ T5888] loop1: detected capacity change from 0 to 2048 [ 63.810592][ T5888] EXT4-fs error (device loop1): ext4_free_inode:353: comm syz.1.1028: bit already cleared for inode 15 [ 63.846471][ T5901] syz.1.1029[5901] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 63.919719][ T5737] veth0_vlan: entered promiscuous mode [ 63.942008][ T5737] veth1_vlan: entered promiscuous mode [ 63.960796][ T5737] veth0_macvtap: entered promiscuous mode [ 63.968989][ T5737] veth1_macvtap: entered promiscuous mode [ 63.979854][ T5737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.990574][ T5737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.000613][ T5737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.011440][ T5737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.021606][ T5737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.032363][ T5737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.042440][ T5737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.053060][ T5737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.064128][ T5737] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.075679][ T5737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.086439][ T5737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.096507][ T5737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.107265][ T5737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.117333][ T5737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.127964][ T5737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.138019][ T5737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.148670][ T5737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.159324][ T5737] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.169811][ T5737] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.178842][ T5737] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.187884][ T5737] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.196851][ T5737] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.238208][ T5923] loop4: detected capacity change from 0 to 256 [ 64.390694][ T5955] loop1: detected capacity change from 0 to 256 [ 64.432105][ T5961] loop4: detected capacity change from 0 to 1024 [ 64.440533][ T5961] EXT4-fs: Ignoring removed nobh option [ 64.446278][ T5961] EXT4-fs: Ignoring removed orlov option [ 64.546275][ T5980] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1073'. [ 64.626500][ T5992] loop0: detected capacity change from 0 to 256 [ 64.675147][ T5996] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 64.851158][ T6030] sg_write: process 45 (syz.1.1089) changed security contexts after opening file descriptor, this is not allowed. [ 64.861438][ T6032] @: renamed from vlan0 (while UP) [ 64.877180][ T6030] program syz.1.1089 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 64.952710][ T6050] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1099'. [ 65.097695][ T6087] loop3: detected capacity change from 0 to 1024 [ 65.107527][ T6087] EXT4-fs mount: 50 callbacks suppressed [ 65.107541][ T6087] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 65.128780][ T6087] EXT4-fs error (device loop3): ext4_empty_dir:3117: inode #11: block 623: comm syz.3.1115: Attempting to read directory block (623) that is past i_size (638464) [ 65.153965][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.197090][ T6104] vhci_hcd: default hub control req: 800e v1303 i0000 l0 [ 65.377183][ T6116] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1127'. [ 65.501774][ T29] kauditd_printk_skb: 54 callbacks suppressed [ 65.501787][ T29] audit: type=1326 audit(65.481:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6129 comm="syz.2.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f770340dff9 code=0x7ffc0000 [ 65.532509][ T29] audit: type=1326 audit(65.481:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6129 comm="syz.2.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f770340dff9 code=0x7ffc0000 [ 65.555514][ T29] audit: type=1326 audit(65.481:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6129 comm="syz.2.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f770340dff9 code=0x7ffc0000 [ 65.571793][ T6133] loop2: detected capacity change from 0 to 2048 [ 65.578248][ T29] audit: type=1326 audit(65.481:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6129 comm="syz.2.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f770340dff9 code=0x7ffc0000 [ 65.636012][ T6133] loop2: p1 < > p2 p3 < p5 > [ 65.641193][ T6133] loop2: p2 start 16908804 is beyond EOD, truncated [ 65.648324][ T6133] loop2: p5 start 16908804 is beyond EOD, truncated [ 65.711921][ T6154] netlink: 'syz.4.1145': attribute type 2 has an invalid length. [ 65.766913][ T6164] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1150'. [ 65.776025][ T6164] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1150'. [ 65.804885][ T29] audit: type=1326 audit(65.781:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6167 comm="syz.1.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8255cdff9 code=0x7ffc0000 [ 65.827757][ T29] audit: type=1326 audit(65.781:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6167 comm="syz.1.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8255cdff9 code=0x7ffc0000 [ 65.851817][ T29] audit: type=1326 audit(65.831:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6167 comm="syz.1.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8255cdff9 code=0x7ffc0000 [ 65.874623][ T29] audit: type=1326 audit(65.831:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6167 comm="syz.1.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8255cdff9 code=0x7ffc0000 [ 65.897316][ T29] audit: type=1326 audit(65.831:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6167 comm="syz.1.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8255cdff9 code=0x7ffc0000 [ 65.920195][ T29] audit: type=1326 audit(65.831:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6167 comm="syz.1.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8255cdff9 code=0x7ffc0000 [ 66.003004][ T6189] loop0: detected capacity change from 0 to 512 [ 66.019795][ T6189] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 66.040206][ T6195] loop4: detected capacity change from 0 to 1024 [ 66.047940][ T6189] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec018, mo2=0002] [ 66.056172][ T6189] System zones: 1-12 [ 66.069973][ T6189] EXT4-fs (loop0): 1 truncate cleaned up [ 66.078395][ T6189] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.101081][ T6195] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.115429][ T4463] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.125317][ T6208] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1170'. [ 66.134267][ T6208] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1170'. [ 66.144997][ T5737] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.150051][ T6211] bpf_get_probe_write_proto: 2 callbacks suppressed [ 66.150065][ T6211] syz.0.1171[6211] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.166155][ T6211] syz.0.1171[6211] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.207948][ T6211] syz.0.1171[6211] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.219366][ T6217] loop2: detected capacity change from 0 to 1024 [ 66.259571][ T6217] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 66.288322][ T6217] JBD2: no valid journal superblock found [ 66.294078][ T6217] EXT4-fs (loop2): Could not load journal inode [ 66.302227][ C0] Illegal XDP return value 16128 on prog (id 499) dev veth1_to_team, expect packet loss! [ 66.397340][ T6250] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1187'. [ 66.406377][ T6250] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1187'. [ 66.430964][ T6259] smc: net device bond0 applied user defined pnetid SYZ0 [ 66.440194][ T6259] smc: net device bond0 erased user defined pnetid SYZ0 [ 66.461794][ T6266] bond_slave_0: entered promiscuous mode [ 66.467545][ T6266] bond_slave_1: entered promiscuous mode [ 66.473610][ T6266] bond_slave_0: left promiscuous mode [ 66.479037][ T6266] bond_slave_1: left promiscuous mode [ 66.628724][ T6299] loop2: detected capacity change from 0 to 256 [ 66.650474][ T6305] loop4: detected capacity change from 0 to 512 [ 66.676136][ T6305] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.692074][ T6313] tipc: Failed to obtain node identity [ 66.697597][ T6313] tipc: Enabling of bearer rejected, failed to enable media [ 66.711009][ T6305] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #18: comm syz.4.1216: corrupted inode contents [ 66.723149][ T6305] EXT4-fs error (device loop4): ext4_dirty_inode:5984: inode #18: comm syz.4.1216: mark_inode_dirty error [ 66.731612][ T6317] loop0: detected capacity change from 0 to 2048 [ 66.735590][ T6305] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #18: comm syz.4.1216: corrupted inode contents [ 66.753223][ T6305] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3005: inode #18: comm syz.4.1216: mark_inode_dirty error [ 66.767117][ T6305] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3008: inode #18: comm syz.4.1216: mark inode dirty (error -117) [ 66.784574][ T6305] EXT4-fs warning (device loop4): ext4_evict_inode:276: xattr delete (err -117) [ 66.787273][ T6317] Alternate GPT is invalid, using primary GPT. [ 66.800072][ T6317] loop0: p1 p2 p3 [ 66.818224][ T5737] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.945084][ T6341] loop1: detected capacity change from 0 to 512 [ 66.956737][ T6341] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c11c, mo2=0002] [ 66.964855][ T6341] System zones: 0-2, 18-18, 34-34 [ 66.990008][ T6341] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1231: bg 0: block 248: padding at end of block bitmap is not set [ 67.008636][ T6347] IPv6: NLM_F_CREATE should be specified when creating new route [ 67.020599][ T6341] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.1231: Failed to acquire dquot type 1 [ 67.030841][ T6350] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1234'. [ 67.049396][ T6341] EXT4-fs (loop1): 1 truncate cleaned up [ 67.055352][ T6341] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.060660][ T6356] loop3: detected capacity change from 0 to 1024 [ 67.085106][ T6356] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 67.091823][ T5674] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.108197][ T6356] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.130057][ T6363] loop0: detected capacity change from 0 to 512 [ 67.139071][ T6364] loop1: detected capacity change from 0 to 764 [ 67.146132][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.155630][ T6364] rock: directory entry would overflow storage [ 67.162061][ T6364] rock: sig=0x4654, size=5, remaining=4 [ 67.162695][ T6363] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.197630][ T6363] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #2: comm syz.0.1240: corrupted inode contents [ 67.210069][ T6363] EXT4-fs error (device loop0): ext4_dirty_inode:5984: inode #2: comm syz.0.1240: mark_inode_dirty error [ 67.216844][ T6369] loop3: detected capacity change from 0 to 512 [ 67.224608][ T6363] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #2: comm syz.0.1240: corrupted inode contents [ 67.241351][ T6363] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #2: comm syz.0.1240: mark_inode_dirty error [ 67.250022][ T6369] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.268099][ T6369] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #2: comm syz.3.1241: corrupted inode contents [ 67.280833][ T6369] EXT4-fs error (device loop3): ext4_dirty_inode:5984: inode #2: comm syz.3.1241: mark_inode_dirty error [ 67.280924][ T4463] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.294329][ T6369] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #2: comm syz.3.1241: corrupted inode contents [ 67.314797][ T6369] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #2: comm syz.3.1241: mark_inode_dirty error [ 67.354977][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.379781][ T6389] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 67.391924][ T6389] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 67.401823][ T6389] program syz.0.1250 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 67.422758][ T6393] syz.3.1252[6393] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 67.422863][ T6393] syz.3.1252[6393] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 67.434848][ T6393] syz.3.1252[6393] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 67.509779][ T6404] loop3: detected capacity change from 0 to 512 [ 67.539125][ T6404] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 67.548797][ T6404] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 67.556991][ T6404] System zones: 0-2, 18-18, 34-35 [ 67.562510][ T6404] EXT4-fs (loop3): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.576566][ T6404] EXT4-fs (loop3): re-mounted 00000000-0700-0000-0000-000000000000 ro. Quota mode: none. [ 67.594731][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0700-0000-0000-000000000000. [ 67.717359][ T6437] program syz.1.1273 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 67.733310][ T6442] loop3: detected capacity change from 0 to 512 [ 67.751292][ T6442] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.782637][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.802824][ T6455] loop3: detected capacity change from 0 to 512 [ 67.809760][ T6455] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 67.841739][ T6455] EXT4-fs (loop3): 1 orphan inode deleted [ 67.847562][ T6455] EXT4-fs (loop3): 1 truncate cleaned up [ 67.853493][ T6455] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.868263][ T6455] EXT4-fs error (device loop3): ext4_search_dir:1505: inode #12: block 7: comm syz.3.1280: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0 [ 67.894620][ T6455] EXT4-fs (loop3): Remounting filesystem read-only [ 67.910928][ T6474] loop4: detected capacity change from 0 to 512 [ 67.918619][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.930453][ T6474] ext4: Unknown parameter 'rootcontext [ 67.930453][ T6474] staff_u' [ 68.014276][ T6502] loop4: detected capacity change from 0 to 512 [ 68.021947][ T6502] EXT4-fs: inline encryption not supported [ 68.038226][ T6502] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a843c018, mo2=0002] [ 68.053219][ T6502] System zones: 0-2, 18-18, 34-35 [ 68.066254][ T6502] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.083819][ T6502] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 12: comm syz.4.1303: path /44/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 68.134880][ T6502] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 13: comm syz.4.1303: path /44/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 68.170494][ T6502] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 14: comm syz.4.1303: path /44/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 68.192894][ T6502] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 15: comm syz.4.1303: path /44/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 68.222745][ T6502] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 16: comm syz.4.1303: path /44/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 68.244351][ T6502] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 17: comm syz.4.1303: path /44/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 68.265121][ T6502] EXT4-fs error (device loop4): ext4_map_blocks:671: inode #2: block 18: comm syz.4.1303: lblock 23 mapped to illegal pblock 18 (length 1) [ 68.288800][ T6502] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 19: comm syz.4.1303: path /44/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 68.311983][ T6502] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 20: comm syz.4.1303: path /44/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0 [ 68.312124][ T6502] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 21: comm syz.4.1303: path /44/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0 [ 68.314464][ T6547] loop1: detected capacity change from 0 to 164 [ 68.429333][ T6560] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1329'. [ 68.590101][ T6588] syz.0.1342[6588] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 68.590228][ T6588] syz.0.1342[6588] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 68.607699][ T6588] syz.0.1342[6588] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 68.625756][ T6592] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 68.665237][ T6599] SELinux: failed to load policy [ 68.702341][ T6605] loop3: detected capacity change from 0 to 256 [ 68.711387][ T6607] random: crng reseeded on system resumption [ 68.721157][ T6609] netlink: 'syz.1.1352': attribute type 3 has an invalid length. [ 68.805275][ T6619] loop1: detected capacity change from 0 to 128 [ 68.826602][ T6619] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 68.854048][ T5737] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.885400][ T5674] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 68.952712][ T6638] syz.3.1365[6638] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 69.010828][ T6642] loop0: detected capacity change from 0 to 512 [ 69.019952][ T6644] loop3: detected capacity change from 0 to 4096 [ 69.040793][ T6642] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 69.047796][ T6644] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.080077][ T6655] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 69.089174][ T6655] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 69.089369][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.099727][ T4463] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 69.216884][ T6674] loop3: detected capacity change from 0 to 512 [ 69.223752][ T6674] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 69.237343][ T6674] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.258915][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.316242][ T6680] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 69.399763][ T6698] netlink: 'syz.3.1393': attribute type 4 has an invalid length. [ 69.433705][ T6705] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 69.443253][ T6705] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 69.527909][ T6715] loop2: detected capacity change from 0 to 4096 [ 69.536501][ T6715] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.557490][ T4481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.617819][ T6726] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1406'. [ 69.627084][ T6726] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1406'. [ 69.673857][ T6734] loop2: detected capacity change from 0 to 128 [ 69.836247][ T6747] loop2: detected capacity change from 0 to 512 [ 69.846868][ T6747] EXT4-fs (loop2): too many log groups per flexible block group [ 69.854754][ T6747] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 69.861702][ T6747] EXT4-fs (loop2): mount failed [ 70.007056][ T6768] loop3: detected capacity change from 0 to 128 [ 70.054312][ T6770] loop3: detected capacity change from 0 to 4096 [ 70.062523][ T6770] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.084093][ T3275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.103523][ T6773] netlink: 'syz.3.1427': attribute type 1 has an invalid length. [ 70.260557][ T6790] loop3: detected capacity change from 0 to 128 [ 70.305574][ T6796] loop3: detected capacity change from 0 to 128 [ 70.313692][ T6796] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 70.336573][ T3275] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 70.532339][ T29] kauditd_printk_skb: 194 callbacks suppressed [ 70.532352][ T29] audit: type=1326 audit(70.519:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6813 comm="syz.3.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 70.573265][ T29] audit: type=1326 audit(70.549:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6813 comm="syz.3.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 70.595929][ T29] audit: type=1326 audit(70.549:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6813 comm="syz.3.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 70.618638][ T29] audit: type=1326 audit(70.549:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6813 comm="syz.3.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 70.641463][ T29] audit: type=1326 audit(70.549:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6813 comm="syz.3.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 70.664055][ T29] audit: type=1326 audit(70.549:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6813 comm="syz.3.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 70.686772][ T29] audit: type=1326 audit(70.549:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6813 comm="syz.3.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 70.709379][ T29] audit: type=1326 audit(70.549:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6813 comm="syz.3.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 70.732027][ T29] audit: type=1326 audit(70.549:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6813 comm="syz.3.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 70.754698][ T29] audit: type=1326 audit(70.549:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6813 comm="syz.3.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f0eb8f0dff9 code=0x7ffc0000 [ 70.782574][ T6818] loop1: detected capacity change from 0 to 512 [ 70.795807][ T6818] EXT4-fs (loop1): orphan cleanup on readonly fs [ 70.802931][ T6818] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1447: bg 0: block 248: padding at end of block bitmap is not set [ 70.823024][ T6818] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.1447: Failed to acquire dquot type 1 [ 70.839936][ T6818] EXT4-fs (loop1): 1 truncate cleaned up [ 70.852895][ T6818] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 70.895486][ T5674] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.903531][ T6838] __nla_validate_parse: 3 callbacks suppressed [ 70.903546][ T6838] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1457'. [ 70.947131][ T6844] SELinux: Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped). [ 71.028728][ T6860] ================================================================== [ 71.036866][ T6860] BUG: KCSAN: data-race in do_sys_poll / pollwake [ 71.043271][ T6860] [ 71.045606][ T6860] read to 0xffffc9000150fc10 of 4 bytes by task 6848 on cpu 1: [ 71.053156][ T6860] do_sys_poll+0x986/0xc10 [ 71.057558][ T6860] __se_sys_poll+0xe1/0x200 [ 71.062043][ T6860] __x64_sys_poll+0x43/0x50 [ 71.066538][ T6860] x64_sys_call+0x29db/0x2d60 [ 71.071562][ T6860] do_syscall_64+0xc9/0x1c0 [ 71.076055][ T6860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.081940][ T6860] [ 71.084332][ T6860] write to 0xffffc9000150fc10 of 4 bytes by task 6860 on cpu 0: [ 71.091942][ T6860] pollwake+0xbe/0x110 [ 71.096082][ T6860] __wake_up+0x65/0xb0 [ 71.100144][ T6860] snd_seq_cell_free+0x1e7/0x210 [ 71.105154][ T6860] snd_seq_dispatch_event+0x210/0x240 [ 71.110506][ T6860] snd_seq_check_queue+0x17b/0x300 [ 71.115609][ T6860] snd_seq_enqueue_event+0x26e/0x2a0 [ 71.120913][ T6860] snd_seq_client_enqueue_event+0x21a/0x2b0 [ 71.126811][ T6860] snd_seq_write+0x3f3/0x500 [ 71.131382][ T6860] vfs_write+0x26c/0x910 [ 71.135608][ T6860] ksys_write+0xeb/0x1b0 [ 71.139833][ T6860] __x64_sys_write+0x42/0x50 [ 71.144403][ T6860] x64_sys_call+0x27dd/0x2d60 [ 71.149062][ T6860] do_syscall_64+0xc9/0x1c0 [ 71.153540][ T6860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.159946][ T6860] [ 71.162272][ T6860] value changed: 0x00000001 -> 0x00000000 [ 71.167984][ T6860] [ 71.170372][ T6860] Reported by Kernel Concurrency Sanitizer on: [ 71.176498][ T6860] CPU: 0 UID: 0 PID: 6860 Comm: syz.1.1461 Tainted: G W 6.11.0-syzkaller-12113-ge7ed34365879 #0 [ 71.188326][ T6860] Tainted: [W]=WARN [ 71.192108][ T6860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 71.202158][ T6860] ==================================================================